A novel intelligent assessment method for SCADA information security risk based on causality analysis

Abstract

At present, the oil and gas SCADA system is facing severe information security threats, and the information security assessment for the existing SCADA system is an important response measure. In order to solve the problem that the standard of information security assessment of industrial control system are not perfect and the evaluation objects are fuzzy, this study put forward a novel method of oil and gas SCADA security assessment based on causality analysis. Firstly, defense security assessment technology route with pre-defense,post-defense was introduced and the evaluation indexes were mapped to the pre-defense and post-defense factors, and the pre-defense and post-defense scoring tables for oil and gas SCADA system information security were developed, the evaluation factors were formed as causality diagram table; then the factor space theory was used to evaluate and model the information security of oil and gas SCADA system, and the model was formally described. Finally causality analysis evaluation method of fuzzy Mamdani reasoning was adopted to evaluate factors neurons in the proposed model. The results show that the average accuracy of the causality analysis and the decision tree algorithm is 92.06 and 91.45% respectively. The causality analysis method based on factor space has a good effect on SCADA information security assessment. The conclusions of this study can not only be applied to oil and gas SCADA security risk assessment, but also provide a reference for other industry security assessment.