摘要
针对企业信息管理系统(EMS)的安全性评估问题,提出一种融合失效模式-影响分析(FMEA)和模糊逻辑的风险评估方法。首先,根据行业专家知识和经验确定EIMS中各种潜在失效模式和风险等级描述。然后,在发生率、严重度和可检测度3个方面评估各失效模式,并利用梯形模糊数表示失效模式的风险程度。最后,利用α-割集去模糊化,获得各安全类别的综合风险系数,并进行排序。案例分析表明,该方法的评估结果与实际情况吻合,具有较高的有效性。
For the issues that the safety evaluation of enterprise information management system (EIMS), a risk assessment method based on failure mode and effects analysis (FMEA) and fuzzy logic is proposed. First of all, the potential failure mode and the risk level description in EIMS are determined according to industry expert knowledge and experience. Then, the failure modes are evaluated in three aspects of incidence, severity and the detection degree, and the risk degree of the failure mode is represented by the trapezoidal fuzzy number. Finally, the comprehensive risk factor of each security category is obtained by using the cut set defuzzification. The case analysis shows that the evaluation results of this method are in good agreement with the actual situation, and has high effectiveness.
出处
《控制工程》
CSCD
北大核心
2017年第3期675-679,共5页
Control Engineering of China
关键词
企业信息管理系统
风险评估
失效模式与影响分析
模糊逻辑
Enterprise information management system
risk assessment
failure mode and effects analysis
fuzzy logic
