Intelligent electronic devices(IEDs)are interconnected via communication networks and play pivotal roles in transmitting grid-related operational data and executing control instructions.In the context of the heightene...Intelligent electronic devices(IEDs)are interconnected via communication networks and play pivotal roles in transmitting grid-related operational data and executing control instructions.In the context of the heightened security challenges within smart grids,IEDs pose significant risks due to inherent hardware and software vulner-abilities,as well as the openness and vulnerability of communication protocols.Smart grid security,distinct from traditional internet security,mainly relies on monitoring network security events at the platform layer,lacking an effective assessment mechanism for IEDs.Hence,we incorporate considerations for both cyber-attacks and physical faults,presenting security assessment indicators and methods specifically tailored for IEDs.Initially,we outline the security monitoring technology for IEDs,considering the necessary data sources for their security assessment.Subsequently,we classify IEDs and establish a comprehensive security monitoring index system,incorporating factors such as running states,network traffic,and abnormal behaviors.This index system contains 18 indicators in 3 categories.Additionally,we elucidate quantitative methods for various indicators and propose a hybrid security assessment method known as GRCW-hybrid,combining grey relational analysis(GRA),analytic hierarchy process(AHP),and entropy weight method(EWM).According to the proposed assessment method,the security risk level of IEDs can be graded into 6 levels,namely 0,1,2,3,4,and 5.The higher the level,the greater the security risk.Finally,we assess and simulate 15 scenarios in 3 categories,which are based on monitoring indicators and real-world situations encountered by IEDs.The results show that calculated security risk level based on the proposed assessment method are consistent with actual simulation.Thus,the reasonableness and effectiveness of the proposed index system and assessment method are validated.展开更多
With the exponential increase in information security risks,ensuring the safety of aircraft heavily relies on the accurate performance of risk assessment.However,experts possess a limited understanding of fundamental ...With the exponential increase in information security risks,ensuring the safety of aircraft heavily relies on the accurate performance of risk assessment.However,experts possess a limited understanding of fundamental security elements,such as assets,threats,and vulnerabilities,due to the confidentiality of airborne networks,resulting in cognitive uncertainty.Therefore,the Pythagorean fuzzy Analytic Hierarchy Process(AHP)Technique for Order Preference by Similarity to an Ideal Solution(TOPSIS)is proposed to address the expert cognitive uncertainty during information security risk assessment for airborne networks.First,Pythagorean fuzzy AHP is employed to construct an index system and quantify the pairwise comparison matrix for determining the index weights,which is used to solve the expert cognitive uncertainty in the process of evaluating the index system weight of airborne networks.Second,Pythagorean fuzzy the TOPSIS to an Ideal Solution is utilized to assess the risk prioritization of airborne networks using the Pythagorean fuzzy weighted distance measure,which is used to address the cognitive uncertainty in the evaluation process of various indicators in airborne network threat scenarios.Finally,a comparative analysis was conducted.The proposed method demonstrated the highest Kendall coordination coefficient of 0.952.This finding indicates superior consistency and confirms the efficacy of the method in addressing expert cognition during information security risk assessment for airborne networks.展开更多
Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the...Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.展开更多
To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First...To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First,this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge.Second,the evaluation indicators are fused with expert knowledge and the ER algorithm.According to the fusion results,a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established,and the projection covariance matrix adaptive evolution strategy(P-CMA-ES)is used to optimize the model parameters.This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion.Moreover,it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data.Finally,a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method.The research results showthat this method has strong applicability to the network security situation assessment of complex Industrial Internet systems.It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures,thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.展开更多
The present study examines the various techniques being used to maintain the integrity of the medical devices,and develops a quantitative framework to list these in the sequence of priority.To achieve the intended obj...The present study examines the various techniques being used to maintain the integrity of the medical devices,and develops a quantitative framework to list these in the sequence of priority.To achieve the intended objective,the study employs the combined procedure of Fuzzy Analytic Network Process(ANP)and Fuzzy Technical for Order Preference by Similarities to Ideal Solution(TOPSIS).We selected fuzzy based decision making techniques for assessing the integrity of medical devices.The suggested methodology was then used for classifying the suitable techniques used to evaluate the integrity of medical devices.Different techniques or the procedures of integrity assessment were ranked according to their satisfaction weights.The rating of the options determined the order of priority for the procedures.As per the findings of the study,among all the options,A1 was assessed to be the most likely option.This means that the integrity of medical devices of A2 is the highest amongst all the chosen alternatives.This analysis will be a corroborative guideline for manufacturers and developers to quantitatively test the integrity of medical devices in order to engineer efficacious devices.The evaluations undertaken with the assistance of the planned procedure are accurate and conclusive.Hence instead of conducting a manual valuation,this experimental study is a better and reliable option for assessing the integrity of the medical devices.展开更多
