CN107239905A - Onboard networks safety risk estimating method based on advanced AHP GCM - Google Patents

Onboard networks safety risk estimating method based on advanced AHP GCM Download PDF

Info

Publication number
CN107239905A
CN107239905A CN201710426968.4A CN201710426968A CN107239905A CN 107239905 A CN107239905 A CN 107239905A CN 201710426968 A CN201710426968 A CN 201710426968A CN 107239905 A CN107239905 A CN 107239905A
Authority
CN
China
Prior art keywords
mrow
msubsup
msub
mtd
risk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710426968.4A
Other languages
Chinese (zh)
Inventor
李国�
李静雯
丁建立
李永华
王怀超
王静
徐俊洁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Civil Aviation University of China
Original Assignee
Civil Aviation University of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Civil Aviation University of China filed Critical Civil Aviation University of China
Priority to CN201710426968.4A priority Critical patent/CN107239905A/en
Publication of CN107239905A publication Critical patent/CN107239905A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities

Landscapes

  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Economics (AREA)
  • Operations Research (AREA)
  • Game Theory and Decision Science (AREA)
  • Development Economics (AREA)
  • Marketing (AREA)
  • Educational Administration (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Other Investigation Or Analysis Of Materials By Electrical Means (AREA)

Abstract

本发明公开了一种基于改进AHP‑GCM的机载网络安全风险评估方法,包括以下步骤:一、分析新型机载网络架构风险源;二、对风险源及其威胁状态分别确立评估指标体系;三、对指标权重赋值并检验一致性;四、求各层指标权重并归一化处理;五、划分风险等级即确定灰类;六、建立白化权函数;七、计算灰色聚类系数并判断所属灰类;八、基于以上步骤对风险源威胁状态进行二次评估。该专利在分析新型机载网络架构的基础上确定其风险源与风险状态,然后基于层析分析法和灰色聚类法对风险源进行评估,最后对其威胁状态进行二次评估,综合两次评估对风险评估结果进行优化,防止单次评估结果偏差和不准确。

The invention discloses an airborne network security risk assessment method based on the improved AHP-GCM, comprising the following steps: 1. Analyzing the risk source of the new airborne network architecture; 2. Establishing an evaluation index system for the risk source and its threat state; 3. Assign the weight of the index and check the consistency; 4. Find the weight of each layer of indicators and normalize it; 5. Divide the risk level to determine the gray class; 6. Establish a whitening weight function; 7. Calculate the gray clustering coefficient and judge It belongs to the gray category; 8. Based on the above steps, conduct a second assessment of the threat status of the risk source. The patent determines its risk sources and risk status on the basis of analyzing the new airborne network architecture, then evaluates the risk sources based on tomographic analysis and gray clustering methods, and finally conducts a second assessment of its threat status, and synthesizes it twice The assessment optimizes the risk assessment results to prevent the deviation and inaccuracy of a single assessment result.

Description

基于改进AHP-GCM的机载网络安全风险评估方法Airborne Network Security Risk Assessment Method Based on Improved AHP-GCM

技术领域technical field

本发明应用于新型机载网络安全风险评估领域,特别是涉及一种基于改进AHP-GCM的机载网络安全风险评估方法。The invention is applied to the field of new airborne network security risk assessment, and in particular relates to an airborne network security risk assessment method based on the improved AHP-GCM.

背景技术Background technique

飞行安全是航空界永恒的主题,伴随着机载Wi-Fi加改装广泛实施以及航空机载电子飞行包(Electronic Flight Bag System-EFB)等便携式机载设备的重要应用,黑客接入攻击的风险越来越高;新型飞机采用了先进的综合模块化航电系统网络架构,打破了传统飞行控制网域,航空公司信息服务域,和机载娱乐域三者之间的物理隔离,甚至增加了互联网接入机载旅客娱乐网域的相关功能。Flight safety is an eternal theme in the aviation industry. With the widespread implementation of onboard Wi-Fi plus modification and the important application of portable airborne equipment such as electronic flight bag (Electronic Flight Bag System-EFB) in aviation, the risk of hacker access attacks Higher and higher; the new aircraft adopts an advanced integrated modular avionics system network architecture, which breaks the physical isolation between the traditional flight control network domain, airline information service domain, and in-flight entertainment domain, and even increases Internet access related functions of the in-flight passenger entertainment domain.

传统方法并不能完全对抗通过外部网络或设备影响机载控制域的风险。所以设计一种有效的面向新型机载网络安全的风险评估方法,是亟待解决的问题。这样的评估方法能直观反映新型机载网络的安全风险,让管理人员能够根据评估结果了解网络的安全性,并且提前制定出适当的防御或者修补策略,对新型机载网络安全有重要意义。Traditional approaches do not fully counteract the risk of impacting the airborne control domain through external networks or devices. Therefore, it is an urgent problem to design an effective risk assessment method for new airborne network security. Such an assessment method can intuitively reflect the security risks of the new airborne network, allowing managers to understand the security of the network based on the assessment results, and formulate appropriate defense or repair strategies in advance, which is of great significance to the security of the new airborne network.

国内外学者针对网络的特点,探讨了许多风险评估的办法,这些方法虽然具体的实施手段和计算方法不同,但都遵循了基本的风险评估流程。根据计算方式上的不同,风险评估方法一般分为定性、定量以及定性与定量相结合三大类。Scholars at home and abroad have discussed many risk assessment methods in view of the characteristics of the network. Although these methods are different in specific implementation means and calculation methods, they all follow the basic risk assessment process. According to different calculation methods, risk assessment methods are generally divided into three categories: qualitative, quantitative, and a combination of qualitative and quantitative.

层次分析法(Analytic Hierarchy Process,简称AHP),是在20世纪70年代中期由美国运筹学家托马斯·塞蒂(T.L.Satty)正式提出的一种定性和定量相结合的系统化层次权重决策分析方法。该方法是一种系统性的分析方法,简单实用,所需的定量信息少,但是无法提供新的方案,定性因素大,并且指标多时统计量大。Analytic Hierarchy Process (AHP) is a systematic hierarchical weight decision-making analysis method that combines qualitative and quantitative analysis formally proposed by American operations researcher Thomas Setty (T.L.Satty) in the mid-1970s. . This method is a systematic analysis method, which is simple and practical, requires less quantitative information, but cannot provide new solutions, has many qualitative factors, and the statistics are large when there are many indicators.

灰色系统理论(Grey Theory)是邓聚龙教授在二十实际八十年代处首次提出。灰色聚类法这一灰色系统概念,根据“灰箱”概念拓广而来,是以灰数的白化函数生成为基础的一种聚类方法,该方法运算简洁,结论简明,但是指标多时精度较差,指标间的联系较少。Gray Theory was first proposed by Professor Deng Julong in the 1980s. The gray system concept of gray clustering method is extended according to the concept of "gray box". It is a clustering method based on the generation of whitening function of gray number. Poor, less linkages between indicators.

灰色聚类方法根据划分对象的不同可以分为灰色关联聚类和灰色白化权聚类,其中灰色白化权聚类包含三种评估:灰色定权聚类,灰色变权聚类和基于三角白化权函数的评估。Gray clustering methods can be divided into gray relational clustering and gray whitening weight clustering according to different division objects, among which gray whitening weight clustering includes three evaluations: gray fixed weight clustering, gray variable weight clustering and triangular whitening weight based clustering. function evaluation.

两种方法均是常用的网络风险评估方法,组合使用能够克服定性分析和定量评估分离的缺点,但层次分析法依赖于技术工程师经验,主观性较大;而且只针对风险点进行评估可能并不能全面分析网络的风险状况。Both methods are commonly used network risk assessment methods, and combined use can overcome the shortcomings of the separation of qualitative analysis and quantitative assessment. However, the AHP relies on the experience of technical engineers and is highly subjective; and it may not be possible to evaluate only risk points. Comprehensive analysis of the risk posture of the network.

