引用本文:彭道刚,卫涛,赵慧荣,等.基于D-AHP和TOPSIS的火电厂控制系统信息安全风险评估[J].控制与决策,2019,34(11):2445-2451
【打印本页】   【HTML】   【下载PDF全文】   查看/发表评论  【EndNote】   【RefMan】   【BibTex】 附件
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览次   下载 本文二维码信息
码上扫一扫!
分享到: 微信 更多
基于D-AHP和TOPSIS的火电厂控制系统信息安全风险评估
彭道刚1, 卫涛1, 赵慧荣1, 姚峻2, 王维建3
(1.上海电力大学自动化工程学院,上海200090;2.上海明华电力科技有限公司,上海200090;3.上海新华控制技术集团科技有限公司,上海200241)
摘要:
火电厂控制系统信息安全风险评估往往存在主观性强和不确定性等问题,而这些问题会对评估结果产生一定影响.对此,提出一种基于D 数偏好关系改进层次分析法(D-AHP)和逼近理想解排序法(TOPSIS)的电厂控制系统信息安全风险评估方法.根据工业控制系统风险评估的相关行业标准,识别工业控制系统的资产、威胁、脆弱性及现有安全措施,建立评估指标体系和层次结构模型.针对评估专家经验差异导致的评估信息不确定性,先使用D-AHP方法求解各指标影响权重,再使用TOPSIS法求出专家权重,最后得到电厂控制系统信息安全风险值.实例分析表明了所提出方法的有效性,同时提高了评估结果的正确性.
关键词:  火电厂控制系统  风险评估  D数理论  层次分析法  逼近理想解排序法  信息安全风险值
DOI:10.13195/j.kzyjc.2019.0240
分类号:TP309;TM621
基金项目:上海市“科技创新行动计划”高新技术领域项目(18511105700,18511105800).
Cyber security risk assessment of power plant control system based on D-AHP and TOPSIS
PENG Dao-gang1,WEI Tao1,ZHAO Hui-rong1,YAO Jun2,WANG Wei-jian3
(1. College of Automation Engineering,Shanghai University of Electric Power,Shanghai200090,China;2. Shanghai Minghua Power Science & Technology Co.,Ltd,Shanghai200090,China;3. Shanghai Xinhua Control Technology Group Co.,Ltd,Shanghai200241,China)
Abstract:
Cyber security risk assessment of control system power plant control systems often has strong subjective and uncertainty problems, and these issues will have a certain impact on the assessment results. To solve this problem, a method of information security risk assessment of power plant control systems based on the D-AHP and the TOPSIS is proposed. According to the relevant industry standards for risk assessment of industrial control systems, assets, threats, vulnerabilities and existing safety measures of industrial control systems are identified, and the assessment index system and a hierarchical structure model are established. Aiming at the uncertainty of assessment information caused by the differencesin expert's experience, the D-AHP is used to solve the impact weights of each index. Then the TOPSIS is used to find the expert weight. Finally, the information security risk value of the control system for power plants is obtained. Example analysis shows the effectiveness of the proposed method and the better accuracy of assessment results.
Key words:  power plant control system  risk assessment  D number theory  AHP  TOPSIS  information security risk value

用微信扫一扫

用微信扫一扫