机载系统安保风险评估方法

计算机工程与应用 ›› 2013, Vol. 49 ›› Issue (16): 232-235.

机载系统安保风险评估方法

张双，孔德岐，李晓东

中航工业西安航空计算技术研究所，西安 710068

出版日期:2013-08-15 发布日期:2013-08-15

Security risk assessment methodology for airborne system

ZHANG Shuang, KONG Deqi, LI Xiaodong

Aeronautical Computing Technique Research Institute, Xi’an 710068, China

Online:2013-08-15 Published:2013-08-15

摘要/Abstract

摘要： 针对影响民用飞机机载系统安全的信息安保威胁问题，通过研究ISO27005和航空工业标准，提出了一种适用于机载系统的安保风险评估方法。该方法基于威胁条件和威胁场景进行系统脆弱性分析，并结合传统的飞机安全性分析方法与安保风险评估方法，提出一套可量化的风险值计算方法。通过关系矩阵在安全性与安保等级间建立了相关性，为系统需求和架构设计提供了依据。实例验证结果表明，该方法能提供正确与可信的机载系统安保风险评估数据。

关键词: 机载系统, 安保风险评估, 威胁条件, 风险预测, 安保等级

Abstract: Aimed at the issues of information security threat which impact on safety of commercial aircraft airborne system, this paper proposes a security risk assessment methodology for airborne system by studying ISO/IEC27005 which is a standard for information security management and some relational?aviation industry standards. It is advanced to use threat condition and threat scenario for system vulnerability assessment. Through combining traditional aircraft safety assessment methods and security risk evaluation methods, a set of quantitative risk estimation algorithms is proposed. Through relational matrix the relativity between safety and security level is built, and the basis for system’s requirement and architecture design is provided. According to the case results, the methodology can provide veracity and reliability airborne system security assessment data.

Key words: airborne system, security risk assessment, threat condition, risk estimate, security level

张双，孔德岐，李晓东. 机载系统安保风险评估方法[J]. 计算机工程与应用, 2013, 49(16): 232-235.

ZHANG Shuang, KONG Deqi, LI Xiaodong. Security risk assessment methodology for airborne system[J]. Computer Engineering and Applications, 2013, 49(16): 232-235.

[1]	游运，万常选，江腾蛟. 考虑社会网络关系的P2P借贷项目违约风险预测[J]. 计算机工程与应用, 2021, 57(13): 239-245.
[2]	梁书彤，郭茂祖，赵玲玲. 基于机器学习的医疗决策支持系统综述[J]. 计算机工程与应用, 2019, 55(19): 1-11.
[3]	王翔，郑建国，王玉玲. 蚁群化学聚类在工程项目风险预测中的应用研究[J]. 计算机工程与应用, 2011, 47(2): 239-241.