Research And Software Development Of Index System-based Cyber Security Vulnerability Assessment For Naval Ship System

With the development of military information and network,the naval ship system is being transformed into systematism,networking and integration.IT information technology is widely used in the ship system,but also inevitably introduces the cyber security problem.As the basis of cyber security defense in depth,the cyber security vulnerability assessment has important significance for the early identification of vulnerable risk and the appropriate deployment of protective measures.Based on the above background,this paper makes an in-depth study on the cyber security vulnerability assessment based on indexes and corresponding software development for naval ship system.In the light of the current situation of the research on the cyber security vulnerability assessment and the cyber security characteristics which is different from the traditional IT system,this paper designs the framework and process of cyber security vulnerability assessment for naval ship system.Meanwhile,the vulnerability of cyber security is analyzed from various angles.On the basis of reference to the cyber security standards and norms of industrial control and IT information system,and supplemented by survey and expert interviews,this paper builds a set of naval ship's cyber security vulnerability assessment index system including five levels and researches the model of each index.The index system includes five levels: physical security vulnerability,architecture security vulnerability,network security vulnerability,host device vulnerability and vulnerability of operation and maintenance management.Assessment index data collection and quantitative methods were analyzed.This paper researches both of evaluation algorithms based on fuzzy analytical hierarchy process and fuzzy group decision-making,and proposes an improved fuzzy evaluation algorithm based on group AHP.Then,the application and comparison of each algorithm are analyzed.Finally,based on the above theoretical research results and attempting to reuse existing tools,the design and development of the evaluation software is carried out by using the component theory.