Information Security Evaluation of Industrial Control Systems Using Probabilistic Linguistic MCDM Method

1  Introduction

With the continuous promotion of the “Industrial Internet” and “Made in China 2025”, industrial control systems (ICSs) [1] have been widely employed in various industries and have become an indispensable part of national infrastructure. ICSs is a general term for several types of control systems, including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and some other control systems. ICSs are commonly used in industries such as power, automotive manufacturing and industrial production, oil and gas, chemical, and transportation, etc. ICSs provide a great convenience for industrial production, but they also come with many issues. As the ICSs run through the whole industrial production cycle, it is possible to lead to the crashes of the whole system and bring considerable losses to the enterprise once the problem occurs. Hence, the information security issues of ICSs must be taken seriously. According to Chinese industry information statistics, there were 2238 global industrial control security incidents involving 15 industries from 2012 to 2019 [2], which shows its large number and wide scope.

The deep integration of information technology (IT) and industrialization has made ICSs and products increasingly connect to public networks in various ways. At the same time, viruses, Trojan horses, and other threats are spreading to ICSs, and then the information security problem of ICSs is becoming increasingly serious [3,4]. Therefore, the information security assessment of ICSs becomes an essential part, which plays a vital role in the timely detection of information security problems and potential risks of ICSs [5,6]. At present, many researchers have carried out research in the information security assessment of ICSs [7–11]. A hierarchically structured model for information security risk assessment using fuzzy logic was proposed by Abdymanapov et al. [12], which considers only qualitative information without quantitative information. A security effectiveness evaluation method was put forward by Fu et al. [13] to analyze channel throughput variation and system robustness, which determines the security of the system only by analyzing the data. Nazmul et al. [14] analyzed the relevance of risk assessment in monitoring and Supervisory Control and Data Acquisition (SCADA) systems to determine the vulnerability of each component to attacks. Mi et al. [15] proposed an objective and quantitative integrated security and safety assessment scheme based on Fuzzy Analytic Hierarchy Process (FAHP). But Nazmul et al. [14] and Mi et al. [15] did not consider the subjective and objective weights of the criteria. An association analysis-based Dynamic Cyber Security Risk Assessment (CSRA) approach was proposed by Qin et al. [16] to reduce the complexity of the modeling process in the CSRA. Most of the existing studies focused on the ranking and correlation between criteria, lacking a comprehensive consideration of a single assessment criterion. Furthermore, the majority of the approaches only involved either qualitative or quantitative data, causing them inadequate for achieving comprehensive results. To address the above problems, this paper uses PL-MCDM method based on the PLTSs, which effectively captures qualitative information regarding expert preferences through linguistic terms and expresses quantitative information about the degree of preferences using probabilities. In the process of assessing the information security of ICSs, it is essential to obtain expert ratings on the security status of system. The rating results, serving as raw data, also have directly impact on the result. However, due to the inherent uncertainty of linguistic expressions, precise numerical values may occasionally fall short of accurately conveying the true opinions of the experts. Fortunately, the PL-MCDM method offers decision-makers the ability to express their viewpoints using uncertain information, facilitating a more precise representation of their opinions. As a result, this method presents significant advantages in the information security assessment of ICSs.

PLTSs were proposed by Pang et al. [17] and evolved from fuzzy sets [18]. Since PLTSs can express both qualitative and quantitative information [19–20], it has turned into a research hotspot in decision analysis. As the research advances, the issues of its underlying operations are gradually revealed [21,22]. Taking the distance measure of PLTSs as an example, the distance measure proposed by Pang et al. [17] is capable of calculating the distance between two PLTSs in most cases. However, some counter-examples exist where the distance between two distinct PLTSs may erroneously amount to zero. After that, many researchers have proposed their own distance measures. Zhang et al. [23] put forward a new distance measure for defining the probabilistic linguistic preference relationship. Wang et al. [24] proposed a new distance measure in the extended TOPSIS-VIKOR method based on PLTSs. Lin et al. [25] first found the problems of the above distance measures and put forward a more scientific method, but it still exist some counter-examples like before. In such cases, this paper proposes a novel distance measure to solve this problem.

