基于HTCPN和动态博弈的SCADA系统可生存性建模与分析方法研究

项目名称： 基于HTCPN和动态博弈的SCADA系统可生存性建模与分析方法研究

项目编号： No.61472448

项目类型： 面上项目

立项/批准年度： 2015

项目学科： 自动化技术、计算机技术

项目作者： 熊琦

作者单位： 中国信息安全测评中心

项目金额： 76万元

中文摘要： 随着工业化和信息化的深度融合，传统封闭运行的工业控制系统开始与信息系统互联，利用SCADA系统进行数据的采集与监视控制逐渐普及，这一方面加快了数据共享和工业生产的效率，但另一方面也不可避免地引入了病毒、木马等传统信息安全威胁。SCADA系统一旦受到攻击，容易导致生产过程中断，危害社会稳定。本项目针对SCADA系统生存性分析的需求，借助HTCPN的层次化扩展和外挂组件的精确决策控制能力，实现了对于SCADA系统行为和攻防场景的仿真；同时使用ASK-CTL逻辑对静态生存性指标进行描述，使用模型检测技术发现静态属性的满足性，对于动态属性则提出了一种基于排队模型和贝叶斯网络的度量方法；在生存性增强方面，使用动态博弈模型来描述面向效益最大化的决策过程，优化生存性增强策略的执行。在形式化建模与生存性度量的基础上，本项目以化学废水处理SCADA系统为例，验证所提方法的有效性。

中文关键词： 数据采集与监视控制系统；可生存性；层次有色赋时Petri网；工业控制系统；动态博弈

英文摘要： with the deep fusion of industry and information technology,more and more traditional isolated industrial control system is interconnected with Ethernet or directly connected to internet, which greatly improve the efficiency of industrial producing process, yet inevitably introduced some network security threats like virus and Trojan. The SCADA system used for data acquisition and supervisior controling is security vulnerable in design,if attacked, will behave abnormal and is most likely causing serious consequence like casualties, environmental pollution even endanger the society and countries. Regarding the requirement of survivability analysis for SCADA, we plan to take use of the hieratical modeling ability of HTCPN and the accurate controlling ability of appendix compenent to construct the behavior of SCADA and the attack-defense senories. in addition ASK-CTL logic is employed to checking the satisfication of staic metrics of survivability, where beyasian network and queuing model are used to measure the dynamic metrics of survivablity, and dynamic game model is introduced for optimized decision making in survivability enhancement. based on the work mentioned, the scada system in waste water treating mechanism is taken as a example to validate the validity of the method proposed.

英文关键词： SCADA system;survivability;Hieratical Timed Coloured Petri Nets;Industrial Control System;Dynamic Game