Hong, Q., Jianwei, T., Zheng, T., Wenhui, Q., Chun, L., Xi, L., Hongyu, Z..
2017.

An Information Security Risk Assessment Algorithm Based on Risk Propagation in Energy Internet. 2017 IEEE Conference on Energy Internet and Energy System Integration (EI2). :1–6.

Traditional information Security Risk Assessment algorithms are mainly used for evaluating small scale of information system, not suitable for massive information systems in Energy Internet. To solve the problem, this paper proposes an Information Security Risk Algorithm based on Dynamic Risk Propagation (ISRADRP). ISRADRP firstly divides information systems in the Energy Internet into different partitions according to their logical network location. Then, ISRADRP computes each partition's risk value without considering threat propagation effect via RM algorithm. Furthermore, ISRADRP calculates inside and outside propagation risk value for each partition according to Dependency Structure Matrix. Finally, the security bottleneck of systems will be identified and the overall risk value of information system will be obtained.

Hong, Q., Jianwei, T., Zheng, T., Wenhui, Q., Chun, L., Xi, L., Hongyu, Z..
2017.

An Information Security Risk Assessment Algorithm Based on Risk Propagation in Energy Internet. 2017 IEEE Conference on Energy Internet and Energy System Integration (EI2). :1–6.

Traditional information Security Risk Assessment algorithms are mainly used for evaluating small scale of information system, not suitable for massive information systems in Energy Internet. To solve the problem, this paper proposes an Information Security Risk Algorithm based on Dynamic Risk Propagation (ISRADRP). ISRADRP firstly divides information systems in the Energy Internet into different partitions according to their logical network location. Then, ISRADRP computes each partition's risk value without considering threat propagation effect via RM algorithm. Furthermore, ISRADRP calculates inside and outside propagation risk value for each partition according to Dependency Structure Matrix. Finally, the security bottleneck of systems will be identified and the overall risk value of information system will be obtained.