Decision-making is a key component of industrial control system (ICS) security. However, due to the stability and real-time requirements of ICSs, current decision-making approaches typically designed for IT systems are not entirely suitable for ICSs. In this paper, with consideration of the characteristics of ICSs, a risk-based multistep dynamic decision-making approach for protecting ICSs is proposed. Following this proposal, multiple models, including multilayer Bayesian network, process model, and attack-defense strategy model are built first. On this basis, a state controller is designed to ensure the safe degradation/upgradation of ICSs. Finally, a game theory-based optimal defense strategy generation approach is presented. To verify the effectiveness of the proposed approach, a simulation on a simplified chemical reactor control system is conducted in MATLAB. The simulation results clearly demonstrate that the proposed dynamic decision-making approach has the ability to generate the optimal defense strategy to minimize system loss.

• 出版日期2020-10
• 单位华中科技大学