Security assessment can help understand the security conditions of an information system and yield results highly conducive to the solution of security problems in it. Taking the computer networks in a certain univers...Security assessment can help understand the security conditions of an information system and yield results highly conducive to the solution of security problems in it. Taking the computer networks in a certain university as samples, this paper, with the information system security assessment model as its foundation, proposes a multi-attribute group decision-making (MAGDM) security assessment method based on a variable consistency dominance-based rough set approach (VC-DRSA). This assessment method combines VC-DRSA with the analytic hierarchy process (AHP), uncovers the inherent information hidden in data via the quality of sorting (QoS), and makes a synthetic security assessment of the information system after determining the security attribute weight. The sample findings show that this method can effectively remove the bottleneck of MAGDM, thus assuming practical significance in information system security assessment.展开更多
In this paper, we propose a non-cooperative differential game theory based resource allocation approach for the network security risk assessment. For the risk assessment, the resource will be used for risk assess, inc...In this paper, we propose a non-cooperative differential game theory based resource allocation approach for the network security risk assessment. For the risk assessment, the resource will be used for risk assess, including response cost and response negative cost. The whole assessment process is considered as a differential game for optimal resource control. The proposed scheme can be obtained through the Nash Equilibrium. It is proved that the game theory based algorithm is applicable and the optimal resource level can be achieved based on the proposed algorithm.展开更多
Transformation from conventional business management systems to smart digital systems is a recurrent trend in the current era.This has led to digital revolution,and in this context,the hardwired technologies in the so...Transformation from conventional business management systems to smart digital systems is a recurrent trend in the current era.This has led to digital revolution,and in this context,the hardwired technologies in the software industry play a significant role However,from the beginning,software security remains a serious issue for all levels of stakeholders.Software vulnerabilities lead to intrusions that cause data breaches and result in disclosure of sensitive data,compromising the organizations’reputation that translates into,financial losses as well.Most of the data breaches are financially motivated,especially in the healthcare sector.The cyber invaders continuously penetrate the E-Health data because of the high cost of the data on the dark web.Therefore,security assessment of healthcare web-based applications demands immediate intervention mechanisms to weed out the threats of cyber-attacks.The aim of this work is to provide efficient and effective healthcare web application security assessment.The study has worked with the hybrid computational model of Multi-Criteria Decision Making(MCDM)based on Analytical Hierarchy Process(AHP)and Technique for Order of Preference by Similarity to Ideal-Solutions(TOPSIS)under the Hesitant Fuzzy(HF)environment.Hesitant fuzzy sets provide effective solutions to address decision making problems where experts counter hesitation to make a decision.The proposed research endeavor will support designers and developers in identifying,selecting and prioritizing the best security attributes for web applications’development.The empirical analysis concludes that Robustness got highest priority amongst the assessed security attributes set followed by Encryption,Authentication,Limit Access,Revoke Access,Data Validation,and Maintain Audit Trail.The results of this research endeavor depict that this proposed computational procedure would be the most conversant mechanism for determining the web application security.The study also establishes guidelines which the developers can refer for the identification and prioritization of security attributes to build more secure and trustworthy web-based applications.展开更多
In order to understand the security conditions of the incomplete interval-valued information system (IllS) and acquire the corresponding solution of security problems, this paper proposes a multi-attribute group dec...In order to understand the security conditions of the incomplete interval-valued information system (IllS) and acquire the corresponding solution of security problems, this paper proposes a multi-attribute group decision- making (MAGDM) security assessment method based on the technique for order performance by similarity to ideal solution (TOPSIS). For IllS with preference information, combining with dominance-based rough set approach (DRSA), the effect of incomplete interval-valued information on decision results is discussed. For the imprecise judgment matrices, the security attribute weight can be obtained using Gibbs sampling. A numerical example shows that the proposed method can acquire some valuable knowledge hidden in the incomplete interval-valued information. The effectiveness of the proposed method in the synthetic security assessment for IIIS is verified.展开更多
Extreme seasonal water level fluctuations characterize natural floodplain lakes in monsoon regions, which are crucial for ensuring lake water security, including flood prevention water supply and health of aquatic eco...Extreme seasonal water level fluctuations characterize natural floodplain lakes in monsoon regions, which are crucial for ensuring lake water security, including flood prevention water supply and health of aquatic ecosystem. In order to achieve this goal, we established a hydrological regime assessment method based on a set of hydrological indicators for lakes with heavy seasonal water level fluctuations. The results suggest that time-sensitive hydrological indicators and specific time scales for various water security aspects must be considered. We discovered that it is more practical and meaningful to combine the water level classification derived from statistical analyses with characteristic hydrological values linked to water security. The case study of Poyang Lake results show that there are no discernable trends of Poyang Lake water regime status over the last 35 years, and the two periods of poor status are in accordance with climate variation in the lake basin area. Scholars and policy makers should focus on both floods and droughts, which are the main water security problems for Poyang Lake. It is hoped that this multi-scale and multi-element hydrological regime assessment method will provide new guidelines and methods for other international scholars of river and lake water assessment.展开更多
The subject of this work is the assessment on the stability of an excavated high slope in order to insure the security of the building site adjacent to the slope, which is frequently encountered in town construction i...The subject of this work is the assessment on the stability of an excavated high slope in order to insure the security of the building site adjacent to the slope, which is frequently encountered in town construction in mountainous areas due to terrain limit. On the base of some typical engineering cases in Chongqing, several crucial problems on security assessment of building site adjacent to an excavated high slope, including the natural geological conditions and man-destroyed degree, engineering environment, potential failure pattern of the high slope, calculation parameters and analysis methods, are roundly discussed. It is demonstrated that the conclusion of security assessment can be determined according to the aspects above-mentioned, and the security assessment is one of the fundamental data to insure the safety of the related construction, site and buildings.展开更多
[Objective] The study aimed at assessing the ecological security of Red River basin in Guangxi. [Method] Firstly, the ecological security assessment index system of Red River basin was established based on the framewo...[Objective] The study aimed at assessing the ecological security of Red River basin in Guangxi. [Method] Firstly, the ecological security assessment index system of Red River basin was established based on the framework of 'pressure-state-response' model, and index information of ecological security assessment was extracted by using RS and GIS technology; afterwards, the ecological security of Red River basin was divided into five grades according to ecological security index, and the distribution and characteristics of ecological security at various levels were analyzed; finally, the measures to maintain the ecological security of Red River basin were put forward on the basis of problems in ecological security. [Result] Most areas of Red River basin in Guangxi were in generally safe state, especially Lingyun County, Fengshan County, Du'an County, Dahua County, Shanglin County, Binyang County, Guiping City, etc., and the area accounted for 74.25% of total area; next came safer state (12.74%), the regions in the two states above were the most important environmental areas of Red River basin. The ecological security problems of Red River basin were mainly related to fragile ecological environment, lagging economic development, rapid population growth, excessive development and utilization of natural resources and so forth. [Conclusion] The research could provide scientific references for the rational development and utilization of land resources, protection and construction of ecological environment in Red River basin.展开更多
In addition to such ecological problems as the pollution of the water system,the unreasonable structure of the upstream Basin and the insufficient water conservation forests,the Xizhi River Basin also faces human deci...In addition to such ecological problems as the pollution of the water system,the unreasonable structure of the upstream Basin and the insufficient water conservation forests,the Xizhi River Basin also faces human decision-making problems such as imperfect ecological compensation mechanism.In view of the above problems,using the DPSIR model(Drivers,Pressures,States,Impacts,Responses),this paper analyzed eucalyptus forest in Xizhi River Basin to assess the security of the Xizhi River ecological Basin,and finally concluded that the ecological status of Xizhi River Basin remains safe.展开更多
In order to protect the website and assess the security risk of website, a novel website security risk assessment method is proposed based on the improved Bayesian attack graph(I-BAG) model. First, the Improved Bayesi...In order to protect the website and assess the security risk of website, a novel website security risk assessment method is proposed based on the improved Bayesian attack graph(I-BAG) model. First, the Improved Bayesian attack graph model is established, which takes attack benefits and threat factors into consideration. Compared with the existing attack graph models, it can better describe the website's security risk. Then, the improved Bayesian attack graph is constructed with optimized website attack graph, attack benefit nodes, threat factor nodes and the local conditional probability distribution of each node, which is calculated accordingly. Finally, website's attack probability and risk value are calculated on the level of nodes, hosts and the whole website separately. The experimental results demonstrate that the risk evaluating method based on I-BAG model proposed is a effective way for assessing the website security risk.展开更多
A number of contingencies simulated during dynamic security assessment do not generate unacceptable values of power system state variables, due to their small influence on system operation. Their exclusion from the se...A number of contingencies simulated during dynamic security assessment do not generate unacceptable values of power system state variables, due to their small influence on system operation. Their exclusion from the set of contingencies to be simulated in the security assessment would achieve a significant reduction in computation time. This paper defines a critical contingencies selection method for on-line dynamic security assessment. The selection method results from an off-line dynamical analysis, which covers typical scenarios and also covers various related aspects like frequency, voltage, and angle analyses among others. Indexes measured over these typical scenarios are used to train neural networks, capable of performing on-line estimation of a critical contingencies list according to the system state.展开更多
Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation inform...Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.展开更多
This letter proposes a reliable transfer learning(RTL)method for pre-fault dynamic security assessment(DSA)in power systems to improve DSA performance in the presence of potentially related unknown faults.It takes ind...This letter proposes a reliable transfer learning(RTL)method for pre-fault dynamic security assessment(DSA)in power systems to improve DSA performance in the presence of potentially related unknown faults.It takes individual discrepancies into consideration and can handle unknown faults with incomplete data.Extensive experiment results demonstrate high DSA accuracy and computational efficiency of the proposed RTL method.Theoretical analysis shows RTL can guarantee system performance.展开更多
In practice,an equilibrium point of the power system is considered transiently secure if it can withstand a specified contingency by maintaining transient evolution of rotor angles and voltage magnitudes within set bo...In practice,an equilibrium point of the power system is considered transiently secure if it can withstand a specified contingency by maintaining transient evolution of rotor angles and voltage magnitudes within set bounds.A novel sequential approach is proposed to obtain transiently stable equilibrium points through the preventive control of transient stability and transient voltage sag(TVS)problems caused by a severe disturbance.The proposed approach conducts a sequence of non-heuristic optimal active power re-dispatch of the generators to steer the system toward a transiently secure operating point by sequentially solving the transient-stability-constrained optimal power flow(TSC-OPF)problems.In the proposed approach,there are two sequential projection stages,with the first stage ensuring the rotor angle stability and the second stage removing TVS in voltage magnitudes.In both projection stages,the projection operation corresponds to the TSC-OPF,with its formulation directly derived by adding only two steady-state variable-based transient constraints to the conventional OPF problem.The effectiveness of this approach is numerically demonstrated in terms of its accuracy and computational performance by using the Western System Coordinated Council(WSCC)3-machine 9-bus system and an equivalent model of the Mexican 46-machine 190-bus system.展开更多
The information society depends increasingly on risk assessment and management systems as means to adequately protect its key information assets.The availability of these systems is now vital for the protection and ev...The information society depends increasingly on risk assessment and management systems as means to adequately protect its key information assets.The availability of these systems is now vital for the protection and evolution of companies.However,several factors have led to an increasing need for more accurate risk analysis approaches.These are:the speed at which technologies evolve,their global impact and the growing requirement for companies to collaborate.Risk analysis processes must consequently adapt to these new circumstances and new technological paradigms.The objective of this paper is,therefore,to present the results of an exhaustive analysis of the techniques and methods offered by the scientific community with the aim of identifying their main weaknesses and providing a new risk assessment and management process.This analysis was carried out using the systematic review protocol and found that these proposals do not fully meet these new needs.The paper also presents a summary of MARISMA,the risk analysis and management framework designed by our research group.The basis of our framework is the main existing risk standards and proposals,and it seeks to address the weaknesses found in these proposals.MARISMA is in a process of continuous improvement,as is being applied by customers in several European and American countries.It consists of a risk data management module,a methodology for its systematic application and a tool that automates the process.展开更多
Two-level system model based probabilistic steady-state and dynamic security assessment model is introduced in this paper.Uncertainties of nodal power injection caused by wind power and load demand,steady-state and dy...Two-level system model based probabilistic steady-state and dynamic security assessment model is introduced in this paper.Uncertainties of nodal power injection caused by wind power and load demand,steady-state and dynamic security constraints and transitions between system configurations in terms of failure rate and repair rate are considered in the model.Time to insecurity is used as security index.The probability distribution of time to insecurity can be obtained by solving a linear vector differential equation.The coefficients of the differential equation are expressed in terms of configuration transition rates and security transition probabilities.The model is implemented in complex system successfully for the first time by using the following effective measures:firstly,calculating configuration transition rates effectively based on component state transition rate matrix and system configuration array;secondly,calculating the probability of random nodal power injection belonging to security region effectively according to practical parts of critical boundaries of security region represented by hyper-planes;thirdly,locating non-zero elements of coefficient matrix and then implementing sparse storage of coefficient matrix effectively;finally,calculating security region off-line for on-line use.Results of probabilistic security assessment can be used to conduct operators to analyze system security effectively and take preventive control.Test results on New England 10-generators and 39-buses power system verify the reasonableness and effectiveness of the method.展开更多
基金The financial support from the Program for Science and Technology of Henan Province of China(Grant No.242102210148)Henan Center for Outstanding Overseas Scientists(Grant No.GZS2022011)Songshan Laboratory Pre-Research Project(Grant No.YYJC032022022).
文摘Intelligent electronic devices(IEDs)are interconnected via communication networks and play pivotal roles in transmitting grid-related operational data and executing control instructions.In the context of the heightened security challenges within smart grids,IEDs pose significant risks due to inherent hardware and software vulner-abilities,as well as the openness and vulnerability of communication protocols.Smart grid security,distinct from traditional internet security,mainly relies on monitoring network security events at the platform layer,lacking an effective assessment mechanism for IEDs.Hence,we incorporate considerations for both cyber-attacks and physical faults,presenting security assessment indicators and methods specifically tailored for IEDs.Initially,we outline the security monitoring technology for IEDs,considering the necessary data sources for their security assessment.Subsequently,we classify IEDs and establish a comprehensive security monitoring index system,incorporating factors such as running states,network traffic,and abnormal behaviors.This index system contains 18 indicators in 3 categories.Additionally,we elucidate quantitative methods for various indicators and propose a hybrid security assessment method known as GRCW-hybrid,combining grey relational analysis(GRA),analytic hierarchy process(AHP),and entropy weight method(EWM).According to the proposed assessment method,the security risk level of IEDs can be graded into 6 levels,namely 0,1,2,3,4,and 5.The higher the level,the greater the security risk.Finally,we assess and simulate 15 scenarios in 3 categories,which are based on monitoring indicators and real-world situations encountered by IEDs.The results show that calculated security risk level based on the proposed assessment method are consistent with actual simulation.Thus,the reasonableness and effectiveness of the proposed index system and assessment method are validated.
基金supported by the Fundamental Research Funds for the Central Universities of CAUC(3122022076)National Natural Science Foundation of China(NSFC)(U2133203).
文摘With the exponential increase in information security risks,ensuring the safety of aircraft heavily relies on the accurate performance of risk assessment.However,experts possess a limited understanding of fundamental security elements,such as assets,threats,and vulnerabilities,due to the confidentiality of airborne networks,resulting in cognitive uncertainty.Therefore,the Pythagorean fuzzy Analytic Hierarchy Process(AHP)Technique for Order Preference by Similarity to an Ideal Solution(TOPSIS)is proposed to address the expert cognitive uncertainty during information security risk assessment for airborne networks.First,Pythagorean fuzzy AHP is employed to construct an index system and quantify the pairwise comparison matrix for determining the index weights,which is used to solve the expert cognitive uncertainty in the process of evaluating the index system weight of airborne networks.Second,Pythagorean fuzzy the TOPSIS to an Ideal Solution is utilized to assess the risk prioritization of airborne networks using the Pythagorean fuzzy weighted distance measure,which is used to address the cognitive uncertainty in the evaluation process of various indicators in airborne network threat scenarios.Finally,a comparative analysis was conducted.The proposed method demonstrated the highest Kendall coordination coefficient of 0.952.This finding indicates superior consistency and confirms the efficacy of the method in addressing expert cognition during information security risk assessment for airborne networks.
文摘Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.
基金supported by the Provincial Universities Basic Business Expense Scientific Research Projects of Heilongjiang Province(No.2021-KYYWF-0179)the Science and Technology Project of Henan Province(No.212102310991)+2 种基金the Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security(No.AGK2015003)the Key Scientific Research Project of Henan Province(No.21A413001)the Postgraduate Innovation Project of Harbin Normal University(No.HSDSSCX2021-121).
文摘To address the problem of network security situation assessment in the Industrial Internet,this paper adopts the evidential reasoning(ER)algorithm and belief rule base(BRB)method to establish an assessment model.First,this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge.Second,the evaluation indicators are fused with expert knowledge and the ER algorithm.According to the fusion results,a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established,and the projection covariance matrix adaptive evolution strategy(P-CMA-ES)is used to optimize the model parameters.This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion.Moreover,it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data.Finally,a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method.The research results showthat this method has strong applicability to the network security situation assessment of complex Industrial Internet systems.It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures,thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.
基金Funding for this study was granted by the King Abdul-Aziz City for Science and Technology(KACST),Kingdom of Saudi Arabia under the Grant Number:12-INF2970-10.
文摘The present study examines the various techniques being used to maintain the integrity of the medical devices,and develops a quantitative framework to list these in the sequence of priority.To achieve the intended objective,the study employs the combined procedure of Fuzzy Analytic Network Process(ANP)and Fuzzy Technical for Order Preference by Similarities to Ideal Solution(TOPSIS).We selected fuzzy based decision making techniques for assessing the integrity of medical devices.The suggested methodology was then used for classifying the suitable techniques used to evaluate the integrity of medical devices.Different techniques or the procedures of integrity assessment were ranked according to their satisfaction weights.The rating of the options determined the order of priority for the procedures.As per the findings of the study,among all the options,A1 was assessed to be the most likely option.This means that the integrity of medical devices of A2 is the highest amongst all the chosen alternatives.This analysis will be a corroborative guideline for manufacturers and developers to quantitatively test the integrity of medical devices in order to engineer efficacious devices.The evaluations undertaken with the assistance of the planned procedure are accurate and conclusive.Hence instead of conducting a manual valuation,this experimental study is a better and reliable option for assessing the integrity of the medical devices.
