工业控制系统功能安全和信息安全策略优化方法

The Optimization Method of Industrial Control System Functional Safety and Information Security Policy

针对当前工业控制安全兼容性难以解决的问题,在功能安全与信息安全资源消耗竞争的本质层面上,文章提出支持功能安全与信息安全冲突协商的形式化模型,从数学上刻画工业控制系统安全策略的功能安全程度、信息安全程度、CPU占用和内存占用。文章将这4个数学函数作为衡量安全策略优劣的目标函数进行多目标优化,充分考虑功能安全、信息安全、时间延迟、资源消耗等工业控制系统的关键因素,构建目标函数的参数空间,利用空间间隔挑选出最优策略。文章克服传统的矛盾屏蔽方法只能在不影响功能安全的前提下进行定性配置的局限,为工业控制系统提供一套完整的策略优化方案和算法。模拟实验将策略优化算法应用到列车控制系统中,获取车载列车自动防护(Automatic Train Protection,ATP)系统的最优安全策略方案,实验结果表明,文章提出的安全策略优化方法,可以量化安全策略的优劣,并有效地选取最优安全策略方案,保障工业控制系统安全。

In view of the problem that is difficult to solve in current industrial control security compatibility,at the essential level of the competition between functional safety and information security resource consumption,a formal model supporting the conflict between functional safety and information security is proposed.The functional safety degree,information security degree,CPU occupation,and memory occupation of the security policy of the industrial control system are mathematically described.This paper took four mathematical functions as objective functions to measure the advantages and disadvantages of the security policy for multi-objective optimization.It fully considered the key factors of industrial control systems such as functional safety,information security,time delay,and resource consumption,constructed the parameter space of the objective function,and used the space interval to select the optimal strategy.This paper overcomes the limitation that the traditional contradiction shielding method can only be qualitatively configured without affecting functional safety,and provides a complete set of policy optimization schemes and algorithms for industrial control systems.The strategy optimization algorithm is applied to the train control system to obtain the optimal safety strategy scheme of the Automatic Train Protection(ATP)system.Experimental results show that the security strategy optimization method proposed in this paper can quantify the advantages and disadvantages of security strategies,and effectively select the optimal scheme of security strategy to ensure the security of industrial control systems.