Multi-criteria decision-making (MCDM) methods generally involve multiple different evaluation criteria. They are widely applied in various fields, such as marketing [26,27], finance [28,29], environmental management [30–32], and supplier selection [33–35], etc. Therefore, there are many studies conducted on MCDM methods [36,37]. Al-Hchaimi et al. [38] proposed a fuzzy decision opinion score method (Fermatean-FDOSM) framework for evaluating Denial-of-Service Attack countermeasure techniques (DoS A-CTs) in the context of MPSoCs-based IoT. They built the decision matrix for eighteen defense approaches based on thirteen criteria. The CRITIC method for criteria weighting was followed by the development of the Fermatean-FDOSM method for ranking. Dang et al. [39] provided an MCDM framework to select sustainable suppliers, which integrates a spherical fuzzy Analytical Hierarchical Process (SF-AHP) and grey Complex Proportional Assessment (G-COPRAS). A case study in the automotive industry in Vietnam is presented to demonstrate the effectiveness of the proposed approach. Mohapatra et al. [40] used the MCDM method to select an optimal route between the utility center and the consumer by considering multiple criteria. Garg [41] presented a decision-making (DM) framework using Fuzzy-euclidean-Taxicab distance-based approach (Fuzzy-ETDBA) to solve the cloud deployment model selection problem, then gave a case study involving the evaluation and selection of four cloud deployment models over three decision parameters consisting of seventeen sub-parameters. Liu et al. [42] integrated a grey DM trial and evaluation laboratory (DEMATEL) with uncertain linguistic multi-objective optimization by ratio analysis plus full multiplicative form (UL-MULTIMOORA) to propose a novel MCDM method. They used the proposed method to find the optimal location of electric vehicle charging stations (EVCSs). Gireesha et al. [43] presented an Improved Interval-Valued Intuitionistic Fuzzy Sets-Weighted Aggregate Sum and Product Assessment (IIVIFS-WASPAS) to solve the problem of cloud service provider selection. Khan et al. [44] proposed multiple distance measures based on the complex hesitant fuzzy set (CHFS) and integrated those measures with the TOPSIS method. A practical example related to the effectiveness of COVID-19 tests was presented for the practical application and validity of the proposed method. Ali et al. [45] used multiple different MCDM methods to examine the importance of three renewable energy sources. Based on experimental validation, the Complex Proportional Assessment (COPRAS) or VIKOR emerged as the most effective MCDM method for selecting renewables in the proposed framework. Besides, the MCDM method can be combined with intrusion detection [46] and privacy protection [47] for network security defense. Based on the above analysis, it can be seen that the MCDM method is very widely used. Inspired by [45], we integrate the PLTSs with the VIKOR method in this work. So we can combine the advantages of them to obtain more precise results.

In this paper, we introduce the probabilistic linguistic multi-criteria method to the information security assessment of ICSs. The main contributions of the article are as follows:

(1)   After analyzing the existing distance measure methods of PLTSs, we propose a novel subscript equivalence distance measure and verify the validity of the formula.

(2)   We optimize the standardization method for PLTSs based on the subscript equivalence distance measure.

(3)   To obtain the weights of the criteria, we combine the BWM and CRITIC methods to obtain subjective and objective weights, then derive the combined weights of the criteria.

(4)   A practical example of the information security assessment of SCADA system is given to show the decision process of the PL-VIKOR method. Finally, we present a comparative analysis to highlight the superiority of the PL-VIKOR method.

The rest of this paper is organized as follows: Section 2 reviews the concept of PLTSs and its distance measure, then proposes the subscript equivalence distance measure. Section 3 provides the combined weight method, which demonstrates the specific steps of the BWM method and CRITIC method. Section 4 gives the specific steps of the proposed method. Finally, a case study is provided in Section 5 to illustrate the usefulness of our methods, and the conclusions are included in Section 6.

2  Preliminaries

This section introduces the basic knowledge of PLTSs. Afterward, we propose a novel subscript equivalence distance measure for PLTSs and analyze the differences with other methods.

2.1 Probabilistic Linguistic Term Sets

PLTSs are based on linguistic term sets (LTSs), most commonly additive linguistic term sets, so the linguistic term sets here refer to additive LTSs, and the definition of LTSs is given first.

Definition 1 [23]: The LTS is finite and ordered, and can be defined as follows:

S={sα|α=0,1,…,l}(1)

where sα denotes the linguistic term, s0 and sl denote the lower and upper limits of the linguistic term given by decision makers, respectively, and S satisfies the following conditions:

(1)   If α>β, then sα>sβ.

(2)   The negation operator is defined as follows: neg(sα)=sβ, such that α+β=l.

For example, S={s0=awful,s1=bad,s2=medium,s3=good,s4=perfect} is an LTS with five linguistic terms, s0=awful is the lower limit of S, and s4=perfect is the upper limit of S. Furthermore, let sα,sβ∈S be any two linguistic terms, the combined operational law on sα and sβ is as follows:

λ1sα⊕λ2sβ=sλ1⋅α+λ2⋅β, λ1,λ2≥0.

