计算机科学

计算机科学 ›› 2024, Vol. 51 ›› Issue (10): 380-390.doi: 10.11896/jsjkx.231000189

• 信息安全 • 上一篇    下一篇

SSPN-RA:基于SS-petri网的工业控制系统安全一体化风险评估方法

马梓刚1, 麻荣宽1, 李贝贝2, 谢耀滨1, 魏强1, 彭慜威1   

  1. 1 信息工程大学网络空间安全学院 郑州 450001
    2 四川大学网络空间安全学院 成都 610065
  • 收稿日期:2023-10-27 修回日期:2024-03-23 出版日期:2024-10-15 发布日期:2024-10-11
  • 通讯作者: 麻荣宽(rongkuan307@163.com)
  • 作者简介:(gang15950362616@qq.com)
  • 基金资助:
    国家重点研发计划(2020YFB2010900);中原科技创新领军人才项目(224200510002)

SSPN-RA:Security Integration Risk Assessment Method for ICS Based on SS-petri Net

MA Zigang1, MA Rongkuan1, LI Beibei2, XIE Yaobin1, WEI Qiang1, PENG Minwei1   

  1. 1 School of Cyber Security,Information Engineering University,Zhengzhou 450001,China
    2 School of Cyber Science and Engineering,Sichuan University,Chengdu 610065,China
  • Received:2023-10-27 Revised:2024-03-23 Online:2024-10-15 Published:2024-10-11
  • About author:MA Zigang,born in 1999,postgraduate.His main research interests include industrial security and so on.
    MA Rongkuan,born in 1992,Ph.D.His main research interests include indus-trial security and IoT security.
  • Supported by:
    National Key R&D Program of China(2020YFB2010900) and Program for Innovation Leading Scientists and Technicans of Zhongyuan(224200510002).

PDF (PC)

215

摘要: 随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络。传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响。文中提出一种基于改进petri网的工业控制系统功能安全和信息安全一体化风险建模方法(Safety and Security Petri Net Risk Assessment,SSPN-RA),其中包括一体化风险识别、一体化风险分析、一体化风险评估3个步骤。所提方法首先识别并抽象化工业控制系统中的功能安全与信息安全数据,然后在风险分析过程中通过构造结合Kill Chain的petri网模型,分析出功能安全与信息安全中所存在的协同攻击路径,对petri网中功能安全与信息安全节点进行量化。同时,通过安全事件可能性以及其造成的各类损失计算出风险值,实现对工业控制系统的一体化风险评估。在开源的仿真化工工业控制系统下验证该方法的可行性,并与功能安全故障树分析和信息安全攻击树分析进行对比。实验结果表明,所提方法能够定量地得到工业控制系统的风险值,同时也解决了功能安全与信息安全单一领域分析无法识别的信息物理协同攻击和安全风险问题。

关键词: 风险评估, petri网, 工业控制系统, 安全一体化, 功能安全, 信息安全

Abstract: With the continuous integration of informatization and industrialization,there are more and more intersecting parts between information domain and physical domain in industrial control systems,and network attacks on traditional information systems will threaten the industrial control system network.Traditional industrial control systems only consider the risks of functional safety,ignoring the impact of information security risks on functional safety.This paper proposes an integrated risk mode-ling method for functional safety and information security of industrial control system named SSPN-RA based on improved petri net,which includes three steps:integrated risk identification,integrated risk analysis and integrated risk assessment.This paper firstly identifies and abstracts the functional safety data and information safety data in the industrial control system,and then analyzes the collaborative attack path of functional safety and information security by constructing the petri net model combined with Kill Chain in the risk analysis process.Subsequently it quantifies the functional safety and information security nodes in the petri net,and finally calculates the risk value through the possibility of safety events and various losses caused by these safety events,so as to complete the integrated risk assessment of the industrial control system.In this paper,the feasibility of the proposed method is verified under the open-source simulation of chemical tank industrial control system,and compared with fault tree ana-lysis and attack tree analysis.Experimental results show that the proposed method can quantitatively obtain the risk value of industrial control system,and also solve the problem of cyber-physical collaborative attack and security risk that cannot be identified by the analysis of functional safety and information security.

