基于属性攻击图的工控系统脆弱性量化方法
A Method for Quantifying Vulnerability of Industrial Control System Based on Attribute Attack Graph
DOI: 10.12677/CSA.2021.112029, PDF,    科研立项经费支持
作者: 孙浩翔, 王新雨, 卓 达*:硅湖职业技术学院,江苏 昆山;林 晨:南京大学建筑规划设计研究院有限公司,江苏 南京;杨振启:无锡学院,江苏 无锡
关键词: 工控系统脆弱性漏洞利用难度漏洞危害性等级划分标准Industrial Control System Vulnerability Exploitation Difficulty of Vulnerability Vulnerability Hazard Grade Division Standard
摘要: 提出了一种基于攻击图的工控系统脆弱性量化研究方法。从工控系统中存在的漏洞利用难度和漏洞危害性两个维度出发,同时结合具体的工业系统中有关防御强度、攻击强度、物理损失、信息损失等方面,提出了一系列的脆弱性量化指标,制定了比较全面的等级划分标准。之后将量化指标与攻击图相结合,利用攻击过程中每一步的原子攻击期望来对可能存在的所有攻击路径进行脆弱性分析。最后以典型的锅炉控制系统作为实验背景进行了案例分析。实验结果表明,该方法能够较全面地分析工控系统中潜在的隐患威胁,科学合理地评估各条攻击路径的脆弱性,由此得到总攻击期望最大的攻击路径。
Abstract: A method for quantifying the vulnerability of industrial control system based on attack graph is proposed. First, the two dimensions of vulnerability existing in industrial control systems are analyzed, which are exploitation difficulty of vulnerability and vulnerability hazard. Some quantitative indexes of vulnerability are proposed by combining these dimensions with some concrete industrial aspects, such as defense strength, attack strength, physical loss, and information loss. Then, a specific grade division standard is formulated. By means of attack graph, the vulnerability of each attack path in industrial control system can be obtained by calculating each atomic attack expectation. Finally, a case of boiler control system is analyzed and simulated to verify the rationality of this method. Experimental results show that this method can analyzed the potential threats in industrial control systems more comprehensively and evaluate the vulnerability of each attack path more reasonably. The attack path that has the largest attack expectation can be obtained through simulation.
文章引用:孙浩翔, 王新雨, 林晨, 卓达, 杨振启. 基于属性攻击图的工控系统脆弱性量化方法[J]. 计算机科学与应用, 2021, 11(2): 285-298. https://doi.org/10.12677/CSA.2021.112029

参考文献

[1] Chen, J., Wu, J., Liang, H., et al. (2020) Collaborative Trust Blockchain Based Unbiased Control Transfer Mechanism for Industrial Automation. IEEE Transactions on Industry Applications, 56, 4478-4488. [Google Scholar] [CrossRef
[2] Humayed, A., Lin, J., Li, F., et al. (2017) Cyber-Physical Systems Security—A Survey. IEEE Internet of Things Journal, 4, 1802-1831. [Google Scholar] [CrossRef
[3] Desouza, K.C., Ahmad, A., Naseer, H., et al. (2020) Weaponiz-ing Information Systems for Political Disruption: The Actor, Lever, Effects, and Response Taxonomy (ALERT). Com-puters & Security, 88, Article ID: 101606. [Google Scholar] [CrossRef
[4] 刘芳. 信息系统安全评估理论及其关键技术研究[D]: [博士学位论文]. 长沙: 国防科学技术大学, 2005.
[5] 刘道远, 孙科达, 周君良, 等. 模糊综合评判法在电力企业网络信息安全评估中的应用[J]. 电信科学, 2020, 36(3): 38-45.
[6] 黄家辉, 冯冬芹, 王虹鉴. 基于攻击图的工控系统脆弱性量化方法[J]. 自动化学报, 2016, 42(5): 155-161.
