Skip to main content

Advertisement

Springer Nature Link
Log in

A novel intelligent assessment method for SCADA information security risk based on causality analysis

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

At present, the oil and gas SCADA system is facing severe information security threats, and the information security assessment for the existing SCADA system is an important response measure. In order to solve the problem that the standard of information security assessment of industrial control system are not perfect and the evaluation objects are fuzzy, this study put forward a novel method of oil and gas SCADA security assessment based on causality analysis. Firstly, defense security assessment technology route with pre-defense,post-defense was introduced and the evaluation indexes were mapped to the pre-defense and post-defense factors, and the pre-defense and post-defense scoring tables for oil and gas SCADA system information security were developed, the evaluation factors were formed as causality diagram table; then the factor space theory was used to evaluate and model the information security of oil and gas SCADA system, and the model was formally described. Finally causality analysis evaluation method of fuzzy Mamdani reasoning was adopted to evaluate factors neurons in the proposed model. The results show that the average accuracy of the causality analysis and the decision tree algorithm is 92.06 and 91.45% respectively. The causality analysis method based on factor space has a good effect on SCADA information security assessment. The conclusions of this study can not only be applied to oil and gas SCADA security risk assessment, but also provide a reference for other industry security assessment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Knapp, Eric D.: Industrial Network Security: securing critical infrastructure networks for smart grid, SCADA and other industrial control system [M]., pp. 30–152. Elsevier Inc, Waltham (2014)

    Google Scholar 

  2. Zhao, H.: Research on anomaly detection algorithm for industrial control systems[D]. Autom. Rese. Des. Inst. Metall. Ind., pp. 9–10 (2014)

  3. Office of Electricity Delivery and Energy Reliability, US Department of Energy. NSTB fact sheet, national SCADA test bed, enhancing control systems security in the energy sector [Z/OL]. (2012-06-16). http://www.inl.gov/scada/factsheets/d/nstb.pdf

  4. US-CERT.ICS-CERT[Z/OL].(2012-06-20). http://www.us-cert.gov/control_system

  5. Commission of the European Communities. Communication from the Commissionto the Council and the European Parliament: Critical Infrastructure Protection in the Fight Against Terrorism, COM(2004)702 Final. Commission of the European Communities, Brussels (2004)

  6. Commission of the European Communities: Communication from the Commission on a European Programme for Critical Infrastructure Protection, COM(2006) 786 Final. Commission of the European Communities, Brussels (2006)

  7. Commission of the European Communities, Communication from the Commission to the European Parliament, the Council: The European Economic and Social Committee and the Committee of the Regions-on Critical Information Infrastructure Protection, COM(2009)149 Final. Commission of the European Communities, Brussels (2009)

  8. Commission of the European Communities, Communication from the Commission to the European Parliament, the Council: The European Economic and Social Committee and the Committee of the Regions-A Digital Agenda for Europe, COM(2010)245. Commission of the European Communities, Brussels (2010)

  9. The European Network and Information Security Agency (ENISA) Protecting Industrial Control Systems: Recommendations for Europe and Member States. Recommendations for Europe and Member States, Heraklion (2011)

  10. Anderson, J.P.: Computer Security Threat Monitoring and Surveillance [R]. Fort Washington, Pennsylvania (1980)

  11. Li, Y., Cao, X., Li, J.: A new cyber security risk evaluation method for oil and gas SCADA based on factor state space. Chaos Solitons Fract. 89, 203–209 (2015)

    Google Scholar 

  12. Yu, Y., Lin, W.-M.: Study on industrial control SCADA system’s information security protection system. Netinfo Secur. 5, 74–77 (2012)

    Google Scholar 

  13. Wu, Y.: SCADA system information security technology. Autom. Panor. 2013(2), 98–100 (2013)

    Google Scholar 

  14. Meng, C.J.: Research on Dynamic and Static Risk Assessment for Power Information System. East China University of Science And Technology, Shanghai (2015)

    Google Scholar 

  15. Wang, Y.: Study on Theories and Application of Industrial Control System Security Assessment. Chongqing University, Chongqing (2014)

    Google Scholar 

  16. Li, hongxing: Factor spaces and mathematical frame of knowledge representation(I)-axiomatic definition of factor spaces and description frames. J. Beijing Norm. Univ 32(4), 470–475 (1996)

    MathSciNet  MATH  Google Scholar 

  17. Wang, H.-D., Guo, S.-Z.: Feedback extension-enveloping in factor spaces and its improvements. Fuzzy Syst. Math. 29(1), 83–90 (2015)

    Google Scholar 

  18. Ling, W., Geng, H., Xie, Y.: Framework for factor description of product performance. J. Comput. Aided Des. Comput. Gr. 15(2), 144–149 (2003)

    Google Scholar 

  19. Wang, P.: Factor space and description of concepts. J. Softw. 3(1), 30–40 (1992)

    Google Scholar 

  20. Hongxing, L.: Factor spaces and mathematical frame of knowledge representation(XI)-basic concepts of factor spaces canes. Fuzzy Syst. Math. 11(1), 1–9 (1997)

    Google Scholar 

  21. Yang, Li, Geng, Xinyu, Cao, X.: A novel knowledge representation model based on factor state space. Opt. Int. J. Light Electron Opt. 127(12), 5141–5147 (2016)

    Article  Google Scholar 

  22. Wang, P., Guo, S., Bao, Y., et al.: Causality analysis in factor space. J. Liaoning Tech. Univ. 33(7), 865–870 (2014)

    Google Scholar 

  23. Ganter, B., Wille, R.: Formal Concept Analysis. Springer, Berlin (1999)

    Book  Google Scholar 

  24. Liu, H., Guo, S.: Reasoning model of causality analysis. J. Liaoning Tech. Univ. 34(1), 124–128 (2015)

    MathSciNet  Google Scholar 

  25. Zhang, R., Wang, S., Li, J.: Research on landslide susceptibility based on Mamdani-FIS model. Rock Soil Mech. 35(S2), 437–444 (2014)

    Google Scholar 

  26. Bao, Y., Ru, H., Jin, S.: A new algorithm of knowledge mining in factor space. J. Liaoning Tech. Univ. 33(8), 1141–1144 (2014)

    Google Scholar 

  27. Yang, J., Zhang, N.N., Jian, L.I., et al.: Research and application of decision tree algorithm [J]. Comput. Technol. Dev. 2, 031 (2010)

    Google Scholar 

  28. Kong, Y., Jing, M.: Research of the classification mehtod based on confusion matrixes and ensemble learning. Comput. Eng. Sci. 34(6), 111–117 (2012)

    Google Scholar 

  29. Yang, L., Geng, X., Liao, H.: A web sentiment analysis method on fuzzy clustering for mobile social media users. Eurasip J. Wirel. Commun. Netw. 2016(1), 1–13 (2016)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, Southwest Petroleum University, Chengdu, China

    Li Yang & Xinyu Geng

  2. School of Electrical Engineering and Information, Southwest Petroleum University, Chengdu, China

    Xiedong Cao

Authors
  1. Li Yang
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Xiedong Cao
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Xinyu Geng
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Li Yang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yang, L., Cao, X. & Geng, X. A novel intelligent assessment method for SCADA information security risk based on causality analysis. Cluster Comput 22 (Suppl 3), 5491–5503 (2019). https://doi.org/10.1007/s10586-017-1315-4

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-017-1315-4

Keywords