Suzhou Electric Appliance Research Institute
期刊號: CN32-1800/TM| ISSN1007-3175

Article retrieval

文章檢索

首頁 >> 文章檢索 >> 往年索引

基于貝葉斯攻擊圖的電力信息物理系統(tǒng)脆弱性評估

來源:電工電氣發(fā)布時(shí)間:2022-07-19 08:19 瀏覽次數(shù):366

基于貝葉斯攻擊圖的電力信息物理系統(tǒng)脆弱性評估

吳義堯
(廣西大學(xué) 電氣工程學(xué)院,廣西 南寧 530004)
 
    摘 要:網(wǎng)絡(luò)攻擊可以通過信息層的通信漏洞進(jìn)入電力信息物理系統(tǒng)中,因此需要對電力信息物理系統(tǒng)的脆弱性進(jìn)行評估。提出了基于貝葉斯攻擊圖與繼電保護(hù)機(jī)制相融合的電力信息物理系統(tǒng)綜合脆弱性評估方法,即在信息層利用貝葉斯網(wǎng)絡(luò)、漏洞評分體系和聯(lián)合樹算法,對信息層配電子站節(jié)點(diǎn)的風(fēng)險(xiǎn)概率進(jìn)行賦值,在物理層中使用交流級聯(lián)故障模型分析配電子站所控制的母線故障時(shí),所觸發(fā)的繼電保護(hù)機(jī)制,計(jì)算繼電保護(hù)機(jī)制為了消除級聯(lián)故障所切除的負(fù)載占比。將信息層風(fēng)險(xiǎn)概率與物理層故障相結(jié)合,提出新的脆弱性評估指標(biāo)負(fù)荷削減概率,以此來尋找脆弱性節(jié)點(diǎn),對信息物理系統(tǒng)中的脆弱性進(jìn)行評估?;?IEEE 14 節(jié)點(diǎn)網(wǎng)絡(luò)進(jìn)行分析,驗(yàn)證了所提方法的有效性。
    關(guān)鍵詞: 信息物理系統(tǒng);脆弱性;攻擊圖;網(wǎng)絡(luò)攻擊;級聯(lián)故障;潮流計(jì)算
    中圖分類號:TM732     文獻(xiàn)標(biāo)識碼:A     文章編號:1007-3175(2022)07-0006-08
 
Vulnerability Assessment of the Cyber-Physical Power
System Based on the Bayesian Attack Graphs
 
WU Yi-yao
(School of Electrical Engineering, Guangxi University, Nanning 530004, China)
 
    Abstract: Network attacks could enter into the cyber-physical power system through the network security holes of the information layers and pose a threat to the power system operation. So it is necessary to evaluate the vulnerability of the cyber-physical power system. This paper proposed a comprehensive vulnerability assessment method of the cyber-physical power system based on the integration of Bayesian attack graphs and relay protection mechanism. This method could assign values to the risk probability of the distribution substation nodes by using the Bayesian network, vulnerability scoring system, and junction tree algorithm in the information layers. The AC cascading failure model was used to analyze the busbar fault in the physical layer and triggered the relay protection mechanism. It calculated the proportion of load removed by the relay protection mechanism to eliminate cascading faults. Combining the risk probability of information layers with the failure of the physical layer, it proposed a new load reduction probability of the vulnerability evaluation index to find the vulnerable node and evaluate the vulnerability in the cyber-physical system. The effectiveness of this method is verified by the analysis based on IEEE 14.
    Key words: cyber-physical system; vulnerability; attack graph; network attack; cascading failure; power flow calculation
 
