CN113221108B - Comprehensive evaluation method for industrial control system vulnerability scanning tool - Google Patents

Comprehensive evaluation method for industrial control system vulnerability scanning tool Download PDF

Info

Publication number
CN113221108B
CN113221108B CN202110592209.1A CN202110592209A CN113221108B CN 113221108 B CN113221108 B CN 113221108B CN 202110592209 A CN202110592209 A CN 202110592209A CN 113221108 B CN113221108 B CN 113221108B
Authority
CN
China
Prior art keywords
scanning
vulnerability
industrial control
control system
tool
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110592209.1A
Other languages
Chinese (zh)
Other versions
CN113221108A (en
Inventor
刘超飞
毕玉冰
崔逸群
曾荣汉
胥冠军
吕珍珍
朱博迪
邓楠轶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Thermal Power Research Institute Co Ltd
Original Assignee
Xian Thermal Power Research Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Thermal Power Research Institute Co Ltd filed Critical Xian Thermal Power Research Institute Co Ltd
Priority to CN202110592209.1A priority Critical patent/CN113221108B/en
Publication of CN113221108A publication Critical patent/CN113221108A/en
Application granted granted Critical
Publication of CN113221108B publication Critical patent/CN113221108B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Abstract

A comprehensive evaluation method for industrial control system vulnerability scanning tools comprises the following steps: the method comprises the steps of firstly evaluating basic attributes of a scanned object, a knowledge base, a leak base and the like supported by a leak scanning tool to obtain basic attribute scores, then selecting a working control system, starting leak scanning after determining a scanning range and a strategy, verifying a scanning result by using a leak POC to obtain a related leak set, then calculating effective rate, false alarm rate and missing report rate scores, calculating data stability by a score standard variance, then calculating leak reliability scores, recording performance parameters and consumption time of a CPU, a memory and the like of the scanned object in the scanning process, calculating influence analysis and scanning efficiency scores, and finally calculating comprehensive scores according to weights of four indexes. The method is based on basic attributes and actual effects, and realizes scientific evaluation of the vulnerability scanning tool under the multiple constraint conditions of knowledge base completeness, industrial control system individual difference, controllable scanning process influence and the like.

