Power Dispatch Software Security Situation Assessment Method

doi:10.3969/j.issn.1671-1122.2019.08.003

Abstract

Abstract:

In view of the problem that security situational factors in power dispatch environment were heterogeneous, thispaperproposeda security situation awareness model, which combined security situation elements form software security, network environment security and software supply chain security. Grey theory was applied to deal with the hybrid states existence of exact value, estimated value, qualitative value and quantitative value. This paper also used uncertainty reasoning model to assess security influence factors between situation elements. It is proofed that the practicality and effectiveness of our model and method.

Key words: smart grid, power dispatch, software security, situation awareness, supply chain security

CLC Number:

TP309

Yuling LIU, Yunshan TANG, Qi ZHANG, Feng LI. Power Dispatch Software Security Situation Assessment Method[J]. Netinfo Security, 2019, 19(8): 15-21.

Figures/Tables 1

References 25

[1]	SYMANTEC. Internet Security Threat Report[EB/OL]. , 2015-5-10.
[2]	PONEMON INSTITUTE. Flipping the Economics of Attacks[EB/OL]. , 2015-5-10.
[3]	INCAPSULA. Global DDoS Threat Landscape: Understanding the Latest DDoSAttack Trends, Methods and Capabilities[EB/OL]. , 2015-5-10.
[4]	VERSION. Version Data Breach Report 2015[EB/OL]. , 2015-5-10.
[5]	BASS T. Multisensor Data Fusion for Next Generation Distributed Intrusion Detection Systems[EB/OL]. , 1999-5-10.
[6]	BASS T.Intrusion Detection Systems and Multisensor Data Fusion: Creating Cyberspace Situational Awareness[J]. Communications of the ACM, 2000, 43(4): 99-105.
[7]	DENG Julong.Grey Theory[M]. Wuhan: Huazhong University of Science and Technology Press, 2002.
	邓聚龙. 灰理论基础[M].武汉:华中科技大学出版社,2002.
[8]	ROMAN R, LOPEZ J, GRITZALIS S.Situation Awareness Mechanisms for Wireless Sensor Networks[J]. IEEE Communications Magazine, 2008, 46(4): 102-107.
[9]	YEGNESWARAN V, BARFORD P, PAXSON V.Using Honeynets for Internet Situational Awareness[C]//ACM. Fourth Workshop on Hot Topics in Networking (Hotnets IV), November 14-15, 2005, College Park, MD, USA. New York: ACM, 2005: 240-243.
[10]	WEI Yong, LIAN Yifeng, FENG Dengguo.A Network Security Situational Awareness Model Based on Information Fusion[J]. Journal of Computer Research and Development, 2009, 46(3): 353-362.
	韦勇,连一峰,冯登国.基于信息融合的网络安全态势评估模型[J].计算机研究与发展,2009,46(3):353-362.
[11]	WEI Yong, LIAN Yifeng.A Network Security Situational Awareness Model Based on Log Audit and Performance Correction[J]. Chinese Journal of Computers, 2009, 32(4): 763-772.
	韦勇,连一峰.基于日志审计与性能修正算法的网络安全态势评估模型[J].计算机学报,2009,32(4):763-772.
[12]	JIA Xuefei, LIU Yuling, YAN Yan, et al.Network Security Situational Awareness Method Based on Capability Opportunity Intent Model[J]. Application Research of Computers, 2016, 33(6): 1775-1779.
	贾雪飞,刘玉岭,严妍,等.基于能力机会意图模型的网络安全态势感知方法[J].计算机应用研究,2016,33(6):1775-1779.
[13]	HU Hao, ZHANG Hongqi, LIU Yuling, et al.Quantitative Method for Network Security Situation Based on Attack Prediction[J]. Security and Communication Networks, 2017, 17(4): 1-19.
[14]	ZHANG Yong, TAN Xiaobin, CUI Xiaolin, et al.Network Security Situation Awareness Approach Based on Markov Game Model[J]. Journal of Software, 2011, 22(3): 495-508.
	张勇,谭小彬,崔孝林,等.基于Markov博弈模型的网络安全态势感知方法[J].软件学报,2011,22(3):495-508.
[15]	CHEN Xiuzhen, ZHENG Qinghua, GUAN Xiaohong, et al.Quantitative Hierarchical Threat Evaluation Model for Network Security[J]. Journal of Software, 2006, 17(4): 885-897.
	陈秀真,郑庆华,管晓宏,等.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897.
[16]	YANG S J, BYERS S, HOLSCOPPLE J, et al.Intrusion Activity Projection for Cyber Situational Awareness[C]//IEEE. Proceedings of IEEE International Conference on Intelligence and Security Informatics, June 17, 2008, Taipei, China. New York: IEEE, 2008: 167-172.
[17]	HOLSOPPLE J, YANG S J.FuSIA: Future Situation and Impact Awareness[C]//IEEE. Proceedings of the 11th International Conference on Information FusionIEEE, June 30-July 3, Cologne, Germany. New York: IEEE, 2008: 1-8.
[18]	LIU Yuling, FENG Dengguo, LIAN Yifeng, et al.Network Situation Prediction Method Based on Spatial-Time Dimension Analysis[J]. Journal of Computer Research and Development, 2014, 51(8): 1681-1694.
	刘玉岭,冯登国,连一峰,等.基于时空维度分析的网络安全态势预测方法[J].计算机研究与发展,2014,51(8):1681-1694.
[19]	HU Hao, LIU Yuling, ZHANG Hongqi, et al.Optimal Network Defense Strategy Selection Based on Incomplete Information Evolutionary Game[J]. IEEE Access, 2018, 2018(6): 29806-29821.
[20]	CHEN G, SHEN D, KWAN C, et al.Game Theoretic Approach to Threat Prediction and Situation Awareness[J]. Journal of Advances in Information Fusion, 2007, 2(1): 1-14.
[21]	TAO Yuan, HUANG Tao, ZHANG Mohan, et al.Research and Development Trend Analysis of Key Technologies for Cyberspace Security Situation Awareness[J]. Netinfo Security, 2018, 18(8): 79-85.
	陶源,黄涛,张墨涵,等.网络安全态势感知关键技术研究及发展趋势分析[J].信息网络安全,2018,18(8):79-85.
[22]	STEPHEN L.The Spinning Cube of Potential Doom[J]. ACM Communications Viewpoint Column, 2004, 47(6): 25-26.
[23]	KIRAN L, WILLIAM Y, ADAM J L.NVisionIP: Netflow Visualizations of System State for Security Situational Awareness[C]//ACM. Proceedings of the 2004 ACM workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC ‘4), October 25-29, 2004, Washington, DC, USA. New York: ACM, 2004: 65-72.
[24]	MARK A C, ROBERT P, BELLA R, et al.Emergency Situation Awareness from Twitter for Crisis Management[C]//ACM. Proceedings of the 21st International Conference Companion on World Wide Web(WWW), April 16-20, 2012, Lyon, France. New York: ACM, 2012: 695-698.
[25]	LIANG Zhiqiang, LIN Dansheng.Information Security Risk Assessment Mechanism Research Based on Power System[J]. Netinfo Security, 2017, 17(4): 86-90.
	梁智强,林丹生.基于电力系统的信息安全风险评估机制研究[J].信息网络安全,2017,17(4):86-90.

	SSI				NSI		CSI
	SS	AS	RS	SP	SR	CR	SD	ST
Modu1	5	9.44	10	2	2.56	0.6	高	高
Modu2	6	5.448	8	3	0.864	0.8	中	中
Modu3	3	7.264	6	0	0.864	0.6	低	中