Key words: Risk assessment, Petri net, Industrial control system, Security integrity, Functional safety, Information security

中图分类号: 

  • TP309
[1]WEI Q,WANG W H,CHEN P.Industrial Internet Security:Architecture and Defense [M].China Machine Press,2021.
[2]JIN J H,MO C Y,LI G.Integration Technology of Functional Safety and Cyber Security for Industrial Control System[J].Industrial Safety and Environmental Protection,2020,46(1):53-60.
[3]LANGNER R.Stuxnet:Dissecting a cyberwarfare weapon[J].IEEE Security & Privacy,2011,9(3):49-51.
[4]全国工业过程测量控制和自动化标准化技术委员会.GB/T 20438-2017:电气/电子/可编程电子安全相关系统的功能安全[S].中国国家标准化管理委员会:中国国家标准化管理委员会,2017.
[5]全国工业过程测量和控制标准化技术委员会,全国信息安全标准化技术委员会.GB/T 30976.1-2014:工业控制系统信息安全-第 1 部分:评估规范[S].中国国家标准化管理委员会:中国国家标准化管理委员会,2014.
[6]ISO technical committee 262:Risk management,IEC technical committee 56:Dependability.ISO 31010-2019:Risk management-Risk assessment techniques[S].ISO:ISO,2019.
[7]IEC/SC 65A.IEC EN 61508-2010:Functional safety of electrical/electronic/ programmable electronic safety-related systems[S].IEC:IEC,2010.
[8]KABIR S,WALKER M,PAPADOPOULOS Y.Dynamic system safety analysis in HiP-HOPS with Petri Nets and Bayesian Networks[J].Safety Science,2018,105:55-70.
[9]BADIDA P,BALASUBRAMANIAM Y,JAYAPRAKASH J.Risk evaluation of oil and natural gas pipelines due to natural hazards using fuzzy fault tree analysis[J].Journal of Natural Gas Science and Engineering,2019,66:284-292.
[10]CUI Y,QUDDUS N,MASHUGA C V.Bayesian network andgame theory risk assessment model for third-party damage to oil and gas pipelines[J].Process Safety and Environmental Protection,2020,134:178-188.
[11]MAHMOUDI J.A Four-Step Safety Integrity Level Analysis of Numerous Subsea Control System Components[J].ASCE-ASME Journal of Risk and Uncertainty in Engineering Systems,Part B:Mechanical Engineering,2021,7(3):031005.
[12]HUANG K,ZHOU C,TIAN Y C,et al.Application of Bayesiannetwork to data-driven cyber-security risk assessment in SCADA networks[C]//2017 27th International Telecommunication Networks and Applications Conference(ITNAC).IEEE,2017:1-6.
[13]ZHANG Q,ZHOU C,TIAN Y C,et al.A fuzzy probabilityBayesian network approach for dynamic cybersecurity risk assessment in industrial control systems[J].IEEE Transactions on Industrial Informatics,2017,14(6):2497-2506.
[14]ZHANG Q,ZHOU C,TIAN Y C,et al.A fuzzy probabilityBayesian network approach for dynamic cybersecurity risk assessment in industrial control systems[J].IEEE Transactions on Industrial Informatics,2017,14(6):2497-2506.
[15]LI X,ZHOU C,TIAN Y C,et al.Asset-based dynamic impact assessment of cyberattacks for risk analysis in industrial control systems[J].IEEE Transactions on Industrial Informatics,2017,14(2):608-618.
[16]SCHMITTNER C,GRUBER T,PUSCHNER P,et al.Security application of failure mode and effect analysis(FMEA)[C]//Computer Safety,Reliability,and Security:33rd International Conference(SAFECOMP 2014).Springer International Publi-shing,2014:310-325.
[17]PIÈTRE-CAMBACÉDÈS L,BOUISSOU M.Cross-fertilizationbetween safety and security engineering[J].Reliability Engineering & System Safety,2013,110:110-126.
