Suzhou Electric Appliance Research Institute
期刊號: CN32-1800/TM| ISSN1007-3175

Article retrieval

文章檢索

首頁 >> 文章檢索 >> 文章瀏覽排名

基于貝葉斯攻擊圖的電力信息物理系統(tǒng)脆弱性評估

來源:電工電氣發(fā)布時間:2022-07-19 08:19 瀏覽次數(shù):429

基于貝葉斯攻擊圖的電力信息物理系統(tǒng)脆弱性評估

吳義堯
(廣西大學 電氣工程學院,廣西 南寧 530004)
 
    摘 要:網(wǎng)絡攻擊可以通過信息層的通信漏洞進入電力信息物理系統(tǒng)中,因此需要對電力信息物理系統(tǒng)的脆弱性進行評估。提出了基于貝葉斯攻擊圖與繼電保護機制相融合的電力信息物理系統(tǒng)綜合脆弱性評估方法,即在信息層利用貝葉斯網(wǎng)絡、漏洞評分體系和聯(lián)合樹算法,對信息層配電子站節(jié)點的風險概率進行賦值,在物理層中使用交流級聯(lián)故障模型分析配電子站所控制的母線故障時,所觸發(fā)的繼電保護機制,計算繼電保護機制為了消除級聯(lián)故障所切除的負載占比。將信息層風險概率與物理層故障相結(jié)合,提出新的脆弱性評估指標負荷削減概率,以此來尋找脆弱性節(jié)點,對信息物理系統(tǒng)中的脆弱性進行評估?;?IEEE 14 節(jié)點網(wǎng)絡進行分析,驗證了所提方法的有效性。
    關鍵詞: 信息物理系統(tǒng);脆弱性;攻擊圖;網(wǎng)絡攻擊;級聯(lián)故障;潮流計算
    中圖分類號:TM732     文獻標識碼:A     文章編號:1007-3175(2022)07-0006-08
 
Vulnerability Assessment of the Cyber-Physical Power
System Based on the Bayesian Attack Graphs
 
WU Yi-yao
(School of Electrical Engineering, Guangxi University, Nanning 530004, China)
 
    Abstract: Network attacks could enter into the cyber-physical power system through the network security holes of the information layers and pose a threat to the power system operation. So it is necessary to evaluate the vulnerability of the cyber-physical power system. This paper proposed a comprehensive vulnerability assessment method of the cyber-physical power system based on the integration of Bayesian attack graphs and relay protection mechanism. This method could assign values to the risk probability of the distribution substation nodes by using the Bayesian network, vulnerability scoring system, and junction tree algorithm in the information layers. The AC cascading failure model was used to analyze the busbar fault in the physical layer and triggered the relay protection mechanism. It calculated the proportion of load removed by the relay protection mechanism to eliminate cascading faults. Combining the risk probability of information layers with the failure of the physical layer, it proposed a new load reduction probability of the vulnerability evaluation index to find the vulnerable node and evaluate the vulnerability in the cyber-physical system. The effectiveness of this method is verified by the analysis based on IEEE 14.
    Key words: cyber-physical system; vulnerability; attack graph; network attack; cascading failure; power flow calculation
 
