工控系统网络安全等级测评评估研究
Research on Evaluation of Network Security Level of Industrial Control System
朱晓鹏 1黄文财 1钟远生 1吴耿1
作者信息
- 1. 广东产品质量监督检验研究院,广东 广州 510670;国家市场监管重点实验室(智能机器人安全),广东 广州 510670
- 折叠
摘要
针对当前工控系统网络安全等级测评计算繁琐、权重计算简单、缺乏工控系统的针对性和评估结果具有随机性和模糊性的问题,研究一种工控系统网络安全等级测评评估方法.绘制以网络安全等级测评为基础的工控系统典型框架,分析工控系统相对安全通用类等级测评在评估指标上的差异,并采用主观赋权法确保上述评估指标差异在工控系统权重赋值中倾斜的合理性,应用客观赋权法保证权重赋值的科学性,使用组合赋权法综合考量主客观赋权优点,确保工控系统评估指标权重赋值的合理性和科学性;使用专家云模型结合组合赋权法获取的组合权重,得出工控系统网络安全等级测评评估结果,再基于云模型的概率统计和模糊数学,克服繁琐的计算和评估结果的模糊性和随机性;最后,将该方法应用于某大型化工产业工控系统,结果表明该系统等级测评结果为良,与预案评审结果一致,验证了该方法在网络安全等级测评中的有效性和适用性.
Abstract
Aiming at the problems of complex calculation,simple weight calculation,lack of pertinence of industrial control systems,and randomness and fuzziness of evaluation results in the current industrial control system network security level evaluation,a method for e-valuating the network security level of industrial control systems is studied.A typical industrial control system framework based on network security level assessment is drawn,the differences in evaluation indicators between industrial control systems and general security level assessments is analyzed,and subjective weighting methods are used to ensure the rationality of the above evaluation indicator differences in the weighting of industrial control systems.The objective weighting methods are used to ensure the scientificity of weighting,and combined weighting methods are used to comprehensively consider the advantages of subjective and objective weighting,which ensures the rationality and scientificity of the weight assignment of industrial control system evaluation indicators;using the combi-nation weights obtained by combining the expert cloud model with the combination weighting method,the evaluation results of the network security level of the industrial control system are obtained.Based on the probability statistics and fuzzy mathematics of the cloud model,the fuzziness and randomness of the tedious calculation and evaluation results are overcome.Finally,the proposed method is applied to a large chemical industry industrial control system,and it is showed that the system level evaluation is effective,consistent with the plan evaluation results,The effectiveness and applicability of the proposed method in network security level evaluation are verified.
关键词
工控系统/网络安全/等级测评/组合赋权/专家云模型Key words
industrial control system/network security/grade evaluation/combination empowerment/expert cloud model引用本文复制引用
基金项目
国家市场监督管理总局科技计划项目(2022MK095)
出版年
2023
国家科技期刊平台
NSTL
维普
万方数据