发明内容Contents of the invention

本发明要解决的技术问题是:本发明的目的是提供一种基于改进AHP-GCM的机载网络安全风险评估方法,该专利在分析新型机载网络架构的基础上确定其风险源与风险状态,然后基于层析分析法和灰色聚类法对风险源进行评估,最后对其威胁状态进行二次评估,综合两次评估对风险评估结果进行优化,防止单次评估结果偏差和不准确。The technical problem to be solved by the present invention is: the purpose of the present invention is to provide an airborne network security risk assessment method based on the improved AHP-GCM, and this patent determines its risk source and risk status on the basis of analyzing the new airborne network architecture , then evaluate the risk sources based on the tomographic analysis method and the gray clustering method, and finally conduct a second evaluation of its threat status, and optimize the risk evaluation results by combining the two evaluations to prevent the deviation and inaccuracy of the single evaluation results.

本发明为解决公知技术中存在的技术问题所采取的技术方案是:The technical scheme that the present invention takes for solving the technical problem existing in known technology is:

一种基于改进AHP-GCM的机载网络安全风险评估方法,包括以下步骤:An airborne network security risk assessment method based on improved AHP-GCM, comprising the following steps:

步骤101、分析机载网络架构风险源;具体方法为:Step 101, analyzing the risk source of the airborne network architecture; the specific method is:

所述机载网络架构包括飞机控制域、信息受信域、信息开放域、客舱网络域和公共网络域;所述机载网络架构的面向接口型总线的数据传输结构包括ARINC429、ARINC825、ARINC664;The airborne network architecture includes an aircraft control domain, an information trusted domain, an information open domain, a cabin network domain, and a public network domain; the interface bus-oriented data transmission structure of the airborne network architecture includes ARINC429, ARINC825, and ARINC664;

所述机载网络架构暴露的网络接口点包括网关与各网络域、各网络域之间;机载信息系统之间的网络数据交互点包括乘客界面、改装公司提供的软件平台、机载娱乐系统;机载信息系统与地面信息系统之间的网络数据交互方式包括电子飞行包、乘务操作PAD;访问权限包括非法用户进入机载网络;所述机载网络架构的威胁状态包括:获取信息、篡改信息、利用服务、拒绝服务和提升权限非法操作;The network interface points exposed by the airborne network architecture include the gateway and each network domain, and between each network domain; the network data interaction points between the airborne information systems include the passenger interface, the software platform provided by the refitting company, and the onboard entertainment system. The network data interaction mode between the airborne information system and the ground information system includes electronic flight bag, flight attendant operation PAD; access authority includes illegal users entering the airborne network; the threat state of the airborne network architecture includes: obtaining information, tampering Information, use of services, denial of services and illegal operations of elevated privileges;

步骤102、对风险源及其威胁状态分别确立评估指标体系;具体方法为:Step 102, establishing evaluation index systems for risk sources and their threat states; specific methods are:

首先对风险源建立评估指标体系:目标层为要达到的风险评估目标;属性层是风险概率、风险影响、不可控制性;方案层是风险源造成的威胁;First, establish an evaluation index system for the risk source: the target layer is the risk assessment target to be achieved; the attribute layer is the risk probability, risk impact, and uncontrollability; the program layer is the threat caused by the risk source;

其次对风险源威胁状态建立评估指标体系:目标层为要达到的风险评估目标;属性层是保密性、完整性、可用性;第三层是在威胁状态的具体表现;Secondly, establish an evaluation index system for the threat state of the risk source: the target layer is the risk assessment goal to be achieved; the attribute layer is confidentiality, integrity, and availability; the third layer is the specific performance of the threat state;

步骤103、对指标权重赋值并检验一致性;具体方法为:Step 103, assigning index weights and checking consistency; the specific method is:

由两位技术工程师对指标进行赋值,其中赋值的规则为:以上层某一元素为标准,对下层各指标相对于该元素的重要性进行两两比较,在已规定的标度中选择合适的值,建立判断矩阵:B1={bij},B2={bij};Two technical engineers assign values to the indicators, and the assignment rules are as follows: compare the importance of each indicator in the lower layer relative to the element based on a certain element in the upper layer, and select the appropriate one from the specified scale. value, establish a judgment matrix: B 1 ={b ij }, B 2 ={b ij };

为了获得各个指标之间比较的重要程度,每次取两个进行比较并采用Saaty提出的标度法进行数值化,其中:bij=1,bij=1/bij(i,j=1,2,…,n)In order to obtain the importance of the comparison between each index, take two comparisons each time and use the scaling method proposed by Saaty for numericalization, where: b ij = 1, b ij = 1/b ij (i, j = 1 ,2,…,n)

加权平均综合技术工程师意见,构造B*={bij},其中: Weighted average comprehensive technical engineer opinion, construct B * = {b ij }, where:

对构造的矩阵进行一致性检验,即计算修正的一致性指标:CR=CI/RI,其中CI为一致性指标:RI为对比查找得到的平均随机一致性指标,判断条件是:Carry out a consistency test on the constructed matrix, that is, calculate the corrected consistency index: CR=CI/RI, where CI is the consistency index: RI is the average random consistency index obtained by comparison search, and the judgment condition is:

当矩阵不符合一致性要求时,通过更改一些比较值,任何重新检验;Any revalidation by changing some comparison values when the matrix does not meet the consistency requirements;

当矩阵符合一致性要求时,则执行步骤104;When the matrix meets the consistency requirement, then perform step 104;

步骤104、求各层指标权重并归一化处理;具体步骤为:Step 104, calculating and normalizing the index weights of each layer; the specific steps are:

计算相对权重:即被比较指标相对于上一层元素的重要程度,这种排序方式称为层次单排序;Calculation of relative weight: that is, the importance of the compared index relative to the elements of the previous layer. This sorting method is called hierarchical single sorting;

当判断矩阵B*通过一致性检验后,计算判断矩阵每一行元素的乘积MiWhen the judgment matrix B * passes the consistency check, calculate the product M i of the elements in each row of the judgment matrix:

用方根法得到归一化之前的权重 Use the square root method to get the weight before normalization

其中向量 where the vector

进行归一化处理,得到权重W,则:Will Perform normalization processing to obtain the weight W, then:

W=(W1,W2,…,Wn)TW=(W 1 ,W 2 ,...,W n ) T ,

权重W即为所求的特征向量,其中:The weight W is the required feature vector, where:

计算第三层合成权重:合成权重是指某指标相对于最上层元素的权重,是自下而上通过和积法逐层计算得到的;对于与最上层直接关联的指标,其合成权重等于相对权重;否则等于该指标的相对权重和其上层关联元素的合成权重之积;Calculate the composite weight of the third layer: the composite weight refers to the weight of an index relative to the top layer element, which is calculated layer by layer through the sum product method from bottom to top; for the index directly related to the top layer, its composite weight is equal to the relative Weight; otherwise, it is equal to the product of the relative weight of the indicator and the composite weight of its upper-level associated elements;

步骤105、划分风险等级即确定灰类;其具体步骤为:Step 105, dividing the risk level is to determine the gray class; the specific steps are:

将网络风险等级划分为5个风险等级,即5个灰类,由两位技术工程师进行打分,记作评估值Ei(c1,c2,c3,c4,c5,c6),计算得到评估矩阵D=(dij)n*m,其中:Divide the network risk level into 5 risk levels, that is, 5 gray classes, which are scored by two technical engineers and recorded as the evaluation value E i (c 1 , c 2 , c 3 , c 4 , c 5 , c 6 ) , the evaluation matrix D=(d ij ) n*m is calculated, where:

步骤106、建立白化权函数;构造白化权函数的具体方法为:Step 106, establishing a whitening weight function; the specific method of constructing a whitening weight function is:

设有m个指标,s个灰类,n个对象,设xij(i=1,2,…,n;j=1,2,…,m)为对象i关于指标j的样本值,即实际值dijThere are m indicators, s gray classes, and n objects, and x ij (i=1,2,…,n; j=1,2,…,m) is the sample value of object i with respect to index j, namely actual value d ij ;

称作k子类j指标的白化权函数:Assume The whitening weight function called k subclass j index:

①若只有两个转折点,则函数表示上限测度:① if only Two turning points, the function represents an upper bound measure:

②若只有两个转折点,则函数表示下限测度;② if only Two turning points, the function represents the lower bound measure;

③若的第二和第三个转折点重合,则函数表示适中测度:③If The second and third turning points of coincide, the function represents a moderate measure:

步骤107、计算灰色聚类系数并判断所属灰类;具体步骤为:Step 107, calculating the gray clustering coefficient and judging the gray class to which it belongs; the specific steps are:

设ηj(j=1,2,…,m)是各聚类指标的权,其中ηj即为W;Suppose η j (j=1,2,...,m) is the weight of each clustering index, where η j is W;

为对象i属于k灰类的灰色定权聚类系数,则为:Assume is the gray fixed weight clustering coefficient of the object i belonging to the k gray class, then for:

根据最大化原则作聚类分析得到对象i属于灰类k:According to the cluster analysis based on the principle of maximization, the object i belongs to the gray class k:

步骤108、基于以上步骤对风险源威胁状态进行二次评估;二次评估的具体方法与步骤101到步骤107相同。Step 108 , based on the above steps, conduct a second assessment of the threat status of the risk source; the specific method of the second assessment is the same as that of steps 101 to 107 .

进一步:第三层权重等于其相对权重Wc和B层关联元素Wi的合成权重之积:Further: third layer weights It is equal to the product of its relative weight W c and the composite weight of the associated element W i of layer B:

本发明具有的优点和积极效果是:The advantages and positive effects that the present invention has are:

该专利在分析新型机载网络架构的基础上确定其风险源与风险状态,然后基于层析分析法和灰色聚类法对风险源进行评估,最后对其威胁状态进行二次评估,综合两次评估对风险评估结果进行优化,防止单次评估结果偏差和不准确。The patent determines its risk sources and risk status on the basis of analyzing the new airborne network architecture, then evaluates the risk sources based on tomographic analysis and gray clustering methods, and finally conducts a second assessment of its threat status, and synthesizes it twice The assessment optimizes the risk assessment results to prevent the deviation and inaccuracy of a single assessment result.

附图说明:Description of drawings:

图1新型机载网络架构示意图;Figure 1 Schematic diagram of the new airborne network architecture;

图2改进的AHP-GCM方法设计流程;Fig. 2 Improved AHP-GCM method design process;

图3新型机载网络安全风险评估体系一;Figure 3 New airborne network security risk assessment system 1;

图4新型机载网络安全风险评估体系二;Figure 4 New airborne network security risk assessment system II;

图5上测限度白化权函数示意图;Figure 5 is a schematic diagram of the whitening weight function of the upper measurement limit;

图6下测限度白化权函数示意图;Figure 6 is a schematic diagram of the whitening weight function of the lower measurement limit;

图7适中测度白化权函数示意图。Fig. 7 Schematic diagram of moderate measure whitening weight function.

具体实施方式detailed description

为能进一步了解本发明的发明内容、特点及功效,兹例举以下实施例,并配合附图详细说明如下:In order to further understand the invention content, characteristics and effects of the present invention, the following examples are given, and detailed descriptions are as follows in conjunction with the accompanying drawings:

请参阅图1,图1显示了新型机载网络架构的设计模式:飞机控制域指关系到飞行安全和需要安保防护的目标系统的机载数据网络,它连接了包括航电核心系统,飞控、导航、动力、显示、通信等系统,主要为操纵飞机正常飞行和提供安全措施的机载系统。Please refer to Figure 1, Figure 1 shows the design pattern of the new airborne network architecture: the aircraft control domain refers to the airborne data network related to flight safety and target systems that require security protection, which connects the core system of avionics, flight control , navigation, power, display, communication and other systems are mainly airborne systems that control the normal flight of the aircraft and provide safety measures.

信息受信域是低安全等级网络到高安全等级网络之间的一个过渡网络,作用主要是隔离内外网络,保证信息开放域到飞机控制域的网络通信安全。The information trusted domain is a transitional network between the low security level network and the high security level network. Its main function is to isolate the internal and external networks and ensure the security of network communication from the information open domain to the aircraft control domain.

信息开放域保证了机载网络与地面公共网络的通信安全,主要指信息系统与机外网络域的客舱网络域的连通网络。The information open domain ensures the communication security between the airborne network and the ground public network, and mainly refers to the connection network between the information system and the cabin network domain of the off-board network domain.

客舱网络域连接客舱核心,机载娱乐和外部通信系统。The cabin network domain connects the cabin core, in-flight entertainment and external communication systems.

公共网络域属于非受信网络。Public network domains are untrusted networks.

请参阅图2至图7,一种基于改进AHP-GCM的机载网络安全风险评估方法,包括以下步骤:Please refer to Figure 2 to Figure 7, an airborne network security risk assessment method based on the improved AHP-GCM, including the following steps:

步骤101、分析新型机载网络架构风险源;具体方法为:Step 101, analyzing the risk sources of the new airborne network architecture; the specific method is:

由于飞机机载数据网络与地面公共网络的安保等级不同,一般飞机主要分为飞机控制域,航空公司信息服务域,旅客信息和机载娱乐域;而新型飞机细分为飞机控制域,信息受信域,信息开放域,客舱网络域和公共网络域。Due to the different security levels of aircraft on-board data network and ground public network, general aircraft is mainly divided into aircraft control domain, airline information service domain, passenger information and in-flight entertainment domain; domain, information open domain, cabin network domain and public network domain.

由于新型机载网络架构支持更多网络域的交互,从之前单一的面向接口型单工总线ARINC429数据传输结构变成ARINC429、ARINC825、ARINC664并存,因此暴露的风险源也大大增加:Since the new airborne network architecture supports the interaction of more network domains, from the previous single interface-oriented simplex bus ARINC429 data transmission structure to the coexistence of ARINC429, ARINC825, and ARINC664, the source of exposed risks has also greatly increased:

暴露的网络接口点;机载信息系统之间的网络数据交互点;机载信息系统与地面信息系统之间的网络数据交互方式。其威胁状态也分别有不同的具体表现;Exposed network interface points; network data interaction points between airborne information systems; network data interaction methods between airborne information systems and ground information systems. The threat states also have different specific manifestations;

步骤102、对风险源及其威胁状态分别确立评估指标体系;上述确立评估指标体系的具体方法为:Step 102, establishing evaluation index systems for risk sources and their threat states; the specific method for establishing the evaluation index system is as follows:

首先对风险源建立评估指标体系:目标层即最高层为要达到的风险评估目标;属性层即第二层是风险概率、风险影响、不可控制性;第三层即方案层是风险源造成的威胁:网关与各网域接口点、各网域之间接口点、软件平台与机载娱乐系统数据交互点、乘务使用PAD、电子飞行包(EFB),非法修改用户代码;First, establish an evaluation index system for the risk source: the target layer, the highest layer, is the risk assessment target to be achieved; the attribute layer, the second layer, is the risk probability, risk impact, and uncontrollability; the third layer, the program layer, is caused by the risk source Threats: interface points between gateways and network domains, interface points between network domains, data interaction points between software platforms and in-flight entertainment systems, use of PADs and electronic flight bags (EFBs) by flight attendants, and illegal modification of user codes;

其次对风险源威胁状态建立评估指标体系:目标层为要达到的风险评估目标;属性层即第二层是保密性、完整性、可用性;第三层是在威胁状态的具体表现:获取信息、篡改信息、利用服务、拒绝服务、提升权限非法操作。Secondly, establish an evaluation index system for the threat state of the risk source: the target layer is the risk assessment goal to be achieved; the attribute layer, that is, the second layer is confidentiality, integrity, and availability; the third layer is the specific performance of the threat state: obtaining information, Tampering with information, using services, refusing services, and escalating privileges for illegal operations.

