A modeling language and a quantitative evaluation approach to the security of power information systems are presented. A security architecture design trace language is first worked out to uniformly describe the system structures, services, security policies, attack behaviors and countermeasures. Then an automated risk analyzing algorithm is proposed to obtain the attack traces of the power information system. And based on the concept of the relative security degree, the security architecture can be quantitatively evaluated. Finally, with a case study in an actual power information system, the effectiveness of the approach proposed is demonstrated. In practice, the approach can be employed for assessing various kinds of countermeasures, such as increasing a new security function, adjusting system self-structure, and changing customer operation requirements. And it can greatly reduce the subjectivity of countermeasure selection.

• 出版日期2005
• 单位清华大学