Skip to main content
Author(s):
Shuang Wang Lei Ding He Sui Zhaojun Gu
Journal
SAGE Publications
Abstract

Cybersecurity risk assessment is an important means of effective response to network attacks on industrial control systems. However, cybersecurity risk assessment process is susceptible to subjective and objective effects. To solve this problem, this paper introduced cybersecurity risk assessment method based on fuzzy theory of Attack-Defense Tree model and probability cybersecurity risk assessment technology, and applied it to airport automatic fuel supply control system. Firstly, an Attack-Defense Tree model was established based on the potential cybersecurity threat of the system and deployed security equipment. Secondly, the interval probability of the attack path was calculated using the triangular fuzzy quantification of the interval probabilities of the attack leaf nodes and defensive leaf nodes. Next, the interval probability of the final path was defuzzified. Finally, the occurrence probability of each final attack path was obtained and a reference for the deployment of security equipment was provided.

Concluding remarks
The main contributions of this paper are as follows: (1) considering the distribution of equipment in industrial control system, a new cybersecurity risk evaluation model of industrial control system is proposed. (2) The experimental results of this article are compared with other assessment technologies, and the trend is similar to that of other evaluation methods, which proves that the method was introduced in this paper is scientific. However, this method reduces the subjective impact of experts on cybersecurity risk assessment, and the assessment results are more objective and reasonable. (3) Applying this model to the airport oil supply automatic control system can comprehensively evaluate risk, solve the practical problems faced by the airport, and also provide an important basis for the cybersecurity protection scheme of the energy industry.

Reference details

DOI
10.3233/JIFS-201126
Resource type
Journal Article
Year of Publication
2021
ISSN Number
1064-1246
Publication Area
Cybersecurity and defense
Date Published
2021-06-21
URL
https://content.iospress.com/a…

How to cite this reference:
Wang, S., Ding, L., Sui, H., & Gu, Z. (2021). Cybersecurity risk assessment method of ICS based on attack-defense tree model. SAGE Publications. https://doi.org/10.3233/JIFS-201126 (Original work published)