CN112465302B - System and method for evaluating network security risk of civil aircraft airborne system - Google Patents
System and method for evaluating network security risk of civil aircraft airborne system Download PDFInfo
- Publication number
- CN112465302B CN112465302B CN202011232528.3A CN202011232528A CN112465302B CN 112465302 B CN112465302 B CN 112465302B CN 202011232528 A CN202011232528 A CN 202011232528A CN 112465302 B CN112465302 B CN 112465302B
- Authority
- CN
- China
- Prior art keywords
- data
- airborne system
- airborne
- asset
- network security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
Landscapes
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Engineering & Computer Science (AREA)
- Strategic Management (AREA)
- Entrepreneurship & Innovation (AREA)
- Economics (AREA)
- Operations Research (AREA)
- Game Theory and Decision Science (AREA)
- Development Economics (AREA)
- Marketing (AREA)
- Educational Administration (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a network security risk assessment system and a data processing method for a civil aircraft airborne system, aiming at solving the technical problem that the safety attribute of the civil aircraft airborne system is not introduced into the network security risk assessment of the existing civil aircraft airborne system, so that effective evidence cannot be provided for airworthiness activities of civil aircraft. The civil aircraft airborne system network security risk assessment system adds airborne system failure state data into an airborne system network security risk assessment model, establishes the relationship between the network security and the security of an airborne system, solves the problem that the existing airborne system network security risk assessment system is directly separated from the system security, and facilitates the airworthiness examination of the system.
Description
Technical Field
The invention relates to a system and a method for evaluating network security risks of a civil aircraft airborne system.
Background
With the increasing perfection and complexity and diversity of airplane functions, an airborne system also becomes increasingly complex and huge, which brings great challenges to the transmission and processing of onboard information, on one hand, a large amount of data needs to be transmitted safely, timely, accurately and completely, and on the other hand, various information needs to be processed correctly, quickly, effectively and completely. The communication technology is applied to providing convenience for information interaction between the airplane and a ground network system, and meanwhile, information security threat is brought to airplane flight safety.
The design and implementation of functional modules such as airplane information service, network management and the like are generally covered by an airplane onboard system, and when the airplane onboard system is threatened by deliberate unauthorized behaviors, the system security can be affected. In order to ensure that the aircraft system is always in a normal state, the risk possibly existing in the system needs to be evaluated, and the network security risk evaluation process and method of the airborne system are very important. The implementation of network security risk assessment can determine whether security risks exist in the system, and appropriate network security measures are taken according to assessment results, so that the risks are within an acceptable range, and the airborne system is ensured to be in a normal state. However, at present, the network security risk assessment of the airplane airborne system depends on a general information security risk assessment method. The risk assessment method has the problems that the safety attribute of the airborne system of the civil aircraft is not introduced, so that the security attribute of the system is separated from the safety attribute, and effective evidence cannot be provided for the airworthiness activity of the civil aircraft.
Disclosure of Invention
The invention provides a network security risk assessment system and a data processing method for a civil aircraft airborne system, aiming at solving the technical problem that the safety attribute of the civil aircraft airborne system is not introduced in the network security risk assessment of the existing civil aircraft airborne system, so that effective evidence cannot be provided for the airworthiness activity of a civil aircraft.
