Research On Network Security Risk Assessment Method For High-speed Railway Signal System

With the rapid development of information networks,the application field of the network is more and more extensive.As an industrial control system,the high-speed railway signal system has also been influenced by the network and gradually developed into the direction of industrial information.The access of traditional IT equipment and GSM-R network makes the high-speed railway signal system has a higher openness to the outside world,and facing more severe security issues.In order to solve this problem and enhance the high-speed railway signal system security and defense capabilities,this thesis carried out the following work:(1)Contrast the differences in the security between the railway signal system and the traditional information system,analyzes the basic sources and distributions of vulnerability in the railway signal system,and summarizes the possible attack techniques for the railway signal system.(2)In order to assess the network security risk of high-speed railway signal system,this thesis proposed a modeling method of attack graph for high-speed railway signal system based on security domain.According to the hierarchical characteristics of the system,we firstly realized the sub-region distribute generation of the attack graph by the security domain,and then according to the security level requirements of each sub-network in the system,the attack mode and the minimum attack benefit constraint threshold are used to reduce the generation complexity of the attack graph.Furthermore,in order to verify the effectiveness of this method,an attack behavior from CTC station to penetrate into the signal security data network is simulation,the experimental results show that the proposed method can improve the efficiency of attack graph and simplify the attack graph scale,and obtain the possible attack path,that provides the basis for the administrator to develop more targeted security protection measures.(3)In order to assess the information security risk of Train Control Center(TCC),this thesis gave firstly the component-based security attributes of TCC systems,and then proposed a TCC information security risk assessment model based on it.During the security risk modeling,the Analytic Hierarchy Process(AHP)method was adopted to create security attributes and risk assessment indicators of TCC systems to determine the component risk values.Furthermore,a modified VIKOR algorithm was used to evaluate the TCC system risk from these multiple risk indicators.