Risk assessment method of power plant industrial control information security based on Bayesian attack graph Systems

In view of the current fault isolation and single-fault assessment methods for power plant industrial control information security, there are problems of low attack point capture accuracy, long time, and poor evaluation effect. A Bayesian attack graph-based intelligent risk assessment of power plant industrial control information security is proposed. method. The attack graph technology is used to model the risk elements identified in the risk analysis, and the probabilistic model and Bayesian probabilistic attack graph are used to describe the relationship between system threats and attack behaviors. Deeply understand the basic elements of attack graph modeling for information collection, automatically generate tools to construct and optimize attack graphs, use sample information to modify the original estimates of parameters, and the hyperparameters of the prior distribution are determined by the node probability value. Analyze the attack sample data to obtain the attribute data of the node, so as to complete the posterior estimation parameter learning. The basic credibility of each proposition in the recognition framework is determined, and the weight vector of evidence is determined. Analyze the specific information security threats of the industrial control system of the power plant, obtain the basic credibility function, and establish the risk calculation formula. Quantify the language assessment of security threats by experts, construct an intelligent risk assessment model for power plant industrial control information security, and design the implementation process of risk assessment based on the risk analysis of attack graphs. The weight value of security threats and the result of credibility distribution are determined to complete the intelligent assessment. It can be seen from the experimental results that the short-term energy of this method is gradually invalid, the information is in the storage stage, and no new evaluation information will be added. The highest accuracy of capturing attack points under passive and active attacks is 91% and 93%, respectively, and the longest capturing of attack points. The time does not exceed 20 min.