- ISSN 0258-2724
- CN 51-1277/U
- EI Compendex
- Scopus
- Indexed by Core Journals of China, Chinese S&T Journal Citation Reports
- Chinese S&T Journal Citation Reports
- Chinese Science Citation Database
| Citation: | LI Hongzhe, YAN Lianshan, CHEN Jianyi, LI Saifei, XU Sirun. Risk Assessment Method of High-Speed Railway Signal Systems Based on Threat Analysis[J]. Journal of Southwest Jiaotong University, 2022, 57(6): 1334-1341. doi: 10.3969/j.issn.0258-2724.20210113
|
High-speed railway signal system is a key infrastructure to ensure the safety operation of trains. Once the equipment or system functional failure happens, it could easily lead to safety accidents. To this end, a fuzzy comprehensive evaluation method is proposed for risk assessment of the high-speed railway signal system from the perspective of functional safety. Based on the improvement of fuzzy comprehensive evaluation and analytic hierarchy process (AHP), this method strengthens the system in terms of threat scenario analysis, and establishes the coupling relationship of risk factors in respective scenarios. Firstly, forty-four threat scenarios of five categories are analyzed, which affects traffic safety in railway signal systems. A hierarchical structure is constructed with system functional safety accidents as the analysis criterion layer and threat classification as the factor layer. Then the weight of each element in the structure is determined according to the subjective evaluation, and a comprehensive risk assessment is performed with the expert system. In addition, the weights of each level and factor can be adjusted dynamically according to the change of risk value of each scenario, making the evaluation result more practical and forming a mapping relation between security risks and signal services. In the evaluation of real operation data of a certain passenger dedicated line, the signal system risk level is relatively low, and evaluation results are basically consistent with other method, which verifies the effectiveness of the proposed method.
| [1] |
李赛飞,闫连山,李洪赭,等. 铁路通信网络安全的分析测试与可信防御研究[J]. 西南交通大学学报,2018,53(6): 1130-1136,1149. doi: 10.3969/j.issn.0258-2724.2018.06.006
LI Saifei, YAN Lianshan, LI Hongzhe, et al. Analysis and testing of network security for China railway communication networks and proposed architecture based on trusted computing[J]. Journal of Southwest Jiaotong University, 2018, 53(6): 1130-1136,1149. doi: 10.3969/j.issn.0258-2724.2018.06.006
|
| [2] |
SCAIFE N, TRAYNOR P, BUTLER K. Making sense of the ransomware mess (and planning a sensible path forward)[J]. IEEE Potentials, 2017, 36(6): 28-31. doi: 10.1109/MPOT.2017.2737201
|
| [3] |
PARASKEVAS A. Cybersecurity in travel and tourism: a risk-based approach[M]//Handbook of e-Tourism. Blacksburg: Print ISBN, 2020.
|
| [4] |
LYONS K. 10,000 UK railway users had details leaked by free Wi-Fi provider[EB/OL]. (2020-03-02) [2020-03-02]. https://www.theverge.com/2020/3/2/21161387/ uk-railway-stations-free-wi-fi-exposed-london-bridge.
|
| [5] |
DENG X H, WANG R, XU T. Risk assessment of tunnel portals in the construction stage based on fuzzy analytic hierarchy process[J]. Archives of Civil Engineering, 2018, 64(4): 69-87. doi: 10.2478/ace-2018-0045
|
| [6] |
SPANIDIS P M, ROUMPOS C, PAVLOUDAKIS F. A fuzzy-AHP methodology for planning the risk management of natural hazards in surface mining projects[J]. Sustainability, 2021, 13(4): 1-23.
|
| [7] |
AYYILDIZ E, TASKIN GUMUS A. Pythagorean fuzzy AHP based risk assessment methodology for hazardous material transportation:an application in istanbul[J]. Environmental Science and Pollution Research, 2021, 28(27): 35798-35810. doi: 10.1007/s11356-021-13223-y
|
| [8] |
WU X P, FU Y, WANG J S. Information systems security risk assessment on improved fuzzy AHP[C]//2009 ISECS International Colloquium on Computing, Communication, Control, and Management. Sanya: IEEE, 2009: 365-369.
|
| [9] |
龚斯谛,王磊. 基于AHP与信息熵的工控系统信息安全风险评估研究[J]. 工业控制计算机,2017,30(4): 11-12,15. doi: 10.3969/j.issn.1001-182X.2017.04.005
GONG Sidi, WANG Lei. Cyber security risk assessment for industrial control system based on AHP and information entropy[J]. Industrial Control Computer, 2017, 30(4): 11-12,15. doi: 10.3969/j.issn.1001-182X.2017.04.005
|
| [10] |
郑晓波. 基于AHP的铁路信息系统风险评价指标体系[J]. 中国安全科学学报,2020,30(增1): 139-145.
ZHENG Xiaobo. Research on risk evaluation index system of railway information system based on AHP[J]. China Safety Science Journal, 2020, 30(S1): 139-145.
|
| [11] |
WANG H W, NI M M, GAO S G, et al. A resilience-based security assessment approach for railway signalling systems[C]//Proceedings of the Chinese Control Conference. Wuhan: [s.n.], 2018: 25-27.
|
| [12] |
YI S W, WANG H W, MA Y Y, et al. A safety-security assessment approach for communication-based train control (CBTC) systems based on the extended fault tree[C]//2018 27th International Conference on Computer Communication and Networks (ICCCN). Hangzhou: IEEE, 2018: 1-5.
|
| [13] |
付淳川,王小敏,张文芳,等. 基于组件安全属性的列控中心信息安全风险评估方法[J]. 铁道学报,2017,39(8): 77-84. doi: 10.3969/j.issn.1001-8360.2017.08.011
FU Chunchuan, WANG Xiaomin, ZHANG Wenfang, et al. A component security attribute model driven information security risk assessment approach for train control center[J]. Journal of the China Railway Society, 2017, 39(8): 77-84. doi: 10.3969/j.issn.1001-8360.2017.08.011
|
| [14] |
张曙光. CTCS-3级列控系统总体技术方案[M]. 北京: 中国铁道出版社, 2008.
|
| [15] |
孙宏才, 田平, 王莲芬. 网络层次分析法与决策科学[M]. 北京: 国防工业出版社, 2011.
|
| [16] |
国家市场监督管理总局, 中国国家标准化管理委员会. 信息安全技术 网络安全等级保护测评要求: GB/T 28448—2019[S]. 北京: 中国标准出版社, 2019.
|
| [17] |
MELL P, SCARFONE K, ROMANOSKY S. Common vulnerability scoring system[J]. IEEE Security & Privacy, 2006, 4(6): 85-89.
|
| [18] |
李赛飞,闫连山,郭伟,等. 高速铁路信号系统网络安全与统一管控[J]. 西南交通大学学报,2015,50(3): 478-484,503. doi: 10.3969/j.issn.0258-2724.2015.03.015
LI Saifei, YAN Lianshan, GUO Wei, et al. Analysis of network security for Chinese high-speed railway signal systems and proposal of unified security control[J]. Journal of Southwest Jiaotong University, 2015, 50(3): 478-484,503. doi: 10.3969/j.issn.0258-2724.2015.03.015
|
| [19] |
闫连山, 郭伟, 崔允贺, 等. 一种提高RSSP-II协议安全性的改进方案: 中国, CN104135469A[P]. 2014-11-05.
|
Figures(3) / Tables(3)
DownLoad:
