Airborne Network Information Security Risk Assessment Method Based on Improved STPA-TOPSIS

This study addresses threat scenario identification and quantitative evaluation in the context of the information security risk assessment process for airborne networks. A method integrating an improved system-theoretic process analysis (STPA) and the technique for order preference by similarity to an ideal solution (TOPSIS) is proposed. A safety control interaction structure is first established based on the system-level loss definition to identify unsafe control actions and derive STPA-Sec threat conditions. Then, the opinion aggregation method based on the weakest t-norm is introduced to address the uncertainty from insufficient expert consensus and opinion deviation. To address the intrinsic correlations among evaluation indicators, the criteria importance through intercriteria correlation (CRITIC) method is applied to determine indicator weights. These weights are subsequently incorporated into the TOPSIS framework to assess the identified threat scenarios. Comparative analysis confirms the effectiveness of the proposed approach. The results show that the improved STPA-TOPSIS method enables the reliable identification of security threats in airborne networks and supports the prioritization of threat scenarios by severity, facilitating the implementation of targeted mitigation strategies.