基于MITRE ATT&CK框架的卫星系统网络安全量化评估模型

摘要：针对卫星系统面临的多层次、多类型网络安全威胁的问题，提出了一种基于MITRE ATT&CK框架的卫星系统网络安全量化评估模型。该模型首先对卫星功能组件进行分类和攻击技术匹配，随后计算出各组件相关攻击的风险优先数，并识别卫星中的高风险威胁。同时，该模型结合资源消耗与安全性之间的折线图，分析计算、存储和带宽资源开销与安全性之间的关系。实验结果表明，该模型能够全面评估卫星系统的安全威胁，并为有限资源下卫星系统网络的最优安全策略提供指导。

关键词：卫星系统；网络安全评估；安全资源优化；风险优先数

Abstract: In response to the multi-layered and diverse cybersecurity threats faced by satellite systems, a satellite system cybersecurity quantitative evaluation model based on the MITRE ATT&CK framework is proposed. The model conducts a detailed classification of satellite functional components and matches them with attack techniques, calculating the risk priority numbers (RPNs) associated with attacks on each component to identify high-risk threats within the satellite system. At the same time, the model analyzes the relationship between computational, storage, and bandwidth resource consumption and system security through a line chart analysis of resource consumption versus security. Experiment results demonstrate that the proposed model can comprehensively assess the security threats in satellite systems and provide guidance for selecting the optimal security strategies under limited resource conditions. This approach not only helps in accurately identifying high-risk points but also offers scientific support for optimizing the allocation of security resources in satellite systems.

Keywords: satellite system; cybersecurity assessment; security resource optimization; risk priority number