The technical scheme of the invention is as follows:
a civil aircraft airborne system network security risk assessment system is characterized in that: the system comprises an airborne system network security range identification model, an airborne system network security environment identification model, an airborne system network security risk assessment model and an airborne system network security risk disposal model;
the airborne system network security range identification model comprises airborne system functional asset data, airborne system functional interface asset data, airborne system external asset data, airborne data stream asset data and airborne system security boundary data; the airborne system functional asset data comprises a functional asset number, a functional asset name and a functional asset description; the airborne system function interface asset data comprises function interface asset numbers, producer, consumer and interface descriptions; the external asset data of the airborne system comprises an external asset number, an external asset description and a cross-linking interface number; the data stream asset data of the airborne system comprises a data stream asset number, an airplane function interface number and a data stream asset description; the safety protection boundary data of the airborne system comprises a functional interface asset number, a producer, a consumer, a physical interface, a logical interface, an airplane network domain, a region and an interface application;
the airborne system network security environment identification model comprises airborne system threat source data, airborne system attack type data and airborne system vulnerability data; the airborne system threat source data comprises a threat source number, a threat source name, whether credibility is achieved and a threat source description; the attack type data of the airborne system comprises an attack method number, an attack method name, attack method description, confidentiality influence, integrity influence and availability influence; the vulnerability data of the airborne system comprises a vulnerability number, a vulnerability name, a vulnerability description, confidentiality influence, integrity influence and availability influence;
the airborne system network security risk assessment model comprises airborne system failure state data, airborne system threat scene data and airborne system risk level assessment data; the airborne system failure state data comprises a functional asset number, a failure state number, failure description, a flight stage, impact description and severity grade; the threat state data of the airborne system comprises threat state numbers, asset numbers, network security influence, occurrence conditions, flight phases, influence on the safety of the airplane, influence on a unit, influence on passengers, severity level and associated failure state numbers; the threat scene data of the airborne system comprises a threat scene number, an associated threat source number, attack vector description, attack path description, an associated vulnerability number, existing measure description, an associated threat state number, occurrence possibility level, severity level and scene description; the airborne system risk level evaluation data comprises threat scene numbers, associated threat state numbers, occurrence possibility levels, severity levels, risk levels, acceptability or unacceptability and evaluation conclusion analysis;
the airborne system network security risk disposal model comprises airborne system security measure data and airborne system risk disposal data; the airborne system security measure data comprises security measure numbers, security measure names, security measure descriptions and measure implementation principles; the on-board system risk disposition data comprises a threat scenario number, an associated threat state number, an occurrence probability level, a post-disposition probability level, a severity level, a post-disposition severity level, a risk level, an associated security measure number, a post-disposition risk level and whether the data is acceptable.
The invention also provides a method for processing the evaluation data of the network security risk of the civil aircraft airborne system, which is characterized by comprising the following steps:
step 1) airborne system network security range identification data processing
1.1 Executing airborne system function asset identification, and generating airborne system function asset data according to the function definition of an airborne system;
1.2 Executing identification of the functional interface of the airborne system, and generating asset data of the functional interface of the airborne system according to the interface definition of the airborne system;
1.3 Executing airborne system data flow identification, and generating airborne system data flow asset data according to interface definition of an airborne system;
1.4 Executing identification of the external assets of the airborne system, and generating external asset data of the airborne system according to the functional definition of the airborne system;
1.5 Executing security boundary identification of the airborne system, and generating security boundary data according to the functional asset data of the airborne system, the functional interface asset data of the airborne system, the data flow asset data of the airborne system and the external asset data of the airborne system;
1.6 Judging whether the data identified in the steps 1.1) -1.5) is complete, and entering the step 2) if the data is complete; if the data is not complete, the step 1.1) is carried out, and the network security range identification data processing flow of the airborne system is executed again;
step 2) airborne system network security environment identification data processing
2.1 Executing threat source identification of the airborne system to generate threat source data of the airborne system;
2.2 Executing the attack type identification of the airborne system to generate attack type data of the airborne system;
2.3 Executing vulnerability identification of the airborne system to generate vulnerability data of the airborne system;
2.4 ) judging whether the data identified in the steps 2.1) to 2.3) are complete or not, and if the data are complete, entering the step 3); if the data is not complete, the step 2.1) is carried out, and the network security environment identification data processing flow of the airborne system is executed again;
step 3) airborne system network security risk assessment data processing
3.1 Receive data;
receiving the data generated by the identification of the steps 1) -2) and the failure state data of the airborne system, wherein the failure state data of the airborne system is external input data;
3.2 Executing threat state identification of the airborne system to generate threat state data of the airborne system;
3.3 Executing threat scene analysis of the airborne system to generate threat scene data of the airborne system;
3.4 Executing risk level analysis of the airborne system to generate risk level evaluation data of the airborne system;
3.5 ) judging whether the risk evaluation grade generated in the steps 3.2) to 3.4) is acceptable, and if the risk evaluation grade is acceptable, ending the risk evaluation process; if the risk level is not acceptable, entering step 4);
step 4) onboard system network security risk disposal data processing
4.1 Receiving the data generated by the step 3) identification;
4.2 Executing network security measure establishment of the airborne system to generate security measure data of the airborne system;
4.3 Executing network security risk disposal of the airborne system to generate airborne system risk disposal data;
4.4 Judging whether the risk treatment result is acceptable, and if the risk level is acceptable, ending the risk evaluation process; and if the risk level is not acceptable, the step 4.1) is carried out, and the network security risk disposal data processing flow of the airborne system is executed again.
