关键词: 信息物理融合系统, 舰艇系统, 脆弱性评估, 工作流模型, 层次分析法

Abstract: Warship system is a typical cyberphysical system. The characteristics of the fusion of cyber part and physical part of warship system needs to be fully considered during the security vulnerability assessment. In this paper, a workflow based vulnerability assessment method for security of the warship system is proposed after analyzing the security issues of the warship deeply and studying the principle of workflow. In detail, A workflow based vulnerability assessment model is established for the business process which is to be evaluated. Further, the composition of equipment that performs the workflow task and the vulnerability of the equipment are analyzed, respectively. And then, the security vulnerability of the equipment is evaluated by analytic hierarchy process (AHP) method. According to the logical relationship between workflow tasks and the results of vulnerability assessment of equipment, the security vulnerability of the workflow tasks is evaluated, and finally the security vulnerability of the business process is evaluated.

Key words: cyberphysical system, warship system, security vulnerability assessment, workflow model, analytic hierarchy process