[go: up one dir, main page]

CN113688396A - An automatic system for risk assessment of automobile information security - Google Patents

An automatic system for risk assessment of automobile information security Download PDF

Info

Publication number
CN113688396A
CN113688396A CN202110928931.8A CN202110928931A CN113688396A CN 113688396 A CN113688396 A CN 113688396A CN 202110928931 A CN202110928931 A CN 202110928931A CN 113688396 A CN113688396 A CN 113688396A
Authority
CN
China
Prior art keywords
risk assessment
engine
assessment
information security
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110928931.8A
Other languages
Chinese (zh)
Inventor
于海洋
冀浩杰
刘赞
孙文举
王春阳
任毅龙
张晨玺
付兴坤
郭斌
于浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Taian Beihang Science Park Information Technology Co ltd
Original Assignee
Taian Beihang Science Park Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taian Beihang Science Park Information Technology Co ltd filed Critical Taian Beihang Science Park Information Technology Co ltd
Priority to CN202110928931.8A priority Critical patent/CN113688396A/en
Publication of CN113688396A publication Critical patent/CN113688396A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/40Business processes related to the transportation industry

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Economics (AREA)
  • General Physics & Mathematics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Physics & Mathematics (AREA)
  • Tourism & Hospitality (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Marketing (AREA)
  • Computer Hardware Design (AREA)
  • General Business, Economics & Management (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Software Systems (AREA)
  • Educational Administration (AREA)
  • Development Economics (AREA)
  • Game Theory and Decision Science (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明提供汽车信息安全风险评估自动化系统,本系统时刻跟进最新汽车信息安全标准ISO21434,提供一种构建汽车风险评估模型的在线设计引擎;提供一种风险评估项目权限管理引擎,结合系统自身的用户管理,实现对风险评估项目的权限管理;提供一种基于Flowable的汽车信息安全风险评估自动化工作流引擎;提供一种汽车信息安全风向评估项目敏捷管理引擎,实现协同工作、待办事项、进度跟踪、版本管理;提供一种高性能和高可靠的分布式文件存储引擎;提供一种快捷的风险评估系统报表与报告导出引擎;提供一种可视化日志分析引擎,实现系统故障的快速定位与提出解决方案。

Figure 202110928931

The invention provides an automatic system for risk assessment of automobile information security. The system keeps up with the latest automobile information security standard ISO21434, provides an online design engine for building an automobile risk assessment model, and provides a risk assessment project authority management engine, which combines the system's own User management to realize authority management of risk assessment projects; provide an automated workflow engine for automotive information security risk assessment based on Flowable; provide an agile management engine for automotive information security wind direction assessment projects to achieve collaborative work, to-do items, and progress Tracking and version management; provides a high-performance and highly reliable distributed file storage engine; provides a fast risk assessment system report and report export engine; provides a visual log analysis engine to quickly locate and propose system faults solution.