步骤103、对指标权重赋值并检验一致性;对指标权重赋值并检验一致性的具体方法为:Step 103, assigning values to index weights and checking consistency; the specific method of assigning values to index weights and checking consistency is as follows:

邀请两位技术工程师对指标进行赋值,其中赋值的规则为:以上层某一元素为标准,对下层各指标相对于该元素的重要性进行两两比较,在已规定的标度中选择合适的值,建立判断矩阵:B1={bij},B2={bij}。Invite two technical engineers to assign values to the indicators. The assignment rules are as follows: compare the importance of each indicator in the lower layer relative to the element, and select the appropriate one from the specified scale. value, establish a judgment matrix: B 1 ={b ij }, B 2 ={b ij }.

为了获得各个指标之间比较的重要程度,每次取两个进行比较并采用Saaty提出的标度法进行数值化,其中:bij=1,bij=1/bij(i,j=1,2,…,n)In order to obtain the importance of the comparison between each index, take two comparisons each time and use the scaling method proposed by Saaty for numericalization, where: b ij = 1, b ij = 1/b ij (i, j = 1 ,2,…,n)

加权平均综合技术工程师意见,构造B*={bij},其中: Weighted average comprehensive technical engineer opinion, construct B * = {b ij }, where:

对构造的矩阵要进行一致性检验,即计算修正的一致性指标:CR=CI/RI,其中CI为一致性指标:RI为对比查找得到的平均随机一致性指标,判断条件是:Consistency check is performed on the constructed matrix, that is, to calculate the corrected consistency index: CR=CI/RI, where CI is the consistency index: RI is the average random consistency index obtained by comparison search, and the judgment condition is:

当矩阵不符合一致性要求时,需要更改一些比较值重新检验;When the matrix does not meet the consistency requirements, some comparison values need to be changed for re-inspection;

步骤104、求各层指标权重并归一化处理;求各层指标权重并进行归一化处理的具体步骤为:Step 104, calculating the index weights of each layer and performing normalization processing; the specific steps for obtaining the index weights of each layer and performing normalization processing are:

计算相对权重:即被比较指标相对于上一层元素的重要程度,这种排序方式称为层次单排序;Calculation of relative weight: that is, the importance of the compared index relative to the elements of the previous layer. This sorting method is called hierarchical single sorting;

层次单排序计算问题可以归结为计算判断矩阵的最大特征根及其特征向量的问题。但一般来说,判断矩阵的最大特征根和相应的特征向量并不需要较高的精确度。本文采取一种简单计算判断矩阵最大特征根及相应特征向量的方法:The calculation problem of hierarchical single ranking can be reduced to the problem of calculating the largest eigenvalue and its eigenvector of the judgment matrix. But in general, the largest eigenvalues and corresponding eigenvectors of the judgment matrix do not require high precision. This paper adopts a simple method of calculating the largest eigenvalue of the judgment matrix and the corresponding eigenvector:

当判断矩阵B*通过一致性检验后,计算判断矩阵每一行元素的乘积MiWhen the judgment matrix B * passes the consistency check, calculate the product M i of the elements in each row of the judgment matrix:

用方根法得到归一化之前的权重 Use the square root method to get the weight before normalization

其中向量 where the vector

进行归一化处理,得到权重W,则:Will Perform normalization processing to obtain the weight W, then:

W=(W1,W2,…,Wn)TW=(W 1 ,W 2 ,...,W n ) T ,

权重W即为所求的特征向量,其中:The weight W is the required feature vector, where:

计算第三层合成权重:合成权重是指某指标相对于最上层元素的权重,是自下而上通过和积法逐层计算得到的。对于与最上层直接关联的指标,其合成权重等于相对权重;否则等于该指标的相对权重和其上层关联元素的合成权重之积。Calculate the composite weight of the third layer: the composite weight refers to the weight of an indicator relative to the topmost element, which is calculated layer by layer through the sum-product method from bottom to top. For the indicator directly associated with the top layer, its composite weight is equal to the relative weight; otherwise, it is equal to the product of the relative weight of the indicator and the composite weight of its upper layer associated element.

本文中第三层权重等于其相对权重Wc和B层关联元素Wi的合成权重之积:In this paper, the third layer weight It is equal to the product of its relative weight W c and the composite weight of the associated element W i of layer B:

步骤105、划分风险等级即确定灰类;其具体步骤为:Step 105, dividing the risk level is to determine the gray class; the specific steps are:

对网络风险等级进行划分,分为5个风险等级,即5个灰类,由两位技术工程师进行打分,记作评估值Ei(c1,c2,c3,c4,c5,c6),计算得到评估矩阵D=(dij)n*m,其中:The network risk level is divided into 5 risk levels, that is, 5 gray categories, which are scored by two technical engineers and recorded as the evaluation value E i (c 1 , c 2 , c 3 , c 4 , c 5 , c 6 ), calculate the evaluation matrix D=(d ij ) n*m , where:

步骤106、建立白化权函数;构造白化权函数的具体方法为:Step 106, establishing a whitening weight function; the specific method of constructing a whitening weight function is:

设有m个指标,s个灰类,n个对象,设xij(i=1,2,…,n;j=1,2,…,m)为对象i关于指标j的样本值,即实际值dijThere are m indicators, s gray classes, and n objects, and x ij (i=1,2,…,n; j=1,2,…,m) is the sample value of object i with respect to index j, namely actual value d ij ;

称作k子类j指标的白化权函数:Assume The whitening weight function called k subclass j index:

④若只有两个转折点,则函数表示上限测度:④If only Two turning points, the function represents an upper bound measure:

⑤若只有两个转折点,则函数表示下限测度;⑤ if only Two turning points, the function represents the lower bound measure;

⑥若的第二和第三个转折点重合,则函数表示适中测度:⑥ if The second and third turning points of coincide, the function represents a moderate measure:

步骤107、计算灰色聚类系数并判断所属灰类;计算灰色聚类系数并判断所属灰类的具体步骤为:Step 107, calculating the gray clustering coefficient and judging the gray class to which it belongs; the specific steps for calculating the gray clustering coefficient and judging the gray class to which it belongs are:

设ηj(j=1,2,…,m)是各聚类指标的权,本文中ηj即为W;Suppose η j (j=1,2,...,m) is the weight of each clustering index, in this paper η j is W;

为对象i属于k灰类的灰色定权聚类系数,则为:Assume is the gray fixed weight clustering coefficient of the object i belonging to the k gray class, then for:

根据最大化原则作聚类分析得到对象i属于灰类k:According to the cluster analysis based on the principle of maximization, the object i belongs to the gray class k:

步骤108、基于以上步骤对风险源威胁状态进行二次评估;二次评估的具体方法与步骤101到步骤107相同。Step 108 , based on the above steps, conduct a second assessment of the threat status of the risk source; the specific method of the second assessment is the same as that of steps 101 to 107 .