The invention has the advantages that:
1) The invention establishes a mathematical model aiming at the characteristics of an airborne system, so that the system can provide general and uniform data and is easy to quantify; an evaluation flow is established, and a data generation and use method is unified.
2) The civil aircraft airborne system network security risk assessment system adds airborne system failure state data into an airborne system network security risk assessment model, establishes a relation between the network security and the security of an airborne system, solves the problem that the existing airborne system network security risk assessment system is directly separated from the system security, and facilitates network security airworthiness examination of the airborne system.
3) The system for evaluating the network security risk of the airborne system of the civil aircraft comprises an airborne system network security range identification model, an airborne system network security environment identification model, an airborne system network security risk evaluation model and an airborne system network security risk disposal model, and can solve the problem that the airborne system does not have an effective data structure when network security risk evaluation is carried out.
4) The airborne system network security range identification model comprises airborne system function asset data, airborne system function interface asset data, airborne system external asset data, an airborne data flow asset data model and airborne system security boundary data, and can solve the problem of abstract data modeling of airborne network security range identification.
5) The airborne system network security environment identification model comprises airborne system threat source data, airborne system attack type data and airborne system vulnerability data, and can solve the problem of abstract data modeling of airborne system network security environment identification.
6) The airborne system network security risk assessment model comprises airborne system failure state data, airborne system threat scene data and airborne system risk level assessment data, and can solve the problem of abstract data modeling of airborne system network security risk assessment.
7) The airborne system network security risk disposal model comprises airborne system security measure data and airborne system risk disposal data, and can solve the problem of abstract data modeling of airborne system network security risk disposal.
8) The method adopts an airborne system network security range identification data processing flow, an airborne system network security environment identification data processing flow, an airborne system network security risk assessment data processing flow and an airborne system network security risk disposal data processing flow, and realizes the generation and use of data in the airborne system network security risk assessment system.
Drawings
Fig. 1 is a block diagram of a network security risk assessment system according to the present invention.
FIG. 2 is a flowchart of a method for processing network security risk assessment data according to the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings.
As shown in fig. 1, the system for evaluating the network security risk of the civil aircraft onboard system provided by the invention comprises the following component models:
(1) Airborne system network security range identification model
The identification model of the security scope of the network of the airborne system comprises functional asset data of the airborne system, functional interface asset data of the airborne system, external asset data of the airborne system, asset data of airborne data flow and security boundary data of the airborne system.
The on-board system functional asset data includes a functional asset number, a functional asset name, and a functional asset description. For example, the functional asset is numbered "ACF1", the functional asset is named "data exchange function", and the functional asset is described as "data exchange function of on-board information system".
The on-board system functional interface asset data includes functional interface asset number, producer, consumer, and interface description. For example, the asset number of the functional interface is "ACI1", the producer is "integrated avionics computer", the consumer is "onboard information system", and the interface is described as "integrated avionics computer providing data to an onboard information system network server. "
The on-board system external asset data includes an external asset number, an external asset description, and a cross-link interface number. For example, the external asset is numbered "ASA1", the external asset is described as "ground support system", and the cross-linking interface is numbered "ACI1".
The on-board system data stream asset data includes a data stream asset number, an aircraft functional interface number, and a data stream asset description. For example, the data stream asset is numbered "ACD1", the airplane function interface is numbered "ACI1", and the data stream asset is described as "logical data stream sent by the integrated avionic computer to the onboard information system network server".
The on-board system security boundary data includes functional interface asset number, producer, consumer, physical interface, logical interface, aircraft network domain, area, and interface usage. For example, the asset number of the functional interface is "ACI1", the producer is "integrated avionics computer", the consumer is "airborne information system", the physical interface is "ethernet wired interface", the logical interface is "UDP proprietary protocol", the aircraft network domain is "aircraft control domain", the area is "electronic equipment bay", and the interface usage is "operation".
(2) Airborne system network security environment recognition model
The airborne system network security environment identification model comprises airborne system threat source data, airborne system attack type data and airborne system vulnerability data.
The on-board system threat source data comprises a threat source number, a threat source name, whether credibility is available and a threat source description. For example, the threat source is numbered "TWA1", the threat source name is "malicious person", whether the threat source is trusted as "no", and the threat source is described as "malicious attacker".
The attack type data of the airborne system comprises an attack method number, an attack method name, an attack method description, confidentiality influence, integrity influence and availability influence. For example, the attack method is numbered "THT1", the attack aspect is named "misuse", and the attack method is described as "misuse: the asset is compromised due to unauthorized operation by an authorized user, the confidentiality impact is "Y", the integrity impact is "N", and the availability impact is "N".
The on-board system vulnerability data includes vulnerability number, vulnerability name, vulnerability description, confidentiality impact, integrity impact, and availability impact. For example, the vulnerability is numbered "VUL1", the vulnerability name "t.fun.devl", and the vulnerability is described as "function execution executed in an unexpected manner due to development error", the confidentiality impact is "N", the integrity impact is "Y", and the availability impact is "N".
(3) Airborne system network security risk assessment model
The airborne system network security risk assessment model comprises airborne system failure state data, airborne system threat scene data and airborne system risk level assessment data.
The airborne system failure status data includes functional asset number, failure status number, failure description, flight phase, impact description, and severity level. For example, the functional asset is numbered "ACF1", the failure state is numbered "fc.1", the failure is described as "no data exchange functional failure detected", the flight phase is "taxi, take-off, cruise", the impact is described as "the impact on the aircraft is slightly reduced in the functional capability or safety range, the impact on the crew is slightly increased in workload, the impact on passengers is physical discomfort", and the severity level is "less".
The onboard system threat state data includes a threat state number, a functional asset number, a network security impact, an occurrence condition, a flight phase, an impact on aircraft safety, an impact on crew, an impact on passengers, a severity level, and an associated failure state number. For example, the threat state is numbered "tc.1", the asset is numbered "ACF1", the network security impact is "availability loss", the occurrence condition is "when the data exchange function fails, resulting in loss of availability of the function", the flight phase is "taxi, take-off, cruise", the impact on the safety of the aircraft is "slightly weakened in the functional capability or safety range", the impact on the crew is "slightly increased in workload", the impact on the passengers is "physically uncomfortable", the severity level is "small", and the association failure state is numbered "fc.1".
The threat scene data of the airborne system comprises a threat scene number, an associated threat source number, an attack vector description, an attack path description, an associated vulnerability number, an existing measure description, an associated threat state number, an occurrence possibility level, a severity level and a scene description. For example, the threat scene number is "ts.1", the associated threat source number is "TWA1", the attack vector is described as "ethernet wired connection", the attack path is described as "entering the airborne information system through ACI1 by the ground support system", the associated vulnerability number is "VUL1", the existing measures are described as "the airborne information system security gateway has access control function", the associated threat state number is "tc.1", the occurrence probability level is "high", the severity level is "small", and the scene is described as "malicious person attacking the airborne information system through the ground support network via the ACI1 interface".
The risk level evaluation data of the airborne system comprises a threat scene number, an associated threat state number, an occurrence possibility level, a severity level, a risk level, acceptability or not and evaluation conclusion analysis. For example, the threat scenario is numbered "ts.1", the associated threat state is numbered "tc.1", the occurrence probability level is "high", the severity level is "small", the risk level is "low risk", whether it is acceptable or not is "unacceptable", and the evaluation conclusion is analyzed as "the threat scenario is unacceptable risk".
(4) Airborne system network security risk disposal model
The airborne system network security risk handling model comprises airborne system security measure data and airborne system risk handling data.
The safety protection measure data of the airborne system comprises a safety protection measure number, a safety protection measure name, a safety protection measure description and a measure implementation principle. For example, the number of the security measure is "CMX1", the name of the security measure is "information open domain access control", the security measure is described as "information open domain access control provides functions such as packet filtering, state detection, IP/MAC address binding, etc., the principle of implementing the measure is" packet filtering implements network layer access control, state detection implements transport layer access control, and IP/MAC address binding implements link layer access control ".
The on-board system risk disposition data comprises a threat scenario number, an associated threat state number, an occurrence probability level, a post-disposition probability level, a severity level, a post-disposition severity level, a risk level, an associated security measure number, a post-disposition risk level and whether the data is acceptable. For example, the threat scenario number is "ts.1", the associated threat state number is "tc.1", the occurrence probability level is "high", the after-treatment probability level is "low", the severity level is "small", the after-treatment severity level is "no influence", the risk level is "medium risk", the associated security measure number is "CMX1", the after-treatment risk level is "low risk", and whether or not it is acceptable to be "acceptable".
As shown in fig. 2, the method for processing the evaluation data of the network security risk of the civil aircraft onboard system provided by the invention comprises the following steps:
the airborne system network security risk assessment data processing comprises the following processing procedures:
step 1) airborne system network security range identification data processing
1.1 ) performing on-board system functional asset identification, and generating on-board system functional asset data according to the functional definition of the on-board system.
1.2 Execute the identification of the functional interface of the airborne system and generate the asset data of the functional interface of the airborne system according to the interface definition of the airborne system.
1.3 Execute onboard system data stream identification and generate onboard system data stream asset data according to the interface definition of the onboard system.
1.4 Perform on-board system external asset identification and generate on-board system external asset data according to the on-board system's functional definition.
1.5 Execute airborne system security boundary identification, generate security boundary data from airborne system functional asset data, airborne system functional interface asset data, airborne system data stream asset data, and airborne system external asset data.
1.6 Judging whether the data identified in the steps 1.1) -1.5) is complete, and entering the step 2) if the data is complete; and if the data is not complete, the step 1.1) is carried out, and the network security range identification data processing flow of the airborne system is executed again.
Step 2) airborne system network security environment identification data processing
2.1 Execute on-board system threat source identification to generate on-board system threat source data.
2.2 Executing the attack type identification of the airborne system and generating the attack type data of the airborne system.
2.3 Execute airborne system vulnerability identification to generate airborne system vulnerability data.
2.4 ) judging whether the data identified in the steps 2.1) to 2.3) are complete or not, and if the data are complete, entering the step 3); and if the data is not complete, the step 2.1) is carried out, and the network security environment identification data processing flow of the airborne system is executed again.
Step 3) airborne system network security risk assessment data processing
3.1 Receive the data.
The input data of the process comprises data in the airborne network security range identification model generated in the step 1), data in the airborne system network security environment identification model generated in the step 2), and airborne system failure state data. The failure state data of the airborne system is external input data.
3.2 Execute onboard system threat state identification, and generate onboard system threat state data.
3.3 Execute an onboard system threat scenario analysis to generate onboard system threat scenario data.
3.4 Carry out the risk level analysis of the airborne system and generate the risk level evaluation data of the airborne system.
3.5 ) judging whether the risk evaluation grade generated in the steps 3.2) to 3.4) is acceptable, and if the risk evaluation grade is acceptable, ending the risk evaluation process; if the risk level is not acceptable, step 4) is entered.
Step 4) onboard system network security risk disposal data processing
And the processing flow of the airborne system network security risk disposal data only disposes the airborne system risk level evaluation data with unacceptable risk level.
4.1 Receive the data.
The input data of the process comprises data in the airborne system network security risk assessment model generated in the step 3);
4.2 Execute network security measure establishment of the airborne system and generate security measure data of the airborne system.
4.3 Execute onboard system network security risk disposition and generate onboard system risk disposition data.
4.4 Judging whether the risk treatment result is acceptable, and if the risk level is acceptable, ending the risk evaluation process; and if the risk level is not acceptable, the step 4.1) is carried out, and the network security risk disposal data processing flow of the airborne system is executed again.
Claims (2)
1. The utility model provides an evaluation system of civil aircraft airborne system network security risk which characterized in that: the system comprises an airborne system network security range identification model, an airborne system network security environment identification model, an airborne system network security risk assessment model and an airborne system network security risk disposal model;
the airborne system network security range identification model comprises airborne system function asset data, airborne system function interface asset data, airborne system external asset data, airborne data flow asset data and airborne system security boundary data; the airborne system functional asset data comprises a functional asset number, a functional asset name and a functional asset description; the airborne system function interface asset data comprises function interface asset numbers, producer, consumer and interface descriptions; the external asset data of the airborne system comprises an external asset number, an external asset description and a cross-linking interface number; the data stream asset data of the airborne system comprises a data stream asset number, an airplane function interface number and a data stream asset description; the safety protection boundary data of the airborne system comprises a functional interface asset number, a producer, a consumer, a physical interface, a logical interface, an airplane network domain, a region and an interface application;
the airborne system network security environment identification model comprises airborne system threat source data, airborne system attack type data and airborne system vulnerability data; the airborne system threat source data comprises a threat source number, a threat source name, whether credibility is achieved and a threat source description; the attack type data of the airborne system comprises an attack method number, an attack method name, attack method description, confidentiality influence, integrity influence and availability influence; the vulnerability data of the airborne system comprises a vulnerability number, a vulnerability name, a vulnerability description, confidentiality influence, integrity influence and availability influence;
the airborne system network security risk assessment model comprises airborne system failure state data, airborne system threat scene data and airborne system risk level assessment data; the airborne system failure state data comprises a functional asset number, a failure state number, failure description, a flight stage, impact description and severity grade; the threat state data of the airborne system comprises threat state numbers, asset numbers, network security influence, occurrence conditions, flight phases, influence on the safety of the airplane, influence on a unit, influence on passengers, severity level and associated failure state numbers; the threat scene data of the airborne system comprises a threat scene number, an associated threat source number, attack vector description, attack path description, an associated vulnerability number, existing measure description, an associated threat state number, occurrence possibility level, severity level and scene description; the airborne system risk level evaluation data comprises threat scene numbers, associated threat state numbers, occurrence possibility levels, severity levels, risk levels, acceptability or unacceptability and evaluation conclusion analysis;
the airborne system network security risk disposal model comprises airborne system security measure data and airborne system risk disposal data; the airborne system security measure data comprises security measure numbers, security measure names, security measure descriptions and measure implementation principles; the on-board system risk disposition data comprises a threat scenario number, an associated threat state number, an occurrence probability level, a post-disposition probability level, a severity level, a post-disposition severity level, a risk level, an associated security measure number, a post-disposition risk level and whether acceptable.
2. A civil aircraft airborne system network security risk assessment data processing method is characterized by comprising the following steps:
step 1) airborne system network security range identification data processing
1.1 Executing airborne system function asset identification, and generating airborne system function asset data according to the function definition of an airborne system;
1.2 Executing identification of the functional interface of the airborne system, and generating asset data of the functional interface of the airborne system according to the interface definition of the airborne system;
1.3 Executing airborne system data flow identification, and generating airborne system data flow asset data according to interface definition of an airborne system;
1.4 Executing identification of external assets of the airborne system, and generating external asset data of the airborne system according to the functional definition of the airborne system;
1.5 Executing security boundary identification of the airborne system, and generating security boundary data according to the functional asset data of the airborne system, the functional interface asset data of the airborne system, the data flow asset data of the airborne system and the external asset data of the airborne system;
1.6 Judging whether the data identified in the steps 1.1) -1.5) is complete, and entering the step 2) if the data is complete; if the data is not complete, the step 1.1) is carried out, and the network security range identification data processing flow of the airborne system is executed again;
step 2) airborne system network security environment identification data processing
2.1 Executing threat source identification of the airborne system to generate threat source data of the airborne system;
2.2 Executing the attack type identification of the airborne system to generate attack type data of the airborne system;
2.3 Executing vulnerability identification of the airborne system to generate vulnerability data of the airborne system;
2.4 ) judging whether the data identified in the steps 2.1) to 2.3) are complete or not, and if the data are complete, entering the step 3); if the data is not complete, the step 2.1) is carried out, and the network security environment identification data processing flow of the airborne system is executed again;
step 3) airborne system network security risk assessment data processing
3.1 Receive data;
receiving the data generated by the identification of the steps 1) -2) and the failure state data of the airborne system, wherein the failure state data of the airborne system is external input data;
3.2 Executing threat state identification of the airborne system to generate threat state data of the airborne system;
3.3 Executing threat scene analysis of the airborne system to generate threat scene data of the airborne system;
3.4 Executing risk level analysis of the airborne system to generate risk level evaluation data of the airborne system;
3.5 ) judging whether the risk evaluation grade generated in the steps 3.2) to 3.4) is acceptable, and if the risk evaluation grade is acceptable, ending the risk evaluation process; if the risk level is not acceptable, entering step 4);
step 4) onboard system network security risk disposal data processing
4.1 Receiving the data generated by the step 3) identification;
4.2 Executing network security measure establishment of the airborne system to generate security measure data of the airborne system;
4.3 Executing network security risk disposal of the airborne system to generate airborne system risk disposal data;
4.4 Judging whether the risk treatment result is acceptable, and if the risk level is acceptable, ending the risk evaluation process; and if the risk level is not acceptable, the step 4.1) is carried out, and the network security risk disposal data processing flow of the airborne system is executed again.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011232528.3A CN112465302B (en) | 2020-11-06 | 2020-11-06 | System and method for evaluating network security risk of civil aircraft airborne system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011232528.3A CN112465302B (en) | 2020-11-06 | 2020-11-06 | System and method for evaluating network security risk of civil aircraft airborne system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112465302A CN112465302A (en) | 2021-03-09 |
| CN112465302B true CN112465302B (en) | 2022-12-06 |
Family
ID=74826220
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011232528.3A Active CN112465302B (en) | 2020-11-06 | 2020-11-06 | System and method for evaluating network security risk of civil aircraft airborne system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112465302B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113065809B (en) * | 2021-05-08 | 2023-10-31 | 中航机载系统共性技术有限公司 | Civil aircraft information security risk analysis system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107204876A (en) * | 2017-05-22 | 2017-09-26 | 成都网络空间安全技术有限公司 | A kind of network security risk evaluation method |
| CN109146240A (en) * | 2018-07-03 | 2019-01-04 | 北京航空航天大学 | A kind of Information Security Risk Assessment Methods and system towards intelligent network connection vehicle |
| CN109688003A (en) * | 2018-12-21 | 2019-04-26 | 西南交通大学 | One kind being used for railway signal system network information security methods of risk assessment |
| CN111507597A (en) * | 2020-04-10 | 2020-08-07 | 南京源堡科技研究院有限公司 | Network information security risk assessment model and method |
-
2020
- 2020-11-06 CN CN202011232528.3A patent/CN112465302B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107204876A (en) * | 2017-05-22 | 2017-09-26 | 成都网络空间安全技术有限公司 | A kind of network security risk evaluation method |
| CN109146240A (en) * | 2018-07-03 | 2019-01-04 | 北京航空航天大学 | A kind of Information Security Risk Assessment Methods and system towards intelligent network connection vehicle |
| CN109688003A (en) * | 2018-12-21 | 2019-04-26 | 西南交通大学 | One kind being used for railway signal system network information security methods of risk assessment |
| CN111507597A (en) * | 2020-04-10 | 2020-08-07 | 南京源堡科技研究院有限公司 | Network information security risk assessment model and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112465302A (en) | 2021-03-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10728265B2 (en) | Cyber warning receiver | |
| EP3196796B1 (en) | System and methods for responding to cybersecurity threats | |
| EP2916511B1 (en) | High assurance security gateway interconnecting different domains | |
| Amro et al. | Assessing cyber risk in cyber-physical systems using the ATT&CK framework | |
| Wolf et al. | Information technology security threats to modern e-enabled aircraft: A cautionary note | |
| US20230179617A1 (en) | Leveraging user-behavior analytics for improved security event classification | |
| Casals et al. | Generic and autonomous system for airborne networks cyber-threat detection | |
| CN112465302B (en) | System and method for evaluating network security risk of civil aircraft airborne system | |
| Wan et al. | Characteristic insights on industrial cyber security and popular defense mechanisms | |
| Hamad et al. | Red-Zone: Towards an Intrusion Response Framework for Intra-vehicle System. | |
| Wang et al. | Mobile agents for network intrusion resistance | |
| Constantinides et al. | Security challenges in UAV development | |
| Gil Casals et al. | Risk assessment for airworthiness security | |
| Thiriet et al. | Some considerations on dependability issues and cyber-security of Cyber-Physical Systems | |
| Kenyon | Transportation cyber-physical systems security and privacy | |
| Hou et al. | Zero-day vulnerability inspired hazard assessment for autonomous driving vehicles | |
| Zahid et al. | Security risk mitigation of cyber physical systems: a case study of a flight simulator | |
| Mazzolin et al. | A Survey of Contemporary Cyber Security Vulnerabilities and Potential Approaches to Automated Defence | |
| Alqushayri | Cybersecurity vulnerability analysis and countermeasures of commercial aircraft avionic systems | |
| Häckel et al. | A Multilayered Security Infrastructure for Connected Vehicles--First Lessons from the Field | |
| Al-Jarrah et al. | Hierarchical detection of insider attacks in cloud computing systems | |
| Qiao et al. | Hybrid intrusion detection mechanisms for integrated electronic systems | |
| Quanxin et al. | Enhancing network security strategies against external threats to civil aircraft | |
| Shaaban | 9 AIT Austrian Institute of Technology GmbH-Center for Digital Safety & Security, Giefinggasse 4, 1210 Vienna, Austria {abdelkader. shaaban, oliver. jung, christoph. schmittner}@ ait. ac. at | |
| Yang et al. | CAKG: A Framework for Cybersecurity Threat Detection of Automotive via Knowledge Graph |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |