电力CPS信息网络脆弱性及其评估方法

摘要

Electric power information network is an integral part of electric CPS,and its threat assessment of vulnerability is one of the important basis for the risk assessment of the electric CPS.In view of the limitations of the existing vulnerability threat assessment technology of general information network,a new vulnerability threat assessment method is proposed for electric power information network based on the common vulnerability scoring system (CVSS).Three assessing elements are selected including vulnerability distribution threat,access vector and utilization complexity.The analytic hierarchy process (AHP) is adopted to build a vulnerability threat assessment model,and the way of forming parameters is given.The assessment results are defined into vulnerability threat levels on the basis of quantitative assessment.A case study of the assessment is made and the results are compared with the CVSS system.The assessment results show that the AHP-based vulnerability assessment of information network reflects the coupling relationship between information and physics.%电力信息网络是电力CPS的有机组成部分,电力信息网络的脆弱性威胁评估是电力CPS风险评估的重要基础之一.针对通用信息网络脆弱性威胁评估技术的局限性,在通用弱点评价体系(CVSS)的基础上提出了一种适用于电力信息网络的脆弱性威胁评估方法.选取了漏洞分布威胁度、访问途径和利用复杂度3组安全漏洞评估要素;采用层次分析法建立了脆弱性威胁度评估模型,给出了参数构造方法;在定量评估的基础上,将评估结果定义了脆弱性威胁等级.最后给出了一个评估实例,并与CVSS系统进行了比较.评估结果表明基于层次分析法的信息网络脆弱性评估反映了信息与物理的耦合关系.