參考文獻
[1] 郭慶來,辛蜀駿,孫宏斌,等. 電力系統(tǒng)信息物理融合建模與綜合安全評估:驅(qū)動力與研究構(gòu)想[J].中國電機工程學報,2016,36(6):1481-1489.
[2] 趙俊華,文福拴,薛禹勝,等. 電力 CPS 的架構(gòu)及其實現(xiàn)技術(shù)與挑戰(zhàn)[J] . 電力系統(tǒng)自動化,2010,34(16):1-7.
[3] 劉東,盛萬興,王云,等. 電網(wǎng)信息物理系統(tǒng)的關鍵技術(shù)及其進展[J] . 中國電機工程學報,2015,35(14):3522-3531.
[4] 湯奕,陳倩,李夢雅,等. 電力信息物理融合系統(tǒng)環(huán)境中的網(wǎng)絡攻擊研究綜述[J] . 電力系統(tǒng)自動化,2016,40(17):59-69.
[5] 王琦,邰偉,湯奕,等. 面向電力信息物理系統(tǒng)的虛假數(shù)據(jù)注入攻擊研究綜述[J] . 自動化學報,2019,45(1):72-83.
[6] ETEMADI A H, FOTUHI-FIRUZABAD M.New considerations in modern protection system quantitative reliability assessment[J].IEEE Transactions on Power Delivery,2010,25(4) :2213-2222.
[7] DENG C.Distributed resilient control for cyber-physical systems under denial-of-service attacks[C]//2019 23rd International Conference on Mechatronics Technology(ICMT),2019.
[8] WANG Junsheng, YANG Guanghong.Data-driven methods for stealthy attacks on TCP/IP based networked control systems equipped with attack detectors[J].IEEE Transactions on Cybernetics,2019,49(8) :3020-3031.
[9] 蒲石,陳周國,祝世雄. 震網(wǎng)病毒分析與防范[J].信息網(wǎng)絡安全,2012(2) :40-43.
[10] 郭慶來,辛蜀駿,王劍輝,等. 由烏克蘭停電事件看信息能源系統(tǒng)綜合安全評估[J] . 電力系統(tǒng)自動化,2016,40(5):145-147.
[11] 邢栩嘉,林闖,蔣屹新. 計算機系統(tǒng)脆弱性評估研究[J]. 計算機學報, 2004,27(1):1-11.
[12] 印永華,郭劍波,趙建軍,等. 美加“8.14”大停電事故初步分析以及應吸取的教訓[J] . 電網(wǎng)技術(shù),2003,27(10):8-11.
[13] 王宇飛,高昆侖,趙婷,等. 基于改進攻擊圖的電力信息物理系統(tǒng)跨空間連鎖故障危害評估[J] . 中國電機工程學報,2016,36(6):1490-1499.
[14] 冀星沛,王波,董朝陽,等. 電力信息-物理相互依存網(wǎng)絡脆弱性評估及加邊保護策略[J] . 電網(wǎng)技術(shù),2016,40(6):1867-1873.
[15] LIU Nian, ZHANG Jianhua, ZHANG Hao, et al.Security assessment for communication networks of power control systems using attack graph and MCDM[J].IEEE Transactions on Power Delivery,2010,25(3) :1492-1500.
[16] 李培愷,劉云,辛煥海,等. 分布式協(xié)同控制模式下配電網(wǎng)信息物理系統(tǒng)脆弱性評估[J] . 電力系統(tǒng)自動化,2018,42(10):22-29.
[17] 張鵬. 配電網(wǎng)信息物理系統(tǒng)脆弱性評估與網(wǎng)絡攻擊研究[D]. 北京:華北電力大學,2021.
[18] 陳德成,付蓉,宋少群,等. 基于攻擊圖的電網(wǎng)信息物理融合系統(tǒng)風險定量評估[J] . 電測與儀表,2020,57(2):62-68.
[19] 張宇航,倪明,孫永輝,等. 針對網(wǎng)絡攻擊的配電網(wǎng)信息物理系統(tǒng)風險量化評估[J] . 電力系統(tǒng)自動化,2019,43(21):12-22.
[20] 高妮,高嶺,賀毅岳,等. 基于貝葉斯攻擊圖的動態(tài)安全風險評估模型[J] . 四川大學學報(工程科學版),2016,48(1):111-118.
[21] NOEBELS M, PREECE R, PANTELI M.AC cascading failure model for resilience analysis in power networks[J].IEEE Systems Journal,2022,16(1) :374-385.
[22] 葉夏明,趙俊華,文福拴. 基于鄰接矩陣的電力信息系統(tǒng)脆弱性定量評估[J] . 電力系統(tǒng)自動化,2013,37(22):41-46.
[23] TEN C W, LIU C C, MANIMARAN G.Vulnerability assessment of cybersecurity for SCADA systems [J] . IEEE Transactions on Power Systems,2008,23(4) :1836-1846.