基于GQM模型的工业控制系统风险评估方法

风险评估是保证工业控制系统安全的重要机制,当前,信息安全和功能安全的耦合越来越紧密,考虑到不同组织的业务目标和运营环境多样化程度高,工控系统信息安全风险评估应紧密结合业务目标。基于目标-问题-度量(GQM)模型,从目标确定、问题描述、度量指标定义工控系统风险评估流程,以工控系统所承载的业务目标为指引,基于风险场景模型提出问题,围绕提出的问题收集信息,根据收集的信息和数据对度量指标进行关联分析和评价。最后,以PLC风险评估为实例,具体说明和验证了基于GQM模型的工业控制系统风险评估方法的有效性。

GQM-based Risk Assessment Method for Industrial Control Systems

Risk assessment is an essential component of safety and security assurance infrastructure mechanisms for industrial control systems. And safety and security attributes are tightly coupled. Information security assessment of industrial control systems should be coupled with the business goals. Based on Goal-Question-Metric (GQM) model, the industrial control systems risk assessment process is defined as identifying business goals, describing questions, and specification of metrics. The proposed risk assessment method is guided by the business goals, which are supported by the industrial control systems. The questions are raised on account of the scenario-based risk model. Information and data are collected concentrating on these questions. Then metrics are measured or evaluated using association analysis. Finally, a risk assessment instance of programmable logic controller (PLC) is described to specify the effectiveness of the proposed GQM-based risk assessment method for industrial control systems.