基金Supported by the High Technology Research and Development Programme of China (No. 2007AA01Z473)
文摘Security assessment can help understand the security conditions of an information system and yield results highly conducive to the solution of security problems in it. Taking the computer networks in a certain university as samples, this paper, with the information system security assessment model as its foundation, proposes a multi-attribute group decision-making (MAGDM) security assessment method based on a variable consistency dominance-based rough set approach (VC-DRSA). This assessment method combines VC-DRSA with the analytic hierarchy process (AHP), uncovers the inherent information hidden in data via the quality of sorting (QoS), and makes a synthetic security assessment of the information system after determining the security attribute weight. The sample findings show that this method can effectively remove the bottleneck of MAGDM, thus assuming practical significance in information system security assessment.
基金supported by the China Postdoctoral Science Foundation(No.2015M570936)National Science Foundation Project of P.R.China(No.61501026,61272506)Fundamental Research Funds for the Central Universities(No.FRF-TP-15032A1)
文摘In this paper, we propose a non-cooperative differential game theory based resource allocation approach for the network security risk assessment. For the risk assessment, the resource will be used for risk assess, including response cost and response negative cost. The whole assessment process is considered as a differential game for optimal resource control. The proposed scheme can be obtained through the Nash Equilibrium. It is proved that the game theory based algorithm is applicable and the optimal resource level can be achieved based on the proposed algorithm.
基金This Project was funded by the Taif University Researchers Supporting Projects at Taif University,Kingdom of Saudi Arabia,under Grant Number:TURSP-2020/211.
文摘Transformation from conventional business management systems to smart digital systems is a recurrent trend in the current era.This has led to digital revolution,and in this context,the hardwired technologies in the software industry play a significant role However,from the beginning,software security remains a serious issue for all levels of stakeholders.Software vulnerabilities lead to intrusions that cause data breaches and result in disclosure of sensitive data,compromising the organizations’reputation that translates into,financial losses as well.Most of the data breaches are financially motivated,especially in the healthcare sector.The cyber invaders continuously penetrate the E-Health data because of the high cost of the data on the dark web.Therefore,security assessment of healthcare web-based applications demands immediate intervention mechanisms to weed out the threats of cyber-attacks.The aim of this work is to provide efficient and effective healthcare web application security assessment.The study has worked with the hybrid computational model of Multi-Criteria Decision Making(MCDM)based on Analytical Hierarchy Process(AHP)and Technique for Order of Preference by Similarity to Ideal-Solutions(TOPSIS)under the Hesitant Fuzzy(HF)environment.Hesitant fuzzy sets provide effective solutions to address decision making problems where experts counter hesitation to make a decision.The proposed research endeavor will support designers and developers in identifying,selecting and prioritizing the best security attributes for web applications’development.The empirical analysis concludes that Robustness got highest priority amongst the assessed security attributes set followed by Encryption,Authentication,Limit Access,Revoke Access,Data Validation,and Maintain Audit Trail.The results of this research endeavor depict that this proposed computational procedure would be the most conversant mechanism for determining the web application security.The study also establishes guidelines which the developers can refer for the identification and prioritization of security attributes to build more secure and trustworthy web-based applications.
基金Supported by the National Natural Science Foundation of China(No.60605019)
文摘In order to understand the security conditions of the incomplete interval-valued information system (IllS) and acquire the corresponding solution of security problems, this paper proposes a multi-attribute group decision- making (MAGDM) security assessment method based on the technique for order performance by similarity to ideal solution (TOPSIS). For IllS with preference information, combining with dominance-based rough set approach (DRSA), the effect of incomplete interval-valued information on decision results is discussed. For the imprecise judgment matrices, the security attribute weight can be obtained using Gibbs sampling. A numerical example shows that the proposed method can acquire some valuable knowledge hidden in the incomplete interval-valued information. The effectiveness of the proposed method in the synthetic security assessment for IIIS is verified.
基金Under the auspices of Key Research Program of the Chinese Academy of Sciences(No.KFZD-SW-318)National Science Foundation of China(No.41571107)National Basic Research Program of China(No.2012CB417006)
文摘Extreme seasonal water level fluctuations characterize natural floodplain lakes in monsoon regions, which are crucial for ensuring lake water security, including flood prevention water supply and health of aquatic ecosystem. In order to achieve this goal, we established a hydrological regime assessment method based on a set of hydrological indicators for lakes with heavy seasonal water level fluctuations. The results suggest that time-sensitive hydrological indicators and specific time scales for various water security aspects must be considered. We discovered that it is more practical and meaningful to combine the water level classification derived from statistical analyses with characteristic hydrological values linked to water security. The case study of Poyang Lake results show that there are no discernable trends of Poyang Lake water regime status over the last 35 years, and the two periods of poor status are in accordance with climate variation in the lake basin area. Scholars and policy makers should focus on both floods and droughts, which are the main water security problems for Poyang Lake. It is hoped that this multi-scale and multi-element hydrological regime assessment method will provide new guidelines and methods for other international scholars of river and lake water assessment.
