摘要: |
The paper will discuss the cyber security evaluation methodology of ICV,interpret the key elements of cyber security and the relations among them.With the cyber security model,we propose the security evaluation procedure consists of the TOE definition and asset identification,threat probability analysis,vulnerability severity analysis,safeguard effectiveness verification and impact anal-ysis steps.Based on the analysis results of all these parts,we propose a way to conclude the overall security risks.The risk calculation will summarize the evaluation results,make it comparable,or can be used as the input to get the protection requirement and action plan for further improvement.In the paper,cyber security elements' concept will be introduced and the meaning of them during the ICV se-curity evaluation will be explained.Mapping between the cyber security and the safety is highlighted at the end of the paper,together with the key points when linking them. |