Security measurement method of industrial control system based on attack graph

An industrial control system and security measurement technology, applied in the field of network security, can solve the problems of lack of system-wide security measurement scheme, failure to consider the vulnerability relationship of system equipment, and few security measurement methods
CN112114579AActive Publication Date: 2020-12-22HARBIN INST OF TECH AT WEIHAI
13 Cites 12 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
HARBIN INST OF TECH AT WEIHAI
Publication Date
2020-12-22

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention relates to a security measurement method of an industrial control system based on an attack graph. The method comprises the following steps: acquiring the topological structure information of an industrial control network, carrying out detection on equipment of a specific industrial control system, mastering the equipment information in the industrial control network, and carrying out the analysis of the equipment correlation condition; aiming at the detection result of the equipment in the industrial control network, collecting equipment vulnerability information; according to the topological structure and the equipment vulnerability information, storing a format in a graphical format based on a graph database-based method, and adopting nodes and a relationship represent graph structure to generate a system attack graph; and according to the generated system attack graph, performing network security measurement on the specific industrial control system according to threelevels of vulnerability node measurement, equipment node measurement and system security measurement, and analyzing an attack path. According to the method, potential threats are discovered to the greatest extent, the analysis period of the safety measurement of the industrial control system is greatly shortened, the measurement efficiency is improved, and a foundation is laid for the protectionwork of the industrial control system.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to a method for measuring security of an industrial control system based on an attack graph, and belongs to the technical field of network security. Background technique

[0002] In recent years, the industrial control system has gradually developed towards informatization, which not only introduces diversified methods in the Internet, but also brings various attack threats to the industrial control system. Highly information-based industrial control systems need to face changes in the network environment and the potential impact of network components on the system. Aiming at the complex operating environment and diversified attack methods of industrial control systems, an attack graph-based security measurement method for industrial control systems is proposed. By integrating vulnerability and topology information, the potential attack paths of industrial control systems are displayed, and the security measurement process is visu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More