Figure 202110928931

Description

Automobile information safety risk assessment automation system
Technical Field
The invention relates to the field of risk assessment, in particular to an automatic system for automobile information safety risk assessment.
Background
In the past, the automobile industry has applied a large number of digitization technologies to the aspects of cooperative work, design development, sales, service and the like, and information security construction has hardly been implemented around automobiles in the past.
With the intellectualization and networking of automobiles, the information risk in the intelligent networking automobile is more and more. In order to effectively reduce the safety risk, the risk assessment of the whole intelligent networked automobile or parts is very important.
Meanwhile, due to the relative sealing of the production environment and the physical environment, the shortage of the automobile information safety risk assessment tool in the domestic industry is seen, so that an information safety risk assessment tool is urgently needed in the prior art.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a practical and convenient automobile risk assessment automation system, which improves the efficiency of automobile information safety risk assessment work, realizes the automation of the assessment work and improves the correctness of an assessment result.
In order to achieve the purpose, the invention provides the following technical scheme: the utility model provides an automobile information safety risk assessment automation system which characterized in that: the method comprises the following steps:
the online design engine of the automobile risk assessment model is used for realizing the construction of a data model for an assessment product or service;
the automobile information security risk assessment authority management engine is used for realizing authority management of different granularities of risk assessment items by combining user management of a system;
the automobile information security risk assessment automation workflow engine based on Flowable is used for automating a risk assessment business process through a BPMN2.0 process modeling language;
the agile management engine for the automobile information safety wind direction assessment project is used for dividing the responsibility of team members, allocating special personnel to take charge for each stage of risk assessment, and performing all assessment work cooperatively;
the distributed file storage engine is used for dividing the data types of the risk assessment system into structured data and unstructured data and storing the structured data and the unstructured data, wherein the structured data of the system is stored in a MySQL database and is subjected to master-slave replication and read-write separation, so that high reliability of database storage and high-performance read-write of the database are realized; the system unstructured data is stored in a distributed file system;
the risk assessment system report engine is used for carrying out stage statistical analysis and graphical display on a risk assessment process, generating an assessment report, and finally generating and exporting a risk assessment report;
and the visual log analysis engine is used for collecting the system logs, filtering and extracting the system logs, analyzing and visually displaying the system logs, and realizing quick positioning of system faults and proposing a solution.
As a further improvement of the invention, the data model constructed by the online design engine of the automobile risk assessment model comprises:
the various types of graphic modules are used for drawing UML, a user diagram, a data flow diagram and BPM;
the automobile information safety icon set module comprises a interest related party, a connecting line and an automobile part icon set;
the figure setting module is used for adjusting the size, the figure rotation, the proportion adjustment and the mouse dragging;
the text setting module is used for supporting rich fonts, color setting, size adjustment and position movement;
the canvas configuration module is used for adjusting the size of the canvas, the background color and the inner edge distance, the scaling and the automatic adjustment of the canvas according to the size;
the intelligent connection module is used for quickly connecting the line graph and automatically attaching the connecting line to the graph along with the movement of the graph;
the global style module is used for realizing that a newly added graph can reuse the style of the last graph and supporting the copying and pasting operations of the style;
the import and export module is used for supporting various types of import and export file formats;
the cloud storage function module is used for integrating the functions of part of the cloud network disks and realizing real-time storage and sharing functions;
and the business linkage module is used for performing activity association with the risk assessment process, providing convenient assessment operation in the diagram and improving the assessment efficiency.
As a further improvement of the invention, when the automobile information security risk assessment authority management engine is used for user management, user roles are firstly allocated and divided into an information security assessment engineer, a service/function development engineer, an information security test engineer, a security solution engineer and a risk assessment work acceptance check worker, and then corresponding authorities are divided according to the user roles.
As a further improvement of the invention, the risk assessment business process of the Flowable-based automobile information security risk assessment automation workflow engine comprises the steps of case modeling, asset assessment, damage identification, threat scene identification, attack path analysis, risk handling, security target and security requirement, abstracting and drawing a standard flow chart, determining trigger events, trigger conditions and gateways among all stages, appointing gradual circulation according to flow definition through the Flowable flow engine, and recording the project execution process.
As a further improvement of the invention, the data storage bottom layer of the distributed file storage engine adopts an optimized distributed file system, and realizes reliable storage and safe storage of data storage through an erasure code and multi-copy backup mixed strategy.