Definition 2 [17]: Let S={sα|α=0,1,....,l} be a reference LTS, then the PLTS defined on S is

L(p)={l(k)(p(k))|l(k)∈S,p(k)≥0,k=1,2,…,#L(p),∑k=1#L(p)p(k)≤1}(2)

where l(k)(p(k)) denotes a probabilistic linguistic term element (PLTE), which consists of two parts: the linguistic term l(k) and the probability p(k). The former represents qualitative information and the latter represents quantitative information. #L(p) denotes the number of PLTEs. In the DM process, the probabilistic information may be incomplete when the decision-maker abstains, so the sum of probabilities may be less than 1, i.e., ∑k=1#L(p)p(k)≤1.

In the evaluation process, experts first assess each criterion based on the LTS S, assigning corresponding linguistic term evaluation values sα. Then aggregating the evaluation values of multiple experts for the same criterion of the same alternative to derive the corresponding PLTS. PLTS is constructed as follows:

Definition 3: Let S={sα|α=0,1,…,l} denote an LTS, Dg={lij(g)}(i=1,2,…,m,j=1,2,…,n, g=1,2,…,t) represent the preference information from the decision-maker dg. Where m represents the number of alternatives, n represents the number of criteria, and t represents the number of decision-makers. The group preference information over each alternative concerning each criterion can be derived as

Lij(p)={l(k)(p(k))|l(k)∈Dij1∪Dij2⋅⋅⋅∪Dijt,p(k)=∑g=1tvg/t},with vg={1,ifl(k)∈Dijg0,ifl(k)∉Dijg.(3)

where Lij(p) represents the combined evaluation of the experts on the jth criterion of the ith alternative. Take L11(p) as an example, the evaluation of the first criterion of the first alternative given by five experts as (s2,s3,s2,s4,s3), then L11(p)=(s2(0.4),s3(0.4),s4(0.2)).

For comparing different PLTSs, Pang et al. [17] defined the score function and deviation function.

Definition 4 [17]: Let L(p)={l(k)(p(k))|l(k)∈S,p(k)≥0,k=1,2,…,#L(p)} be a PLTS, r(k) be the subscript of the linguistic term l(k). The score function of L(p) is defined as

E(L(p))=sl¯(4)

The value of the score function is a linguistic term with the subscript l¯, where l¯=∑k=1#L(p)(r(k)p(k))/ ∑k=1#L(p)p(k).

The deviation function is defined as

σ(L(p))=(∑k=1#L(p)(p(k)(r(k)−l¯))2)12/∑k=1#L(p)p(k)(5)

For any two PLTSs L1(p) and L2(p), the comparison rules are as follows:

(1)   If E(L1(p))>E(L2(p)), then L1(p)>L2(p);

(2)   If E(L1(p))=E(L2(p)), compare σ(L1(p)) and σ(L2(p)):

  ·If σ(L1(p))>σ(L2(p)), then L1(p)<L2(p).

  ·If σ(L1(p))=σ(L2(p)), then L1(p)=L2(p).

2.2 Distance Measure of PLTSs

2.2.1 Distance Measure of Pang et al. [17]

The distance measure of Pang et al. [17] needs three steps. Firstly, we need to normalize the probabilities. Secondly, the number of PLTEs in PLTSs should be normalized. Thirdly, the linguistic terms in PTLSs should be ordered. These three steps are defined as follows.

Definition 5 [17]: If the sum of probabilities less than 1, complementing the probabilities by p˙(k)=p(k)/∑k=1#L(p)p(k), so that the sum of probabilities equals 1.

Definition 6 [17]: If #L1(p)≠#L2(p), that is, the number of two PLTSs is not equal, which requires the addition of the set with a smaller number. If #L1(p)>#L2(p), adding #L1(p)−#L2(p) PLTEs smin(0) to L2(p), and smin is the linguistic term with smallest subscript in L2(p). In the same way, if #L1(p)<#L2(p), adding #L2(p)−#L1(p) PLTEs smin(0) to L1(p), and smin is the linguistic term with smallest subscript in L1(p). The probabilities of all the added linguistic terms are assigned to zero.

Definition 7 [17]: Let L(p)={l(k)(p(k))|l(k)∈S,p(k)≥0,k=1,2,…,#L(p)} be a PLTS, and r(k) be the subscript of the linguistic term l(k). L(p) is called an ordered PLTS, if the linguistic terms l(k)(p(k)) are arranged according to the values of r(k)⋅p(k) in descending order.

