Research On Security Risk Assessment And Defense Framework Of SCADA Of Oil And Gas Production Internet Of Things

The Supervisory Control and Data Acquisition(SCADA)system plays an important role in the networked and intelligent oil and gas production control and management.At present,the information security of the relatively open SCADA system of oil and gas production Internet of Things(IoT)is serious.Therefore,it is important to prevent and protect the attack before it occurs and ensure the robust of the SCADA system.First,the vulnerability and security threats of the SCADA system of oil and gas production IoT is analyzed from the aspects of the architecture,the function construction and the communication network in the oil and gas production IoT.Based on the criteria and process of security risk assessment in industrial SCADA systems,a new security assessment method,which comnines the attack tree modeling,fuzzy analytic hierarchy process and Shapiro-Wilk test,is proposed.In this thesis,the proposed method is employed to evaluate the PLC.The attack tree model of PLC equipment is constructed for the vulnerability and security threats in PLC equipment.The fuzzy analytic hierarchy process is introduced to assign the weight of the security attribute,and the Shapiro-Wilk test is employed to reduce the subjectivity of the expert scoring in the assignment process.The evaluation results show that the method can effectively evaluate the critical infrastructure equipment in the oil and gas production IoT SCADA system and obtain the attack path with the highest probability of occurrence.Second,a security defense framework based on ATENA for the trusted connection of SCADA system of oil and gas production IoT,which combines the trusted computing technology and the ATENA project architecture,is proposed to address the security problems of the current SCADA system of oil and gas production IoT.The possible malicious behavior are reduced by monitoring traffic flow between nodes,uninterrupted forensics and compliance audits,and detecting exception control requests in the trusted environment.The linkage between security devices with the trusted connection servers has been implements.The security devices include intrusion anomaly detection systems,industrial firewalls,and security isolation gatekeepers.Therefore,the motives and behaviors of attackers are awared before the actual equipment becomes a target.Then,the comprehensive defense performance of the oil and gas production IoT is enhanced.Finally,a scalable simulation platform for the SCADA system of oil and gas production IoT is built to verify the performance of the security defense framework proposed in this thesis.On this platform,the simulated SCADA system server of oil and gas production IoT and the SCADA system server with the trusted connection based behavior-based active defense framework are attacked respectively.The experimental results show that the proposed security defense framework for the oil and gas production IoT SCADA system is feasible and effective.