As a further improvement of the invention, the statistical types of the risk assessment system report engine comprise asset identification statistics, damage scene statistics, threat scene statistics, attack path statistics, risk disposition statistics and safety requirement statistics, the assessment report type of the engine comprises an asset report, a damage report, a threat report, an attack feasibility report, a risk disposition report, a safety target and a safety requirement report which can be generated, and the file export type of the engine comprises XML, Word and PDF.
As a further improvement of the invention, the visual log analysis engine comprises a log collection module, a log transmission module, a log storage module, a log analysis module and an alarm prompt module.
The method has the advantages that the data model can be effectively constructed through the setting of the online design engine of the automobile risk assessment model, then the user is effectively managed through the automobile information security risk assessment authority management engine, the automation of the assessment business process is realized through the Flowable-based automobile information security risk assessment automatic workflow engine, the responsibility division of team members is realized through the setting of the automobile information security wind direction assessment project agility management engine, so that all assessment works are carried out in a coordinated mode, the files can be simply and effectively stored and the assessment report forms can be generated through the setting of the distributed file storage engine, the risk assessment system report engine and the visual log analysis engine, and the rapid positioning and the solution can be realized when the system fails
Drawings
FIG. 1 is a block diagram of an automated system for security risk assessment of automotive information in accordance with the present invention;
FIG. 2 is a functional architecture diagram of a risk assessment model;
fig. 3 is a schematic diagram of a technical architecture of a risk assessment model.
Detailed Description
The invention will be further described in detail with reference to the following examples, which are given in the accompanying drawings.
Referring to fig. 1 to 3, an automatic system for evaluating automobile information security risk according to the present embodiment mainly includes the following aspects.
In a first aspect, an online design engine for constructing an automobile risk assessment model. And performing secondary development based on an open source UML modeling tool Drawio to realize the construction of a data model for the evaluation product or service. The method mainly comprises the following steps:
a set of automotive information security icons including a stakeholder graphic representation, a connecting line graphic representation, an automotive part graphic representation, and the like;
setting a graph, adjusting the size, rotating the graph, adjusting the proportion, dragging the mouse and the like;
text setting, which supports rich fonts, color setting, size adjustment, position movement and the like;
canvas configuration, namely adjusting the size of the canvas, the background color and the inner edge distance, and zooming and automatically adjusting the canvas according to the size;
intelligent connection, namely, a quick connection line graph and a connection line automatically attach to each other along with the graph movement;
the global style, the newly added graph can reuse the style of the last graph, and the copy and paste operation of the style is supported;
various figures can be drawn, such as UML, use case diagram, data flow diagram, BPM and the like;
importing and exporting, and supporting various types of formats PNG, JPG, SVG, PDF, HTML, VSDX, CSV and the like;
the cloud storage function integrates the functions of part of the cloud network disk, such as the connection with a Baidu network disk and an Onedrive, and utilizes the storage characteristics and the real-time storage function of the software;
business linkage, wherein the business linkage is in activity association with a risk assessment process, and convenient assessment operation is provided in a diagram, such as asset identification, damage and threat scene addition, attack path addition, risk handling strategy selection and the like;
in a second aspect, an automobile information security risk assessment authority management engine is provided. And the service authority management of the risk assessment system is realized by combining the user and the authority management of the system.
The system user roles are 5 in total, and can be divided into the following details: information security assessment engineers, business/function development engineers, information security tests, security solution engineers, risk assessment work acceptance personnel.
The user & authority management function implements management of system users, including inquiry, addition, modification, deletion, etc. of user information. The common user can inquire the user attribute of the common user, modify the user password, bind the mobile phone number and other information. The administrator user has the highest authority and can manage the ordinary users. And the user management allocates different use authorities according to different user roles. Different user roles correspond to different service permissions.
And the service authority management mainly comprises project authority and process authority management. In the process of the risk assessment project, the authority to be allocated at the current stage can be determined according to the role of the user, and the method comprises the following steps: read-only permissions, read/write permissions, delete permissions, etc. And the staff in charge of the assessment work at each stage of risk assessment can synchronously carry out risk assessment. And the evaluation work of other stages is not disturbed. Meanwhile, the specific authority of the personnel participating in the evaluation at a certain stage of risk evaluation can be configured according to the project requirements, and the project-level authority management is realized.
In a third aspect, an automatic workflow engine for automobile information security risk assessment based on Flowable.
Through BPMN2.0 process modeling language, risk assessment business process comprises: use case modeling, asset assessment, damage identification, threat scenario identification, attack path analysis, risk handling, security objectives and security requirements, and the like. Abstracting into a standard flow chart, triggering events, triggering conditions, gateways and the like among all phases. And (4) utilizing a Flowable flow engine to appoint gradual circulation according to flow definition, so as to realize automation of the risk assessment workflow. The related process is as follows:
firstly, an assessment engineer creates a risk assessment project and inputs information such as project name, project type and creator;
secondly, providing a data flow graph and a project document required by evaluation by an evaluation engineer through uploading and online design;
thirdly, the assessment engineer identifies assets and confirms related safety attributes;
fourthly, the assessment engineer identifies a damage scene and a threat scene;
fifthly, evaluating an engineer cooperative business/function development engineer, analyzing S/F/O/P influence, and automatically generating an influence grade;
meanwhile, a cooperative test engineer analyzes an attack path and determines an attack feasibility level;
and sixthly, automatically generating a risk grade according to the influence grade and the attack feasibility grade.
Seventhly, jointly determining a risk disposal strategy by an assessment engineer and a test engineer in cooperation with a solution engineer;
eighthly, determining a safety target and safety requirements by the evaluation engineer in cooperation with other engineers;
ninthly, performing overall evaluation acceptance by the acceptance staff in cooperation with other engineers;
the fourth aspect provides an agile management engine for automobile information security risk assessment, which realizes cooperative work, backlog, progress tracking and version management.
And in cooperation, the evaluation team members can cooperatively carry out risk evaluation work in different stages of different evaluation projects and projects in the system. The responsibility division can be carried out on the team members, and special personnel are allocated to take charge of each stage of risk assessment, and each assessment work is carried out cooperatively by assessment personnel, business/function developers, testing personnel and solution personnel. Meanwhile, the assessment team can simultaneously develop a plurality of risk assessment projects, and the plurality of projects are carried out synchronously.
The backlog is used, the daily backlog list is updated by using intelligent personalized suggestions, backlog tasks can be subdivided into simple steps, expiration dates are added, and daily list reminders are set. Sharing of the to-do task list with team members is supported.
And tracking progress, and counting the progress condition of the project, including work task amount, completed condition, work time consumption and the like. Progress is made for the project population and team members. And graphically displaying through modes such as a burnout chart and the like so as to control the project progress for project responsible persons.
Version management, which records and maintains the evaluation process of the risk evaluation item, and comprises the following functions: initializing operations, creating, committing, undoing, viewing commit history, branching and tagging, and the like. The relevant operations are as follows:
1. creating a version library, and creating the new version library for the current project in the version management service when creating the new project;
2. submitting a stage evaluation result, generating data such as related asset data and threat scenes after the risk evaluation work is carried out, and uploading the data to a version management service project warehouse;
3. canceling submission, namely canceling the last submitted content and needing to restore the previous version;
4. viewing historical record information submitted by the project, including a submitter, a modification position, a modification result and the like;
5. the system comprises branches and labels, wherein different branches are created for a current project, and as the iteration model of a money product, the branches can be used for management and the different branches can be labeled;
in a fifth aspect, a high performance and high reliability distributed file storage engine is provided. The data types of the risk assessment system can be divided into structured data and unstructured data. The system structured data is stored in a MySQL database; the system unstructured data is stored in the underlying distributed file system.
Structured data is mainly written into a MySQL database cluster by calling a background writing interface from the front end and starting through a JDBC database. MSQL cluster configuration master-slave copy and read-write separation, improve reliability and performance of the database; the system unstructured data is mainly pictures and project related development documents. The data is stored in a distributed file system, and the MySQL database stores the storage path of the picture.
The distributed file storage adopts a distributed file system and a general storage server, and has the advantages of high expansion, easy operation and maintenance and the like. High expansion, no restriction of a traditional centralized storage controller, and linear increase of capacity expansion performance; and unified management of multi-type file objects is supported. Supporting heterogeneous storage, the SSD and the mechanical hard disk can be used simultaneously, and an independent hard disk identifier can be established for the hard disk to specify data to be stored to a specific magnetic disk.
And in a sixth aspect, a fast risk assessment system reporting engine is provided. And performing stage statistical analysis on the risk assessment process, generating an assessment report and a visual display, and finally generating and exporting the risk assessment report.
The statistical types include: carrying out asset identification statistics, wherein different types of assets are counted; carrying out damage scene statistics, and carrying out statistics on different influence levels; threat scene statistics, wherein different threat types are counted; carrying out attack path statistics, and carrying out statistics on different attack feasibility; risk disposal statistics, which is to perform statistics on different risk levels and risk disposal strategies, and the like; and 4, safety requirement statistics, wherein statistics is carried out on different safety requirement distributions.
According to the statistical result, graphical display support is carried out, various graphs such as a histogram and a pie chart are displayed, and the statistical information of the project is displayed more visually.
In the asset evaluation stage, a project asset report can be exported; in the damage scene analysis stage, a project damage scene report can be exported; a threat scene analysis stage, which can derive an item threat scene report; an attack path analysis stage, which can derive an attack path report; in the risk disposal stage, a risk disposal report can be led out; in the safe target stage, a safe target report can be exported; in the safety requirement stage, a safety requirement report can be exported; and finally generating and exporting a risk assessment report.
In a seventh aspect, a visual log analysis engine is provided, which collects, analyzes and visually displays system logs by using a log analysis suite ELK, so as to realize quick positioning of system faults and propose a solution. The main module comprises:
collecting logs, deploying a log collection service on nodes, and carrying out mobile phone and preprocessing on running logs generated by a system and a server;
log transmission, namely transmitting log data to a log cleaning/filtering service for processing, message middleware or directly forwarding the log data to a log analysis engine for formatting;
log storage, namely storing formatted logs in a storage module of a distributed file system or a log analysis engine;
and log analysis, namely, storing and establishing an inverted index based on the data fragments through a log analysis engine to realize full text search and real-time index and analysis, and analyzing a system and a network.
And the alarm prompt can provide an error report, monitor the heartbeat of the process, use the memory, use the network state and the storage space, and prompt an alarm to a user according to an alarm threshold value set by the system.
Firstly, carrying out example description on the work of each engine;
the system provides an online design engine for constructing an automobile risk assessment model. And performing secondary development based on Drawio, and automatically integrating with a risk assessment automation system. The method mainly comprises the following steps:
1. adding the content of the Drawio-related front-end code put in the webapp to the original front-end item;
2. modifying the front section page to hide the menu buttons;
3. modifying the subsequent back end of the js file under webapp to match with a corresponding interface;
4. adding ajax requests can store drawing information in a database;
the overall change is that the display state of a menu bar and some functions are noted, the scratch pad is modified into a project library which can be saved in a local database, drawing information is saved in a distributed file system, the attribute can be bound to elements (the data is saved in the database), the preview function is adapted with a system import and export engine, and the like.
The system provides an automatic workflow engine for automobile information security risk assessment, integrates an automobile information security risk assessment flow based on a Flowable workflow engine, and achieves automation of assessment. The method mainly comprises the following steps:
1. configuring database information required by the Flowable;
2. reading a workflow of automobile information security risk assessment;
3. deploy workflow process engine getunitimeservice ();
4. opening procedure
runtimeService.startProcessInstanceByKey("myProcess");
5. Executing step by step according to a defined work flow chart, and finally finishing the process;
the system provides an automobile information security wind direction evaluation authority management engine which is realized based on an open source security framework Apache Shiro. The method realizes the operation of user authentication, full-line inspection, password management and session management.
The system provides an agile management engine for evaluating the wind direction of automobile information safety, combines the user management of the system, and realizes authority management, cooperative work and version management of risk evaluation projects based on open source version management tool Gitlab secondary development. The method mainly comprises the following steps:
1. deploying private Gitlab services in a private cloud;
2. obtaining user roles from a user management database, and creating corresponding users in the Gitlab;
3. providing account password for identity authentication through a Session interface;
4. determining whether the project can be submitted to be modified or returned to the historical version according to the user authority;
5. creating an initial project repository (existing projects may also be retrieved from a version repository);
6. submitting a project evaluation result;
7. and (3) other operations: canceling modification, viewing submission history, creating branches, labeling and the like;
the present system provides a high performance and highly reliable distributed file storage engine. The application layer data is cached by Redis, read-write separation is configured by a MySQL cluster, high performance and high reliability of the application layer are achieved, and a Glusterfs distributed file system is adopted at the bottom layer.
1. A user writes data into a MySQL database through a front-end page (permission verification) or a workflow engine;
2. the MySQL cluster synchronously modifies the result from the node through bin logs;
3. writing the data into a Glusterfs cluster;
4. setting a backup strategy, and automatically synchronizing data among nodes;
the system provides a rapid risk assessment system report engine which is realized based on an open source tool Apache POI, an html2canvas and a jpdf. The method mainly comprises the following steps:
and an Office file export step, adopting Apache POI to import and export the Office file. The related steps are as follows:
1. creating an Excel work file object;
2. creating a table object according to the file object;
3. creating a row object of the table according to the table object;
4. creating a cell object of the table according to the row object;
5. inserting data into the designated position;
6. storing data in a file in a streaming manner;
the Html is exported as a PDF document. The method mainly comprises the following steps:
1. converting html into pictures;
2. defining the size of a picture, and converting the picture into pdf through jpdf;
3. downloading PDF to local;
the system provides a visual log analysis engine, and the analytic search, the Logstash and the Kibana are adopted to provide the analysis and visual log analysis engine for a risk assessment system. The related steps are as follows:
1. deploying and starting a Beat acquisition suite in each node;
2. configuring a system operation and operation log directory;
3. reading a log file and sending the log file to a log processing component;
4. the log processing component filters and converts the acquired logs and forwards the log analysis component;
5. the filtered and converted logs, full-text search, structured search and analysis are performed through a log analysis component;
through the display component, various dimensional tables and graphs are generated, and a visual interactive page is provided.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.

Claims (7)

1.一种汽车信息安全风险评估自动化系统,其特征在于:包括:1. an automated system for risk assessment of automobile information security, characterized in that: comprising: 汽车风险评估模型的在线设计引擎,该设计引擎用于实现对评估产品或业务构建数据模型;The online design engine of the automobile risk assessment model, which is used to realize the construction of a data model for the assessment product or business; 汽车信息安全风险评估权限管理引擎,用于结合系统自身的用户管理,实现对风险评估项目的不同粒度的权限管理;The vehicle information security risk assessment authority management engine is used to realize authority management of different granularities for risk assessment items in combination with the system's own user management; 基于Flowable的汽车信息安全风险评估自动化工作流引擎,用于通过BPMN2.0流程建模语言,将风险评估业务流程的自动化;The automatic workflow engine for automotive information security risk assessment based on Flowable is used to automate the risk assessment business process through the BPMN2.0 process modeling language; 汽车信息安全风向评估项目敏捷管理引擎,用于对团队成员进行责任划分,针对风险评估的每个阶段分配专门的人员进行负责,各项评估工作协同进行;The agile management engine of the automotive information security wind direction assessment project is used to divide the responsibilities of team members, assign special personnel to be responsible for each stage of the risk assessment, and coordinate the assessment work; 分布式文件存储引擎,用于将风险评估系统的数据类型分为结构化数据与非结构化数据并进行存储,其中,系统结构化数据存储在MySQL数据库,进行主从复制与读写分离,实现数据库存储高可靠性和数据库高性能读写;系统非结构化数据存储在分布式文件系统中;The distributed file storage engine is used to divide the data types of the risk assessment system into structured data and unstructured data and store them. The structured data of the system is stored in the MySQL database, and master-slave replication and read-write separation are performed to achieve High reliability of database storage and high performance reading and writing of database; system unstructured data is stored in distributed file system; 风险评估系统报表引擎,对风险评估流程,进行阶段统计分析,图形化展示,生成评估报表,最终生成风险评估报告并导出;Risk assessment system report engine, perform stage statistical analysis on the risk assessment process, display it graphically, generate assessment reports, and finally generate risk assessment reports and export them; 可视化日志分析引擎,用于采集系统日志,进行过滤和提取,进行分析与可视化展示,实现系统故障的快速定位与提出解决方案。The visual log analysis engine is used to collect system logs, filter and extract, analyze and visualize them, and quickly locate system faults and propose solutions. 2.根据权利要求1所述的汽车信息安全风险评估自动化系统,其特征在于:所述汽车风险评估模型的在线设计引擎构建的数据模型包括:2. The automobile information security risk assessment automation system according to claim 1, is characterized in that: the data model that the online design engine of described automobile risk assessment model builds comprises: 多种类型图示模块,用于绘制UML、用例图、数据流图、BPM;Various types of graphic modules for drawing UML, use case diagram, data flow diagram, BPM; 汽车信息安全图标集合模块,包括利益相关方、连接线、汽车零部件图示集合;Automotive information security icon collection module, including stakeholder, connecting line, auto parts icon collection; 图形设置模块,用于调整大小、图形旋转、比例调整、鼠标拖动;Graphics setting module, used for resizing, graphic rotation, scale adjustment, mouse dragging; 文本设置模块,用于支持丰富的字体、颜色设置、大小调整、位置移动;Text setting module, used to support rich font, color setting, size adjustment, position movement; 画布配置模块,用于根据尺寸调整画布大小、背景颜色和内边距、画布缩放和自动调整;Canvas configuration module for adjusting canvas size, background color and padding, canvas scaling and auto-adjustment according to dimensions; 智能连接模块,用于快速连接线图形、连接线随图形移动自动依附;The intelligent connection module is used to quickly connect the line graph, and the connecting line automatically attaches with the movement of the graph; 全局样式模块,用于实现新加入的图形可以复用上一个图形的样式,支持对样式的复制和粘贴操作;The global style module is used to realize that the newly added graphic can reuse the style of the previous graphic, and supports the copy and paste operation of the style; 导入导出模块,用于支持多种类型的导入和导出文件格式;Import and export modules to support multiple types of import and export file formats; 云端保存功能模块,用于整合部分云端网盘的功能,实现实时保存和共享功能;The cloud saving function module is used to integrate the functions of some cloud network disks to realize real-time saving and sharing functions; 业务联动模块,用于与风险评估流程进行活动关联,图示中提供便捷评估操作,提高评估效率。The business linkage module is used to associate activities with the risk assessment process. The diagram provides convenient assessment operations to improve assessment efficiency. 3.根据权利要求1或2所述的汽车信息安全风险评估自动化系统,其特征在于:所述汽车信息安全风险评估权限管理引擎用户管理时,采用先分配用户角色,分为信息安全评估工程师、业务/功能开发工程师、信息安全测试工程师、安全解决方案工程师、风险评估工作验收人员,然后根据用户角色划分相应的权限。3. The automobile information security risk assessment automation system according to claim 1 and 2, is characterized in that: during the user management of the described automobile information security risk assessment authority management engine, the user role is first allocated, which is divided into information security assessment engineer, Business/function development engineers, information security test engineers, security solution engineers, risk assessment work acceptance personnel, and then divide the corresponding permissions according to user roles. 4.根据权利要求3所述的汽车信息安全风险评估自动化系统,其特征在于:所述基于Flowable的汽车信息安全风险评估自动化工作流引擎的风险评估业务流程包括用例建模、资产评估、损害识别、威胁场景识别、攻击路径分析、风险处置、安全目标与安全需求,进行抽象并绘制标准的流程图,确定各阶段间的触发事件、触发条件与网关,通过Flowable流程引擎,按流程定义约定逐步流转,并记录项目执行过程。4. The automated system for risk assessment of automobile information security according to claim 3, wherein the risk assessment business process of the automated workflow engine for risk assessment of automobile information security based on Flowable includes use case modeling, asset assessment, damage identification , Threat scenario identification, attack path analysis, risk disposal, security objectives and security requirements, abstract and draw standard flow charts, determine trigger events, trigger conditions and gateways between stages, through the Flowable process engine, step by step according to the process definition agreement Flow and record the project execution process. 5.根据权利要求4所述的汽车信息安全风险评估自动化系统,其特征在于:所述分布式文件存储引擎的数据存储底层采用优化后的分布式文件系统,通过纠删码和多副本备份混合策略,实现数据存储的可靠存储和安全存储。5. The automobile information security risk assessment automation system according to claim 4, wherein the data storage bottom layer of the distributed file storage engine adopts an optimized distributed file system, which is mixed by erasure code and multi-copy backup. Strategy to achieve reliable storage and secure storage of data storage. 6.根据权利要求5所述汽车信息安全风险评估自动化系统,其特征在于:所述风险评估系统报表引擎的统计类型包括资产识别统计、损害场景统计、威胁场景统计、攻击路径统计、风险处置统计、安全需求统计,该引擎的评估报表类型包括可生成存在的资产报表、损害报表、威胁报表、攻击可行性报表、风险结处置报表、安全目标与安全需求报表,该引擎的文件导出类型包括XML、Word、PDF。6. The automobile information security risk assessment automation system according to claim 5, wherein the statistical types of the report engine of the risk assessment system include asset identification statistics, damage scene statistics, threat scene statistics, attack path statistics, and risk disposal statistics , Security requirements statistics, the engine's assessment report types include the generation of existing asset reports, damage reports, threat reports, attack feasibility reports, risk settlement reports, security goals and security requirements reports, the engine's file export type includes XML , Word, PDF. 7.根据权利要求1或2所述的汽车信息安全风险评估自动化系统,其特征在于:所述可视化日志分析引擎包括日志收集模块、日志传输模块、日志存储模块、日志分析模块和报警提示模块。7. The automatic system for risk assessment of automobile information security according to claim 1 or 2, wherein the visual log analysis engine comprises a log collection module, a log transmission module, a log storage module, a log analysis module and an alarm prompt module.
CN202110928931.8A 2021-08-13 2021-08-13 An automatic system for risk assessment of automobile information security Pending CN113688396A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110928931.8A CN113688396A (en) 2021-08-13 2021-08-13 An automatic system for risk assessment of automobile information security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110928931.8A CN113688396A (en) 2021-08-13 2021-08-13 An automatic system for risk assessment of automobile information security

