摘要
信息物理融合系统(Cyber-physical Systems)中嵌入式系统网络的应用使其容易遭受网络攻击,攻击者可能会利用软件和通信组件中的漏洞获取系统的控制权,从而导致系统失效。现有的信息物理融合系统安全风险建模方法主要基于静态故障树进行,不考虑软件控制系统特有的动态性和时序依赖性,无法推导出网络攻击所导致的最终影响。因此,文中基于状态事件故障树提出一种信息物理融合系统风险建模方法。首先,针对状态事件故障树(Stata/Event Fault Trees,SEFTs)模型进行攻击步骤集成,提出Attack-SEFTs模型;在此基础上,给出信息物理融合系统的常见漏洞模式,并基于Attack-SEFTs对各种漏洞模式进行建模;接着,给出Attack-SEFTs模型的失效路径分析方法;最后通过一个案例说明了所提方法的可行性。
The cyber-physical system is prone to be attacked by the network attacker because of the application of embedded system network in it,and the attacker may utilize the vulnerabilities in the software and communication components to control the system,resulting in a system failure.The existing modeling methods of integrating safety and securi-ty are built on traditional static fault trees,and don’t consider the characteristics of dynamic and temporal dependencies of the software control system,so they can’t infer the final impacts caused by network attracts.In light of this,this paper presented a modeling method of integrating safety and security of cyber-physical systems.Firstly,the Attack-SEFTs model is proposed based on SEFTs model.On this basis,common vulnerabilities in the cyber physical system are proposed,and various vulnerability patterns are modeled based on Attack-SEFTs.Secondly,the unified representation of the Attack-SEFTs model is presented to support its analysis.Finally,a case study is described specially to show the feasibi-lity of the proposed method.
作者
徐丙凤
何高峰
张黎宁
XU Bing-feng;HE Gao-feng;ZHANG Li-ning(College of Information Science and Technology,Nanjing Forestry University,Nanjing 210037,China;School of Internet of Things,Nanjing University of Posts and Telecommunications,Nanjing 210003,China)
出处
《计算机科学》
CSCD
北大核心
2019年第5期105-110,共6页
Computer Science
基金
国家自然科学基金青年科学基金项目(61802192
61702282)
江苏省高等学校自然科学研究项目(18KJB520024
17KJB520023)
南京林业大学校青年创新基金(CX2016026)
南京邮电大学引进人才科研启动基金(NY217143)
省教改项目(164070911)资助
