随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络。传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响。文...随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络。传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响。文中提出一种基于改进petri网的工业控制系统功能安全和信息安全一体化风险建模方法(Safety and Security Petri Net Risk Assessment,SSPN-RA),其中包括一体化风险识别、一体化风险分析、一体化风险评估3个步骤。所提方法首先识别并抽象化工业控制系统中的功能安全与信息安全数据,然后在风险分析过程中通过构造结合Kill Chain的petri网模型,分析出功能安全与信息安全中所存在的协同攻击路径,对petri网中功能安全与信息安全节点进行量化。同时,通过安全事件可能性以及其造成的各类损失计算出风险值,实现对工业控制系统的一体化风险评估。在开源的仿真化工工业控制系统下验证该方法的可行性,并与功能安全故障树分析和信息安全攻击树分析进行对比。实验结果表明,所提方法能够定量地得到工业控制系统的风险值,同时也解决了功能安全与信息安全单一领域分析无法识别的信息物理协同攻击和安全风险问题。展开更多
The information security and functional safety are fundamental issues of wireless communications sytems.The endogenous security principle based on Dynamic Heterogeneous Redundancy provides a direction for the developm...The information security and functional safety are fundamental issues of wireless communications sytems.The endogenous security principle based on Dynamic Heterogeneous Redundancy provides a direction for the development of wireless communication security and safety technology.This paper introduces the concept of wireless endogenous security from the following four aspects.First,we sorts out the endogenous security problems faced by the current wireless communications system,and then analyzes the endogenous security and safety attributes of the wireless channel.After that,the endogenous security and safety structure of the wireless communications system is given,and finally the applications of the existing wireless communication endogenous security and safety functions are listed.展开更多
Uncertain security threats caused by vulnerabilities and backdoors are the most serious and difficult problem in cyberspace.This paper analyzes the philosophical and technical causes of the existence of so-called"...Uncertain security threats caused by vulnerabilities and backdoors are the most serious and difficult problem in cyberspace.This paper analyzes the philosophical and technical causes of the existence of so-called"dark functions"such as system vulnerabilities and backdoors,and points out that endogenous security problems cannot be completely eliminated at the theoretical and engineering levels;rather,it is necessary to develop or utilize the endogenous security functions of the system architecture itself.In addition,this paper gives a definition for and lists the main technical characteristics of endogenous safety and security in cyberspace,introduces endogenous safety and security mechanisms and characteristics based on dynamic heterogeneous redundancy(DHR)architecture,and describes the theoretical implications of a coding channel based on DHR.展开更多
Food security, food safety and environmental protection are major livelihood issues in front of the Chinese people. The priorities of the three are different, and there is mutually dependent and contradictory relation...Food security, food safety and environmental protection are major livelihood issues in front of the Chinese people. The priorities of the three are different, and there is mutually dependent and contradictory relationship among them. Facing the triple pressures of food security, food safety, and environmental protection, this paper analyzes the priority of the three from the historical development, then further analyzes the interaction between food security,food safety and environmental protection and finally puts forward the healthy development of food security, food safety and environmental protection, and the proper settlement of the three problems.展开更多
With the rapid development of the Internet of Things (IoT), non-Orthogonal Multiple Access (NOMA) technology and cognitive wireless network are two promising technologies to improve the spectral efficiency of the syst...With the rapid development of the Internet of Things (IoT), non-Orthogonal Multiple Access (NOMA) technology and cognitive wireless network are two promising technologies to improve the spectral efficiency of the system, which have been widely concerned in the field of wireless communication. However, due to the importance of ownership and privacy protection, the IoT system must provide corresponding security mechanisms. From the perspective of improving the transmission security of CR-NOMA system based on cognitive wireless network, and considering the shortcomings of traditional relay cooperative NOMA system, this paper mainly analyzes the eavesdropping channel model of multi-user CR-NOMA system and derives the expressions of system security and rate to improve the security performance of CR-NOMA system. The basic idea of DC planning algorithm and the scheme of sub-carrier power allocation to improve the transmission security of the system were introduced. An algorithm for DC-CR-NOMA was proposed to maximize the SSR of the system and minimize the energy loss. The simulation results show that under the same complexity, the security and speed of the system can be greatly improved compared with the traditional scheme.展开更多
The fields of safety and security use different conceptual standards and methods. As a consequence, these two separate but related research areas utilize different approaches. Addressing the integration between safety...The fields of safety and security use different conceptual standards and methods. As a consequence, these two separate but related research areas utilize different approaches. Addressing the integration between safety and security concerns in this context, we would conduct a survey exploring approaches and standards that were created by the scholars to combine safety and security requirement engineering.展开更多
For the important issues of security service of rail vehicles, the online quantitative security assessment method of the service status of rail vehicles and the key equipments is urgently needed, so the method based o...For the important issues of security service of rail vehicles, the online quantitative security assessment method of the service status of rail vehicles and the key equipments is urgently needed, so the method based on safety region was proposed in the paper. At first, the formal description and definition of the safety region were given for railway engineering practice. And for the research objects which their models were known, the safety region estimation method of system stability analysis based on Lyapunov exponent was proposed;and for the research objects which their models were unknown, the data-driven safety region estimation method was presented. The safety region boundary equations of different objects can be obtained by these two different approaches. At last, by real-time analysis of the location relationship and generalized distance between the equipment service status point and safety region boundary, the online safety assessment model of key equipments can be established. This method can provide a theoretical basis for online safety evaluation of trains operation;furthermore, it can provide support for real-time monitoring, early warning and systematic maintenance of rail vehicles based on the idea of active security.展开更多
Nowadays, the most prominent risk assessment techniques are founded on the values of measuring and controlling the frequency and the consequences of risks in order to assure an "acceptable level" of "safeness" mai...Nowadays, the most prominent risk assessment techniques are founded on the values of measuring and controlling the frequency and the consequences of risks in order to assure an "acceptable level" of "safeness" mainly in the lines of environmental, health and hygiene and port product issues. This paper initially introduces risk assessment approaches within the emerging role of ports Thereafter, it qualitatively assesses their potential for ports by discussing issues challenging every safety and security approach within the maritime industry such as proactiveness, organization, transparency, cost-effectiveness and, when possible, calibration to specific experiences. Moreover, an empirical study was conducted in order to provide evidence for formal risk assessment for safety and security in the main Greek port container terminals of Piraeus and Thessaloniki. The empirical research is based on in-depth semi-structured interviews with the administrations of container terminals. The results include important findings, regarding the likelihood of appearance of certain risks and their perceived severity in Greek container terminals. The collected answers and their analysis are also important for confirming the suggested theoretical formal risk assessment framework for ports.展开更多
Following September 11, 2001, numerous security policies have been created which have caused a number of unique challenges in planning for transportation networks. Transportation policy and funding to improve the tran...Following September 11, 2001, numerous security policies have been created which have caused a number of unique challenges in planning for transportation networks. Transportation policy and funding to improve the transportation infrastructure has historically been addressed as individual modes not as intermodal transportation. As a consequence of this inopportune allocation, it is now apparent that the transportation modes are disconnected and have unequal levels of security and efficiency. Improved intermodal connectivity has therefore been identified as one of the main challenges to achieve a safer, secure, and productive transportation network. Tools need to be refined for collaboration and consensus building to serve as catalysts for efficient transportation solutions. In this study, a mathematical model using data envelopment analysis (DEA) was developed and investigated to assess the safety and security of intermodal transportation facilities. The model identifies the best and worst performers by assessing several safety and security-related variables. The DEA model can assess the efficiency level of safety and security of intermodal facilities and identify potential solutions for improvement. The DEA methodology presented is general in its framework and can be applied to any network of intermodal transportation systems. Availability of credible data, complemented with DEA methodology will help in management decisions making concrete safety and security decisions for intermodal transportation facilities.展开更多
The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="fon...The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">assurance, such as consistency, durability, efficiency and accessibility, require or need resources. This target</span><span style="font-family:Verdana;">s</span><span style="font-family:Verdana;"> the System-of-Systems (SoS) problems with the exception of difficulties and concerns that apply similarly to subsystem interactions on a single system and system-as-component interactions on a large information</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">system. This research addresses security and information assurance for safety-critical systems, where security and safety </span><span style="font-family:Verdana;">are</span><span style="font-family:Verdana;"> addressed before going to actual implementation/development phase for component-based systems. For this purpose, require a conceptual idea or strategy that deals with the application logic security assurance issues. This may explore the vulnerability in single component or a reuse of specification in existing logic in component-based system. Keeping in view this situation, we have defined seven concepts of security assurance and security assurance design strategy for safety-critical systems.展开更多
文摘随着信息化与工业化的融合不断加深,工业控制系统中信息域与物理域交叉部分越来越多,传统信息系统的网络攻击会威胁工业控制系统网络。传统的工业控制系统安全评估方法只考虑功能安全的风险,而忽略了信息安全风险对功能安全的影响。文中提出一种基于改进petri网的工业控制系统功能安全和信息安全一体化风险建模方法(Safety and Security Petri Net Risk Assessment,SSPN-RA),其中包括一体化风险识别、一体化风险分析、一体化风险评估3个步骤。所提方法首先识别并抽象化工业控制系统中的功能安全与信息安全数据,然后在风险分析过程中通过构造结合Kill Chain的petri网模型,分析出功能安全与信息安全中所存在的协同攻击路径,对petri网中功能安全与信息安全节点进行量化。同时,通过安全事件可能性以及其造成的各类损失计算出风险值,实现对工业控制系统的一体化风险评估。在开源的仿真化工工业控制系统下验证该方法的可行性,并与功能安全故障树分析和信息安全攻击树分析进行对比。实验结果表明,所提方法能够定量地得到工业控制系统的风险值,同时也解决了功能安全与信息安全单一领域分析无法识别的信息物理协同攻击和安全风险问题。
基金National Natural Science Foundation of China(No.61941114 and No.61521003)Key Universities and Academic Disciplines Contruction Project。
文摘The information security and functional safety are fundamental issues of wireless communications sytems.The endogenous security principle based on Dynamic Heterogeneous Redundancy provides a direction for the development of wireless communication security and safety technology.This paper introduces the concept of wireless endogenous security from the following four aspects.First,we sorts out the endogenous security problems faced by the current wireless communications system,and then analyzes the endogenous security and safety attributes of the wireless channel.After that,the endogenous security and safety structure of the wireless communications system is given,and finally the applications of the existing wireless communication endogenous security and safety functions are listed.
基金supported by the National Natural Science Foundation Innovation Group Project(61521003)。
文摘Uncertain security threats caused by vulnerabilities and backdoors are the most serious and difficult problem in cyberspace.This paper analyzes the philosophical and technical causes of the existence of so-called"dark functions"such as system vulnerabilities and backdoors,and points out that endogenous security problems cannot be completely eliminated at the theoretical and engineering levels;rather,it is necessary to develop or utilize the endogenous security functions of the system architecture itself.In addition,this paper gives a definition for and lists the main technical characteristics of endogenous safety and security in cyberspace,introduces endogenous safety and security mechanisms and characteristics based on dynamic heterogeneous redundancy(DHR)architecture,and describes the theoretical implications of a coding channel based on DHR.
基金one of the research fruits of“A Study of the Public Interest Litigation and Security Mechanism for the Quality and Safety of Agricultural Products”(15BGL135)general project granted by the National Social Sciences Planning Office
文摘Food security, food safety and environmental protection are major livelihood issues in front of the Chinese people. The priorities of the three are different, and there is mutually dependent and contradictory relationship among them. Facing the triple pressures of food security, food safety, and environmental protection, this paper analyzes the priority of the three from the historical development, then further analyzes the interaction between food security,food safety and environmental protection and finally puts forward the healthy development of food security, food safety and environmental protection, and the proper settlement of the three problems.
文摘With the rapid development of the Internet of Things (IoT), non-Orthogonal Multiple Access (NOMA) technology and cognitive wireless network are two promising technologies to improve the spectral efficiency of the system, which have been widely concerned in the field of wireless communication. However, due to the importance of ownership and privacy protection, the IoT system must provide corresponding security mechanisms. From the perspective of improving the transmission security of CR-NOMA system based on cognitive wireless network, and considering the shortcomings of traditional relay cooperative NOMA system, this paper mainly analyzes the eavesdropping channel model of multi-user CR-NOMA system and derives the expressions of system security and rate to improve the security performance of CR-NOMA system. The basic idea of DC planning algorithm and the scheme of sub-carrier power allocation to improve the transmission security of the system were introduced. An algorithm for DC-CR-NOMA was proposed to maximize the SSR of the system and minimize the energy loss. The simulation results show that under the same complexity, the security and speed of the system can be greatly improved compared with the traditional scheme.
文摘The fields of safety and security use different conceptual standards and methods. As a consequence, these two separate but related research areas utilize different approaches. Addressing the integration between safety and security concerns in this context, we would conduct a survey exploring approaches and standards that were created by the scholars to combine safety and security requirement engineering.
文摘For the important issues of security service of rail vehicles, the online quantitative security assessment method of the service status of rail vehicles and the key equipments is urgently needed, so the method based on safety region was proposed in the paper. At first, the formal description and definition of the safety region were given for railway engineering practice. And for the research objects which their models were known, the safety region estimation method of system stability analysis based on Lyapunov exponent was proposed;and for the research objects which their models were unknown, the data-driven safety region estimation method was presented. The safety region boundary equations of different objects can be obtained by these two different approaches. At last, by real-time analysis of the location relationship and generalized distance between the equipment service status point and safety region boundary, the online safety assessment model of key equipments can be established. This method can provide a theoretical basis for online safety evaluation of trains operation;furthermore, it can provide support for real-time monitoring, early warning and systematic maintenance of rail vehicles based on the idea of active security.
文摘Nowadays, the most prominent risk assessment techniques are founded on the values of measuring and controlling the frequency and the consequences of risks in order to assure an "acceptable level" of "safeness" mainly in the lines of environmental, health and hygiene and port product issues. This paper initially introduces risk assessment approaches within the emerging role of ports Thereafter, it qualitatively assesses their potential for ports by discussing issues challenging every safety and security approach within the maritime industry such as proactiveness, organization, transparency, cost-effectiveness and, when possible, calibration to specific experiences. Moreover, an empirical study was conducted in order to provide evidence for formal risk assessment for safety and security in the main Greek port container terminals of Piraeus and Thessaloniki. The empirical research is based on in-depth semi-structured interviews with the administrations of container terminals. The results include important findings, regarding the likelihood of appearance of certain risks and their perceived severity in Greek container terminals. The collected answers and their analysis are also important for confirming the suggested theoretical formal risk assessment framework for ports.
文摘Following September 11, 2001, numerous security policies have been created which have caused a number of unique challenges in planning for transportation networks. Transportation policy and funding to improve the transportation infrastructure has historically been addressed as individual modes not as intermodal transportation. As a consequence of this inopportune allocation, it is now apparent that the transportation modes are disconnected and have unequal levels of security and efficiency. Improved intermodal connectivity has therefore been identified as one of the main challenges to achieve a safer, secure, and productive transportation network. Tools need to be refined for collaboration and consensus building to serve as catalysts for efficient transportation solutions. In this study, a mathematical model using data envelopment analysis (DEA) was developed and investigated to assess the safety and security of intermodal transportation facilities. The model identifies the best and worst performers by assessing several safety and security-related variables. The DEA model can assess the efficiency level of safety and security of intermodal facilities and identify potential solutions for improvement. The DEA methodology presented is general in its framework and can be applied to any network of intermodal transportation systems. Availability of credible data, complemented with DEA methodology will help in management decisions making concrete safety and security decisions for intermodal transportation facilities.
文摘The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">assurance, such as consistency, durability, efficiency and accessibility, require or need resources. This target</span><span style="font-family:Verdana;">s</span><span style="font-family:Verdana;"> the System-of-Systems (SoS) problems with the exception of difficulties and concerns that apply similarly to subsystem interactions on a single system and system-as-component interactions on a large information</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">system. This research addresses security and information assurance for safety-critical systems, where security and safety </span><span style="font-family:Verdana;">are</span><span style="font-family:Verdana;"> addressed before going to actual implementation/development phase for component-based systems. For this purpose, require a conceptual idea or strategy that deals with the application logic security assurance issues. This may explore the vulnerability in single component or a reuse of specification in existing logic in component-based system. Keeping in view this situation, we have defined seven concepts of security assurance and security assurance design strategy for safety-critical systems.
