CN111585969B - Industrial control network security impact analysis method based on function analysis - Google Patents
Industrial control network security impact analysis method based on function analysisDownload PDFInfo
- Publication number
- CN111585969B CN111585969BCN202010286162.1ACN202010286162ACN111585969BCN 111585969 BCN111585969 BCN 111585969BCN 202010286162 ACN202010286162 ACN 202010286162ACN 111585969 BCN111585969 BCN 111585969B
- Authority
- CN
- China
- Prior art keywords
- function
- process equipment
- functional
- influence
- attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004458analytical methodMethods0.000titleclaimsabstractdescription24
- 238000000034methodMethods0.000claimsabstractdescription59
- 230000008569processEffects0.000claimsabstractdescription55
- 238000000354decomposition reactionMethods0.000claimsabstractdescription7
- 238000010230functional analysisMethods0.000claimsabstractdescription3
- 230000002452interceptive effectEffects0.000claimsdescription6
- 238000003889chemical engineeringMethods0.000claimsdescription3
- 238000011002quantificationMethods0.000abstractdescription4
- 238000011156evaluationMethods0.000description3
- 238000010586diagramMethods0.000description2
- 230000000694effectsEffects0.000description2
- 230000002411adverseEffects0.000description1
- 230000009286beneficial effectEffects0.000description1
- 230000008859changeEffects0.000description1
- 238000004891communicationMethods0.000description1
- 230000007123defenseEffects0.000description1
- 238000013210evaluation modelMethods0.000description1
- 230000010354integrationEffects0.000description1
- 238000012986modificationMethods0.000description1
- 230000004048modificationEffects0.000description1
- 230000026676system processEffects0.000description1
Images
Classifications
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Testing And Monitoring For Control Systems (AREA)
Abstract
Description
Technical Field
The invention belongs to the field of network security, and particularly relates to an industrial control network security impact analysis method based on function analysis.
Background
Since 2010 Stuxnet worm attacks the Iran nuclear facility, the information security problem of the industrial control system is highly emphasized by the international and domestic boundaries. Information security attacks can affect the availability, integrity and confidentiality of software and data, adversely affect the operation of systems, networks and related equipment, and pose a threat to industrial control systems. For information security attack, how to intuitively know the final influence of the information security attack on a process system is very important for system designers and system users, and by researching the actual influence of digital equipment influenced by the information security attack on the whole system process, the designers can more clearly know the vulnerability of the system and the link needing to focus on information security defense, so that the system users can fully evaluate the influence brought by the information security attack from events when facing the information security attack, and accordingly, targeted and effective measures are taken to deal with the situation.
Disclosure of Invention
The invention aims to provide an industrial control network security impact analysis method based on functional analysis, and the main steps of the method are explained.
An industrial control network security impact analysis method based on function analysis comprises the following steps:
step one, function layering modeling and function decomposition
Aiming at a process system, modeling analysis is carried out on a layered structure from the functional perspective, the analyzed function is expressed as a layered structure of a target-means, the top-layer function is graded layer by layer, and a layered model from the function to equipment is established;
step two, constructing a function tree topological graph
Constructing a related function tree topological graph by using the analysis result of the step one and combining the correlation relationship among the subfunctions, and reasoning out what influence will be generated by the failure of each subfunction;
third, asset collection and analysis, associating functions and equipment
Collecting asset information of all process equipment, analyzing assets for executing sub-functions, establishing an interactive relation between a digital chemical engineering control system and controlled process equipment, and associating the interactive relation with the sub-functions executed by the process equipment asset set;
step four, analyzing the network security attack
Analyzing the asset attribute and the attack surface of the process equipment asset set in the third step, reasoning out a network attack graph, analyzing the influence of different types of network attacks on the process equipment asset set, and quantifying the information security risk degree of the process equipment asset set;
step five, evaluating the influence of functional consequences
According to the result of the fourth step, evaluating the functional result caused by each attack path, and calculating the safety of the industrial control network; the safety performance of the industrial control network facing network attack can be obtained by integrating the information safety risk degree of the process equipment asset set.
