Cyberattacks on industrial control systems (ICS) have been drawing attention in academia. However, this has not raised adequate concerns among some industrial practitioners. Therefore, it is necessary to identify the vulnerable locations and components in the ICS and investigate the attack scenarios and techniques. This study proposes a method to assess the risk of cyberattacks on ICS with an improved Common Vulnerability Scoring System (CVSS) and applies it to a continuous stirred tank reactor (CSTR) model. The results show the physical system levels of ICS have the highest severity once cyberattacked, and controllers, workstations, and human-machine interface are the crucial components in the cyberattack and defense.

翻译：针对工业控制系统的网络攻击已在学术界引起关注，然而这并未充分引起部分工业从业者的重视。因此，有必要识别工业控制系统中的脆弱位置与组件，并研究攻击场景与技术手段。本研究提出了一种基于改进通用脆弱性评分系统（CVSS）评估工业控制系统网络攻击风险的方法，并将其应用于连续搅拌釜反应器（CSTR）模型。结果表明，一旦遭受网络攻击，工业控制系统的物理系统层级具有最高严重性，而控制器、工作站及人机界面是网络攻击与防御的关键组件。