Journal of Computing and Information Technology

After the communication-based train control system is migrated to a cloud computing environment, it will face new and complex security risks caused by the deep coupling characteristics of cyber-physics. To this end, based on complex network, fault tree analysis, and attack graph theory, the research constructs a cyber-physical coupling risk model that can quantify the importance of nodes and the probability of multi-step attacks. Subsequently, the "state-action-reward-stateaction" (SARSA) algorithm is innovatively introduced to automatically search for the optimal attack path that can cause the greatest cumulative risk by simulating the attacker's decision-making process in the model environment. The results revealed that the node degree of the physical master node was as high as 36.14, and it was accurately identified as the most critical node of the system. Meanwhile, the cumulative risk value of the optimal attack path discovered by the SARSA algorithm was 85.4, which was higher than that of the comparison algorithm. In the application verification, after deploying security measures, the system risk value assessed by this method was significantly reduced from 85.4 to 31.2, a decrease of 63.5%. It shows that the proposed cyber-physical coupling risk modeling method can effectively identify the key risk nodes of the system, and the SARSA algorithm can effectively solve the optimal attack path optimization problem. The significance of the research is to provide a quantifiable dynamic risk assessment framework and a lightweight solution for security defense in an edge computing environment.