The invention has the following beneficial effects:
(1) the invention can generate a functional topological graph and finally establish the hierarchical relationship from the functions to the equipment, thereby realizing the objective quantification of the safety importance of the equipment information.
(2) The method can analyze the final actual influence of the information security attack on the process system and the way of the influence of the information security attack on the process system, thereby realizing the objective quantification of the information security risk degree.
Drawings
FIG. 1 is a diagram of steps of a method for analyzing the security impact of an industrial control network;
FIG. 2 is a hierarchical schematic of an object-measure.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention more comprehensible, the present invention is described in detail with reference to the accompanying drawings and the detailed description thereof.
The invention analyzes the functions of the process system in a hierarchical structure, and expresses the functions as a hierarchical structure of the target-means. The hierarchical analysis starts from the top-level function, the top-level function is gradually decomposed to the process system for realizing the function, the subfunction of the process system is finally decomposed to the bottom-level process equipment for realizing the function, and thus the hierarchical relation of the function-subfunction-equipment is obtained. Then, through researching the interactive relation between the digital chemical industry control system and the controlled process equipment, a set of the process equipment and the digital chemical industry control system assets related to the process equipment is formed, and therefore the incidence relation between the top layer function and the digital assets is obtained. And then, carrying out network security attack face analysis and attack path analysis on the digital assets, researching the influence degree of the network security attack events on the integrity, the availability and the confidentiality of the digital assets, combining a hierarchical functional structure, upwards deducing the influence of the network attack on the process equipment of the digital assets, and the influence on the sub-functions executed by the process equipment, and finally obtaining the influence on the top-level function.
The industrial control network security impact analysis method based on the function analysis comprises the following steps:
1) functional layering modeling and functional decomposition;
for a process system, modeling analysis is carried out in a layered structure from the functional perspective, and the analyzed functions are expressed into a target-means layered structure. A high-level functional description is an overview of the integration of one system or multiple related systems. Thus, the underlying (i.e., more specific) subsystems or devices used to perform the functions have become targeted. The process of functional decomposition aims at distinguishing from the goal which underlying subsystems or devices can be used as a means of achieving the goal from the top down. Further, by functional decomposition, means can be combined from the bottom up to discriminate the degree of influence of the means on achieving the object. Thus, the resolution of functionality concludes which subsystems and devices are available to perform a function, and performing a function necessarily involves which subsystems or components. Such a decomposition activity can build a hierarchy of goal-means. The hierarchy of target-means is shown in FIG. 2; the top layer is the function, the second layer is the process system for accomplishing the function/goal, the third layer is the sub-functions of the respective systems implementing the top layer function, and the fourth layer is the equipment for each sub-function. In this step, the top-level functions may be graded layer by layer, and finally a hierarchical model from functions to devices is established.
2) Constructing a functional tree topological graph;
in this step, the analysis result of the previous step is utilized to construct a related function tree topology map by combining the correlation relationships (for example, series correlation, parallel correlation, etc.) between the sub-functions. From the function tree topology, it can be inferred what effect each sub-function failure will have. For example, if the upper system function is completed by two redundant sub-functions, the two sub-functions belong to a parallel relationship, and the loss of any one sub-function does not affect the realization of the upper system function; if the two subfunctions are interdependent, the two subfunctions jointly ensure the realization of the functions of the upper system, the two subfunctions belong to series connection, and the loss of any subfunction can influence the realization of the functions of the upper system. Through the function tree topological graph, the influence caused by function loss can be deduced, and the function importance can be quantified.