The definition of the distance measure of Pang et al. [17] is given as follows:

Definition 8 [17]: There are two PLTSs L1(p)={L1(k)(p1(k))|k=1,2,…,#L1(p)} and L2(p)={L2(k)(p2(k))|k=1,2,…,#L2(p)} with #L1(p)=#L2(p), the distance measure formula is defined as follows:

dpang(L1(p),L2(p))=∑k=1#L1(p)(r1(k)p1(k)−r2(k)p2(k))2/#L1(p)(6)

This formula given by Pang et al. [17] requires ordering the PLTSs in the third step. However, the ordering process loses some information. There is an example as follows:

Example 1: there are two PLTS, L1(p)={s1(0.2),s3(0.3),s6(0.5)} and L2(p)={s2(0.1),s3(0.3),s5(0.6)}. After being processed according to Definitions 5, 6, and 7, these two PLTSs are normalized as L1(p)={s6(0.5),s3(0.3),s1(0.2)} and L2(p)={s5(0.6),s3(0.3),s2(0.1)}. We can obtain the distance of these two PLTSs to be 0 by Eq. (6). However, L1(p)≠L2(p), thus the distance measure of Pang et al. [17] does not work in this case.

2.2.2 Subscript Equivalence Distance Measure

After analyzing the distance measure of Pang et al. [17], we propose the subscript equivalence distance measure. Firstly, the PLTSs should be standardized as follows:

Definition 9: Our normalization process has two steps (1) and (2), as follows:

(1)   Probability normalization. If the sum of probabilities less than 1, complementing the probabilities by p˙(k)=p(k)/∑k=1#L(p)p(k), so that the sum of probabilities equals 1.

(2)   Reference missing term supplementation. When the linguistic term part of L1(p) and L2(p) are not the same, adding the PLTEs that are available in L2(p) but absent from L1(p) to L1(p), and the probability value of the PLTEs is assigned to 0. Then we can get #L1(p)=#L2(p).

According to the reference missing term supplementation, for a known PLTS, the standardized result is different when compared with different PLTS. For example, L1(p)={s1(0.3),s3(0.5)}, L2(p)={s2(0.4),s4(0.4)}, L3(p)={s1(0.4),s4(0.4)}. If we calculate the distance measure of L1(p) and L2(p), the standardized result of L1(p) is L1(p)={s1(0.375),s2(0),s3(0.625),s4(0)}. But if we calculate the distance measure of L1(p) and L3(p), the standardized result of L1(p) is L1(p)={s1(0.375),s3(0.625),s4(0)}. We can see that when L1(p) calculating the distance measure with different PLTS, the standardized result of L1(p) is different. This is the origin of the reference missing term supplementation. The standardized result of the current PLTS needs to refer to the PLTS that it is compared to.

The following is the definition of the subscript equivalence distance measure.

Definition 10: Let S={sα|α=0,1,…,l} denote the reference LTS, and there are two PLTSs L1(p)={L1(k)(p1(k))|k=1,2,…,#L1(p)} and L2(p)={L2(k)(p2(k))|k=1,2,…,#L2(p)}, the distance between them is given by

d(L1(p),L2(p))=max(r(k))−min(r(k))2l2∑k=1#L1(p)r(k)|p1(k)−p2(k)|(7)

where r(k) denotes the subscript of the linguistic term in L1(p), l indicates the number of linguistic terms S.

The subscript equivalence distance measure satisfies the following properties:

(1)   Boundedness: 0≤d(L1(p),L2(p))≤1.

(2)   Self-reflexivity: d(L1(p),L1(p))=0.

(3)   Symmetry: d(L1(p),L2(p))=d(L2(p),L1(p)).

Proof.

(1) Boundedness. r(k)≥0, |p1(k)−p2(k)|≥0⇒r(k)|p1(k)−p2(k)|≥0⇒∑k=1#L1(p)r(k)|p1(k)−p2(k)|≥0,

∑k=1#L1(p)r(k)|p1(k)−p2(k)|≥0, max(r(k))−min(r(k))≥0

⇒d(L1(p),L2(p))=max(r(k))−min(r(k))2l2∑k=1#L1(p)r(k)|p1(k)−p2(k)|≥0;

r(k)≤l, ∑k=1#L1(p)|p1(k)−p2(k)|≤∑k=1#L1(p)|p1(k)|+∑k=1#L2(p)|p2(k)|≤2⇒∑k=1#L1(p)r(k)|p1(k)−p2(k)|≤2l,

∑k=1#L1(p)r(k)|p1(k)−p2(k)|≤2l, max(r(k))−min(r(k))≤l

⇒max(r(k))−min(r(k))2l2∑k=1#L1(p)r(k)|p1(k)−p2(k)|≤1.

