Research On Vulnerability Assessment Of Industrial Cyber-physical System Based On Dependent Network

The industrial cyber-physical system is the key to the industrial production infrastructure.Although the highly coupled characteristic of the cyber-physical domain in ICPS improves the effectiveness and real-time performance of the information space to the management of physical processes,it also blurs the system’s security boundary.Information security attacks can easily make use of static vulnerable points or dynamic weak links to intrude into ICPS,and gradually penetrate into the physical domain,thus causing large-scale cascading failures.Therefore,designing ICPS’s vulnerability assessment framework and exploring key assessment techniques are the primary prerequisites to ensure ICPS’s stable operation.According to the demands of ICPS’s vulnerability assessment,this thesis conducts in-depth research from four aspects.First,regarding that the existing work lacks consideration of the cyber-physical domain’s complex interaction characteristics and only focuses on local vulnerabilities,this thesis analyzes the topology and interaction characteristics of ICPS,and comprehensively designs vulnerability assessment from single-domain,cross-domain,and dynamic and static dimensions.Second,in view of the complexity of the coupling interaction between multiple domains,a multi-domain dependency evaluation method based on topology and communication service characteristics is proposed,and the quantification of cross-domain vulnerability penetration is achieved by ICPS’s dependent network model.Third,in order to overcome the challenge of simplification of static vulnerability assessment indicators,this thesis proposes a static vulnerability assessment method based on structural importance,communication volume and dependency which assesses the self-vulnerability of nodes and connecting edges based on node attributes in single-domain spatial,and assesses the cross-domain correlation degree of the node’s vulnerability based on dependency.Finally,as cross-domain penetration of vulnerability under complex interaction constraints of multiple domains is uncertain,a dynamic vulnerability assessment method based on cellular automata is proposed.This method identifies the dynamic weak links of the system by revealing the uncertain process of cross-domain penetration of system vulnerabilities and the multi-domain dependency.The vulnerability assessment method for ICPS proposed in this thesis considers the influence of cyber-physical interaction characteristics,and achieves static and dynamic quantitative assessment of ICPS’s single-domain and cross-domain vulnerability.In this way,ICPS’s vulnerability is comprehensively clarified,and this thesis can provide the theoretical guidance for ICPS’s security protection.