Security Research of Electric Power Industrial Control System Based on General Attack Tree
Aiming at the common security risks of industrial control system in power industry in grade protec-tion evaluation,a quantitative risk assessment method based on general attack tree model is proposed.According to CVSSv3.1 system,the security analysis of the general attack tree model is carried out,and the risk quantification and attack path weighting are carried out on the nodes of the attack tree,and the factors such as accurate modeling,weighted attack capability and attack path,and attack probability are proposed to improve the general attack tree.The method reduces the quantified subjective factors in the industrial control system and other insurance evaluation.The weighted tree and safety framework can provide scientific and effective risk prevention measures for enterprises.
万方数据
维普
