为了从整体上提高网络安全性,提出了一种基于广义随机着色Petri网模型的网络安全加固措施制定方法。该方法引入主机节点利用率指数和主机节点关键度等概念,通过计算主机节点的关键度对网络中需要修补的脆弱节点进行排序,在此基础上根据最大节点关键度优先的原则逐步消除网络中存在的脆弱性。针对网络实例的分析进一步验证了所提出方法的有效性。与传统方法相比,具有可操作性强的特点,可以指导网络管理人员制定安全加固措施对目标网络进行安全加固。 In order to improve the overall network security, this paper proposes a method of network security hardening based on generalized Stochastic Colored Petri Net model. By introducing the concepts of host node utilization index and host node criticality, this method classifies the vulnerable nodes that need to be repaired in the network by calculating the criticality of the host node. Based on this, Vulnerability. The analysis of network instances further verifies the effectiveness of the proposed method. Compared with the traditional method, it has the characteristics of operability and can guide the network managers to formulate safety reinforcement measures to reinforce the target network.