Huifeng Li,Tiecheng Li,Qigui Yao,Weixun Li,Libo Yang,Guanghui Sun

DOI: https://doi.org/10.1088/1742-6596/2137/1/012023

2021-01-01

Journal of Physics Conference Series

Abstract:The security threat of power monitoring system is increasing, it is valuable to carry out effective risk assessment, which helps to find the security threats of the system in time, then carry out security management and avoid disasters. This paper presents a risk assessment method of power monitoring system based on Fuzzy Analytic Hierarchy Process (FAHP) and CVSS. Firstly, Considering the structure and security requirements of power monitoring system, the analytic hierarchy process (AHP) model is established, and CVSS is used to quantify the evaluation indicators. Then, the fuzzy consistent judgment matrix is constructed by using the results of index quantification by using AHP and fuzzy comprehensive evaluation theory, and the power monitoring system is comprehensively evaluated from the bottom to the top. Finally, the risk evaluation value and safety level of the system are obtained. The example shows that the method can effectively overcome the difficulty of AHP in checking the consistency of judgment matrix, and can effectively quantify the system risk, and provide reference and basis for risk management decision-making of power monitoring system.

Yenan Chen,Tinghui Lu,Linsen Li,Han Zhang

DOI: https://doi.org/10.1007/978-3-031-24386-8_1

2022-01-01

Abstract:With the frequent occurrence of cyber attacks in recent years, cyber attacks have become a major factor affecting the security and reliability of power SCADA. We urgently need an effective SCADA risk assessment algorithm to quantify the value at risk. However, traditional algorithms have the shortcomings of excessive parsing variables and inefficient sampling. Existing improved algorithms are far from the optimal distribution of the sampling density function. In this paper, we propose an optimal sampling algorithm and a selective parsing algorithm and combine them into an improved hybrid algorithm to solve the problems. The experimental results show that the improved hybrid algorithm not only improves the parsing and sampling efficiency, but also realizes the optimal distribution of the sampling density function and improves the accuracy of the assessment index. The assessment indexs accurately quantify the risk values of three widely used cyber attacks.

P A S Ralston,J H Graham,J L Hieb

DOI: https://doi.org/10.1016/j.isatra.2007.04.003

Abstract:The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

Lu Liu,Tong-Xiu Guo,Qi-Quan Wang

2008-01-01

Abstract:This paper introduces fuzzy comprehensive assessment method to safety assessment of aviation enterprises by using fuzzy math theory. The method establishs a multi-level safety system of assessment factors and combines qualitative and quantitative analysis method to determine the weight of assessment factors. Then the actual management of an aviation company is taken as an example, its systems are divided into several assessment modules; fuzzy Analytic Hierarchy Process (AHP) assessment is made, eigenvector of the safety level is used and the safety level is achieved. The application example shows that fuzzy comprehensive assessment method is highly feasible and has good results. It can be widely used in the safety assessment of the aviation enterprises.

Wang Min,Zhang Jun,Zhang Wei

DOI: https://doi.org/10.1145/3034950.3035008

2017-01-01

Abstract:Software project from the project beginning to the end of the research and development have a certain risk factors, for better risk control to ensure the normal conduct of for a software project and need to be risk assessment, thus risk avoidance, risk management. The core of the fuzzy comprehensive evaluation method, the key is using the processing method of membership grade function, cannot be determined by the factors of can into a quantitative analysis of mathematical variables, and then in the use of mathematical model of fuzzy analysis, quantitative analysis of the mathematical variables of related, implementation of uncertain risk factors affecting the mathematical quantification processing. Based on the complexity, fuzziness of a software development project, combining with an instance of the software development to select the main indicators affecting the project risk, using the analytic hierarchy process (ahp) to determine index weight at all levels, and fuzzy comprehensive evaluation method, carry out to evaluate the risk of a software development project, puts forward the fuzzy comprehensive evaluation method in the application of project management and research.

daozheng huang,hao hu,yizhou li

DOI: https://doi.org/10.3141/2273-14

IF: 1.7

2012-01-01

Transportation Research Record

Abstract:The maritime system has a high level of uncertainty, which makes it difficult to assess its safety. This paper proposes an improved formal safety assessment (FSA) method based on fuzzy logic and employing if-then rules, which model the qualitative aspects of human knowledge and reasoning processes. A fuzzy expert system is then designed to address FSA's risk assessment step. An investigation is performed to gain expert knowledge, which is essential to building this system. An example that assesses the safety of Chinese maritime passages is used to illustrate the methodology. The method is effective in the solution of problems with high uncertainty. Finally, suggestions are given to enhance the level of safety.

Yuankun Wang,Dong Wang,Jichun Wu,Xi Chen,Huiqun Ma,Guizuo Wang

DOI: https://doi.org/10.1080/10807039.2012.755096

2013-03-04

Abstract:Flood control engineering system risk assessment entails fuzziness. An assessment model is developed, based on the improved fuzzy comprehensive assessment method that developed a new index (Sfin ) to judge the assessment class. The model is used to assess the flood control engineering risk of a case in China. The results show that the proposed model in the present article can rationally determine the risk status of a flood control engineering system, and has higher resolution compared to the two conventional methods, fuzzy comprehensive assessment and matter-element model method. The proposed model is flexible and adaptable for determining flood control engineering system risk status.

Luo Cong,Yunsheng Zhao,Ke Xu

DOI: https://doi.org/10.1016/j.cjche.2023.12.014

IF: 3.8

2024-01-01

Chinese Journal of Chemical Engineering

Abstract:The technological revolution has spawned a new generation of industrial systems, but it has also put forward higher requirements for safety management accuracy, timeliness, and systematicness. Risk assessment needs to evolve to address the existing and future challenges by considering the new demands and advancements in safety management. The study aims to propose a systematic and comprehensive risk assessment method to meet the needs of process system safety management. The methodology first incorporates possibility, severity, and dynamicity (PSD) to structure the “51X” evaluation indicator system, including the inherent, management, and disturbance risk factors. Subsequently, the four-tier (risk point-unit-enterprise-region) risk assessment (RA) mathematical model has been established to consider supervision needs. And in final, the application of the PSD-RA method in ammonia refrigeration workshop cases and safety risk monitoring systems is presented to illustrate the feasibility and effectiveness of the proposed PSD-RA method in safety management. The findings show that the PSD-RA method can be well integrated with the needs of safety work informatization, which is also helpful for implementing the enterprise’s safety work responsibility and the government’s safety supervision responsibility.

engineering, chemical

Jia Guo,Yingkai Bao,Bin Yu,Zhian Zeng,Liangyi Wang,Chuangxin Guo

DOI: https://doi.org/10.1109/powercon.2014.6993773

2014-01-01

Abstract:Due to the popularity of intelligent electronic device and digital information transmission in intelligent substation, the security issues of the SAS have become increasingly prominent, it is necessary to carry out security risk assessment for the SAS. This paper proposed a methodology for the security risk assessment of the SAS, the function-based model (FBM) was proposed according to IEC 61850, by which the SAS could be decomposed into functions. Secondly, a method for calculating the function failure probability was presented, referring to information security risk assessment norms, function value was defined to measure the loss of function failure. Based on AHP (analytic hierarchy process, AHP), the transmission weights of function risk were calculated, to integrate function risk into system risk Based on the sensitivity analysis, the assessment and ranking for different parts of SAS are completed, and the weaknesses of SAS are found. Finally, Taking Tl-1 substation SAS system as an example, the feasibility and applicability of the proposed method was verified.

Alexey Poletykin

DOI: https://doi.org/10.1109/rusautocon.2018.8501811

2018-09-01

Abstract:The cyber security formula-based risk evaluation method is outlined for using SCADA in Industrial Control System (ICS) of Critical National Infrastructure (CNI) plants. The main feature of the method is taking into account not only information security methods but all safety and security and reliability measures available. Another feature concerns assets definition by means of explicit and hidden functions for which damage values from feasible cyber-attacks are estimated. The method deals with the scales of order. An example of the scale is proposed for damage and risk values. The essence of the method, its application domain restrictions, the stages of risk management addressed, key risk management concepts covered are described in the paper.

Ye Wei

Abstract:Analyzing the safety factors of the airport apron operational conditions and the likely causes leading to the common accidents, this paper is aimed to improve the safety hazards assessment index system of the airport apron so as to resolve the problems involved.In proceeding with our research,we have found six main factors that may influence the airport apron safety,that are:the safety situation of the installations and facilities of the airport,its safety conditions of the air defense security system,the management situation of the operational workers,the management situation of the airport coming-andgoing vehicles,the coordinative conditions of the commanding system, plus the integrated safety-controlling and managing situation. Taking into full account all the fuzzy factors affecting the airport apron safety,we have introduced the fuzzy integrated assessment theory into our study and established a safety hazards assessment system based on the above theory.In our system,we have applied the analytic hierarchy process(AHP)to define the weight-rating indicators.At the same time,we have introduced an index-scoring expert-evaluation software to assess the index hierarchy of the airport apron security, which helps us to obtain the membership grades of the index hierarchy. In addition,we have also worked out a fuzzy assessment matrix of each indicator in every index level,which helps to assess the safety hazards of the airport apron in a fuzzy integrated way.Thus,the system we have proposed has been tested and trial-used successfully through demonstrative examples,which proves to be effective and efficient in promoting an overall security hazard level inspection while evaluating the safety hazards of the airport apron.Besides,the management of the airport is also expected to prepare a specific reform program based on the evaluation results.

Engineering,Environmental Science

Yuankun Wang,Dong Wang,Huiqun Ma,Jichun Wu

2011-01-01

Abstract:Flood control engineering risk assessment entails fuzziness. An assessment model is developed, based on the improved fuzzy comprehensive assessment method, which developed the index (S-fin) by applying a quantifying method to the fuzzy comprehensive assessment. The model is used to assess the flood control engineering risk of a case in China. The results show that the proposed model in this paper can rationally determine the risk state of flood control engineering, and is more reliable.

Xiang GAO,Yue-fei ZHU,Sheng-li LIU,Jin-long FEI,Long LIU

2013-01-01

Abstract:Aiming at the complex in the process of network security risk assessment, the asset, vulnerability and threat were used as the major factors in security assessment to establish the hierarchical index system for security assessment. The concept of credibility was introduced, and the security risk assessment model and fuzzy reasoning algorithm based on fuzzy Petri net were also proposed, making use of fuzzy Petri nets method joined together with the AHP to analyze the question, and combining qualitative analysis and quantitative analysis together. The example analysis shows that the ob-tained results are more accurate and scientific compared with traditional assessment methods. Therefore, this method is an effective network system risk assessment method.

Kuan‐Chu Lu,I‐Hsien Liu,Zong‐Chao Liu,Jung‐Shian Li

DOI: https://doi.org/10.1049/ntw2.12127

2024-06-08

IET Networks

Abstract:SCADA systems are increasingly used to manage the operations of dams and reservoirs. Thus, to ensure the safety and efficiency of the water distribution system, it is essential to develop effective mechanisms for detecting and thwarting attacks to dam SCADA systems. Supervisory control and data acquisition (SCADA) systems are vital in monitoring and controlling industrial processes through the web. However, while such systems result in lower costs, greater utilisation efficiency, and improved reliability, they are vulnerable to cyberattacks, with consequences ranging from the inconvenience and minor disruption to severe physical damage and even loss of life. The authors evaluate the security of the Dam system in the form of Common Criteria, develop safety goals to improve this safety, and focus on threats and risks to the dam SCADA system. Finally proposes an anomaly‐based machine‐learning framework for detecting malicious network attacks in the SCADA system of a dam. Three unsupervised classification algorithms are considered: hierarchical clustering, local outlier factor, and isolation forest. It is shown that the hierarchical clustering algorithm achieves the highest precision and F‐score of the three algorithms. Overall, the results confirm the effectiveness of anomaly‐based detection algorithms in enhancing the robustness of SCADA systems toward malicious attacks. At the same time, it complies with the security objectives of Common Criteria, achieving the safety and protection of the dam.

Juncheng Jiang

2006-01-01

Abstract:Using scientific and right assessing means to analyze the risk level of industry hazardous chemical materials road transportation has very important practical meaning to improve the level of safety management on road transportation.Semi-quantivative assessment approach and procedure of fuzzy mathematics were adopted to assess the risk of hazardous chemical materials road transportation.FTA was combined to confirm the accident possibility grade.The mathematic computation model was combined with the fuzzy mathematics for accident consequence grade,which includes personnel loss,property loss,impact area,environment contamination and credit standing loss.An integrated risk assessment system of hazardous chemical materials road transportation was founded. An example was shown to demonstrate the feasibility of this method.

Ye Lin,Wei-Min Cui,Bifeng Song

DOI: https://doi.org/10.1109/icqr2mse.2011.5976699

2012-01-01

Abstract:For quantitatively and comprehensively assessing the safety of interior weapon cabin's door(ICWD),this paper present s a brief introduction of the basic theory of FAHP and build a mathematical model of fuzzy analytic hierarchy process, then give the building method of fuzzy complementary judgment matrix, the formula of weight and consistency check. According to the main factors affecting coal mine safety, a multilevel assessment index system with first-layer of five factors including environment, technology, working time and management and second-layer of twelve factors was established with consideration on the characteristics of coalmine accidents. A comprehensive safety evaluation model of ICWD was proposed through using the method of fuzzy analytic hierarchy process (FAHP) and fuzzy comprehensive evaluation mode1. The application in the use of the ICWD proved the validity of this method.

WANG Yi,FEI Hong-xiao,JIANG Ping

DOI: https://doi.org/10.3969/j.issn.1007-130x.2006.09.002

2006-01-01

Abstract:Based on the analysis of the factors that affect information security risks,a hierarchical information security assessment model is established.A risk analysis method based on fuzzy AHP is proposed to evaluate risks.This method adopts the triangular fuzzy number to represent the experts' judgment matrix of risk factors based on group decision,and uses AHP to handle these risk factors,thus provides reasonable data for decision-making.

Mingshun LIU,Lijin ZHAO,Liang HUANG,Cheng LIN,Huaying SU,Zhijun LONG,Yang LIU,Siying ZHANG,Xiaowei ZHANG

DOI: https://doi.org/10.14188/j.1671-8844.2017-05-015

2017-01-01

Abstract:Power system risk includes two aspects:the probability of the accident and the severity of the consequences.In terms of consequence severity,the AC optimal load shedding model is established based on the interior point method;the amount of load loss severity index is defined and consequence severity is ranked according to membership function.In the aspect of failure rate,fuzzy C means clustering is used to realize fuzzy partitioning;and the fuzzy evaluation vector is constructed based on fuzzy comprehensive evaluation method.Finally,according to the maximum membership principle,power system risk level is output.Taking the IEEE-RTS79 reliability test system as an example,the results show that the proposed method can evaluate the power grid risk level accurately and effectively under different faults,identify key link of the system and provide a theoretical basis for the differentiation operation and maintenance.

Shu ZHANG,Xiu-zhi SHI,Gang-hai HUANG

DOI: https://doi.org/10.3969/j.issn.1009-6094.2010.06.051

2010-01-01

Applied Mechanics and Materials

Abstract:With the aim of choosing the best safety management system, this work has constructed an evaluation index system applied in safety management system for the first time. This index system contains 13 second indexes which including temporary and long-term, fix and non-fix quantified influencing factors working on the safety management system. AHP (analytical hierarchy process) and the fuzzy comprehensive evaluation method have been briefly introduced. Firstly, the weight matrix of the influencing factors was established according to the AHP method. The influencing factor indexes were then transformed into the matrix of membership degrees. Duality element relative comparison method was adopted to assure the relative weight between two non- quantitative elements. Based on the weight matrix and the matrix of membership degrees, a fuzzy comprehensive evaluation model was established. By using MATLAB 7.1 for all calculation steps, the synthetic superior degrees of the safety management system were acquired based on the influencing factors. In the end, the primary analysis progress and results were introduced in an organization for validation. The synthetic superior degrees of the safety management system for the organization were 90.66%, 53.42% and 84.29% respectively showing that the first system appeared to be the best. The study has exhibited that the model is feasible, reliable and it has a high value of practical application.

尚鸿雁,董千里,王旭坪,刘小东

DOI: https://doi.org/10.3969/j.issn.1671-6248.2009.01.005

2009-01-01

Abstract:Risk evaluation and early warning for hazardous material transportation are important means in decreasing risk and accident probability.In this paper,three factors such as the unsafe behaviors of people,the unsafe statuses of hazardous materials and their loading equipment,the frangibility and the unsafe conditions of environment are discussed.The index system and fuzzy comprehensive assessment model of the risk assessment and early warning are established based on analytic hierarchy process and fuzzy comprehensive evaluation method.In order to fulfill early warning according to different risk ranks,each risk state has been analyzed through a 3-dimension frame model.The sample study shows that various factors,which is related to hazardous materials transportation,have been contained and described in this index system,and security state of the transporting enterprise has been evaluated objectively and truly by this assessment model.