(2) Self-reflexivity. |p1(k)−p1(k)|=0⇒r(k)|p1(k)−p1(k)|=0⇒∑k=1#L1(p)r(k)|p1(k)−p1(k)|=0

⇒max(r(k))−min(r(k))2l2∑k=1#L1(p)r(k)|p1(k)−p1(k)|=d(L1(p),L1(p))=0.

(3) Symmetry. #L1(p)=#L2(p), d(L1(p),L2(p))=max(r(k))−min(r(k))2l2∑k=1#L1(p)r(k)|p1(k)−p2(k)|

=max(r(k))−min(r(k))2l2∑k=1#L2(p)r(k)|p2(k)−p1(k)|=d(L2(p),L1(p)).

To test the validity of the subscript equivalence distance measure, we calculate Example 1 using our distance measure. L1(p) and L2(p) are standardized to L1(p)={s1(0.2),s2(0),s3(0.3),s5(0),s6(0.5)}, L2(p)={s1(0),s2(0.1),s3(0.3),s5(0.6),s6(0)}, the subscript equivalence distance measure yields d(L1(p),L2(p)) = 0.44. It can be seen that the result is no longer 0.

2.2.3 Comparative Analysis

Several researchers have proposed improvements to the distance measure for PLTSs. We make a comparison between the subscript equivalence distance measure and the distance measures of other researchers. The reference LTS for the below comparison is S={sα|α=0,1,…,6}. The comparison results are shown in Table 1. From the results shown in Table 1, we can see that there are some counter-examples of existing methods that calculate the distance between two different PLTSs as 0. The subscript equivalence distance measure effectively solves such problems for the following reasons.

There are only two cases that will lead to the result of the subscript equivalence distance measure equal to 0. The first scenario is that p1(k)−p2(k)=0,k=1,2,......#L(p), which means the probabilities corresponding to the same subscripts of both L1(p) and L2(p) are equal, implying that r1(k)=r2(k) and p1(k)=p2(k) hold simultaneously. The second, max(r(k))−min(r(k))=0. i.e., max(r(k))=min(r(k)),

which means that there is only one PLTE in both L1(p) and L2(p), and their subscript of the linguistic terms is not equal to 0. After probability normalization, the corresponding probability turns to 1, which also implies r1(k)=r2(k) and p1(k)=p2(k) hold simultaneously. So we can get d(L1(p),L2(p))=0 ⇔(r1(k)=r2(k),p1(k)=p2(k)) ⇔L1(p)=L2(p). That is to say, the distance between two PLTSs will only be equal to 0 if and only if their subscripts of the linguistic terms and probabilities are equal correspondingly.

3  Combined Weight Method

There are two methods for obtaining weights: the subjective weights method and the objective weights method. The subjective weights method determines weights based on the inherent meaning of criteria, offering an advantage in terms of subjective interpretation. However, it may lack objectivity. On the other hand, the objective weights method determines weights independent of the actual meaning of criteria, but it fails to capture the importance that decision-makers assign to different criteria. Therefore, we combine the subjective weights method and objective weights method to obtain the combined weights method. In this section, we demonstrate the BWM method and CRITIC method and provide the combined weights calculation method.

3.1 BWM Method

The Analytic Hierarchy Process (AHP) method [48] is a subjective weights method, which compares the relative importance of evaluation criteria two-by-two. Thus the AHP method requires n(n−1) times pairwise comparisons if there are n criteria. Besides, the comparative matrix lack of consistency judgment. The BWM method was proposed by Rezaei [49], which is derived from the AHP method and is also a subjective weights method. Different from the AHP method, the best criterion and the worst criterion of the BWM method are predetermined. Therefore, it only requires 2n−3 times pairwise comparisons, which significantly reduces the comparison times. To examine whether the preference information meets the consistency requirement, we can calculate the consistency ratio using the resulting values.

Assuming that there are n evaluation criteria (c1,c2,…,cn), the specific steps of the BWM method for getting the weights are given as follows:

Step 1: Compare n evaluation criteria, and choose the best criterion cB (B means Best) and the worst criterion cW (W means Worst) as the reference criteria.