改进AHP-GCM方法的具体实施如下:The specific implementation of the improved AHP-GCM method is as follows:

Step1分析新型机载网络架构风险源Step1 Analyze the risk sources of the new airborne network architecture

对新型机载网络架构的风险源进行分析归类,主要分为:暴露的网络接口点——网关与各网络域、各网络域之间(其中各网络域不包括飞机控制域);机载信息系统之间的网络数据交互点——乘客界面、改装公司提供的软件平台、机载娱乐系统;机载信息系统与地面信息系统之间的网络数据交互方式——电子飞行包、乘务操作PAD;访问权限——非法用户进入机载网络(修改可执行代码)。其威胁状态主要分为五种:获取信息、篡改信息、利用服务、拒绝服务和提升权限非法操作;改进AHP-GCM的方法设计流程图如图2所示;Analyze and classify the risk sources of the new airborne network architecture, which are mainly divided into: exposed network interface points—the gateway and each network domain, and between each network domain (each network domain does not include the aircraft control domain); Network data interaction points between information systems—passenger interface, software platform provided by modification companies, and in-flight entertainment systems; network data interaction methods between airborne information systems and ground information systems—electronic flight bag, flight attendant operation PAD ; Access rights - illegal users enter the airborne network (modify executable code). Its threat status is mainly divided into five types: obtaining information, tampering with information, using services, denying services, and illegal operations with elevated privileges; the flow chart of the method design for improving AHP-GCM is shown in Figure 2;

Step2对风险源及其威胁状态分别确立评估指标体系Step 2 Establish evaluation index systems for risk sources and their threat status

首先对风险源建立评估指标体系:目标层即最高层为要达到的风险评估目标;属性层即第二层是风险概率、风险影响、不可控制性;第三层即方案层是风险源造成的威胁:网关与各网域接口点、各网域之间接口点、软件平台与机载娱乐系统数据交互点、乘务使用PAD、电子飞行包(EFB),非法修改用户代码;如图3所示First, establish an evaluation index system for the risk source: the target layer, the highest layer, is the risk assessment target to be achieved; the attribute layer, the second layer, is the risk probability, risk impact, and uncontrollability; the third layer, the program layer, is caused by the risk source Threats: interface points between gateways and network domains, interface points between network domains, data interaction points between software platforms and in-flight entertainment systems, flight attendants use PADs, electronic flight bags (EFBs), and illegally modify user codes; as shown in Figure 3

其次对风险源威胁状态建立评估指标体系:目标层为要达到的风险评估目标;属性层即第二层是保密性、完整性、可用性;第三层是在威胁状态的具体表现:获取信息、篡改信息、利用服务、拒绝服务、提升权限非法操作;如图2所示;Secondly, establish an evaluation index system for the threat state of the risk source: the target layer is the risk assessment goal to be achieved; the attribute layer, that is, the second layer is confidentiality, integrity, and availability; the third layer is the specific performance of the threat state: obtaining information, Illegal operations of tampering with information, using services, refusing services, and escalating privileges; as shown in Figure 2;

Step3对指标权重赋值并检验一致性Step3 Assign the index weight and check the consistency

由技术工程师意见构造的判断矩阵如下:The judgment matrix constructed from the opinions of technical engineers is as follows:

加权平均后的矩阵为:The matrix after weighted average is:

对矩阵B1进行一致性检验:Consistency check on matrix B 1 :

RI=0.52,CR=0.05154<0.1RI=0.52, CR=0.05154<0.1

则满足一致性要求,同理,B2、B*均满足。Then the consistency requirement is satisfied, and similarly, both B 2 and B * are satisfied.

Step4求各层指标权重并归一化处理Step4 Calculate the index weights of each layer and normalize them

矩阵B*每行元素的乘积为:M1=11.3136,M2=0.0791,M3=1.1150;方根法得到的权重为:The product of elements in each row of matrix B * is: M 1 =11.3136, M 2 =0.0791, M 3 =1.1150; the weight obtained by the square root method is:

but

进行归一化处理,得到第二层权重W为:Will After normalization, the weight W of the second layer is obtained as:

W=(0.6048,0.1156,0.2796)T,即b1,b2,b3权重分别为0.6048,0.1156,0.2796。W=(0.6048, 0.1156, 0.2796) T , that is, the weights of b 1 , b 2 , and b 3 are 0.6048, 0.1156, and 0.2796, respectively.

第三层权重等于其相对权重Wc和B层关联元素Wi的合成权重之积,其中相对权重Wc为:third layer weight is equal to the product of its relative weight W c and the combined weight of the associated element W i of layer B, where the relative weight W c is:

Wc=(0.3686,0.1469,0.0778,0.0778,0.1420,0.1869)TWc = ( 0.3686 , 0.1469, 0.0778, 0.0778, 0.1420, 0.1869) T ;

则C层合成权重为:Then the composite weight of layer C for:

Step5划分风险等级即确定灰类Step5 Divide the risk level to determine the gray class

对网络风险等级进行划分,分为5个风险等级,即5个灰类,风险等级分别为低,较低,中,较高,高,对应的量化值为1,2,3,4,5。Divide the network risk level into 5 risk levels, that is, 5 gray classes, the risk levels are low, low, medium, high, high, and the corresponding quantitative values are 1, 2, 3, 4, 5 .

根据技术工程师打分的评估值,计算得到评估矩阵D=(dij)n*mAccording to the evaluation value scored by the technical engineer, the evaluation matrix D=(d ij ) n*m is calculated:

Step6建立白化权函数Step6 Establish whitening weight function

设有m个指标,s个灰类,n个对象,即在本文中,m=6,s=5,n=2;设xij(i=1,2,…,n;j=1,2,…,m)为对象i关于指标j的样本值,即实际值dijThere are m indicators, s gray classes, and n objects, that is, in this article, m=6, s=5, n=2; set x ij (i=1,2,...,n; j=1, 2,...,m) is the sample value of object i with respect to index j, that is, the actual value d ij ;

称作k子类j指标的白化权函数,三种白化权函数表示如图5,图6,图7所示,则建立白化权函数如下:Assume It is called the whitening weight function of k subclass j index, and the three whitening weight functions are shown in Figure 5, Figure 6, and Figure 7, and the whitening weight function is established as follows:

Step7计算灰色聚类系数并判断所属灰类Step7 Calculate the gray clustering coefficient and judge the gray class to which it belongs

本文中各聚类指标的权ηj即为W,则ηj=(0.6048,0.1156,0.2796),那么灰色定权聚类系数为:The weight η j of each cluster index in this paper is W, then η j = (0.6048, 0.1156, 0.2796), then the gray fixed weight clustering coefficient for:

则技术工程师1对网络的聚类向量为:σ1=(0.3952 0.5596 0.0452 0 0),同理可得技术工程师2对网络的聚类向量为:σ2=(0.5922 0.4078 0.0632 0 0);Then the clustering vector of technical engineer 1 to the network is: σ 1 =(0.3952 0.5596 0.0452 0 0), and similarly, the clustering vector of technical engineer 2 to the network is: σ 2 =(0.5922 0.4078 0.0632 0 0);

根据最大化原则作聚类分析,即:According to the principle of maximization for cluster analysis, which is:

k=1,从而确定该新型机载网络安全风险所属灰类即风险等级为第一类,即“低”风险。 k=1, so that it is determined that the gray category, that is, the risk level, of the new airborne network security risk is the first category, that is, "low" risk.

Step8基于以上步骤对风险源威胁状态进行二次评估Step8 Based on the above steps, conduct a second assessment of the threat status of the risk source

对图4进行Step1到Step7的分析计算步骤得到合成权重为:Perform the analysis and calculation steps from Step 1 to Step 7 in Figure 4 to obtain the composite weight for:

得到的灰色定权聚类向量为:σ1=(0 0.1002 0.2786 0.6212 0),The obtained gray fixed weight clustering vector is: σ 1 =(0 0.1002 0.2786 0.6212 0),

σ2=(0 0.1002 0.0632 0.5675 0.2732)。σ 2 =(0 0.1002 0.0632 0.5675 0.2732).

根据最大化原则作聚类分析,即:According to the principle of maximization for cluster analysis, which is:

从而确定该新型机载网络安全风险所属灰类即风险等级为第4类,即“较高”风险。 Therefore, it is determined that the new type of airborne network security risk belongs to the gray category, that is, the risk level is the fourth category, that is, "higher" risk.

