Research And Application Of Security Risk Assessment Technology For Industrial Control System Of Hydro Project

As a critical infrastructure of China,hydro project is inextricably bound to the development of state economy and society.The industrial control system of the hydro project realizes the real-time monitoring,operation,load scheduling,the adjustment of control command of hydro project and the operation controlment of the entire production environment,so the importance of the system is self-evident.Although the widespread application of Ethernet technology in the industrial control system of hydro project has dramatically promoted the production of hydro project,it has also caused great security risks to hydro project.Due to the high requirement for real-time and reliability of industrial control system,it is usually not suitable to halt for maintenance and repairment,which may result in many potential security vulnerabilities in the industrial control system of hydro project.In this view,this paper designs and implements the safety risk assessment system of the industrial control system of hydro project to identify the vulnerability and assess the security risk.The main tasks of this paper are as follows:This paper first studies the structural characteristics and security vulnerability of industrial control system of hydro project,and introduces the vulnerability identification scheme based on fuzzy test to solve the problem that the security risk assessment technology of hydro project lacks systematic vulnerability identification scheme.Additionally,this paper studies the analytical method of the industrial control protocol of hydro project.In the process of fuzzy test for the industrial control system of hydro project,there are some problems,such as the specification of the private protocol cannot be obtained and the test script writing rules of the known specification of the public protocol are tedious,which leads to the lack of pertinence of the generated fuzzy test cases.To solve the problem,an automatic analysis method based on mutation strategy extraction was proposed,and the mutation strategy of test cases was extracted according to the analysis results,which was used to guide the generation of fuzzy test cases.Furthermore,this paper studies the method of generating fuzzy test cases.Since the industrial control protocol is highly structured and has more control field,and the traditional fuzzy testing has the following defects-the low code coverage rates and the inability of identifying multi-point trigger vulnerabilities,thus a method of generating multi-dimensional test cases is proposed based on feedback genetic algorithm to achieve the goals of improving code coverage and identifying multi-point trigger vulnerability.In the last part,the safety risk assessment system of industrial control system of hydro project is designed and realized.According to the requirement of security risk assessment system of industrial control system of hydro project,some functions are realized,including data acquisition,equipment scanning,protocol analysis,protocol specification import and analysis,test case generation and execution,monitoring target device status and risk assessment.Through building a test environment to verify the functions of the system,the experimental results show that the industrial control protocol analysis method can implement protocol analysis and generate the mutation strategy of fuzzy testing effectively and guide the industrial control protocol targeted variation;Multi-dimensional test case generation method based on feedback genetic algorithm can identify multi-point trigger vulnerability effectively.