Approach of Risk Assessment for Railway Critical Information Infrastructure Based on Fuzzy Analytic Hierarchy Process

Abstract

With the deepening and implementation of China's network power strategy, critical information infrastructure has become increasingly prominent in social development. In China's national cyberspace security strategy, the protection of critical information infrastructure is proposed. Besides, it also declaims that national critical information infrastructures include the information infrastructures that are related to national security, national welfare and people's livelihood. Once the critical information infrastructure is damaged or partly function, that may seriously endanger national security and public interests. It is vitally critical to protect critical information infrastructure from being damaged. At present, the risk assessment system of critical information infrastructure needs to be improved. For the critical information infrastructure, there is a lack of the risk assessment method, which is to evaluate the effectiveness of security measures. To satisfy the requirements for security assurance of critical information infrastructure, a static risk assessment model is established and a risk assessment method based on fuzzy analytic hierarchy process (AHP) is proposed for critical information infrastructure. In this paper, the proposed risk assessment is evaluated in practical system and the proposed assessment method is also verified. The result shows the validity of the proposed model and risk assessment method.