The invention provides a security
vulnerability assessment method for a cigarette industry
control system. The method comprises the steps of identifying data streams, and tagging
data stream paths and
stream directions of the data streams; classifying the data streams according to attributes of the data streams; analyzing an
attack surface; judging whether the data streams have technical control measures corresponding to the data streams in the cigarette industry
control system or not; if yes, judging whether equipment nodes on the
data stream paths have
security management measures corresponding to the equipment nodes or not; if yes, performing security
vulnerability testing and analysis on key nodes on the
data stream paths, performing statistics on security
vulnerability points on the key nodes on the data
stream paths, and compiling the security vulnerability points existent in the cigarette industry
control system in a predetermined
document format; and if the equipment nodes on the data
stream paths do not have the
security management measures corresponding to the equipment nodes, configuring the
security management measures corresponding to the equipment nodes for the equipment nodes on the data stream paths, and if the data streams do not have the technical control measures corresponding to the data streams in the cigarette industry control
system, configuring the technical control measures corresponding to the data streams for the data streams. According to the security
vulnerability assessment method, the security vulnerability of the cigarette industry control
system can be assessed more comprehensively and more accurately.