Step 2: Determine the comparison vector BO (Best-to-Others) for the optimal criterion to the other criterion, and the comparison vector OW (Others-to-Worst) for the other criterion to the worst criterion. For simplified representation, BO is denoted as AB, and OW is denoted as AW. The following vectors can be derived.

AB=(aB1,aB2,…,aBn), AW=(a1W,a2W,…,anW)T

A scale of 1–9 is used to represent the comparative relationship between the optimal criterion and other criteria, with 1 indicating that two criteria are of equal importance and 9 indicating that the former is extremely important relative to the latter.

Step 3: Calculate the optimal weights.

A nonlinear programming model is used to minimize the maximum absolute deviation value between the weight ratio value and its corresponding comparative preference value, to obtain the weight value that matches the expert opinion best. The model is defined as follows:

Model 1:

minmax{|wBwj−aBj|,|wjww−ajw|}

s.t.∑j=1nwj=1

wj≥0,for all j∈N

where wB and ww denote the weights of the best and worst criterion, respectively, and wj denotes the weight of other criteria. To facilitate the solution, Model 1 can be converted into the following format:

Model 2:

minξ

s.t.|wBwj−aBj|≤ξ,for all j

|wjww−ajw|≤ξ,for all j

∑j=1nwj=1

wj≥0,for all j∈N

By solving the above model, the optimal weights (w1∗,w2∗,…,wn∗) and the optimal target values ξ∗ can be obtained.

The consistency ratio is calculated with the formula below:

CR=ξ∗CI(8)

where, CI indicates the consistency index, the corresponding values are shown in Table 2. The consistency ratio CR ranges from [0,1], the smaller the value of CR, the higher the degree of consistency of preference information. When CR=0, complete consistency is reached.

3.2 CRITIC Method

The CRITIC method was proposed by Diakoulaki et al. [50] and it is an objective weights method. The method uses the contrast intensity of evaluation criteria and the conflicts between them to reflect the importance of each criterion. The greater the contrast intensity and conflict, the greater the amount of information contained, and the higher the weight of the criteria. The CRITIC method works well to calculate the criterion weights when there are correlations between the criteria, hence we use it to calculate the objective weights. The specific steps are listed below.

Step 1: Suppose that there is an initial matrix (Xij)m×n with m alternatives and n evaluation criteria.

Step 2: To preserve the intensity of the contrast between the criteria without being affected, the normalization process is replaced by forward processing and inverse processing. If the value of the evaluation criterion should be as large as possible, then the forward processing is shown in Eq. (9). If the value of the evaluation criterion should be as small as possible, then the inverse processing is shown in Eq. (10).

xij′=xij−xminjxmaxj−xminj(9)

xij′=xmaxj−xijxmaxj−xminj(10)

Step 3: Calculate the criterion variability Sj, expressed in terms of standard deviation.

x¯j=1m∑i=1mxij′(11)

Sj=1m−1∑i=1m(xij′−x¯j)2(12)

where, x¯j denotes the mean of the j criterion.

Step 4: Calculate the criteria conflict Rj.

Rj=∑i=1m(1−rij)(13)

where rij is the correlation coefficient between the criterion i and the criterion j.

Step 5: Calculate the amount of information for each criterion Cj.

Cj=Sj∑i=1m(1−rij)=Sj×Rj(14)

Step 6: Calculate the weights for each criterion wj′.

wj′=Cj∑j=1nCj(15)

3.3 Solving for Combined Weights

Due to the different principles in weight determination between the BWM method and the CRITIC method, where the former obtains subjective weights and the latter obtains objective weights, we employ the multiplicative weighted assignment method to determine the combined weights. Let w¯ be the combined weight of the criterion, w∗ be the subjective weight calculated by the BWM method, and w′ be the objective weight calculated by the CRITIC method. The combined weights are calculated by the following formula [51]. This formula allows for a compromise between the weight values obtained from the BWM method and the CRITIC method, thereby obtaining a more rationalized combined weight value.

w¯j=wj∗wj′∑j=1nwj∗wj′(16)

4  Probabilistic Linguistic Multi-Criteria Decision-Making Method

The VIKOR method is an effective multi-criteria compromise ranking solution utilized for evaluating alternatives. The core concept revolves around establishing a positive ideal solution and a negative ideal solution by comparing alternative evaluation values with the ideal criterion value. The positive ideal solution represents the best value among the evaluation criteria, whereas the negative ideal solution represents the worst value. Through the optimization of group benefits and minimization of individual losses, a compromise solution of the alternatives can be obtained.

