Research On Resilience Evaluation Method Of CBTC System Oriented To Cloud Computing

Migrating the Communication Based Train Control System(CBTC)system to the cloud computing platform is an important development direction of urban rail transit.Due to the wide application of commercial software and hardware products,the openness of wireless networks and the use of virtualization technology,which makes the cloud computing-oriented CBTC system face many information security risks.The performance change(resilience)before and after the system is attacked by information is the key factor affecting the CBTC cloud migration.Combined with the characteristics of CBTC system and cloud computing,the thesis studies the resilience evaluation method of cloud computing CBTC system.Based on the reliability and security requirements of the CBTC system,the design principles of the deployment scheme of the CBTC system on the cloud platform are proposed.In order to solve the state space explosion and system state correlation problem,the resilience of cloud computing CBTC system is evaluated by using attack countermeasure tree and aggregate random process method.The main research work of this thesis is as follows:(1)The resilience evaluation index based on system resources is proposed.This thesis analyzes the challenges faced by CBTC system migration to the cloud and the problems faced by resilience assessment.Based on the characteristics of CBTC system and cloud computing,the key factors affecting the resilience of cloud computing CBTC system are analyzed,and a method to measure system resilience changes based on system resource indicators is proposed;(2)The deployment principle of CBTC system migration to cloud platform is proposed.First,based on the reliability and security requirements of the CBTC system,the design principles of the deployment scheme of the CBTC system on the cloud platform are given.Secondly,combined with the characteristics of cloud computing CBTC system virtualization and redundancy,an improved attack countermeasure tree model is constructed.Finally,using the logical relationship between the basic events of the attack countermeasure tree,the probability of attacking the target’s success is calculated,and it is equivalent to the state transition probability to calculate the resilience index of the system;(3)In order to solve the problems of state correlation and state space explosion of cloud computing CBTC system,we propose an aggregate random process method to evaluate the resilience of the system.Firstly,we build a cloud computing CBTC system aggregation stochastic process model,and combines the characteristics of system virtualization,redundancy and backup mode,and divides the system,cluster,subsystem and virtual four levels to the equipment units in the system aggregation stochastic process model.State is analyzed to obtain an aggregated state at the system level.Then,the resource parameters of each aggregated state of the system are calculated according to the aggregated resource calculation method based on the failure state and the state of each level of the system.According to the obtained state transition probability,combined with ion channel theory,the state residence time parameter is calculated.Finally,according to the obtained state residence time and state resources,the system resilience index is calculated.(4)The verification of system resilience evaluation based on Monte Carlo method is simulated.First,we construct a system attack scenario based on the aggregated states of the system.Secondly,according to the system aggregation stochastic process model,the system resilience index is calculated.Finally,the Monte Carlo method is used to simulate the system resilience index for many times,and the system resilience evaluation result is given.(5)The resilience evaluation results based on Monte Carlo method show that the average resilience of cloud computing CBTC system considering the influence of management,storage and network cluster is 0.9623,which is lower than that of traditional CBTC system(0.9753).The thesis improves its anti-attack ability by increasing the physical resources of cloud computing platform management,storage and network cluster,and when the physical resources are doubled,the system resilience reaches 0.9871,which achieves the purpose of improving the resilience of cloud computing CBTC system.