參考文獻(xiàn)
[1] 郭慶來,辛蜀駿,孫宏斌,等. 電力系統(tǒng)信息物理融合建模與綜合安全評估:驅(qū)動力與研究構(gòu)想[J].中國電機(jī)工程學(xué)報(bào),2016,36(6):1481-1489.
[2] 趙俊華,文福拴,薛禹勝,等. 電力 CPS 的架構(gòu)及其實(shí)現(xiàn)技術(shù)與挑戰(zhàn)[J] . 電力系統(tǒng)自動化,2010,34(16):1-7.
[3] 劉東,盛萬興,王云,等. 電網(wǎng)信息物理系統(tǒng)的關(guān)鍵技術(shù)及其進(jìn)展[J] . 中國電機(jī)工程學(xué)報(bào),2015,35(14):3522-3531.
[4] 湯奕,陳倩,李夢雅,等. 電力信息物理融合系統(tǒng)環(huán)境中的網(wǎng)絡(luò)攻擊研究綜述[J] . 電力系統(tǒng)自動化,2016,40(17):59-69.
[5] 王琦,邰偉,湯奕,等. 面向電力信息物理系統(tǒng)的虛假數(shù)據(jù)注入攻擊研究綜述[J] . 自動化學(xué)報(bào),2019,45(1):72-83.
[6] ETEMADI A H, FOTUHI-FIRUZABAD M.New considerations in modern protection system quantitative reliability assessment[J].IEEE Transactions on Power Delivery,2010,25(4) :2213-2222.
[7] DENG C.Distributed resilient control for cyber-physical systems under denial-of-service attacks[C]//2019 23rd International Conference on Mechatronics Technology(ICMT),2019.
[8] WANG Junsheng, YANG Guanghong.Data-driven methods for stealthy attacks on TCP/IP based networked control systems equipped with attack detectors[J].IEEE Transactions on Cybernetics,2019,49(8) :3020-3031.
[9] 蒲石,陳周國,祝世雄. 震網(wǎng)病毒分析與防范[J].信息網(wǎng)絡(luò)安全,2012(2) :40-43.
[10] 郭慶來,辛蜀駿,王劍輝,等. 由烏克蘭停電事件看信息能源系統(tǒng)綜合安全評估[J] . 電力系統(tǒng)自動化,2016,40(5):145-147.
[11] 邢栩嘉,林闖,蔣屹新. 計(jì)算機(jī)系統(tǒng)脆弱性評估研究[J]. 計(jì)算機(jī)學(xué)報(bào), 2004,27(1):1-11.
[12] 印永華,郭劍波,趙建軍,等. 美加“8.14”大停電事故初步分析以及應(yīng)吸取的教訓(xùn)[J] . 電網(wǎng)技術(shù),2003,27(10):8-11.
[13] 王宇飛,高昆侖,趙婷,等. 基于改進(jìn)攻擊圖的電力信息物理系統(tǒng)跨空間連鎖故障危害評估[J] . 中國電機(jī)工程學(xué)報(bào),2016,36(6):1490-1499.
[14] 冀星沛,王波,董朝陽,等. 電力信息-物理相互依存網(wǎng)絡(luò)脆弱性評估及加邊保護(hù)策略[J] . 電網(wǎng)技術(shù),2016,40(6):1867-1873.
[15] LIU Nian, ZHANG Jianhua, ZHANG Hao, et al.Security assessment for communication networks of power control systems using attack graph and MCDM[J].IEEE Transactions on Power Delivery,2010,25(3) :1492-1500.
[16] 李培愷,劉云,辛煥海,等. 分布式協(xié)同控制模式下配電網(wǎng)信息物理系統(tǒng)脆弱性評估[J] . 電力系統(tǒng)自動化,2018,42(10):22-29.
[17] 張鵬. 配電網(wǎng)信息物理系統(tǒng)脆弱性評估與網(wǎng)絡(luò)攻擊研究[D]. 北京:華北電力大學(xué),2021.
[18] 陳德成,付蓉,宋少群,等. 基于攻擊圖的電網(wǎng)信息物理融合系統(tǒng)風(fēng)險(xiǎn)定量評估[J] . 電測與儀表,2020,57(2):62-68.
[19] 張宇航,倪明,孫永輝,等. 針對網(wǎng)絡(luò)攻擊的配電網(wǎng)信息物理系統(tǒng)風(fēng)險(xiǎn)量化評估[J] . 電力系統(tǒng)自動化,2019,43(21):12-22.
[20] 高妮,高嶺,賀毅岳,等. 基于貝葉斯攻擊圖的動態(tài)安全風(fēng)險(xiǎn)評估模型[J] . 四川大學(xué)學(xué)報(bào)(工程科學(xué)版),2016,48(1):111-118.
[21] NOEBELS M, PREECE R, PANTELI M.AC cascading failure model for resilience analysis in power networks[J].IEEE Systems Journal,2022,16(1) :374-385.
[22] 葉夏明,趙俊華,文福拴. 基于鄰接矩陣的電力信息系統(tǒng)脆弱性定量評估[J] . 電力系統(tǒng)自動化,2013,37(22):41-46.
[23] TEN C W, LIU C C, MANIMARAN G.Vulnerability assessment of cybersecurity for SCADA systems [J] . IEEE Transactions on Power Systems,2008,23(4) :1836-1846.