文摘The subject of this work is the assessment on the stability of an excavated high slope in order to insure the security of the building site adjacent to the slope, which is frequently encountered in town construction in mountainous areas due to terrain limit. On the base of some typical engineering cases in Chongqing, several crucial problems on security assessment of building site adjacent to an excavated high slope, including the natural geological conditions and man-destroyed degree, engineering environment, potential failure pattern of the high slope, calculation parameters and analysis methods, are roundly discussed. It is demonstrated that the conclusion of security assessment can be determined according to the aspects above-mentioned, and the security assessment is one of the fundamental data to insure the safety of the related construction, site and buildings.
基金Supported by Natural Science Foundation of Guangxi, China (0679026)
文摘[Objective] The study aimed at assessing the ecological security of Red River basin in Guangxi. [Method] Firstly, the ecological security assessment index system of Red River basin was established based on the framework of 'pressure-state-response' model, and index information of ecological security assessment was extracted by using RS and GIS technology; afterwards, the ecological security of Red River basin was divided into five grades according to ecological security index, and the distribution and characteristics of ecological security at various levels were analyzed; finally, the measures to maintain the ecological security of Red River basin were put forward on the basis of problems in ecological security. [Result] Most areas of Red River basin in Guangxi were in generally safe state, especially Lingyun County, Fengshan County, Du'an County, Dahua County, Shanglin County, Binyang County, Guiping City, etc., and the area accounted for 74.25% of total area; next came safer state (12.74%), the regions in the two states above were the most important environmental areas of Red River basin. The ecological security problems of Red River basin were mainly related to fragile ecological environment, lagging economic development, rapid population growth, excessive development and utilization of natural resources and so forth. [Conclusion] The research could provide scientific references for the rational development and utilization of land resources, protection and construction of ecological environment in Red River basin.
基金Characteristic Innovation Project of Guangdong Provincial Department of Education(Natural Science)"Research and Development of Key Technologies for Efficient Sewage Treatment and in-situ Sludge Reduction Based on Bioaugmentation and Process Control"(2018KTSCX251)2020 Student Innovation and Entrepreneurship Training Program Project of Zhaoqing University(S202010580063)+1 种基金Quality Engineering and Teaching Reform Project of Zhaoqing University"Zhaoqing University-Zhongrun Green Ecological Environment Group(Shenzhen)Collaborative Innovation Practice Teaching Base"(zlgc 201931)2020 Special Program of Enterprise Science and Technology Special Commissioners in Guangdong Province“Technical Plan for Data Acquisition of Forestry Resource Asset Accounting Parameters”(GDKTP2020059100).
文摘In addition to such ecological problems as the pollution of the water system,the unreasonable structure of the upstream Basin and the insufficient water conservation forests,the Xizhi River Basin also faces human decision-making problems such as imperfect ecological compensation mechanism.In view of the above problems,using the DPSIR model(Drivers,Pressures,States,Impacts,Responses),this paper analyzed eucalyptus forest in Xizhi River Basin to assess the security of the Xizhi River ecological Basin,and finally concluded that the ecological status of Xizhi River Basin remains safe.
基金supported by the project of the State Key Program of National Natural Science Foundation of China (No. 90818021)supported by a grant from the national high technology research and development program of China (863program) (No.2012AA012903)
文摘In order to protect the website and assess the security risk of website, a novel website security risk assessment method is proposed based on the improved Bayesian attack graph(I-BAG) model. First, the Improved Bayesian attack graph model is established, which takes attack benefits and threat factors into consideration. Compared with the existing attack graph models, it can better describe the website's security risk. Then, the improved Bayesian attack graph is constructed with optimized website attack graph, attack benefit nodes, threat factor nodes and the local conditional probability distribution of each node, which is calculated accordingly. Finally, website's attack probability and risk value are calculated on the level of nodes, hosts and the whole website separately. The experimental results demonstrate that the risk evaluating method based on I-BAG model proposed is a effective way for assessing the website security risk.
文摘A number of contingencies simulated during dynamic security assessment do not generate unacceptable values of power system state variables, due to their small influence on system operation. Their exclusion from the set of contingencies to be simulated in the security assessment would achieve a significant reduction in computation time. This paper defines a critical contingencies selection method for on-line dynamic security assessment. The selection method results from an off-line dynamical analysis, which covers typical scenarios and also covers various related aspects like frequency, voltage, and angle analyses among others. Indexes measured over these typical scenarios are used to train neural networks, capable of performing on-line estimation of a critical contingencies list according to the system state.
