摘要
为智能生产车间提出一种基于多属性决策的工业控制系统安全风险评估方法。根据智能工业控制系统网络结构,分析和明确安全风险点,构建工业控制系统安全风险评估模型;将资产划分为数据、软件、硬件、服务、人员、工控系统结构特征和复杂度、管理特征重要性和影响性七类指标属性,判断各属性的重要性,得到资产安全关联拓扑图,计算各资产的危害程度。形成了工业控制系统安全风险评估基本流程,使得安全风险得以量化,为工业控制系统的安全部署提供了基本遵循。
A method of security risk assessment of industrial control system based on multi-attribute decision-making is proposed for the workshop of intelligent production shop.According to the network structure of the intelligent industrial control system,the security risk points are analyzed and assured,and the security risk assessment model of the industrial control system is constructed.The assets are divided into 7 index attributes,namely,data,software,hardware,service,personnel,structure characteristics and complexity of industrial control system,importance and influence of management characteristics.The importance of each attribute is judged,the asset security related topology is obtained,and the hazard degree of each asset is calculated.The basic process of security risk assessment of industrial control system is formed,which makes the security risk quantified,providing a basic compliance for the security deployment of industrial control system.
作者
王佳
WANG Jia(China Software Testing Center,Beijing 1000048,China)
出处
《工业技术创新》
2020年第1期6-11,共6页
Industrial Technology Innovation
关键词
智能工厂
多属性决策
安全风险评估
工业控制系统
资产
安全部署
Intelligent Factory
Multi-Attribute Decision-Making
Security Risk Assessment
Industrial Control System
Asset
Security Deployment