In this paper, we propose a novel MCDM method by integrating probabilistic linguistics with the VIKOR method. We accomplish this by aggregating evaluation information from multiple experts to derive a probabilistic linguistic initial decision matrix. Additionally, we utilize the comparison method and distance measure method of PLTSs during the calculation process to ultimately yield the decision results. The overall flowchart is shown in Fig. 1. The content in the dashed box is where this paper differs from the traditional VIKOR method.

Figure 1: The overall flowchart of the probabilistic linguistic VIKOR method

For a certain multi-criteria decision problem with t decision makers (D1,D2,…,Dt), m alternatives (A1,A2,…,Am), and n criteria (C1,C2,…,Cn), the specific steps of the probabilistic linguistic VIKOR method are as follows:

Step 1: t experts score the n criteria. The scores of criteria are based on the reference LTS S={sα|α=0,1,…,4}. The meaning of each linguistic term is shown in Table 3. Experts provide the evaluation data for each criterion based on the given linguistic scale information to obtain t linguistic term evaluation matrices.

Step 2: Aggregate t evaluation matrices to obtain the initial decision matrix L. Let S={sα|α=0,1,...,l} denote an LTS, and Dg={lij(g)}(i=1,2,…,m,j=1,2,…,n,g=1,2,…,t) represent the preference information from the decision-maker dg. The group preference information over each alternative concerning each criterion can be derived by Eq. (3). All the PLTSs form a probabilistic linguistic decision matrix L as

Lm×n=[L11(p)L12(p)⋯L1n(p)L21(p)L22(p)⋯L2n(p)⋮⋮⋯⋮Lm1(p)Lm2(p)⋯Lmn(p)]

Step 3: Compare the degree of superiority and inferiority of the PLTSs corresponding to each criterion using Eq. (4) and Eq. (5), the positive and negative ideal solutions of the criterion are determined.

L+=(L1+,L2+,…,Ln+)(17)

L−=(L1−,L2−,…,Ln−)(18)

where Lj+=max(L1j,L2j,…,Lmj), Lj−=min(L1j,L2j,…,Lmj).

Step 4: Compute the combined weight of the criteria. Calculate the subjective weights of the criteria by following the steps in Section 3.1. Calculate the objective weights of the criteria by following the steps in Section 3.2. Then, combine the subjective weights and objective weights using Eq. (16) to obtain the combined weights of the criteria.

Step 5: Calculate the group utility value Si, the individual regret value Ri, and the compromise evaluation value Qi with the following equations:

Si=∑j=1nw¯j(d(Lj+,Lij)d(Lj+,Lj−))(19)

Ri=maxjw¯j(d(Lj+,Lij)d(Lj+,Lj−))(20)

Qi=λ(Si−S−S+−S−)+(1−λ)(Ri−R−R+−R−)(21)

where w¯j denotes the combined weight of the jth criterion obtained from Eq. (16). d(Lj+,Lj−) denotes the distance measure of Lj+ and Lj−, which is calculated by Eq. (7). S+=maxiSi, S−=miniSi, R+=maxiRi, R−=miniRi. λ is the weighting coefficient. λ>0.5 indicates that the value of Qi is more determined by the group utility and λ<0.5 indicates that the value of Qi is more determined by the individual regret. We set λ=0.5 in this paper.

Step 6: Rank the alternatives and obtain the decision solution. If we order the alternatives as A(1),A(2),…,A(I),…,A(m) based on the increasing value of Qi, then A(1) would be considered the optimal solution if it meets the following conditions.

(1)   Q(A(2))−Q(A(1))≥1/(m−1);

(2)   The alternative A(1) is the most stable optimal solution in the DM process if both Si and Ri of this alternative are optimally ordered.

If the above two conditions cannot hold simultaneously, a compromise solution is obtained. There are two cases:

(1)   If only (2) is not satisfied, then the solutions A(1) and A(2) are optimal decision results.

(2)   If (1) is not satisfied, the compromise solution is A(1),A(2),…,A(I), where A(I) is the maximized I value determined by Q(A(I))−Q(A(1))<1/(m−1).

5  Example Analysis

In this section, we utilize a case study to confirm the validity of the proposed method.

5.1 Evaluation Criteria System of Information Security Assessment of ICSs

To enhance the information security of ICSs, China has implemented several countermeasures and introduced relevant regulations, including the group standards “Implementation Specification for Industrial Control System Security Protection Construction” and “Basic Requirements for Emergency Response Exercise of Industrial Control System Information Security Events”. These regulations guide enterprises on how to effectively safeguard the information security of ICSs. By analyzing the standard “Guideline for Security Control Application of Industrial Control Systems” (GB/T 32919-2016) [52], an evaluation criteria system is established. There are three key areas, which are subdivided into 12 second-level criteria, as illustrated in Fig. 2.

