Quantitative Safety Assessment Method of Industrial Control System Based on Reduction Factor

  • Haoxiang ZhuEmail author
  • Jingqi Fu
  • Weihua Bao
  • Zhengming Gao
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 924)


Information security assessment is important to the smooth and stable operation of industrial control system (ICS), and provides valuable advices for security policy and measurement. On the basis of analyzing the safety risk assessment standards of industrial control system, this paper puts forward a method of risk assessment for industrial control system based on fuzzy analytic hierarchy process, and creatively introduces fuzzy consistent matrix and entropy method to overcome the lack of fuzziness in the evaluation result of traditional analytic hierarchy process. This method can effectively assess the importance of system assets, the severity of vulnerability and the threats it faces. Through the above steps, the risk of the system is comprehensively evaluated.


Industrial control system Risk assessment Entropy method Vulnerability 



This work was financially supported by the Science and Technology Commission of Shanghai Municipality of China under Grant (No. 17511107002).


  1. 1.
    Peng, y, Jiang, C., Xie, F.: Progress in information security of industrial control systems. J. Tsinghua Univ. (Nat. Sci. Ed.) 52(10), 1396–1408 (2012)Google Scholar
  2. 2.
    Peng, J., Liu, L.: Information security analysis of industrial control systems. Autom. Instrum. 33(12), 36–39 (2012)MathSciNetGoogle Scholar
  3. 3.
    Chin, Z.: Safety and management of industrial network control system. Meas. Control Technol. 32(2), 87–92 (2013)Google Scholar
  4. 4.
    Xiong, Q., Peng, Y., Dai, Z.: Preliminary study on information security risk assessment of industrial control system. Chin. Inf. Secur. 27(3), 57–59 (2012)Google Scholar
  5. 5.
    Zhu, X.: Information security risk assessment risk analysis method. Inf. Secur. Technol. 28(8), 87–89 (2010)Google Scholar
  6. 6.
    Jia, C., Feng, D.: Safety assessment of industrial control system based on fuzzy analytic hierarchy process. J. Zhejiang Univ. 50(4), 759–765 (2016)Google Scholar
  7. 7.
    Qin, C., Chen, X., Yang, Y.: Research and application of three level assessment on the safety of tailing bank based on FAHP IE algorithm. Control Proj. 21(6) 995–1000 (2014)Google Scholar
  8. 8.
    Lu, H., Chen, D., Peng, Y.: Quantitative research on information security risk assessment of industrial control system. Autom. Instrum. 35(10), 21–25 (2014)Google Scholar
  9. 9.
    Yuan, Y.: Research on risk management of construction projects based on fuzzy analytic hierarchy process (FAHP). Chongqing University, Chongqing (2013)Google Scholar
  10. 10.
    Ma, L., Zhang, L., Yang, Y., et al.: Research on the security risk assessment of information systems based on fuzzy neural network. J. Chin. Secur. Sci. 22(005), 164–169 (2012)Google Scholar
  11. 11.
    Li, J., Yin, X., Hutu, et al.: Research on network security assessment based on extension theory. Comput. Eng. Appl. 48(21), 79–82 (2012)Google Scholar
  12. 12.
    Krutz, R.L.: Securing SCADA Systems. Wiley, Hoboken (2005)Google Scholar
  13. 13.
    Fan Hong, Feng Dengguo, Wu Yafei. Methods and applications of information security risk assessment. Tsinghua University press, Beijing 2006 49–50Google Scholar
  14. 14.
    Kefeng, F., Ruikang, Z., Lin, L.: Research on information security standard system of industrial control system. Top. Netw. Secur. Stand. 6 (4), 17–21 (2016)Google Scholar
  15. 15.
    Xiaofeng, Z., Xiuzhen, C.: Grey level information security evaluation model. Ind. Control Syst. 1(6), 15–20 (2014)Google Scholar
  16. 16.
    Nicholson, A., Webber, S., Dyer, S., et al.: SCADA security in the light of cyber-warfare. Comput. Secur. 31(4), 418–436 (2012)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  • Haoxiang Zhu
    • 1
    Email author
  • Jingqi Fu
    • 1
  • Weihua Bao
    • 2
  • Zhengming Gao
    • 2
  1. 1.Department of Automation, College of Mechatronics Engineering and AutomationShanghai UniversityShanghaiChina
  2. 2.Shanghai Automation Instrumentation Co LtdShanghaiChina

Personalised recommendations