[18]SABALIAUSKAITE G,ADEPU S.Integrating six-step model with information flow diagrams for comprehensive analysis of cyber-physical system safety and security[C]//2017 IEEE 18th International Symposium on High Assurance Systems Enginee-ring(HASE).IEEE,2017:41-48.
[19]ABDO H,KAOUK M,FLAUS J M,et al.A safety/security risk analysis approach of Industrial Control Systems:A cyber bowtie-combining new version of attack tree with bowtie analysis[J].Computers & Security,2018,72:175-195.
[20]FRIEDBERG I,MCLAUGHLIN K,SMITH P,et al.STPA-SafeSec:Safety and security analysis for cyber-physical systems[J].Journal of Information Security and Applications,2017,34:183-196.
[21]KRIAA S,BOUISSOU M,LAAROUCHI Y.A new safety and security risk analysis framework for industrial control systems[J].Proceedings of the Institution of Mechanical Engineers,Part O:Journal of risk and reliability,2019,233(2):151-174.
[22]ASSANTE M J,LEE R M.The industrial control system cyber kill chain[J].SANS Institute InfoSec Reading Room,2015,1:24.
[23]RUIJTERS E,STOELINGA M.Fault tree analysis:A survey of the state-of-the-art in modeling,analysis and tools[J].Computer Science Review,2015,15:29-62.
[24]LALLIE H S,DEBATTISTA K,BAL J.A review of attack graph and attack tree visual syntax in cyber security[J].Computer Science Review,2020,35:100219.
[25]ALAEDDINI A,DOGAN I.Using Bayesian networks for rootcause analysis in statistical process control[J].Expert Systems with Applications,2011,38(9):11230-11243.
[26]KHAKZAD N,KHAN F,AMYOTTE P.Dynamic risk analysis using bow-tie approach[J].Reliability Engineering & System Safety,2012,104:36-44.
[27]Forum of Incident Response and Security Teams.Common Vulnerability Scoring System version 3.1:Specification Document [OL].[2021].https://www.first.org/cvss/specification-document.
[28]SWINBURNE R.Bayes' theorem[J].Revue PhilosophiqueDeLla France Et De L,2004,194(2):250-251.
[29]GB/T 36466-2018,信息安全技术工业控制系统风险评估实施指南[S].中国国家标准化管理委员会:中国国家标准化管理委员会,2018.
[30]GONG S D.Cyber Security Risk Assessment for Industrial Control System based on Analytic Hierarchy Process and Attack Graph[D].Nanchang:Nanchang Hangkong University,2018.
[31]FORMBY D,RAD M,BEYAH R.Lowering the barriers to industrial control system security with {GRFICS}[C]//2018 USENIX Workshop on Advances in Security Education(ASE 18).2018.
[32]FORTIPHYD N.Version 2 of the Graphical Realism Framework for Industrial Control Simulation(GRFICS) [OL].https://github.com/Fortiphyd/GRFICSv2.
[33]ALVES T R,BURATTO M,DE SOUZA F M,et al.OpenPLC:An open source alternative to automation[C]//IEEE Global Humanitarian Technology Conference(GHTC 2014).IEEE,2014:585-589.
[34]DERAISON R,GULA R,HUFFARD J.Tenable Nessus [OL].https://www.tenable.com/downloads/nessus.
[35]ZAREI E,KHAN F,ABBASSI R.Importance of human reliabi-lity in process operation:A critical analysis[J].Reliability Engineering & System Safety,2021,211:107607.
[36]全国信息安全标准化技术委员会.GB/T 31509-2015:信息安全技术信息安全风险评估实施指南[S].中国国家标准化管理委员会:中国国家标准化管理委员会,2017.
[37]FAKHRAVAR D,COZZANI V,KHAKZAD N,et al.Security vulnerability assessment of gas pipeline using Bayesian network[C]//27th European Safety and Reliability Conference,ESREL 2017.CRC Press/Balkema-Taylor & Francis Group,2017:1171-1180.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发