文摘Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.
基金supported by the Internal Talent Award(TRACS)with Wallenberg-NTU Presidential Postdoctoral Fellowship 2022the National Research Foundation,Singapore and DSO National Laboratories under the AI Singapore Program(AISG Award No:AISG2-RP-2020-019)+1 种基金the RIE 2020 Advanced Manufacturing and Engineering(AME)Programmatic Fund(No.A20G8b0102),SingaporeFuture Communications Research&Development Program(FCP-NTU-RG-2021-014).
文摘This letter proposes a reliable transfer learning(RTL)method for pre-fault dynamic security assessment(DSA)in power systems to improve DSA performance in the presence of potentially related unknown faults.It takes individual discrepancies into consideration and can handle unknown faults with incomplete data.Extensive experiment results demonstrate high DSA accuracy and computational efficiency of the proposed RTL method.Theoretical analysis shows RTL can guarantee system performance.
基金supported by the Fondo de Sustentabilidad Energética SENER-Conacyt,México(No.246949,No.249795)。
文摘In practice,an equilibrium point of the power system is considered transiently secure if it can withstand a specified contingency by maintaining transient evolution of rotor angles and voltage magnitudes within set bounds.A novel sequential approach is proposed to obtain transiently stable equilibrium points through the preventive control of transient stability and transient voltage sag(TVS)problems caused by a severe disturbance.The proposed approach conducts a sequence of non-heuristic optimal active power re-dispatch of the generators to steer the system toward a transiently secure operating point by sequentially solving the transient-stability-constrained optimal power flow(TSC-OPF)problems.In the proposed approach,there are two sequential projection stages,with the first stage ensuring the rotor angle stability and the second stage removing TVS in voltage magnitudes.In both projection stages,the projection operation corresponds to the TSC-OPF,with its formulation directly derived by adding only two steady-state variable-based transient constraints to the conventional OPF problem.The effectiveness of this approach is numerically demonstrated in terms of its accuracy and computational performance by using the Western System Coordinated Council(WSCC)3-machine 9-bus system and an equivalent model of the Mexican 46-machine 190-bus system.
基金the AETHERUCLM(PID2020-112540RB-C42)funded by MCIN/AEI/10.13039/501100011033,SpainALBA-UCLM(TED2021-130355B-C31,id.4809130355-130355-28-521)+1 种基金ALBA-UC(TED2021-130355B-C33,id.3611130630-130630-28-521)funded by the“Ministerio de Ciencia e Innovacion”,Spainsupported by the European Union’s Horizon 2020 Project“CyberSANE”under Grant Agreement No.833683.
文摘The information society depends increasingly on risk assessment and management systems as means to adequately protect its key information assets.The availability of these systems is now vital for the protection and evolution of companies.However,several factors have led to an increasing need for more accurate risk analysis approaches.These are:the speed at which technologies evolve,their global impact and the growing requirement for companies to collaborate.Risk analysis processes must consequently adapt to these new circumstances and new technological paradigms.The objective of this paper is,therefore,to present the results of an exhaustive analysis of the techniques and methods offered by the scientific community with the aim of identifying their main weaknesses and providing a new risk assessment and management process.This analysis was carried out using the systematic review protocol and found that these proposals do not fully meet these new needs.The paper also presents a summary of MARISMA,the risk analysis and management framework designed by our research group.The basis of our framework is the main existing risk standards and proposals,and it seeks to address the weaknesses found in these proposals.MARISMA is in a process of continuous improvement,as is being applied by customers in several European and American countries.It consists of a risk data management module,a methodology for its systematic application and a tool that automates the process.
文摘Two-level system model based probabilistic steady-state and dynamic security assessment model is introduced in this paper.Uncertainties of nodal power injection caused by wind power and load demand,steady-state and dynamic security constraints and transitions between system configurations in terms of failure rate and repair rate are considered in the model.Time to insecurity is used as security index.The probability distribution of time to insecurity can be obtained by solving a linear vector differential equation.The coefficients of the differential equation are expressed in terms of configuration transition rates and security transition probabilities.The model is implemented in complex system successfully for the first time by using the following effective measures:firstly,calculating configuration transition rates effectively based on component state transition rate matrix and system configuration array;secondly,calculating the probability of random nodal power injection belonging to security region effectively according to practical parts of critical boundaries of security region represented by hyper-planes;thirdly,locating non-zero elements of coefficient matrix and then implementing sparse storage of coefficient matrix effectively;finally,calculating security region off-line for on-line use.Results of probabilistic security assessment can be used to conduct operators to analyze system security effectively and take preventive control.Test results on New England 10-generators and 39-buses power system verify the reasonableness and effectiveness of the method.