Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security measurement method of industrial control system based on attack graph

An industrial control system and security measurement technology, applied in the field of network security, can solve the problems of lack of system-wide security measurement scheme, failure to consider the vulnerability relationship of system equipment, and few security measurement methods

Active Publication Date: 2020-12-22
HARBIN INST OF TECH AT WEIHAI
View PDF13 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, there are few security measurement methods for industrial control systems, lack of a system-wide security measurement scheme, and it cannot consider the vulnerability relationship between system equipment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security measurement method of industrial control system based on attack graph
  • Security measurement method of industrial control system based on attack graph
  • Security measurement method of industrial control system based on attack graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0084] This embodiment provides an attack graph-based industrial control system security measurement method, which includes the following four steps. The overall architecture of this method is shown as follows figure 1 Shown:

[0085] Step 1: Obtain the topology information of the industrial control network, detect the equipment of a specific industrial control system (that is, the target industrial control system for security measurement), grasp the equipment information in the industrial control network, and analyze the association of the equipment;

[0086] The first step is the foundation, which mainly obtains the self-information and related information of the equipment of the target industrial control system in the entire industrial control network;

[0087] Step 2. Based on the detection results of the devices in the industrial control network, that is, the device information and association of the specific industrial control system in step 1, collect device vulnerabili...

Embodiment 2

[0153] A server comprising:

[0154] one or more processors;

[0155] a storage device on which one or more programs are stored,

[0156] When the one or more programs are executed by the one or more processors, the one or more processors are made to implement the method for measuring security of an industrial control system based on an attack graph described in Embodiment 1.

Embodiment 3

[0158] A computer-readable medium, on which a computer program is stored, wherein, when the computer program is executed by a processor, the attack graph-based industrial control system security measurement method described in Embodiment 1 is implemented.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a security measurement method of an industrial control system based on an attack graph. The method comprises the following steps: acquiring the topological structure information of an industrial control network, carrying out detection on equipment of a specific industrial control system, mastering the equipment information in the industrial control network, and carrying out the analysis of the equipment correlation condition; aiming at the detection result of the equipment in the industrial control network, collecting equipment vulnerability information; according to the topological structure and the equipment vulnerability information, storing a format in a graphical format based on a graph database-based method, and adopting nodes and a relationship represent graph structure to generate a system attack graph; and according to the generated system attack graph, performing network security measurement on the specific industrial control system according to threelevels of vulnerability node measurement, equipment node measurement and system security measurement, and analyzing an attack path. According to the method, potential threats are discovered to the greatest extent, the analysis period of the safety measurement of the industrial control system is greatly shortened, the measurement efficiency is improved, and a foundation is laid for the protectionwork of the industrial control system.

Description

technical field [0001] The invention relates to a method for measuring security of an industrial control system based on an attack graph, and belongs to the technical field of network security. Background technique [0002] In recent years, the industrial control system has gradually developed towards informatization, which not only introduces diversified methods in the Internet, but also brings various attack threats to the industrial control system. Highly information-based industrial control systems need to face changes in the network environment and the potential impact of network components on the system. Aiming at the complex operating environment and diversified attack methods of industrial control systems, an attack graph-based security measurement method for industrial control systems is proposed. By integrating vulnerability and topology information, the potential attack paths of industrial control systems are displayed, and the security measurement process is visu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G05B23/02
CPCG05B23/0275Y02P90/02
Inventor 张耀方王佰玲孙云霄王巍黄俊恒辛国栋
Owner HARBIN INST OF TECH AT WEIHAI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com