[7] Buldas, A., Gadyatskaya, O., Lenin, A., et al. (2020) Attribute Evaluation on Attack Trees with Incomplete Information. Computers & Security, 88, Article ID: 101630. [Google Scholar] [CrossRef
[8] Lee, J., Moon, D., Kim, I., et al. (2019) A Semantic Approach to Improving Machine Readability of a Large-Scale Attack Graph. Journal of Supercomputing, 75, 3028-3045. [Google Scholar] [CrossRef
[9] Islam, S.A. (2020) A Graph-Based Approach towards Hardware Trojan Vulnerability Analysis. Electronics Letters, 56, 868-871. [Google Scholar] [CrossRef
[10] 杨英杰, 冷强, 潘瑞萱, 等. 基于属性攻击图的动态威胁跟踪与量化分析技术研究[J]. 电子与信息学报, 2019, 41(9): 2172-2179.
[11] Lu, C., Feng, J., Chen, Y., et al. (2020) Tensor Robust Principal Component Analysis with a New Tensor Nuclear Norm. IEEE Transactions on Pattern Analysis and Machine Intelligence, 42, 925-938. [Google Scholar] [CrossRef
[12] Wen, C., Huang, X. and Shen, C. (2020) Multiple-Pass En-hanced Raman Spectroscopy for Fast Industrial Trace Gas Detection and Process Control. Journal of Raman Spectros-copy, 51, 781-787. [Google Scholar] [CrossRef
[13] 杨英杰, 冷强, 常德显, 等. 基于属性攻击图的网络动态威胁分析技术研究[J]. 电子与信息学报, 2019, 41(8): 1838-1846.
[14] Cao, J., et al. (2021) Hy-brid-Triggered-Based Security Controller Design for Networked Control System under Multiple Cyber Attacks. Infor-mation Sciences, 548, 69-84. [Google Scholar] [CrossRef
[15] Sheikhpour, S., Mahani, A. and Bagheri, N. (2019) Practical Fault Resilient Hardware Implementations of Advanced Encryption Standard. IET Circuits, Devices & Systems, 13, 596-606. [Google Scholar] [CrossRef
[16] He, D., Liu, X., Zheng, J., et al. (2020) A Lightweight and Intelligent Intrusion Detection System for Integrated Electronic Systems. IEEE Net-work.
[17] Yu, B., Cai, Y. and Wu, D. (2020) Joint Access Control and Resource Allocation for Short-Packet-Based mMTC in Status Update Systems. IEEE Journal on Selected Areas in Communications. [Google Scholar] [CrossRef
[18] Figueroa-Lorenzo, S., Añorga, J. and Arrizabalaga, S. (2020) A Survey of IIoT Protocols: A Measure of Vulnerability Risk Analysis Based on CVSS. ACM Computing Surveys, 53, 1-53. [Google Scholar] [CrossRef
[19] Mehlawat, M.K., Gupta, P. and Mahajan, D. (2020) A Multi-Period Multi-Objective Optimization Framework for Software Enhancement and Component Evaluation, Selection and Integra-tion. Information Sciences, 523, 91-110. [Google Scholar] [CrossRef
[20] Ikram, M., Sroufe, R., Rehman, E., et al. (2020) Do Quality, Envi-ronmental, and Social (QES) Certifications Improve International Trade? A Comparative Grey Relation Analysis of De-veloping vs. Developed Countries. Physica A: Statistical Mechanics and Its Applications, 545, Article ID: 123486. [Google Scholar] [CrossRef
[21] Gui, C.-Y., Zheng, L. and He, B.S. (2019) A Survey on Graph Processing Accelerators: Challenges and Opportunities. Journal of Computer Science and Technology, 34, 339-371. [Google Scholar] [CrossRef
[22] Reynoso-Meza, G., et al. (2016) Preference Driven Mul-ti-Objective Optimization Design Procedure for Industrial Controller Tuning. Information Sciences: An International Journal, 339, 108-131. [Google Scholar] [CrossRef