由以上分析评估可知,根据风险源的风险概率,影响,不可控制性以及造成的威胁建立指标体系,得到的新型机载网络的安全风险等级是“低”,但是再分析威胁状态,发现风险等级为“较高”。From the above analysis and evaluation, it can be known that the index system is established based on the risk probability, impact, uncontrollability and threats caused by the risk source, and the security risk level of the new airborne network is "low". However, after analyzing the threat status, it is found that the risk level to "higher".

如果风险评估人员只根据前者就给出风险评估结论,工作人员很有可能会忽视这些风险因素带来的严重后果。只有将风险源的威胁及其威胁状态结合起来,构造两个评估指标体系,才能给出更合理更全面的风险评估结果。If risk assessors give risk assessment conclusions based only on the former, staff are likely to ignore the serious consequences of these risk factors. Only by combining the threats of risk sources and their threat status to construct two assessment index systems can a more reasonable and comprehensive risk assessment result be given.

以上对本发明的实施例进行了详细说明,但所述内容仅为本发明的较佳实施例,不能被认为用于限定本发明的实施范围。凡依本发明申请范围所作的均等变化与改进等,均应仍归属于本发明的专利涵盖范围之内。The embodiments of the present invention have been described in detail above, but the content described is only a preferred embodiment of the present invention, and cannot be considered as limiting the implementation scope of the present invention. All equivalent changes and improvements made according to the application scope of the present invention shall still belong to the scope covered by the patent of the present invention.

Claims (2)

1. a kind of onboard networks safety risk estimating method based on advanced AHP-GCM, it is characterised in that:Comprise the following steps:
Step 101, analysis onboard networks framework risk source;Specific method is:
The onboard networks framework includes aircraft control domain, information recipient domain, information opening domain, cabin network domain and public network Domain;The data transmission structure towards interface type bus of the onboard networks framework include ARINC429, ARINC825, ARINC664;
The network interface point of the onboard networks framework exposure is included between gateway and each network domains, each network domains;Airborne information Network data exchange point between system includes passenger interface, the software platform that repacking company provides, airborne entertainment system;It is airborne Network data exchange mode between information system and Ground Information System includes EFB, service on buses or trains operation PAD;Access right Limit includes disabled user and enters onboard networks;The threatened status of the onboard networks framework include:Obtain information, distort information, Utilize service, refusal service and lifting authority illegal operation;
Step 102, evaluation index system is established respectively to risk source and its threatened status;Specific method is:
Evaluation index system is set up to risk source first:Destination layer is the risk assessment target to be reached;Attribute layer is that risk is general Rate, venture influence, uncontrollability;Solution layer is the threat that risk source is caused;
Secondly evaluation index system is set up to risk source threatened status:Destination layer is the risk assessment target to be reached;Attribute layer It is confidentiality, integrality, availability;Third layer is the specific manifestation in threatened status;
Step 103, to index weights assignment and check consistency;Specific method is:
Assignment is carried out to index by two technicians, the rule of wherein assignment is:Using a certain element in upper strata as standard, under Each index of layer is compared two-by-two relative to the importance of the element, and suitable value is selected in defined scale, and foundation is sentenced Disconnected matrix:B1={ bij, B2={ bij};
In order to obtain the significance level compared between each index, two marks for being compared and being proposed using Saaty are taken every time Degree method is quantized, wherein:bij=1, bij=1/bij(i, j=1,2 ..., n)
Weighted average complex art engineer's opinion, constructs B*={ bij, wherein:
Consistency check is carried out to the matrix of construction, that is, calculates the coincident indicator of amendment:CR=CI/RI, wherein CI are consistent Property index:RI searches obtained Aver-age Random Consistency Index for contrast, and Rule of judgment is:
It is any to examine again by changing some fiducial values when matrix does not meet coherence request;
When matrix meets coherence request, then step 104 is performed;
Step 104, ask each layer index weights and normalized;Concretely comprise the following steps:
Calculate relative weighting:Significance level i.e. by Comparative indices relative to last layer element, this sortord is referred to as level Single sequence;
As judgment matrix B*After consistency check, the product M of each row element of judgment matrix is calculatedi
<mrow> <msub> <mi>M</mi> <mn>1</mn> </msub> <mo>=</mo> <msubsup> <mo>&amp;Pi;</mo> <mrow> <mi>j</mi> <mo>=</mo> <mn>1</mn> </mrow> <mi>n</mi> </msubsup> <msub> <mi>b</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> <mo>,</mo> <mi>i</mi> <mo>=</mo> <mn>1</mn> <mo>,</mo> <mn>2</mn> <mo>,</mo> <mn>3</mn> <mo>,</mo> <mo>...</mo> <mo>,</mo> <mi>n</mi> <mo>;</mo> </mrow>
Weight before being normalized with root method
<mrow> <mover> <msub> <mi>W</mi> <mi>i</mi> </msub> <mo>&amp;OverBar;</mo> </mover> <mo>=</mo> <mroot> <msub> <mi>M</mi> <mi>i</mi> </msub> <mi>n</mi> </mroot> <mo>;</mo> </mrow>
It is wherein vectorial
<mrow> <mover> <mi>W</mi> <mo>&amp;OverBar;</mo> </mover> <mo>=</mo> <msup> <mrow> <mo>(</mo> <mover> <msub> <mi>W</mi> <mi>i</mi> </msub> <mo>&amp;OverBar;</mo> </mover> <mo>,</mo> <mover> <msub> <mi>W</mi> <mn>2</mn> </msub> <mo>&amp;OverBar;</mo> </mover> <mo>,</mo> <mn>...</mn> <mo>,</mo> <mover> <msub> <mi>W</mi> <mi>n</mi> </msub> <mo>&amp;OverBar;</mo> </mover> <mo>)</mo> </mrow> <mi>T</mi> </msup> <mo>;</mo> </mrow>
WillIt is normalized, obtains weight W, then:
W=(W1,W2,…,Wn)T,
Weight W is required characteristic vector, wherein:
<mrow> <msub> <mi>W</mi> <mi>i</mi> </msub> <mo>=</mo> <mfrac> <mover> <msub> <mi>W</mi> <mi>i</mi> </msub> <mo>&amp;OverBar;</mo> </mover> <mrow> <msubsup> <mi>&amp;Sigma;</mi> <mrow> <mi>i</mi> <mo>=</mo> <mn>1</mn> </mrow> <mi>n</mi> </msubsup> <mover> <msub> <mi>W</mi> <mi>i</mi> </msub> <mo>&amp;OverBar;</mo> </mover> </mrow> </mfrac> <mo>;</mo> </mrow>
Calculate third layer synthetic weight:Synthetic weight refers to weight of certain index relative to the superiors' element, is logical from bottom to top Cross and area method successively calculates what is obtained;For the index with the superiors direct correlation, its synthetic weight is equal to relative weighting;Otherwise Equal to the product of the relative weighting and the synthetic weight of its upper strata associated element of the index;
Step 105, division risk class are to determine grey class;It is concretely comprised the following steps:
It is 5 risk class by network risks grade classification, i.e., 5 grey classes are given a mark by two technicians, are denoted as commenting Valuation Ei(c1, c2, c3, c4, c5, c6), calculating obtains evaluating matrix D=(dij)n*m, wherein:
<mrow> <msub> <mi>d</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> <mo>=</mo> <msub> <mi>E</mi> <mi>i</mi> </msub> <mo>*</mo> <msubsup> <mi>W</mi> <msub> <mi>b</mi> <mi>i</mi> </msub> <mo>*</mo> </msubsup> <mo>;</mo> </mrow>
Step 106, set up whitened weight function;Construction whitened weight function specific method be:
Provided with m index, s grey class, n object, if xij(i=1,2 ..., n;J=1,2 ..., m) for object i on index j Sample value, i.e. actual value dij
IfThe referred to as whitened weight function of k subclasses j indexs:
If 1.OnlyTwo turning points, then function representation upper measure:
<mrow> <msubsup> <mi>f</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <msub> <mi>x</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> <mo>)</mo> </mrow> <mo>=</mo> <mfenced open = "{" close = ""> <mtable> <mtr> <mtd> <mn>0</mn> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;Element;</mo> <mo>&amp;lsqb;</mo> <mn>0</mn> <mo>,</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>1</mn> <mo>)</mo> </mrow> <mo>&amp;rsqb;</mo> </mrow> </mtd> </mtr> <mtr> <mtd> <mfrac> <mrow> <msub> <mi>x</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> <mo>-</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>1</mn> <mo>)</mo> </mrow> </mrow> <mrow> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>2</mn> <mo>)</mo> </mrow> <mo>-</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>1</mn> <mo>)</mo> </mrow> </mrow> </mfrac> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;Element;</mo> <mrow> <mo>(</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mo>(</mo> <mn>1</mn> <mo>)</mo> </mrow> <mo>,</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>2</mn> <mo>)</mo> </mrow> <mo>&amp;rsqb;</mo> </mrow> </mtd> </mtr> <mtr> <mtd> <mn>1</mn> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;Element;</mo> <mrow> <mo>(</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mo>(</mo> <mn>2</mn> <mo>)</mo> <mo>,</mo> <mo>+</mo> <mi>&amp;infin;</mi> <mo>)</mo> </mrow> </mrow> </mtd> </mtr> </mtable> </mfenced> <mo>;</mo> </mrow>
If 2.OnlyTwo turning points, then function representation lower limit estimate;
<mrow> <msubsup> <mi>f</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <msub> <mi>x</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> <mo>)</mo> </mrow> <mo>=</mo> <mfenced open = "{" close = ""> <mtable> <mtr> <mtd> <mn>1</mn> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;Element;</mo> <mo>&amp;lsqb;</mo> <mn>0</mn> <mo>,</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>3</mn> <mo>)</mo> </mrow> <mo>&amp;rsqb;</mo> </mrow> </mtd> </mtr> <mtr> <mtd> <mfrac> <mrow> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>4</mn> <mo>)</mo> </mrow> <mo>-</mo> <msub> <mi>x</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> </mrow> <mrow> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>4</mn> <mo>)</mo> </mrow> <mo>-</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>3</mn> <mo>)</mo> </mrow> </mrow> </mfrac> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;Element;</mo> <mo>(</mo> <mn>1</mn> <mo>,</mo> <mn>2</mn> <mo>&amp;rsqb;</mo> </mrow> </mtd> </mtr> <mtr> <mtd> <mn>0</mn> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;Element;</mo> <mrow> <mo>(</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mo>(</mo> <mn>4</mn> <mo>)</mo> <mo>,</mo> <mo>+</mo> <mi>&amp;infin;</mi> <mo>)</mo> </mrow> </mrow> </mtd> </mtr> </mtable> </mfenced> <mo>;</mo> </mrow>
If 3.Second and the 3rd turning point overlap, then function representation is moderate estimates:
<mrow> <msubsup> <mi>f</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <msub> <mi>x</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> <mo>)</mo> </mrow> <mo>=</mo> <mfenced open = "{" close = ""> <mtable> <mtr> <mtd> <mfrac> <mrow> <msub> <mi>x</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> <mo>-</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>1</mn> <mo>)</mo> </mrow> </mrow> <mrow> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>2</mn> <mo>)</mo> </mrow> <mo>-</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>1</mn> <mo>)</mo> </mrow> </mrow> </mfrac> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;Element;</mo> <mo>&amp;lsqb;</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>1</mn> <mo>)</mo> </mrow> <mo>,</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>2</mn> <mo>)</mo> </mrow> <mo>&amp;rsqb;</mo> </mrow> </mtd> </mtr> <mtr> <mtd> <mfrac> <mrow> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>4</mn> <mo>)</mo> </mrow> <mo>-</mo> <msub> <mi>x</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> </mrow> <mrow> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>4</mn> <mo>)</mo> </mrow> <mo>-</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>2</mn> <mo>)</mo> </mrow> </mrow> </mfrac> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;Element;</mo> <mrow> <mo>(</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mo>(</mo> <mn>2</mn> <mo>)</mo> </mrow> <mo>,</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>4</mn> <mo>)</mo> </mrow> <mo>&amp;rsqb;</mo> </mrow> </mtd> </mtr> <mtr> <mtd> <mn>0</mn> </mtd> <mtd> <mrow> <mi>x</mi> <mo>&amp;NotElement;</mo> <mo>&amp;lsqb;</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>1</mn> <mo>)</mo> </mrow> <mo>,</mo> <msubsup> <mi>x</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <mn>4</mn> <mo>)</mo> </mrow> <mo>&amp;rsqb;</mo> </mrow> </mtd> </mtr> </mtable> </mfenced> <mo>;</mo> </mrow>
Step 107, calculating grey cluster coefficient simultaneously judge affiliated grey class;Concretely comprise the following steps:
If ηj(j=1,2 ..., m) be each clustering target power, wherein ηjAs W;
IfBelong to the grey fixed weight cluster coefficient of the grey classes of k for object i, thenFor:
<mrow> <msubsup> <mi>&amp;sigma;</mi> <mi>i</mi> <mi>k</mi> </msubsup> <mo>=</mo> <msubsup> <mi>&amp;Sigma;</mi> <mrow> <mi>j</mi> <mo>=</mo> <mn>1</mn> </mrow> <mi>m</mi> </msubsup> <msubsup> <mi>f</mi> <mi>j</mi> <mi>k</mi> </msubsup> <mrow> <mo>(</mo> <msub> <mi>x</mi> <mrow> <mi>i</mi> <mi>j</mi> </mrow> </msub> <mo>)</mo> </mrow> <mo>*</mo> <msub> <mi>&amp;eta;</mi> <mi>j</mi> </msub> <mo>;</mo> </mrow>
Object i is obtained as clustering according to maximization principle and belongs to grey class k:
<mrow> <munder> <mrow> <msubsup> <mi>&amp;sigma;</mi> <mi>i</mi> <mi>k</mi> </msubsup> <mo>=</mo> <mi>m</mi> <mi>a</mi> <mi>x</mi> </mrow> <mrow> <mn>1</mn> <mo>&amp;le;</mo> <mi>k</mi> <mo>&amp;le;</mo> <mi>s</mi> </mrow> </munder> <mo>{</mo> <msubsup> <mi>&amp;sigma;</mi> <mi>i</mi> <mi>k</mi> </msubsup> <mo>}</mo> <mo>;</mo> </mrow>
Step 108, based on above step to risk source threatened status carry out secondary evaluation;The specific method and step of secondary evaluation 101 is identical to step 107.
2. the onboard networks safety risk estimating method based on advanced AHP-GCM according to claim 1, it is characterised in that: Third layer weightEqual to its relative weighting WcWith B layers of associated element WiSynthetic weight product:
<mrow> <msubsup> <mi>W</mi> <msub> <mi>b</mi> <mi>i</mi> </msub> <mo>*</mo> </msubsup> <mo>=</mo> <msub> <mi>W</mi> <mi>c</mi> </msub> <mo>*</mo> <msub> <mi>W</mi> <mi>i</mi> </msub> <mo>.</mo> </mrow> 3
CN201710426968.4A 2017-06-08 2017-06-08 Onboard networks safety risk estimating method based on advanced AHP GCM Pending CN107239905A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710426968.4A CN107239905A (en) 2017-06-08 2017-06-08 Onboard networks safety risk estimating method based on advanced AHP GCM

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710426968.4A CN107239905A (en) 2017-06-08 2017-06-08 Onboard networks safety risk estimating method based on advanced AHP GCM

Publications (1)

Publication Number Publication Date
CN107239905A true CN107239905A (en) 2017-10-10

Family

ID=59986222

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710426968.4A Pending CN107239905A (en) 2017-06-08 2017-06-08 Onboard networks safety risk estimating method based on advanced AHP GCM

Country Status (1)

Country Link
CN (1) CN107239905A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108399340A (en) * 2018-03-06 2018-08-14 中国民航大学 Based on the onboard networks safety risk estimating method for improving FAHP and cloud model
CN109377029A (en) * 2018-10-08 2019-02-22 中国民航科学技术研究院 Aircraft operation safety risk assessment method, device, electronic equipment and storage medium
CN110245848A (en) * 2019-05-31 2019-09-17 口碑(上海)信息技术有限公司 The methods of risk assessment and device of program code
CN110968865A (en) * 2019-11-27 2020-04-07 桂林电子科技大学 A risk assessment method for Android software based on probability ontology
CN111245806A (en) * 2020-01-06 2020-06-05 北京航天测控技术有限公司 Network security test method, device and platform, storage medium and electronic device
CN111612290A (en) * 2020-03-31 2020-09-01 深圳奇迹智慧网络有限公司 Security scheme generation method and device, computer equipment and storage medium
CN112418641A (en) * 2020-11-18 2021-02-26 深圳大学 Subway station safety assessment method, device, server and storage medium
CN114358538A (en) * 2021-12-22 2022-04-15 华能煤炭技术研究有限公司 Coal mine coal face safety risk assessment method and system

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1770700A (en) * 2004-11-01 2006-05-10 中兴通讯股份有限公司 Threat Assessment Methods for Computer Attacks
CN101119236A (en) * 2006-07-31 2008-02-06 中国航天科技集团公司第五研究院第五一○研究所 A Comprehensive Evaluation System of Network Security
JP2008250869A (en) * 2007-03-30 2008-10-16 Quality Kk Management system, management server and management program
CN103366244A (en) * 2013-06-19 2013-10-23 深圳市易聆科信息技术有限公司 Method and system for acquiring network risk value in real time
CN103581186A (en) * 2013-11-05 2014-02-12 中国科学院计算技术研究所 Network security situation awareness method and system
CN104112181A (en) * 2014-06-12 2014-10-22 西北工业大学 Analytical hierarchy process-based information security Bayesian network evaluation method
CN104715318A (en) * 2014-12-04 2015-06-17 国家电网公司 Multi-dimensional operational risk evaluating method for communication network
WO2016003756A1 (en) * 2014-06-30 2016-01-07 Neo Prime, LLC Probabilistic model for cyber risk forecasting
CN105677762A (en) * 2015-12-31 2016-06-15 北京信息科技大学 System for analyzing coupling risks in failure behaviors of integrated avionics system under big data environment

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1770700A (en) * 2004-11-01 2006-05-10 中兴通讯股份有限公司 Threat Assessment Methods for Computer Attacks
CN101119236A (en) * 2006-07-31 2008-02-06 中国航天科技集团公司第五研究院第五一○研究所 A Comprehensive Evaluation System of Network Security
JP2008250869A (en) * 2007-03-30 2008-10-16 Quality Kk Management system, management server and management program
CN103366244A (en) * 2013-06-19 2013-10-23 深圳市易聆科信息技术有限公司 Method and system for acquiring network risk value in real time
CN103581186A (en) * 2013-11-05 2014-02-12 中国科学院计算技术研究所 Network security situation awareness method and system
CN104112181A (en) * 2014-06-12 2014-10-22 西北工业大学 Analytical hierarchy process-based information security Bayesian network evaluation method
WO2016003756A1 (en) * 2014-06-30 2016-01-07 Neo Prime, LLC Probabilistic model for cyber risk forecasting
CN104715318A (en) * 2014-12-04 2015-06-17 国家电网公司 Multi-dimensional operational risk evaluating method for communication network
CN105677762A (en) * 2015-12-31 2016-06-15 北京信息科技大学 System for analyzing coupling risks in failure behaviors of integrated avionics system under big data environment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘晓玲等: "基于灰色综合关联分析的网络安全评估", 《集成技术》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108399340A (en) * 2018-03-06 2018-08-14 中国民航大学 Based on the onboard networks safety risk estimating method for improving FAHP and cloud model
CN109377029A (en) * 2018-10-08 2019-02-22 中国民航科学技术研究院 Aircraft operation safety risk assessment method, device, electronic equipment and storage medium
CN109377029B (en) * 2018-10-08 2022-04-22 中国民航科学技术研究院 Aircraft operation safety risk assessment method, device, electronic equipment and storage medium
CN110245848A (en) * 2019-05-31 2019-09-17 口碑(上海)信息技术有限公司 The methods of risk assessment and device of program code
CN110968865A (en) * 2019-11-27 2020-04-07 桂林电子科技大学 A risk assessment method for Android software based on probability ontology
CN110968865B (en) * 2019-11-27 2022-03-11 桂林电子科技大学 A risk assessment method for Android software based on probability ontology
CN111245806A (en) * 2020-01-06 2020-06-05 北京航天测控技术有限公司 Network security test method, device and platform, storage medium and electronic device
CN111612290A (en) * 2020-03-31 2020-09-01 深圳奇迹智慧网络有限公司 Security scheme generation method and device, computer equipment and storage medium
CN111612290B (en) * 2020-03-31 2023-04-07 深圳奇迹智慧网络有限公司 Security scheme generation method and device, computer equipment and storage medium
CN112418641A (en) * 2020-11-18 2021-02-26 深圳大学 Subway station safety assessment method, device, server and storage medium
CN114358538A (en) * 2021-12-22 2022-04-15 华能煤炭技术研究有限公司 Coal mine coal face safety risk assessment method and system

Similar Documents

Publication Publication Date Title
CN107239905A (en) Onboard networks safety risk estimating method based on advanced AHP GCM
CN105045251B (en) The demand analysis of industrial control system functional safety and information security and fusion method
Yang et al. Hesitant interval‐valued Pythagorean fuzzy VIKOR method
CN110008442A (en) A pilot training control method based on pilot comprehensive ability evaluation
CN102799531B (en) A kind of method for testing software based on analytic hierarchy process
CN110490433A (en) A kind of train control system methods of risk assessment
CN104881609A (en) Credibility evaluation method of software unit of complex software system
CN104392393A (en) DEMATEL-ANP-VIKOR mixed selection method of power system security risk reduction schemes
CN108960677A (en) A kind of evaluation method of subway station operation security
CN106295332A (en) Based on interval number and the Information Security Risk Assessment Methods of ideal solution
CN104243478A (en) Safety protection capability assessment method and equipment of network equipment
CN105046421A (en) Comprehensive safety evaluation method for electric vehicle charging facility
CN114049026A (en) Industrial internet identification analysis risk assessment method based on analytic hierarchy process
CN101226614A (en) A Method for Assessing the Importance of Network Assets
CN104182796A (en) Determination method of urban rail transit vehicle maintenance mode
Mlinarić et al. Evaluation framework for key performance indicators of railway ITS
Li [Retracted] IF‐MABAC Method for Evaluating the Intelligent Transportation System with Intuitionistic Fuzzy Information
CN112434950B (en) Method for canceling truck charging adjustment risk assessment of provincial toll station and application
Lei et al. [Retracted] Operational Risk Assessment for International Transport Corridor: A Case Study of China‐Pakistan Economic Corridor
Chen et al. An extended HFACS based risk analysis approach for human error accident with interval type-2 fuzzy sets and prospect theory
Yameng et al. Ahp-grap based security evaluation method for mils system within cc framework
CN115688169A (en) Data classification and classification method, system, medium and computer equipment
CN102708041A (en) Method for calculating minimal software believability test case number
Yao et al. Evaluation and Analysis of a Method to Real‐Name Check Train Tickets during the COVID‐19 Pandemic
Lijuan et al. A network security evaluation method based on FUZZY and RST

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20171010

WD01 Invention patent application deemed withdrawn after publication