以模型為基礎的風險管理與量測指標

資訊安全處理資料被非法侵入使用的問題，軟體安全則考量因軟體的錯誤或缺陷引起危及生命財產損失的議題。因此為了有效地防止攻擊者入侵和破壞，工業控制系統必須從資訊安全和軟體安全兩方面著手。本論文提出一套技術將資訊安全和軟體安全結合，以延伸CORAS圖建構破壞劇情，並將改良的HZAOP方法分析可能產生的攻擊以計算風險度。另外發展可信賴性量測指標供系統量測，可做為系統在開發時期的回饋以降低風險。最後以鍋爐系統為模擬案例，以說明方法的有效性。

關鍵字

CORAS,風險度,量測指標,生存性,強壯性,修復性

並列摘要

Security deals with unauthorized accessing of data. On the other hand, safety deals with hazards due to human unintentional errors or software defects. However, to prevent malicious attackers from intrusion and sabotage, industry control systems have to consider both information security and software safety. This thesis proposes techniques combining information security and software safety. We extended CORAS method to model sabotages and used improved HZAOP to analyze sabotage scenarios. Then risks can be calculated. We also develop metrics to evaluate and manage security risks. These metrics can be used as feedbacks to improve design. A steam boiler system is simulated as a case study to demonstrate the effectiveness of our methods.

並列關鍵字

CORAS,Risk,Metrics,Reliability,Robustness,Recovery

參考文獻

[1] Nancy G.Leveson , “SAFEWARE, System Safety and Computers,” Addison-Wesley Publishing Company, 1995, ISBN: 0-201-11972-2

[2] Ministry of Defence, “Defence Standard 00-58, Issue 2,” MoD, 2000

[4] J. O. Aagedal, F. den Braber, et al., “Model-based risk assessment to improve enterprise security,” Proc. Enterprise Distributed Object Communication (EDOC 2002), pp. 51-62, 2002.

[7] Mass Soldal Lund, Folker den Braber, Ketil Stolen, “Maintaining Results from Security Assessments,“ Proceedings of the Seventh European Conference on Software Maintenance and Reengineering, pp. 341, 2003.

[10] Finn V. Jensen, “An Introduction to Bayesian Networks,” Bookcraft Ltd., England, 1996, ISBN: 0-387-91502-8

國際替代計量

以模型為基礎的風險管理與量測指標

主題瀏覽