【作者】 周森鑫；

【导师】 韩江洪；

【作者基本信息】 合肥工业大学 ， 计算机应用， 2018， 博士

【摘要】 工业控制网络系统是实现工业生产自动化的关键,是衡量国家工业水平的重要指标。随着物联网、大数据、智能技术的发展,其安全运行已成为国家安全战略的重要组成部分。可信计算已经成为国际信息安全领域的一个重要分支,吸引了全球众多学者的关注和研究。本文的主要工作和贡献有:(1)首先分析了工业控制网络系统的安全现状和安全需求,研究了可信工业控制网络系统的实现技术,提出一种可信工业控制网络系统体系结构。划分可信工业控制网络系统的可信属性为安全性、可生存性和可控性。(2)针对工业控制网络系统的特点,将安全性细为其可用性、可靠性和单位时间内失败次数,提出多态有奖Markov安全性度量方法,分别定量度量其可用性、可靠性和单位时间内失败次数。(3)建立了工业控制网络系统连续时间Markov可生存性定量测试模型。该度量模型分为静态和动态两种。引入通用生成函数和层次分析法解决了模型的“状态爆炸”问题,降低了计算复杂度。为了解决某些工业场合不满足严格的Markov性质,探索了连续时间多态半Markov可生存性度量方法。(4)根据工业控制网络系统的瞬间性能与其平均输出性能缺陷值,提出了基于输出性能的可控性判别方法。为了提高工业控制网络系统的可控性,识别其关键节点,提出了基于复杂网络的可控性度量方法。为了求解具体的可控性优化措施动作集合,提出了基于Markov决策的可控性度量方法。针对某些场合Markov决策可控性度量方法中相关参数无法确定的问题,提出了基于强化学习的可控性度量方法。针对可控性优化问题,提出了基于Markov决策过程的可控性优化模型和基于强化学习的可控性优化模型。论文研究成果为构建可信工业控制网络系统奠定了扎实的理论基础,提供了有效的实现途径。更多还原

【Abstract】 Industrial control network system is the key to realize the automation of industrial manufacturing,and it is an essential indicators to measure the national industry manufacturing level.With the development of Internet of things,big data and artificial intelligent technology,its safe operation has become an important part of national security strategy.Trusted computing has become an vital branch of the international information security academic field,attracting the attention and research from more and more scholars around the world.The main work and contributions of this thesis are as follows:(1)Firstly,the security status and security requirements of industrial control network system are analyzed,the realization technology of trusted industrial control network system is studied,and a trusted Industrial control network system architecture is proposed.The trusted attributes of the trusted Industrial control network system are security,survivability and controllability.(2)According to the characteristics of the industrial control network system,the security is subdivided for its availability,reliability and the number of failures per unit time.A multi-state reward-Markov security measurement method is proposed,which quantitatively measures its availability,reliability and number of failures per unit of time.(3)A quantitative measure model of continuous time Markov survivability of industrial control network system is established.The measurement model is divided into two kinds,there are static and dynamic.The general generation function and analytic hierarchy process are introduced to solve the problem of "state explosion" of the model,which reduces the computational complexity.In order to solve the no strict Markov properties in some industrial situations,a continuous time multi-state semi-Markov survivability measurement method is explored.(4)According to the instantaneous performance of industrial control network system and its average output performance defect value,a controllability discriminant method based on output performance is proposed.In order to improve the controllability of industrial control network system and to identify its key parts,a controllability measurement method based on complex network is proposed.In order to solve the specific action set of controllability optimization measures,a controllability measurement method based on Markov decision process is proposed.In order to solve the problem that the relevant parameters of Markov decision controllability measure are uncertain in some situations,a controllability measure method based on reinforcement learning is proposed.Aiming at the problem of controllability optimization,a optimization model based on Markov decision process and a optimization model based on reinforcement learn ing are proposed.The research results of the thesis show that it have laid a solid theoretical foundation for the construction of trusted industrial control network system and provided an effective way to realize it.更多还原