摘要
现有的风险评估方法与模型在设计上未充分考虑风险评估行为本身对评估结果的影响,对风险评估的行为可能引入安全性风险的认识也存在较大不足。针对这个问题,首先建立风险评估行为STAMP模型,使用STPA分析方法对风险评估行为进行安全性分析,利用STAMP模型构建风险评估行为安全指标体系,并采用改进AHP方法筛选出重要指标因素。所提出的安全指标体系关注系统整体的涌现性而非单个组件的可靠性,根据造成系统安全事故发生或进入危险状态的原因,提供一种能够更加有效的构建安全指标体系的思路。
The existing security risk assessment methods and models do not fully consider the impact of the risk assessment behavior itself on the assessment results,which is a big lack of understanding that the behavior of risk assessment may introduce security risk.In response to this problem,this paper first establishes a complete STAMP model of risk assessment behavior.On this basis,the STPA analysis method is used to conduct security analysis on risk assessment behavior,the STAMP theory is used to construct a risk assessment behavior security index system,and the improved AHP method is used to screen important index factors in the security index system.The proposed security index system focuses on the emergence of the system as a whole rather than the reliability of individual components.According to the reasons for the occurrence or danger of system safety accidents,it provides a more effective way of constructing a safety index system.
作者
王克克
郭莉丽
郎静宏
WANG Ke-ke;GUO Li-li;LANG Jing-hong(China Aerospace Academy of Systems Science and Engineering,Beijing 100037;China Academy of Space Technology,Beijing 100094,China)
出处
《计算机工程与科学》
CSCD
北大核心
2022年第8期1372-1381,共10页
Computer Engineering & Science
关键词
信息系统
风险评估
安全指标体系
STAMP
STPA
改进AHP算法
information system
risk assessment
security index
system-theoretic accident model and process(STAMP)
system theoretic process analysis(STPA)
improved AHP algorithm