3) Asset collection and analysis, associating functions with devices;
this step first collects all asset information, and then analyzes for assets that perform sub-functions. The performance of the sub-functions generally depends on the proper operation of the process equipment, such as pumps, valves, fans, etc. The step is to establish the interactive relation between the digital chemical engineering control system and the controlled process equipment, and to form a process equipment asset set by the process equipment such as the valve and the related assets such as the sensor, the actuator, the controller and the like, and to relate the process equipment asset set to the sub-functions executed by the process equipment asset set. In addition, the step also analyzes the network topology and the working process of the digital device, such as the communication and the dependency relationship among different devices, thereby constructing the influence relationship diagram of the digital device. Through this step, the result evaluation will be provided with the applicable set of process equipment assets and the importance of the set of process equipment assets is quantified.
4) Analyzing network security attack;
the step analyzes the asset attribute and the attack surface of the digital equipment and process equipment asset set in the previous step, deduces a network attack graph according to the network topology and the working process of the step, and obtains all attack paths which can attack the process equipment asset set. And then analyzing the influence (integrity, confidentiality and availability) of different kinds of network attacks on the process equipment asset set, and quantifying the information security risk degree of the process equipment asset set.
5) Functional consequences impact the evaluation.
And the evaluation of the functional consequence influence takes an evaluation model and a process equipment asset set as input, different influences of network attack on the process equipment asset set are analyzed according to the importance and the information security risk degree of the quantized process equipment asset set, the functional consequence caused by the network attack is evaluated, and the security of the industrial control network is calculated. For example, when a process equipment asset set is under a network attack, the degree of influence of process equipment (such as pumps, valves, etc.) in the process equipment asset set on sub-functions can be evaluated, and then the degree of influence of the sub-functions on target functions is analyzed to quantify the functional importance of the process equipment asset set. And then, the safety performance of the industrial control network facing network attack can be obtained by integrating the information safety risk degree of the process equipment asset set.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Any person skilled in the art can modify or change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which may be made by those skilled in the art without departing from the spirit and scope of the present invention as defined in the appended claims.
Claims (1)
1. A method for analyzing industrial control network security influence based on functional analysis is characterized by comprising the following steps:
step one, function layering modeling and function decomposition
Aiming at a process system, modeling analysis is carried out in a layered structure from the functional perspective, the analyzed function is expressed into a target-means layered structure, the top layer function is graded layer by layer, and a layered model from the function to the equipment is established;
step two, constructing a function tree topological graph
Constructing a related function tree topological graph by using the analysis result of the step one and combining the correlation relationship among the subfunctions, and deducing what influence each subfunction will have when failing;
third, collecting and analyzing assets, associating functions and equipment
Collecting asset information of all process equipment, analyzing assets for executing subfunctions, establishing an interactive relation between a digital chemical engineering control system and controlled process equipment, and associating the interactive relation with the subfunctions executed by the process equipment asset set;
step four, analyzing the network security attack
Analyzing the asset attribute and the attack surface of the process equipment asset set in the third step, reasoning out a network attack graph, analyzing the influence of different types of network attacks on the process equipment asset set, and quantifying the information security risk degree of the process equipment asset set;
step five, evaluating the functional consequence influence