Description

Comprehensive evaluation method for industrial control system vulnerability scanning tool
Technical Field
The invention relates to the technical field of industrial control safety detection, in particular to a comprehensive evaluation method for a vulnerability scanning tool of an industrial control system.
Background
The method is a common automatic inspection mode for accurately searching the security vulnerabilities existing in the industrial control system and scanning the vulnerabilities of the industrial control system, so that vulnerabilities can be found and repaired in time, and the network security risk can be effectively reduced. The vulnerability scanning tool is a necessary tool for an operation unit to perform brittleness inspection, safety evaluation and safety operation and maintenance on the industrial control system, and vulnerability reliability mainly depends on a complete knowledge base and a scanning strategy. Most of the prior missing scanning technologies are internet-oriented, lack of optimization and adjustment aiming at an industrial control system, poor scanning effect and low efficiency, and meanwhile, due to the vulnerability of the industrial control system, the industrial control system cannot be subjected to conventional scanning, and a plurality of scanning tools influence the operation of the industrial control system.
In the face of a plurality of scanning tools, an operation unit is guided to select a proper product, and a scientific evaluation method needs to be provided. The good scanning tool needs to find more real security holes on the premise of ensuring the normal operation of the industrial control system, reduce the false alarm rate and the missing report rate and improve the scanning efficiency at the same time. The completeness of a knowledge base of the vulnerability scanning tool, the individual difference of an industrial control system and the influence degree on a scanned object are all factors to be considered for evaluation, and the instability of a scanning effect is caused by various factors and the accuracy of an evaluation result is also influenced.
Disclosure of Invention
In order to overcome the problems in the prior art, the invention provides a comprehensive evaluation method for a vulnerability scanning tool of an industrial control system. The method aims to realize scientific evaluation of the vulnerability scanning tool based on basic attributes and actual using effects of the vulnerability scanning tool of the industrial control system. The method can be used for guiding an operation unit to select a proper product and helping a manufacturer to improve and upgrade tools.
In order to achieve the purpose, the invention adopts the following technical scheme:
a comprehensive evaluation method for industrial control system vulnerability scanning tools comprises the following steps:
step (1): evaluating according to the completeness of three basic attributes of a scanning object, a knowledge base, a leakage base and a scanning report supported by a vulnerability scanning tool, and calculating a basic attribute score, wherein evaluation elements are as follows:
Figure BDA0003089674490000021
scoring according to three levels of high, medium and low, wherein the scoring corresponds to 3, 2 and 1, and the vulnerability scanning tool T i Basic attribute score p of i Is the sum of the three-level scores;
step (2): selecting n industrial control systems for m vulnerability scanning tools participating in evaluation, determining an asset scanning range, determining scanning strategies such as scanning frequency and packet sending rate, avoiding causing abnormity to the industrial control systems, closing programs influencing results such as a host guard and a firewall on a scanning object node, performing vulnerability scanning on assets within a set range in parallel, summarizing scanning vulnerabilities after scanning is finished, and then performing vulnerability scanning tool T i The vulnerability quantity set corresponding to the vulnerability scanning result of the n industrial control systems is represented as S i ={s i1 ,s i2 …s in },s i1 Representing vulnerability scanning tool T i The total number of the scanned bugs of the 1 st industrial control system;
and (3): according to vulnerability scanning tool T i The scanning result loophole set is verified by utilizing the loophole POC, the actual available effective loophole set of the loophole forming tool is the false alarm loophole set of the loophole forming tool which belongs to the tool scanning result loophole set but is not in the effective loophole set of the tool, m loophole scanning tools are used for carrying out set phase combination on the effective loophole sets of each industrial control system, the total effective loophole quantity set Z = { Z } corresponding to n industrial control systems is obtained, and the total effective loophole quantity set Z = { Z } corresponding to n industrial control systems is obtained 1 ,z 2 …z n Forming a leak scanning tool missing report leak set by leaks belonging to the total effective leak set of the industrial control system but not belonging to the effective leak set of a certain leak scanning tool, and then using a leak scanning tool T i The effective vulnerability set, the false-report vulnerability set and the missed-report vulnerability set obtain a corresponding effective vulnerability number set Y i ={y i1 ,y i2 …y in W set of vulnerability numbers i ={w i1 ,w i2 …w in Set X of vulnerability quantity of omission report i ={x i1 ,x i2 …x in };
According to the 4 loophole quantity sets, countingCalculation vulnerability scanning tool T i Scoring the effective rate of the loophole scanning result of the jth industrial control system ij False alarm rate scoring b ij Scoring the rate of missed reports c ij
a ij =y ij /z j (1)
b ij =1-w ij /s ij (2)
c ij =1-x ij /s ij (3)
Vulnerability scanning tool T i Forming a set D by the effective rate scoring, the missing report rate scoring and the false report rate scoring of the bug scanning results of the n industrial control systems i ={d i1 ,d i2 …d iv Where v =3n, set D is calculated from the standard deviation of the samples i Data stability of o i Then from the data stability o i Computing vulnerability credibility score f i
Figure BDA0003089674490000031
Figure BDA0003089674490000032
And (4): in vulnerability scanning tool T i In the process of vulnerability scanning of the jth industrial control system, recording the utilization rate of the CPU of the object in the scanned time period as e ij The utilization rate of the memory is g ij The utilization rate of the hard disk is h ij The utilization ratio of the network is k ij Calculating influence analysis indexes by using the average utilization rate, and taking the average value of the plurality of assets by using the utilization rate data if the scanning object is a plurality of assets; calculate vulnerability scanning tool T first i Influence analysis scoring r in vulnerability scanning process of jth industrial control system ij And then, the scores of the n industrial control systems are subjected to arithmetic mean to obtain a vulnerability scanning tool T i Influence analysis of (2)Score r i
r ij =((1-e ij )+(1-g ij )+(1-h ij )+(1-k ij ))*10/4 (6)
Figure BDA0003089674490000033
And (5): vulnerability scanning tool T i The consumed time for scanning the jth industrial control system is t ij If the scanning object is a plurality of assets, the time consumption is taken as the accumulated value of the assets, and the vulnerability scanning tool T is used i Accumulating the scanning time of n industrial control systems to obtain total consumed time t i According to t i Calculating vulnerability scanning efficiency score u corresponding to vulnerability scanning tool i
u i =(1-t i /MAX(t 1 ,t 2 ...t n ))*10 (8)
And (6): scoring p by basic attributes i Vulnerability credibility score f i Influence analysis score r i And the score u of the scanning efficiency i Computing vulnerability scanning tool T according to weight coefficients i A summary score of (a);
v i =r i *0.1+p i *0.6+t i *0.2+u i *0.1 (9)
preferably, a performance threshold is set in the scanning strategy, so that the influence on the operation of the industrial control system is controllable, and the efficiency is calculated on the premise that the influence on the industrial control system is controllable.
Preferably, the scanning of the industrial control system and the calculation of the subsequent scores are carried out by selecting 1 to 2 representative assets in the industrial control system.
Preferably, the calculation of the score of the vulnerability false alarm rate and the score of the vulnerability missed report rate is carried out, and the score of the vulnerability false alarm rate and the score of the vulnerability missed report rate are higher the lower the score of the vulnerability false alarm rate and the score of the vulnerability missed report rate are.
The invention has the following beneficial technical effects: the basic attributes and the actual using effect of the scanning tool are integrated, the grading height difference of the vulnerability scanning tool caused by the individual difference of the industrial control system in multiple indexes of the effective rate, the missing report rate and the false report rate is considered, the data stability calculation is introduced, and the scientific evaluation of the vulnerability scanning tool is realized under multiple constraint conditions of knowledge base completeness, the individual difference of the industrial control system, the influence on a scanned object and the like.
Drawings
FIG. 1 is a schematic diagram of a comprehensive evaluation method of a vulnerability scanning tool of an industrial control system.
Detailed Description
The invention is described in further detail below with reference to the following figures and examples:
as shown in fig. 1, a comprehensive evaluation method for industrial control system vulnerability scanning tools includes the following steps:
step (1): evaluating according to the completeness of three basic attributes of a scanning object, a knowledge base, a leakage base and a scanning report supported by a vulnerability scanning tool, and calculating the score of the basic attributes, wherein the evaluation elements are as follows:
Figure BDA0003089674490000051
scoring according to three levels of high, medium and low, wherein the scoring corresponds to 3, 2 and 1, and the vulnerability scanning tool T i Basic attribute score p of i Is the sum of the three-level scores; in the evaluation process, technical data or manufacturer consultation can be consulted, and the score can be properly improved aiming at a specific industry;
step (2): selecting 4 industrial control systems including a Wilnout, lumeng and An Heng vulnerability scanning tool participating in evaluation, namely a Harrish fire-power DCS, an Emmer fire-power DCS, a Hua Rui fan SCADA system and a four-side hydropower monitoring system, determining that the asset scanning range is an engineer station, an operator station, a PLC and a DCS controller, determining scanning strategies such as scanning frequency and packet sending rate, avoiding causing abnormity to the industrial control system, closing programs influencing results such as a host computer guardian and a firewall on a scanning object node, carrying out vulnerability scanning on assets in the set range in parallel, summarizing and scanning vulnerabilities after scanning is finished, and then adopting a vulnerability scanning tool T to scan vulnerabilities i Vulnerability scanning of 4 industrial control systemsThe vulnerability number set corresponding to the drawing result is expressed as S i ={s i1 ,s i2 ,s i3 ,s i4 },s i1 Presentation tool T i The total number of the scanned bugs of the 1 st industrial control system;
and (3): to leak scanning tool T i The scanning result loophole set is verified by utilizing the loophole POC (point of sale) to form an effective loophole set by utilizing the available loopholes which really exist, loopholes which belong to the scanning result loophole set but are not in the effective loophole set form a false report loophole set, the effective loopholes obtained by scanning n industrial control systems by m loophole scanning tools are combined and combined to obtain a total effective loophole number set, the loopholes which belong to the total effective loophole set but do not belong to the effective loophole set of a certain loophole scanning tool form a false report loophole set corresponding to the loophole scanning tool, and the loophole scanning tool T forms a false report loophole set corresponding to the loophole scanning tool i Corresponding effective vulnerability quantity set Y i ={y i1 ,y i2 ,y i3 ,y i4 W set of false alarm loophole quantity i ={w i1 ,w i2 ,w i3 ,w i4 Set X of vulnerability numbers missed in reporting i ={x i1 ,x i2 ,x i3 ,x i4 And (3) collecting and combining effective vulnerabilities obtained by scanning 4 industrial control systems by using vulnerability scanning tools to obtain a total effective vulnerability quantity set Z = { Z = and 1 ,z 2 ,z 3 ,z 4 };
then tool T i Calculating the effective rate score a of the loophole scanning result of the jth industrial control system ij False alarm rate scoring b ij Scoring the rate of missed reports c ij
a ij =y ij /z j (1)
b ij =1-w ij /s ij (2)
c ij =1-x ij /s ij (3)
N industrial control systemsThe effective rate score, the missing report rate score and the false report rate score of the unified vulnerability scanning result form a set D i ={d i1 ,d i2 …d i12 D, set D is calculated from the standard deviation of the samples i Data stability of (a) i Then from the data stability o i Calculating vulnerability confidence score f i
Figure BDA0003089674490000061
Figure BDA0003089674490000062
And (4): calculating influence analysis score and vulnerability scanning tool T i Recording the utilization rate of the CPU of the object in the scanned time period as e in the process of scanning the vulnerability of the jth industrial control system ij The utilization rate of the memory is g ij The utilization rate of the hard disk is h ij The utilization ratio of the network is k ij If the scanning object is a plurality of assets, the utilization rate data takes the average value of the assets, and a vulnerability scanning tool T is calculated firstly i Influence analysis scoring r in vulnerability scanning process of jth industrial control system ij And then, the scores of the 4 industrial control systems are subjected to arithmetic mean to obtain a vulnerability scanning tool T i Influence analysis score of (r) i
r ij =((1-e ij )*10+(1-g ij )*10+(1-h ij )*10+(1-k ij )*10)/4 (6)
Figure BDA0003089674490000063
And (5): vulnerability scanning tool T i The time consumed for scanning the jth industrial control system is t ij If the scanning object is a plurality of assets, the time consumption is taken from the accumulated value of the assets, and the vulnerability scanning tool T is used i Accumulating the scanning time of 4 industrial control systemsObtaining the total consumption time t i According to t i Computing vulnerability scanning tool T i Corresponding vulnerability scanning efficiency u i
u i =(1-t i /MAX(t 1 ,t 2 ,t 3 ,t 4 ))*10 (8)
And (6): scoring p by basic attributes i Vulnerability credibility score f i Influence analysis score r i And the score u of the scanning efficiency i Calculating a vulnerability scanning tool T according to each index weight coefficient i A summary score of (a);
v i =r i *0.1+p i *0.6+t i *0.2+u i *0.1 (9)
the examples of the present invention are set forth merely to help illustrate the invention and not to elaborate all details of the technical solutions, and those skilled in the art may make substitutions, modifications to and departures from the technical implementation procedures without departing from the spirit and scope of the embodiments of the present invention.

Claims (4)

1. A comprehensive evaluation method for industrial control system vulnerability scanning tools is characterized by comprising the following steps: the method comprises the following steps:
step (1): evaluating according to the completeness of three basic attributes of a scanning object, a knowledge base, a vulnerability base and a scanning report supported by a vulnerability scanning tool, and calculating basic attribute scores, wherein the evaluation elements of the supported scanning object comprise comprehensive support for industrial control system assets of an operating system, network equipment, a database, safety equipment, application software and industrial control equipment, the evaluation elements of the knowledge base and the vulnerability base comprise identification of the model, version and manufacturer information of the industrial control system and are periodically synchronized with a CVE (visual basic integrity) and CNVD (hidden bug distribution platform), and the scanning report comprises vulnerability scores, repair suggestions and preventive measure related information;
scoring according to three levels of high, medium and low, wherein the scoring corresponds to 3, 2 and 1, and the vulnerability scanning tool T i Basic attribute score p of i Is the sum of the scores of the three basic attributes;
step (2): ginseng radixSelecting n industrial control systems with m vulnerability scanning tools for evaluation, determining an asset scanning range, determining a scanning frequency and a package sending rate scanning strategy, avoiding causing abnormity to the industrial control systems, closing a program for scanning results influenced by a host guard and a firewall on a target node, performing vulnerability scanning on assets within a set range in parallel, summarizing and scanning vulnerabilities after scanning is finished, and then performing vulnerability scanning tool T i The vulnerability quantity set corresponding to vulnerability scanning results of n industrial control systems is represented as S i ={s i1 ,s i2 …s in },s i1 Representing vulnerability scanning tool T i The total number of the scanned bugs of the 1 st industrial control system;
and (3): according to vulnerability scanning tool T i The scanning result loophole set is verified by utilizing the loophole POC, the actual available effective loophole set of the loophole forming tool is the false alarm loophole set of the loophole forming tool which belongs to the tool scanning result loophole set but is not in the effective loophole set of the tool, m loophole scanning tools are used for carrying out set phase combination on the effective loophole sets of each industrial control system, the total effective loophole quantity set Z = { Z } corresponding to n industrial control systems is obtained, and the total effective loophole quantity set Z = { Z } corresponding to n industrial control systems is obtained 1 ,z 2 …z n Forming a leak scanning tool missing report leak set by leaks belonging to the total effective leak set of the industrial control system but not belonging to the effective leak set of a certain leak scanning tool, and then using a leak scanning tool T i The effective vulnerability set, the false-report vulnerability set and the missed-report vulnerability set obtain a corresponding effective vulnerability number set Y i ={y i1 ,y i2 …y in W set of vulnerability numbers i ={w i1 ,w i2 …w in Set X of leak numbers i ={x i1 ,x i2 …x in };
Calculating a vulnerability scanning tool T according to the 4 vulnerability quantity sets i Scoring the effective rate of the loophole scanning result of the jth industrial control system ij False alarm rate scoring b ij Scoring the rate of missed reports c ij
a ij =y ij /z j (1)
b ij =1-w ij /s ij (2)
c ij =1-x ij /s ij (3)
Scanning tool T for bugs i Forming a set D by the effective rate scoring, the missing report rate scoring and the false report rate scoring of the bug scanning results of the n industrial control systems i ={d i1 ,d i2 …d iv Where v =3n, set D is calculated from the standard deviation of the samples i Data stability of (a) i Then from the data stability o i Computing vulnerability credibility score f i
Figure FDA0003991149910000021
Figure FDA0003991149910000022
And (4): in vulnerability scanning tool T i Recording the utilization rate of the CPU of the object in the scanned time period as e in the process of scanning the vulnerability of the jth industrial control system ij The utilization rate of the memory is g ij The utilization rate of the hard disk is h ij The utilization ratio of the network is k ij Calculating influence analysis indexes by using the average utilization rate, wherein if the scanning objects are a plurality of assets, the utilization rate data is the average value of the plurality of assets; calculate vulnerability scanning tool T first i Influence analysis scoring r in vulnerability scanning process of jth industrial control system ij And then, the scores of the n industrial control systems are subjected to arithmetic mean to obtain a vulnerability scanning tool T i Influence analysis score of (r) i
r ij =((1-e ij )+(1-g ij )+(1-h ij )+(1-k ij ))*10/4 (6)
Figure FDA0003991149910000023
And (5): vulnerability scanning tool T i The consumed time for scanning the jth industrial control system is t ij If the scanning object is a plurality of assets, the time consumption is taken from the accumulated value of the assets, and the vulnerability scanning tool T is used i Accumulating the scanning time of n industrial control systems to obtain total consumed time t i According to t i Calculating vulnerability scanning efficiency score u corresponding to vulnerability scanning tool i
u i =(1-t i /MAX(t 1 ,t 2 ...t n ))*10 (8)
And (6): scoring p by basic attributes i Vulnerability credibility score f i Influence analysis score r i And the score u of the scanning efficiency i Computing vulnerability scanning tool T according to weight coefficients i A summary score of (a);
v i =r i *0.1+p i *0.6+f i *0.2+u i *0.1 (9)。
2. the comprehensive evaluation method for the industrial control system vulnerability scanning tool according to claim 1, characterized in that: and setting a performance threshold in a scanning strategy to ensure that the influence on the operation of the industrial control system is controllable, and calculating the efficiency on the premise of controlling the influence on the industrial control system.
3. The comprehensive evaluation method for the industrial control system vulnerability scanning tool according to claim 1, characterized in that: and (4) selecting 1 to 2 representative assets in the industrial control system for scanning the industrial control system and calculating the subsequent scores.
4. The comprehensive evaluation method for the industrial control system vulnerability scanning tool according to claim 1, characterized in that: and calculating the score of the leak false alarm rate and the score of the leak missing report rate, wherein the lower the leak false alarm rate and the leak missing report rate are, the higher the score of the leak false alarm rate and the score of the leak missing report rate are.
CN202110592209.1A 2021-05-28 2021-05-28 Comprehensive evaluation method for industrial control system vulnerability scanning tool Active CN113221108B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110592209.1A CN113221108B (en) 2021-05-28 2021-05-28 Comprehensive evaluation method for industrial control system vulnerability scanning tool

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110592209.1A CN113221108B (en) 2021-05-28 2021-05-28 Comprehensive evaluation method for industrial control system vulnerability scanning tool

Publications (2)

Publication Number Publication Date
CN113221108A CN113221108A (en) 2021-08-06
CN113221108B true CN113221108B (en) 2023-02-07

Family

ID=77099110

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110592209.1A Active CN113221108B (en) 2021-05-28 2021-05-28 Comprehensive evaluation method for industrial control system vulnerability scanning tool

Country Status (1)

Country Link
CN (1) CN113221108B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115292720A (en) * 2022-09-28 2022-11-04 杭州安恒信息技术股份有限公司 Vulnerability scanning engine evaluation method, device, equipment and medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106971109A (en) * 2017-03-24 2017-07-21 南开大学 A kind of assessment strategy of the bug excavation method based on index weights
CN107368417A (en) * 2017-07-25 2017-11-21 中国人民解放军63928部队 A kind of bug excavation technical testing model and method of testing
CN109302423A (en) * 2018-11-23 2019-02-01 杭州迪普科技股份有限公司 A kind of vulnerability scanning aptitude tests method and apparatus
CN110225018A (en) * 2019-05-31 2019-09-10 江苏百达智慧网络科技有限公司 A method of based on more equipment evaluation web application fragility
CN111277555A (en) * 2018-12-05 2020-06-12 中国移动通信集团河南有限公司 Vulnerability false alarm screening method and device
CN112818351A (en) * 2021-01-18 2021-05-18 哈尔滨工业大学(威海) Industrial control system-oriented vulnerability priority analysis method, system, equipment and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100817799B1 (en) * 2006-10-13 2008-03-31 한국정보보호진흥원 System and method for network vulnerability analysis using the multiple heterogeneous scanners

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106971109A (en) * 2017-03-24 2017-07-21 南开大学 A kind of assessment strategy of the bug excavation method based on index weights
CN107368417A (en) * 2017-07-25 2017-11-21 中国人民解放军63928部队 A kind of bug excavation technical testing model and method of testing
CN109302423A (en) * 2018-11-23 2019-02-01 杭州迪普科技股份有限公司 A kind of vulnerability scanning aptitude tests method and apparatus
CN111277555A (en) * 2018-12-05 2020-06-12 中国移动通信集团河南有限公司 Vulnerability false alarm screening method and device
CN110225018A (en) * 2019-05-31 2019-09-10 江苏百达智慧网络科技有限公司 A method of based on more equipment evaluation web application fragility
CN112818351A (en) * 2021-01-18 2021-05-18 哈尔滨工业大学(威海) Industrial control system-oriented vulnerability priority analysis method, system, equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
10种漏洞扫描工具;陆静;《计算机与网络》;20200812(第15期);全文 *
一种评估漏洞扫描工具效果的测试集生成方法;周鹏等;《科技视界》;20180625(第18期);全文 *

Also Published As

Publication number Publication date
CN113221108A (en) 2021-08-06

Similar Documents

Publication Publication Date Title
CN100412871C (en) System and method to generate domain knowledge for automated system management
CN114493213A (en) Carbon emission data acquisition and processing method based on Internet of things
US20190361759A1 (en) System and method to identify failed points of network impacts in real time
CN107430398A (en) System and method for tuning process modeling
JP2018511875A (en) Advanced data cleansing system and method
CN116992399B (en) Power equipment operation and maintenance assessment method based on power data analysis
CN113221108B (en) Comprehensive evaluation method for industrial control system vulnerability scanning tool
CN112418682B (en) Safety evaluation method for fusion of multi-source information
CN116028887B (en) Analysis method of continuous industrial production data
CN117008479B (en) Carbon emission optimization control method and system based on biomass gasification furnace
CN116186936B (en) Method, system, equipment and medium for determining continuous casting process parameters
CN116664113A (en) Intelligent safety supervision system for electric power metering standardized operation
CN117056688A (en) New material production data management system and method based on data analysis
WO2021142622A1 (en) Method for determining cause of defect, and electronic device, storage medium, and system
CN117032120A (en) Integrated intelligent cloud control system and control method for air compression station
CN114338348A (en) Intelligent alarm method, device, equipment and readable storage medium
US8340800B2 (en) Monitoring a process sector in a production facility
CN115660696A (en) Animal individual tracing consensus method with data verification function
CN117520184A (en) Test system for developing computer software
Thabet et al. Intelligent energy management of compressed air systems
CN116701846A (en) Hydropower station dispatching operation data cleaning method based on unsupervised learning
CN115618353B (en) Industrial production safety identification system and method
CN110427316A (en) Embedded software defect-restoration method therefor based on access behavior perception
CN115575579A (en) Carbon monitoring method and system based on monitoring source analysis
CN112732773B (en) Method and system for checking uniqueness of relay protection defect data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant