CN111585969B - Industrial control network security impact analysis method based on function analysis - Google Patents
Industrial control network security impact analysis method based on function analysis Download PDFInfo
- Publication number
- CN111585969B CN111585969B CN202010286162.1A CN202010286162A CN111585969B CN 111585969 B CN111585969 B CN 111585969B CN 202010286162 A CN202010286162 A CN 202010286162A CN 111585969 B CN111585969 B CN 111585969B
- Authority
- CN
- China
- Prior art keywords
- function
- process equipment
- functional
- influence
- attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Testing And Monitoring For Control Systems (AREA)
Abstract
The invention discloses an industrial control network security impact analysis method based on functional analysis, which comprises functional hierarchical modeling and functional decomposition; constructing a functional tree topological graph; asset collection and analysis, associating functions with devices; analyzing network security attack; evaluating the functional consequence influence; generating a function topological graph and establishing a hierarchical relationship from functions to equipment, thereby realizing objective quantification of the safety importance of equipment information; the final actual influence of the information security attack on the process system and the way of the influence of the information security attack on the process system can be analyzed, so that the objective quantification of the information security risk degree is realized.
Description
Technical Field
The invention belongs to the field of network security, and particularly relates to an industrial control network security impact analysis method based on function analysis.
Background
Since 2010 Stuxnet worm attacks the Iran nuclear facility, the information security problem of the industrial control system is highly emphasized by the international and domestic boundaries. Information security attacks can affect the availability, integrity and confidentiality of software and data, adversely affect the operation of systems, networks and related equipment, and pose a threat to industrial control systems. For information security attack, how to intuitively know the final influence of the information security attack on a process system is very important for system designers and system users, and by researching the actual influence of digital equipment influenced by the information security attack on the whole system process, the designers can more clearly know the vulnerability of the system and the link needing to focus on information security defense, so that the system users can fully evaluate the influence brought by the information security attack from events when facing the information security attack, and accordingly, targeted and effective measures are taken to deal with the situation.
Disclosure of Invention
The invention aims to provide an industrial control network security impact analysis method based on functional analysis, and the main steps of the method are explained.
An industrial control network security impact analysis method based on function analysis comprises the following steps:
step one, function layering modeling and function decomposition
Aiming at a process system, modeling analysis is carried out on a layered structure from the functional perspective, the analyzed function is expressed as a layered structure of a target-means, the top-layer function is graded layer by layer, and a layered model from the function to equipment is established;
step two, constructing a function tree topological graph
Constructing a related function tree topological graph by using the analysis result of the step one and combining the correlation relationship among the subfunctions, and reasoning out what influence will be generated by the failure of each subfunction;
third, asset collection and analysis, associating functions and equipment
Collecting asset information of all process equipment, analyzing assets for executing sub-functions, establishing an interactive relation between a digital chemical engineering control system and controlled process equipment, and associating the interactive relation with the sub-functions executed by the process equipment asset set;
step four, analyzing the network security attack
Analyzing the asset attribute and the attack surface of the process equipment asset set in the third step, reasoning out a network attack graph, analyzing the influence of different types of network attacks on the process equipment asset set, and quantifying the information security risk degree of the process equipment asset set;
step five, evaluating the influence of functional consequences
According to the result of the fourth step, evaluating the functional result caused by each attack path, and calculating the safety of the industrial control network; the safety performance of the industrial control network facing network attack can be obtained by integrating the information safety risk degree of the process equipment asset set.
The invention has the following beneficial effects:
(1) the invention can generate a functional topological graph and finally establish the hierarchical relationship from the functions to the equipment, thereby realizing the objective quantification of the safety importance of the equipment information.
(2) The method can analyze the final actual influence of the information security attack on the process system and the way of the influence of the information security attack on the process system, thereby realizing the objective quantification of the information security risk degree.
Drawings
FIG. 1 is a diagram of steps of a method for analyzing the security impact of an industrial control network;
FIG. 2 is a hierarchical schematic of an object-measure.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention more comprehensible, the present invention is described in detail with reference to the accompanying drawings and the detailed description thereof.
The invention analyzes the functions of the process system in a hierarchical structure, and expresses the functions as a hierarchical structure of the target-means. The hierarchical analysis starts from the top-level function, the top-level function is gradually decomposed to the process system for realizing the function, the subfunction of the process system is finally decomposed to the bottom-level process equipment for realizing the function, and thus the hierarchical relation of the function-subfunction-equipment is obtained. Then, through researching the interactive relation between the digital chemical industry control system and the controlled process equipment, a set of the process equipment and the digital chemical industry control system assets related to the process equipment is formed, and therefore the incidence relation between the top layer function and the digital assets is obtained. And then, carrying out network security attack face analysis and attack path analysis on the digital assets, researching the influence degree of the network security attack events on the integrity, the availability and the confidentiality of the digital assets, combining a hierarchical functional structure, upwards deducing the influence of the network attack on the process equipment of the digital assets, and the influence on the sub-functions executed by the process equipment, and finally obtaining the influence on the top-level function.
The industrial control network security impact analysis method based on the function analysis comprises the following steps:
1) functional layering modeling and functional decomposition;
for a process system, modeling analysis is carried out in a layered structure from the functional perspective, and the analyzed functions are expressed into a target-means layered structure. A high-level functional description is an overview of the integration of one system or multiple related systems. Thus, the underlying (i.e., more specific) subsystems or devices used to perform the functions have become targeted. The process of functional decomposition aims at distinguishing from the goal which underlying subsystems or devices can be used as a means of achieving the goal from the top down. Further, by functional decomposition, means can be combined from the bottom up to discriminate the degree of influence of the means on achieving the object. Thus, the resolution of functionality concludes which subsystems and devices are available to perform a function, and performing a function necessarily involves which subsystems or components. Such a decomposition activity can build a hierarchy of goal-means. The hierarchy of target-means is shown in FIG. 2; the top layer is the function, the second layer is the process system for accomplishing the function/goal, the third layer is the sub-functions of the respective systems implementing the top layer function, and the fourth layer is the equipment for each sub-function. In this step, the top-level functions may be graded layer by layer, and finally a hierarchical model from functions to devices is established.
2) Constructing a functional tree topological graph;
in this step, the analysis result of the previous step is utilized to construct a related function tree topology map by combining the correlation relationships (for example, series correlation, parallel correlation, etc.) between the sub-functions. From the function tree topology, it can be inferred what effect each sub-function failure will have. For example, if the upper system function is completed by two redundant sub-functions, the two sub-functions belong to a parallel relationship, and the loss of any one sub-function does not affect the realization of the upper system function; if the two subfunctions are interdependent, the two subfunctions jointly ensure the realization of the functions of the upper system, the two subfunctions belong to series connection, and the loss of any subfunction can influence the realization of the functions of the upper system. Through the function tree topological graph, the influence caused by function loss can be deduced, and the function importance can be quantified.
3) Asset collection and analysis, associating functions with devices;
this step first collects all asset information, and then analyzes for assets that perform sub-functions. The performance of the sub-functions generally depends on the proper operation of the process equipment, such as pumps, valves, fans, etc. The step is to establish the interactive relation between the digital chemical engineering control system and the controlled process equipment, and to form a process equipment asset set by the process equipment such as the valve and the related assets such as the sensor, the actuator, the controller and the like, and to relate the process equipment asset set to the sub-functions executed by the process equipment asset set. In addition, the step also analyzes the network topology and the working process of the digital device, such as the communication and the dependency relationship among different devices, thereby constructing the influence relationship diagram of the digital device. Through this step, the result evaluation will be provided with the applicable set of process equipment assets and the importance of the set of process equipment assets is quantified.
4) Analyzing network security attack;
the step analyzes the asset attribute and the attack surface of the digital equipment and process equipment asset set in the previous step, deduces a network attack graph according to the network topology and the working process of the step, and obtains all attack paths which can attack the process equipment asset set. And then analyzing the influence (integrity, confidentiality and availability) of different kinds of network attacks on the process equipment asset set, and quantifying the information security risk degree of the process equipment asset set.
5) Functional consequences impact the evaluation.
And the evaluation of the functional consequence influence takes an evaluation model and a process equipment asset set as input, different influences of network attack on the process equipment asset set are analyzed according to the importance and the information security risk degree of the quantized process equipment asset set, the functional consequence caused by the network attack is evaluated, and the security of the industrial control network is calculated. For example, when a process equipment asset set is under a network attack, the degree of influence of process equipment (such as pumps, valves, etc.) in the process equipment asset set on sub-functions can be evaluated, and then the degree of influence of the sub-functions on target functions is analyzed to quantify the functional importance of the process equipment asset set. And then, the safety performance of the industrial control network facing network attack can be obtained by integrating the information safety risk degree of the process equipment asset set.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Any person skilled in the art can modify or change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which may be made by those skilled in the art without departing from the spirit and scope of the present invention as defined in the appended claims.
Claims (1)
1. A method for analyzing industrial control network security influence based on functional analysis is characterized by comprising the following steps:
step one, function layering modeling and function decomposition
Aiming at a process system, modeling analysis is carried out in a layered structure from the functional perspective, the analyzed function is expressed into a target-means layered structure, the top layer function is graded layer by layer, and a layered model from the function to the equipment is established;
step two, constructing a function tree topological graph
Constructing a related function tree topological graph by using the analysis result of the step one and combining the correlation relationship among the subfunctions, and deducing what influence each subfunction will have when failing;
third, collecting and analyzing assets, associating functions and equipment
Collecting asset information of all process equipment, analyzing assets for executing subfunctions, establishing an interactive relation between a digital chemical engineering control system and controlled process equipment, and associating the interactive relation with the subfunctions executed by the process equipment asset set;
step four, analyzing the network security attack
Analyzing the asset attribute and the attack surface of the process equipment asset set in the third step, reasoning out a network attack graph, analyzing the influence of different types of network attacks on the process equipment asset set, and quantifying the information security risk degree of the process equipment asset set;
step five, evaluating the functional consequence influence
According to the result of the fourth step, evaluating the functional result caused by no attack path, and calculating the safety of the industrial control network; the safety performance of the industrial control network in the face of network attack can be obtained by integrating the information safety risk degree of the process equipment asset set.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010286162.1A CN111585969B (en) | 2020-04-13 | 2020-04-13 | Industrial control network security impact analysis method based on function analysis |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010286162.1A CN111585969B (en) | 2020-04-13 | 2020-04-13 | Industrial control network security impact analysis method based on function analysis |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111585969A CN111585969A (en) | 2020-08-25 |
| CN111585969B true CN111585969B (en) | 2022-07-22 |
Family
ID=72117423
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010286162.1A Active CN111585969B (en) | 2020-04-13 | 2020-04-13 | Industrial control network security impact analysis method based on function analysis |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111585969B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109818985A (en) * | 2019-04-11 | 2019-05-28 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control system loophole trend analysis and method for early warning and system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8918884B2 (en) * | 2011-01-11 | 2014-12-23 | The United States Of America, As Represented By The Secretary Of Commerce | K-zero day safety |
| CN106709613B (en) * | 2015-07-16 | 2020-11-27 | 中国科学院信息工程研究所 | Risk assessment method applicable to industrial control system |
| CN107067179A (en) * | 2017-04-20 | 2017-08-18 | 中国电子技术标准化研究院 | A kind of industrial control system standard compliance assessment system |
-
2020
- 2020-04-13 CN CN202010286162.1A patent/CN111585969B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109818985A (en) * | 2019-04-11 | 2019-05-28 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control system loophole trend analysis and method for early warning and system |
Non-Patent Citations (1)
| Title |
|---|
| 一种分布式监控系统的设计与实现;肖彦直;《舰船电子工程》;20050220(第01期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111585969A (en) | 2020-08-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zio | The future of risk assessment | |
| JP6941965B2 (en) | Domain-level threat detection for industrial asset control systems | |
| Cassady et al. | Combining preventive maintenance and statistical process control: a preliminary investigation | |
| Mahmood et al. | Fuzzy fault tree analysis: a review of concept and application | |
| Su et al. | Model-based fault diagnosis system verification using reachability analysis | |
| Corallo et al. | Cybersecurity challenges for manufacturing systems 4.0: assessment of the business impact level | |
| Chandy et al. | Cyberattack detection using deep generative models with variational inference | |
| CN101655787A (en) | Threat modeling method added with attack path formalization analysis | |
| Zhou | A fuzzy petri-net approach for fault analysis considering factor influences | |
| Chen et al. | A security, privacy and trust methodology for IIoT | |
| Potluri et al. | Deep learning based efficient anomaly detection for securing process control systems against injection attacks | |
| Di Maio et al. | Risk analysis of cyber-physical systems by GTST-MLD | |
| Kim et al. | Consider the consequences: A risk assessment approach for industrial control systems | |
| CN111585969B (en) | Industrial control network security impact analysis method based on function analysis | |
| Hecht et al. | Automated generation of FMEAs using SysML for reliability, safety, and cybersecurity | |
| Ojamaa et al. | Pareto-optimal situaton analysis for selection of security measures | |
| CN111585968B (en) | Industrial control network security influence analysis device based on function analysis | |
| Jharko et al. | Extending functionality of early fault diagnostic system for online security assessment of nuclear power plant | |
| Ammar et al. | Risk assessment of software-system specifications | |
| Liu et al. | A comprehensive method of apportioning reliability goals for new product of hydraulic excavator | |
| CN114666115A (en) | Integrated risk attack tree generation method and device, electronic equipment and storage medium | |
| Avila | Assessing the Impact of Cyber-Threats on Smart Manufacturing Systems through a Simulation Study | |
| Onisawa et al. | Use of fuzzy sets theory:(part-ii: Applications) | |
| Hauptman et al. | Overcoming the lumberjack effect through adaptive autonomy | |
| Bezzaoucha Rebai et al. | Simultaneous state and false-data injection attacks reconstruction for nonlinear systems: an LPV approach |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: No. 29 Hong Cao Road, Xuhui District, Shanghai Patentee after: Shanghai Nuclear Engineering Research and Design Institute Co.,Ltd. Address before: No. 29 Hong Cao Road, Xuhui District, Shanghai Patentee before: SHANGHAI NUCLEAR ENGINEERING RESEARCH & DESIGN INSTITUTE Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |