Industrial control system information security attack risk assessment method and system

An industrial control system and information security technology, which is applied in the field of risk assessment of industrial control system information security attacks, can solve the problems of lack of risk assessment model risk warning level, lack of risk assessment, etc., to improve defense capabilities, reduce disaster losses, improve The effect of accuracy

Active Publication Date: 2020-01-17
国家工业信息安全发展研究中心 +1
View PDF8 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, most industrial control systems lack complete and effective risk assessment, accurate risk assessment models and complete risk early warning levels

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control system information security attack risk assessment method and system
  • Industrial control system information security attack risk assessment method and system
  • Industrial control system information security attack risk assessment method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] figure 1 It is a flowchart of an industrial control system information security attack risk assessment method according to an embodiment of the present invention, figure 2 It is a structural diagram of an industrial control system information security attack risk simulation device according to an embodiment of the present invention.

[0052] see figure 1 and figure 2 , the method for assessing the risk of an attack on an industrial control system information security in this embodiment is applied to a simulation device for simulating the risk of an attack on an industrial control system information security.

[0053] Industrial control system information security attack risk simulation environment is an important part of the industrial control system information security laboratory. The simulation environment is the liquid level control system, among which the liquid level control system is a highly versatile industrial control system, which can easily realize the ...

Embodiment 2

[0072] This embodiment provides a more detailed implementation manner.

[0073] The risk assessment method for information security attacks on industrial control systems provided in this example divides industrial systems into five risk warning levels: red, orange, yellow, blue, and green, extracts four categories and eighteen risk assessment indicators, and establishes a risk assessment Model. This method is applied to the information security attack risk simulation device of industrial control system. The simulation device also takes the water tank liquid level control system as the object, and helps the research by simulating information security attack, industrial control system damage evolution and damage risk level early warning. Researchers have a comprehensive understanding of the situation of information security attacks on industrial control systems, and formulate appropriate countermeasures. The invention can effectively reduce disaster loss and improve the securit...

Embodiment 3

[0112] This embodiment provides an industrial control system information security attack risk assessment system, image 3 It is a structural diagram of an industrial control system information security attack risk assessment system according to Embodiment 3 of the present invention. see image 3 , the system includes:

[0113] The indicator data acquisition module 301 is used to acquire risk assessment indicator data; the risk assessment indicator data includes four types of data, which are respectively control object state data, control algorithm parameters, attack type data and control environment state data; each type of data includes A plurality of parameter values; the control object state data includes six parameter values, which are respectively the liquid level of the first water tank, the liquid level of the second water tank, the opening degree of the first overflow valve, and the opening degree of the second overflow valve , the opening degree of the communication...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an industrial control system information security attack risk assessment method and system. The method comprises the steps that control object state data including the liquid level of a water tank, the opening degree of an overflow valve, the opening degree of a communication valve and the speed of a water suction pump are acquired, wherein the control object state data include the proportion parameter, the integral parameter, the differential parameter and the control algorithm parameter of a proportional electromagnetic valve, and the control algorithm parameter includes the data that a main controller cannot acquire the data of a liquid level sensor, the data that the main controller modifies the control parameter to enable the liquid level to be abnormal and theattack type data of the data that the liquid level cannot be normally displayed, wherein the attack type data include the control environment state data of time, date, temperature, humidity and atmospheric pressure; whether a risk signal is generated is judged; and if the judgment result is yes, the risk value of the corresponding type is calculated according to each type of data, the informationsecurity attack risk value is calculated and the risk level is determined. Complete and effective risk assessment can be realized so that the accuracy of risk assessment can be enhanced.

Description

technical field [0001] The invention relates to the technical field of risk assessment of industrial control systems, in particular to a method and system for assessing risks of information security attacks of industrial control systems. Background technique [0002] Industrial control systems include electric power, petroleum and petrochemical, railway, water treatment and other industries, which are widely used in national key infrastructure. The functional safety and information security of the control system play a decisive role in the smooth operation of the production of enterprises in these industries. For a long time, the performance, reliability, flexibility and functional safety of the control system have been highly valued. However, information security in industrial control systems has been neglected. The control commands and status data in the industrial control system are in great danger of being tampered with by criminals in the network, and a series of more...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G05B19/418
CPCG05B19/41865G05B2219/32252Y02P90/02
Inventor 张格孙军董良遇刘冬李敏张哲宇柴森春
Owner 国家工业信息安全发展研究中心
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap