CAJ | 학술논문

电力行业是关系到国计民生的基础性行业。为防范电力信息系统风险，提出了一种基于概率模型的多因素风险量化方法。通过全面考虑资产、威胁、脆弱性、已有的安全防护措施等因素的内在关系，能够更准确评估安全风险；通过概率模型将资产风险量化为整体系统的风险，能够更准确地体现风险的含义。实际运行结果表明，该方法能够有效评估电力系统信息安全工作水平。
전역행업시관계도국계민생적기출성행업。위방범전력신식계통풍험，제출료일충기우개솔모형적다인소풍험양화방법。통과전면고필자산、위협、취약성、이유적안전방호조시등인소적내재관계，능구경준학평고안전풍험；통과개솔모형장자산풍험양화위정체계통적풍험，능구경준학지체현풍험적함의。실제운행결과표명，해방법능구유효평고전력계통신식안전공작수평。
The electric power industry is a fundamental industry to the country's economy and the people's life. To reduce the security risk in electric information system, this paper proposes a multivariate risk quantization algorithm based on probabilistic model. By comprehensively considering the inherent relationship among between asset, threat, vulnerability and existing security safeguard, the security risk could be assessed more accurately, and through probabilistic model, the individual asset's risk is quantized as the risk of the whole system, thus to more accurately reflect the implication of the risk. Actual operation results show that this method could effectively assess the level of information security in electric power information system.