工业信息物理系统中信息安全与功能安全的冲突消除与容忍入侵控制

Industrial Cyber-Physical Systems (iCPS) tightly integrate industrial processes and information and communication technologies in process monitoring, control and optimization. Safety and Security issues are increasingly converging on this new type of iCPS, leading to new situations in which these two closely interdependent issues should now be considered together, rather than separately or in sequence. There are four types of relationships among them, ranging from mutual reinforcements, conditional dependencies, or independence to complete antagonisms, in which contradictions between security and safety are safety-critical to every industrial process. Weakening safety could enable malicious attackers and cause serious security incidents. On another hand, the vulnerability in the iCPS security protection could disable the system functions and lead to a degraded process performance, or even a disaster in the operations. This proposed project aims to eliminate or partly remove the contradictions among the safety and security requirements of iCPS in both requirement gathering stages and operation stages. The research tasks include security and safety requirement gathering, contradiction elimination, quantifying the degree of safety and security, and intrusion tolerant control with both the unified safety and security measures and coordinated security and safety requirements as the inputs. The expected theoretical research results will be verified and demonstrated in a new established iCPS experimental platform. The outcomes of the research is expected to assist in the better understanding and defense of both security attacks and process component failures, accurately evaluating the impact of the safety weakness and security vulnerability of the iCPS, and efficiently planning the emergency response to the security threats and the safety hazards. The research is essential to enhancing the security and safety of iCPS.

工业信息物理系统是指用于工业过程监视、控制与决策的一类特定的信息物理系统，是中国制造2025、信息化和工业化深度融合战略的重要支撑。功能安全和信息安全是保障工业信息物理系统的安全的两个重要方面，二者互相关联，相互依赖、或相互冲突。功能安全的不完善容易被攻击者利用，从而引发重大信息安全事故，信息安全防御方面的漏洞会导致系统的正常功能遭遇攻击，造成毁坏。该研究项目以消除或者减少功能安全和信息安全相互矛盾为技术背景，根据信息物理系统的运行工作特点，围绕信息安全需求及功能安全需求一体化分析，对获取安全需求、避免冲突、统一安全度量、和容忍入侵实时控制的应用基础和关键技术开展系统研究，并建立仿真平台进行仿真和模拟试验。预期的研究成果，将有助于更好地理解和消除网络化工业过程的安全隐患，更好地评估安全隐患对网络化工业过程的影响，更好地制定功能安全威胁和信息安全漏洞应急对策，为工业过程安全运行提供理论与技术

工业信息物理系统是21世纪新工业革命的基石，其安全问题可分为信息安全和功能安全两个重要方面。在IT与OT深入融合的背景下，信息安全与功能安全很容易发生冲突而导致安全事故。. 本项目围绕工业信息物理系统信息安全和功能安全问题，在获取安全需求、避免冲突、统一安全度量和容忍入侵等关键技术上开展了系统的研究，并从以下三个方面取得了创新性成果：① 提出了信息安全和功能安全的一体化分析框架，包括安全需求获取、安全需求表示、安全需求冲突的识别和安全需求冲突的消除四个关键步骤，有效避免了系统在设计阶段产生的安全隐患。② 结合工业信息物理系统的信息安全与功能安全问题，提出了风险事件从信息物理系统的信息域传播到物理域所产生的风险影响和概率风险分析与评估模型，并通过构建安全事件场景验证了模型的可行性。③ 针对工业信息物理系统隐身攻击提出了统一度量的风险评估方法，基于风险预测的报警可以提前引入安全管控，规避可能的隐身攻击，提高系统对隐身攻击的容忍性，有效避免了传统入侵检测方法假阳率高、计算成本高和降低系统性能等问题。. 本项目的研究成果为工业信息物理系统信息安全和功能安全技术的应用和实施提供了重要的理论依据和技术上的借鉴价值，对我国工业系统的安全具有重要意义，有助于我国从制造业大国向制造业强国转型，为“中国制造2025”总体战略贡献力量。