随着计算机技术、通信技术以及控制技术的不断发展，人们不再满足于扩充现有系统功能，而是对各类嵌入式系统提出信息化、智能化等新的需求。在这一需求引导下，信息物理融合系统（Cyber-Physical System，CPS）应运而生。CPS是一种新型智能系统，它实现了计算、通信和控制功能的深度融合。目前，CPS已被广泛应用于国防、智能电网和航空航天等安全关键领域中，容易遭受网络攻击，一旦遭受攻击，将可能导致CPS功能受损或发生故障等，从而引发安全事故，因此其可信性面临严峻挑战。为了对CPS可信性进行评估，本文根据CPS特点，利用广义随机Petri网（Generalized Stochastic Petri Nets, GSPN）对CPS可信性进行建模和分析，得到CPS初始可信度；为了研究CPS可信性演化过程，本文引入非线性动力学理论及方法，构建恶意软件在CPS中的传播模型，通过研究其动力学行为，揭示CPS可信性演化机理。

本文主要研究内容如下：

(1) 根据系统可信性理论，阐述CPS可信性概念，提出CPS可信性度量方法和步骤。首先，根据CPS特点及面临的安全威胁，建立CPS可信性度量指标，利用GSPN构建CPS可信性模型。其次，根据GSPN与连续时间马尔科夫链的同构性，得到所建模型的可达图及同构马尔科夫链。最后，通过对马尔科夫链进行计算，求得模型稳态概率和暂态概率，从而得到可信性指标的值并最终对CPS可信性进行定量评估，为分析CPS可信性演化机理等后续工作奠定了基础。

(2) 构建了具有两种感染率的恶意软件传播模型，并在此基础上建立CPS可信性演化动力学模型。首先，求取恶意软件传播模型的平衡点和基本再生数，分析平衡点的稳定性并求出其稳定条件。其次，通过对平衡点的稳定性分析，证明所建模型会发生跨临界分岔。通过对模型的动力学行为进行深入分析，揭示了CPS可信性演化机理。在上述分析的基础上，利用仿真对模型动力学行为进行验证，并直观地展示了CPS可信性演化过程。

本文通过对CPS可信性评估以及可信性演化过程的分析，为CPS可信性评估方法提供了新的思路，并且对控制恶意软件在CPS中的传播，提高CPS可信性具有一定的理论和实际意义。

With the development of computer technology, communication technology, and control technology, people are no longer satisfied with the expansion of existing system functions, but they put forward new demands for informationization and intelligence of various embedded systems. Under the guidance of these demands, cyber-physical system (CPS) comes into being. CPS is a novel intelligent system, and it realizes the deep integration of computation, communication, and control functions. At present, CPS has been widely applied in security-critical fields such as national defense, smart grids, and aerospace, which is vulnerable to cyber attacks, once being attacked, CPS functions may be damaged or fail, which will further result in security accidents. Therefore, its trustworthiness faces serious challenges.To evaluate CPS trustworthiness, generalized stochastic Petri Nets (GSPN) are utilized to the modeling and analytics of the trustworthiness of CPS according to the characteristics of CPS, and the initial trustworthiness of CPS can be obtained; To study the evolution process of CPS trustworthiness, nonlinear dynamics theories and methods are introduced to establish the propagation model of malware in CPS, and the evolution mechanism of CPS trustworthiness is revealed by studying its dynamic behaviors.

The main research contents of this thesis are as follows:

(1) Based on the system trustworthiness theory, the concept of CPS trustworthiness is expounded, and CPS trustworthiness measurement method and steps are proposed. First, according to characteristics of CPS and security threats it faces, CPS trustworthiness metrics are established, and the CPS trustworthiness model is constructed with the use of GSPN. Second, according to the isomorphism of GSPN and continuous time Markov chain, the reachability diagram and isomorphism Markov chain of the model can be obtained; Finally, the steady-state probability and transient probability of Markov chain are calculated to obtain values of trustworthiness metrics, and the trustworthiness of CPS is quantitatively evaluated, which lays a foundation for the analysis of the CPS trustworthiness evolution mechanism and other subsequent works.

(2) A malware propagation model with two infection rates is constructed, and a CPS trustworthiness evolution dynamics model is established on the basis. First, equilibriums and the basic regeneration number of the malware propagation model are obtained, and the stability of equilibriums is analyzed and the stability conditions are obtained. Second, by analyzing the stability of equilibriums, it is proved that transcritical bifurcation occurs in the model. Through in-depth analytics of the dynamic behaviors of the model, the trustworthiness evolution mechanism of CPS is revealed. Finally, on the basis of the above analytics, the dynamic behaviors of the model are verified by simulations, and the evolution process of CPS trustworthiness is visually demonstrated.

This thesis provides a new idea for CPS trustworthiness evaluation method by evaluating the CPS trustworthiness and analyzing its evolution process, and it has certain theoretical and practical significance for controlling the propagation of malware in CPS and improving CPS trustworthiness.