Figure 2: The information security assessment of the ICSs guidelines system

In the following part, 12 second-level criteria are described:

(1) Software Security: Design and implement secure and reliable software systems to protect them from cyber-attacks.

(2) Equipment Safety: Protect computers, phones, tablets, IoT devices, and other electronic devices from malicious attacks and unauthorized access.

(3) Data Security: Protect data from unauthorized access, use, disclosure, tampering, destruction, or loss.

(4) Environmental Safety: Protect information systems and networks from physical and environmental threats.

(5) Identification: Identify users to grant them access to information systems or network resources.

(6) Security Monitoring: Real-time monitoring and analysis of information systems and networks to detect and respond to potential security threats and attacks.

(7) Remote Access: Users can access information systems or network resources from a remote location via a network connection.

(8) Border Protection: Prevent unauthorized access and malicious traffic from entering the enterprise network by deploying security devices and measures at the network edge.

(9) Emergency Planning: A series of response measures developed by an organization or enterprise to protect information systems and network resources and reduce losses in the event of a security incident.

(10) Implementing Responsibilities: The organization or enterprise clarifies security management responsibilities and implements them for each employee and department.

(11) Supply Chain Management: Management and supervision of suppliers and partners of enterprise information systems and network resources.

(12) Configuration and Patches: Management and maintenance of software and configurations in information systems and networks.

5.2 Case Study

To comply with higher authority regulations, a power generation company intends to assess the security of its SCADA systems across its four city branches. Six information security professionals scored the 12 second-level criteria. We denote the 4 branches as (A1,A2,A3,A4), the 6 panelists as (D1,D2,D3,D4,D5,D6), and the 12 criteria as (C1,C2,…,C12).

Step 1: Firstly, The experts scored 12 criteria to assess the risk degree of the SCADA systems, and obtained 6 scoring matrices of linguistic terms with the following data:

D1=[s2s1s3s0s1s4s3s2s3s1s2s3s1s3s4s2s0s3s4s3s2s2s1s3s2s2s3s1s1s4s2s1s4s0s3s2s3s3s2s1s0s3s4s2s2s1s2s2]

D2=[s2s0s1s1s2s3s2s1s2s3s1s4s2s2s3s1s0s3s3s2s2s2s2s2s1s3s3s0s2s2s1s2s3s1s2s3s2s2s2s1s1s2s4s1s4s0s3s2]

D3=[s3s2s4s1s2s2s3s4s3s0s3s2s2s2s3s1s1s4s3s2s3s1s2s1s1s1s2s0s2s3s1s2s3s2s1s1s2s3s2s0s1s3s3s3s1s1s1s2]

D4=[s1s2s2s0s1s2s1s2s3s2s2s3s2s1s2s2s2s4s2s1s1s4s1s1s3s2s1s1s0s3s3s1s2s2s3s2s1s1s3s2s1s2s3s2s3s0s1s4]

D5=[s1s2s4s1s2s3s2s3s1s0s3s2s0s2s3s2s1s4s2s2s3s1s2s1s3s3s2s0s2s3s4s1s3s2s2s2s2s1s3s2s3s2s3s1s2s2s0s3]

D6=[s2s1s3s2s1s3s3s4s3s2s0s1s1s2s4s0s2s2s2s1s2s3s1s3s2s2s3s1s1s3s2s3s4s2s2s2s3s1s3s2s2s3s4s2s2s1s1s3]

Step 2: The initial probabilistic linguistic decision matrix L is obtained by aggregating each expert evaluation matrix. The positive ideal solution and negative ideal solution of L are obtained by Eq. (4) and Eq. (5) as L+ and L−, respectively.

L=[{s1(0.33),s2(0.5),s3(0.17)}{s0(0.17),s1(0.33),s2(0.5)}{s1(0.17),s2(0.17),s3(0.33),s4(0.33)}{s0(0.17),s1(0.33),s2(0.5)}{s1(0.17),s2(0.66),s3(0.17)}{s2(0.17),s3(0.5),s4(0.33)}{s1(0.33),s2(0.33),s3(0.33)}{s1(0.17),s2(0.5),s3(0.33)}{s0(0.17),s1(0.33),s2(0.5)}{s1(0.17),s2(0.5),s3(0.33)}{s1(0.5),s2(0.17),s3(0.33)}{s2(0.5),s3(0.5)}∼