摘要
信息安全设计的首要步骤是威胁分析与风险评估(threat analysis and risk assessment,TARA),以此确定安全需求和目标,为信息安全正向开发及安全漏洞修复提供依据。然而,当前TARA分析仅能对恶意攻击及安全漏洞的影响进行评估,即不支持对防护策略效用的量化评估。为此,本文提出了一种攻击和修复相结合的威胁分析与风险评估(attack and fix combined threat analysis and risk assessment,AFC-TARA)方法。通过将系统级车载网络架构的安全状态转换为连续时间马尔科夫链模型,并将转移速率与漏洞挖掘、漏洞修复及安全防护策略相关联,进而实现综合考虑攻击变量与防御变量的系统级车载网络架构安全分析与评估。
The first step of information security design is threat analysis and risk assessment(TARA),which determines security requirements and objectives,and provides a basis for the forward development of information security and the repair of security vulnerabilities.However,the current TARA can only evaluate the impact of malicious attack and security vulnerabilities,which can’t support quantitative evaluation of the effectiveness of protection strategies.Therefore,an attack and fix combined threat analysis and risk assessment(AFC-TARA)method is proposed in this paper.By converting the security state of the system-level on-board network architecture into a continuous-time Markov chain model,and associating the vulnerability mining,vulnerability repair and security defense strategy with the transition rate,a system-level on-board network architecture security assessment and analysis that comprehensively considers attack variables and defense variables are finally realized.
作者
左政
王云鹏
麻斌
邹博松
曹耀光
杨世春
Zuo Zheng;Wang Yunpeng;Ma Bin;Zou Bosong;Cao Yaoguang;Yang Shichun(School of Transportation Science and Engineering,Beihang University,Beijing 102206;College of Communication Engineering,Jilin University,Changchun 130022;China Software Testing Center,Beijing 100038;Research Institute for Frontier Science,Beihang University,Beijing 102206)
出处
《汽车工程》
EI
CSCD
北大核心
2023年第9期1553-1562,共10页
Automotive Engineering
基金
河北省重点研发计划项目(20310801D)
国家重点研发计划(2017YFB0102502)资助。
关键词
信息安全
智能网联汽车
威胁分析与风险评估
马尔科夫链模型
恶意攻击
安全防护
information security
intelligent connected vehicles
threat analysis and risk assessment
Markov model
malicious attack
security protection