Publications (1)

Publication Number Publication Date
CN113688396A true CN113688396A (en) 2021-11-23

Family

ID=78579751

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110928931.8A Pending CN113688396A (en) 2021-08-13 2021-08-13 An automatic system for risk assessment of automobile information security

Country Status (1)

Country Link
CN (1) CN113688396A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115549991A (en) * 2022-09-19 2022-12-30 北京犬安科技有限公司 Visual threat analysis and risk assessment system and information security assessment method
CN116414852A (en) * 2021-12-30 2023-07-11 成都鼎桥通信技术有限公司 Database adaptation method, device, storage medium and program product
CN117195183A (en) * 2023-09-28 2023-12-08 四川赛闯检测股份有限公司 Data security compliance risk assessment system
CN117709686A (en) * 2024-02-05 2024-03-15 中建安装集团有限公司 Process visualization management system and method based on BPMN model
CN118761161A (en) * 2024-09-06 2024-10-11 中汽研(天津)汽车工程研究院有限公司 An automated vehicle passive safety R&D platform, medium and equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103530715A (en) * 2013-08-22 2014-01-22 北京交通大学 Grid management system and grid management method of high-speed railway train operation fixed equipment
US20190171986A1 (en) * 2017-12-06 2019-06-06 Vladislav Michael Beznos System and method for evaluating images to support multiple risk applications
CN110298077A (en) * 2019-05-27 2019-10-01 中国汽车技术研究中心有限公司 The safe TARA analysis method of automobile information and digitization modeling system
CN112329022A (en) * 2020-11-11 2021-02-05 浙江长三角车联网安全技术有限公司 Intelligent network automobile information security risk assessment method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103530715A (en) * 2013-08-22 2014-01-22 北京交通大学 Grid management system and grid management method of high-speed railway train operation fixed equipment
US20190171986A1 (en) * 2017-12-06 2019-06-06 Vladislav Michael Beznos System and method for evaluating images to support multiple risk applications
CN110298077A (en) * 2019-05-27 2019-10-01 中国汽车技术研究中心有限公司 The safe TARA analysis method of automobile information and digitization modeling system
CN112329022A (en) * 2020-11-11 2021-02-05 浙江长三角车联网安全技术有限公司 Intelligent network automobile information security risk assessment method and system

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116414852A (en) * 2021-12-30 2023-07-11 成都鼎桥通信技术有限公司 Database adaptation method, device, storage medium and program product
CN115549991A (en) * 2022-09-19 2022-12-30 北京犬安科技有限公司 Visual threat analysis and risk assessment system and information security assessment method
CN115549991B (en) * 2022-09-19 2024-03-19 北京犬安科技有限公司 Visual threat analysis and risk assessment system and information security assessment method
CN117195183A (en) * 2023-09-28 2023-12-08 四川赛闯检测股份有限公司 Data security compliance risk assessment system
CN117195183B (en) * 2023-09-28 2024-04-16 四川赛闯检测股份有限公司 Data security compliance risk assessment system
CN117709686A (en) * 2024-02-05 2024-03-15 中建安装集团有限公司 Process visualization management system and method based on BPMN model
CN117709686B (en) * 2024-02-05 2024-04-19 中建安装集团有限公司 Process visualization management system and method based on BPMN model
CN118761161A (en) * 2024-09-06 2024-10-11 中汽研(天津)汽车工程研究院有限公司 An automated vehicle passive safety R&D platform, medium and equipment
CN118761161B (en) * 2024-09-06 2024-12-27 中汽研(天津)汽车工程研究院有限公司 An automated vehicle passive safety R&D platform, medium and equipment

Similar Documents

Publication Publication Date Title
CN113688396A (en) An automatic system for risk assessment of automobile information security
US10430413B2 (en) Data information framework
US7974896B2 (en) Methods, systems, and computer program products for financial analysis and data gathering
US7574379B2 (en) Method and system of using artifacts to identify elements of a component business model
US20190317944A1 (en) Methods and apparatus for integrated management of structured data from various sources and having various formats
US7418453B2 (en) Updating a data warehouse schema based on changes in an observation model
US20060005124A1 (en) User interface for complex process implementation
US20090259455A1 (en) Method and system for automatic tracking of a computerized process using a relationship model
US8626703B2 (en) Enterprise resource planning (ERP) system change data capture
CN111737335B (en) Product information integration processing method and device, computer equipment and storage medium
CN102314424A (en) Dimension-based relational graph of files
US12045214B2 (en) Database validation and repair tool
CN110032594B (en) Customizable data extraction method and device for multi-source database and storage medium
CN112506892A (en) Index traceability management system based on metadata technology
CN116991931A (en) Metadata management method and system
US8291380B2 (en) Methods for configuring software package
CN117350648A (en) Integrated research and development management integrated platform for system software
CN114386920A (en) Information operation system and method based on data sharing
US20140149186A1 (en) Method and system of using artifacts to identify elements of a component business model
US7865461B1 (en) System and method for cleansing enterprise data
US20100145748A1 (en) Information technology planning based on enterprise architecture
US11934800B2 (en) Generating metadata to facilitate code generation
CN114663207B (en) Document generation method, device, computer equipment and storage medium
Prakash et al. Requirements Engineering for Data Warehousing
CN116185793A (en) Point embedding method, point embedding device, computer readable storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned
AD01 Patent right deemed abandoned

Effective date of abandoning: 20250228