As the SCADA system develops continuously, the dissemination of malicious network behaviors has brought great risk to the normal operation of enterprises, meanwhile resulting in huge economic burden to personal work and life. Therefore, the security reinforcement strategy is crucial to the field of network security management and analysis of the SCADA system. Some researchers have started to investigate on how to minimize the cost of realizing the SCADA system reinforcement strategy. However, the SCADA system administrators are facing a very challenging problem, that’s the reinforcement budget is less than the minimal input of SCADA system security reinforcement. The core of this problem lies on how to choose a subset from massive security reinforcement strategies, so as to minimize the risks from not patching all essential security vulnerabilities within the budget. Based on a deep comparative analysis of existing multi-objective optimization technologies, this paper proposes a multi-objective optimization method based on system attack tree model, and uses Pareto algorithm to solve this problem. The experimental results demonstrate that the Pareto algorithm can effectively make the multi-objective decision in security reinforcement strategy, and can solve practical issues in actual SCADA system security reinforcement practice.