随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络.传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响.文中提出一种基于改进petri网的工业控制系统功能安全和信息安全一体化风险建模方法(Safety and Security Petri Net Risk Assessment,SSPN-RA),其中包括一体化风险识别、一体化风险分析、一体化风险评估3个步骤.所提方法首先识别并抽象化工业控制系统中的功能安全与信息安全数据,然后在风险分析过程中通过构造结合Kill Chain的petri网模型,分析出功能安全与信息安全中所存在的协同攻击路径,对petri网中功能安全与信息安全节点进行量化.同时,通过安全事件可能性以及其造成的各类损失计算出风险值,实现对工业控制系统的一体化风险评估.在开源的仿真化工工业控制系统下验证该方法的可行性,并与功能安全故障树分析和信息安全攻击树分析进行对比.实验结果表明,所提方法能够定量地得到工业控制系统的风险值,同时也解决了功能安全与信息安全单一领域分析无法识别的信息物理协同攻击和安全风险问题.
SSPN-RA:Security Integration Risk Assessment Method for ICS Based on SS-petri Net
With the continuous integration of informatization and industrialization,there are more and more intersecting parts be-tween information domain and physical domain in industrial control systems,and network attacks on traditional information sys-tems will threaten the industrial control system network.Traditional industrial control systems only consider the risks of func-tional safety,ignoring the impact of information security risks on functional safety.This paper proposes an integrated risk mode-ling method for functional safety and information security of industrial control system named SSPN-RA based on improved petri net,which includes three steps:integrated risk identification,integrated risk analysis and integrated risk assessment.This paper firstly identifies and abstracts the functional safety data and information safety data in the industrial control system,and then ana-lyzes the collaborative attack path of functional safety and information security by constructing the petri net model combined with Kill Chain in the risk analysis process.Subsequently it quantifies the functional safety and information security nodes in the petri net,and finally calculates the risk value through the possibility of safety events and various losses caused by these safety events,so as to complete the integrated risk assessment of the industrial control system.In this paper,the feasibility of the proposed method is verified under the open-source simulation of chemical tank industrial control system,and compared with fault tree ana-lysis and attack tree analysis.Experimental results show that the proposed method can quantitatively obtain the risk value of in-dustrial control system,and also solve the problem of cyber-physical collaborative attack and security risk that cannot be identi-fied by the analysis of functional safety and information security.
Risk assessmentPetri netIndustrial control systemSecurity integrityFunctional safetyInformation security
NETL
NSTL
万方数据