According to the result of the fourth step, evaluating the functional result caused by no attack path, and calculating the safety of the industrial control network; the safety performance of the industrial control network in the face of network attack can be obtained by integrating the information safety risk degree of the process equipment asset set.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010286162.1ACN111585969B (en) | 2020-04-13 | 2020-04-13 | Industrial control network security impact analysis method based on function analysis |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010286162.1ACN111585969B (en) | 2020-04-13 | 2020-04-13 | Industrial control network security impact analysis method based on function analysis |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111585969A CN111585969A (en) | 2020-08-25 |
| CN111585969Btrue CN111585969B (en) | 2022-07-22 |
Family
ID=72117423
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010286162.1AActiveCN111585969B (en) | 2020-04-13 | 2020-04-13 | Industrial control network security impact analysis method based on function analysis |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111585969B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114202192B (en)* | 2021-12-09 | 2025-08-22 | 上海三零卫士信息安全有限公司 | A digital asset vulnerability analysis method based on FTA fault tree |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109818985A (en)* | 2019-04-11 | 2019-05-28 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control system loophole trend analysis and method for early warning and system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8918884B2 (en)* | 2011-01-11 | 2014-12-23 | The United States Of America, As Represented By The Secretary Of Commerce | K-zero day safety |
| CN106709613B (en)* | 2015-07-16 | 2020-11-27 | 中国科学院信息工程研究所 | A Risk Assessment Method for Industrial Control Systems |
| CN107067179A (en)* | 2017-04-20 | 2017-08-18 | 中国电子技术标准化研究院 | A kind of industrial control system standard compliance assessment system |
- 2020
- 2020-04-13CNCN202010286162.1Apatent/CN111585969B/enactiveActive
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109818985A (en)* | 2019-04-11 | 2019-05-28 | 江苏亨通工控安全研究院有限公司 | A kind of industrial control system loophole trend analysis and method for early warning and system |
Non-Patent Citations (1)
| Title |
|---|
| 一种分布式监控系统的设计与实现;肖彦直;《舰船电子工程》;20050220(第01期);全文* |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111585969A (en) | 2020-08-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Corallo et al. | Cybersecurity challenges for manufacturing systems 4.0: Assessment of the business impact level | |
| JP6941965B2 (en) | Domain-level threat detection for industrial asset control systems | |
| Cassady et al. | Combining preventive maintenance and statistical process control: a preliminary investigation | |
| Su et al. | Model-based fault diagnosis system verification using reachability analysis | |
| Yu et al. | Trustworthiness modeling and analysis of cyber-physical manufacturing systems | |
| CN112904817B (en) | A global safety detection system for intelligent manufacturing production line and its working method | |
| Chen et al. | A security, privacy and trust methodology for IIoT | |
| CN111585969B (en) | Industrial control network security impact analysis method based on function analysis | |
| Hecht et al. | Automated generation of FMEAs using SysML for reliability, safety, and cybersecurity | |
| Di Maio et al. | Risk analysis of cyber-physical systems by GTST-MLD | |
| Potluri et al. | Deep learning based efficient anomaly detection for securing process control systems against injection attacks | |
| Hauptman et al. | Overcoming the lumberjack effect through adaptive autonomy | |
| Liu et al. | A comprehensive method of apportioning reliability goals for new product of hydraulic excavator | |
| Kang et al. | CPS-based fault-tolerance method for smart factories: Simulation-based framework and fault management application | |
| Földvári et al. | Impact assessment of it security breaches in cyber-physical systems: Short paper | |
| CN111585968B (en) | Industrial control network security influence analysis device based on function analysis | |
| Lichte et al. | Bayesian network based analysis of cyber security impact on safety | |
| KR102757660B1 (en) | Method and apparatus for providing security threat data based on attack graph in smart factory | |
| Wang | Digital Twin and Cybersecurity in Additive Manufacturing. | |
| Da Silva et al. | PLC Logic-Based Cybersecurity Risks Identification for ICS | |
| Wheeler et al. | Nuclear power plant cyber security discrete dynamic event tree analysis (LDRD 17-0958) FY17 report | |
| Bezzaoucha Rebai et al. | Simultaneous state and false-data injection attacks reconstruction for nonlinear systems: an LPV approach | |
| Lois et al. | Designing secure and resilient cyber-physical systems using formal models | |
| Onisawa et al. | Use of fuzzy sets theory:(part-ii: Applications) | |
| Agbo et al. | Resilience of industrial control systems using signal temporal logic and autotuning mechanism |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | Address after:No. 29 Hong Cao Road, Xuhui District, Shanghai Patentee after:Shanghai Nuclear Engineering Research and Design Institute Co.,Ltd. Address before:No. 29 Hong Cao Road, Xuhui District, Shanghai Patentee before:SHANGHAI NUCLEAR ENGINEERING RESEARCH & DESIGN INSTITUTE Co.,Ltd. | |
| CP01 | Change in the name or title of a patent holder |