面向协同信息攻击的物理电力系统安全风险评估与防御资源分配Security Risk Assessment and Defense Resource Allocation of Power System Under Synergetic Cyber Attacks
陈武晖;陈文淦;薛安成;
摘要(Abstract):
乌克兰大停电事故表明,对电力信息网实施协同信息攻击将严重威胁电力信息物理系统(electric cyber physical system,ECPS)的安全,提出一种面向协同信息攻击的ECPS风险评估及防御资源分配方法具有现实意义。在分析信息攻击对物理电网的破坏机制与ECPS的信息攻击防御措施的基础上,从攻防博弈角度提出了协同信息攻击的概率表达。然后综合考虑信息攻击的成功率与破坏程度,给出了面向协同信息攻击的ECPS风险计算公式。最后,根据风险计算公式,提出了既定风险情况下的防御资源需求值确定方法与有限防御资源情况下的资源优化分配方法。并将上述方法应用于以10机39节点系统为基础的ECPS,验证了方法的有效性。
关键词(KeyWords): 电力信息物理系统;协同信息攻击;安全风险评估;防御资源分配
基金项目(Foundation): 新能源电力系统国家重点实验室(LAPS16020)~~
作者(Author): 陈武晖;陈文淦;薛安成;
Email:
DOI: 10.13335/j.1000-3673.pst.2018.1715
参考文献(References):
- [1]刘东,盛万兴,王云,等.电网信息物理系统的关键技术及其进展[J].中国电机工程学报,2015,35(14):3522-3531.Liu Dong,Sheng Wanxing,Wang Yun,et al.Key technologies and trends of cyber physical system for power grid[J].Proceedings of the CSEE,2015,35(14):3522-3531(in Chinese).
- [2]薛禹胜.综合防御由偶然故障演化为电力灾难--北美“8.14”大停电的警示[J].电力系统自动化,2003,27(18):1-5.Xue Yusheng.The way from a simple contingency to system-wide disaster-lessons from the eastern interconnection blackout in 2003[J].Automation of Electric Power Systems,2003,27(18):1-5(in Chinese).
- [3]刘念,余星火,张建华,等.网络协同攻击:乌克兰停电事件的推演与启示[J].电力系统自动化,2016,40(6):144-147.Liu Nian,Yu Xinghuo,Zhang Jianhua,et al.Coordinated cyber-attack:inference and thinking of incident on ukrainian power grid[J]Automation of Electric Power Systems,2016,40(6):144-147(in Chinese).
- [4]梅生伟,王莹莹,陈来军.从复杂网络视角评述智能电网信息安全研究现状及若干展望[J].高电压技术,2011,37(3):672-679.Mei Shengwei,Wang Yingying,Chen Laijun.Overviews and prospects of the cyber security of smart grid from the view of complex network theory[J].High Voltage Engineering,2011,37(3):672-679(in Chinese).
- [5]Siddharth S,Adam H,Manimaran G.Cyber-physical system security for the electric power grid[J].Proceedings of the IEEE,2012,100(1):210-224.
- [6]Rasmussen T B,Yang G,Nielsen A H,et al.A review of cyber-physical energy system security assessment[C]//2017 IEEEManchester Power Tech IEEE Conference Publications:1-6.
- [7]叶夏明,文福拴,尚金成,等.电力系统中信息物理安全风险传播机制[J].电网技术,2015,39(11):3072-3079.Ye Xiaming,Wen Fushuan,Shang Jincheng,et al.Propagation mechanism of cyber physical security risks in power systems[J].Power System Technology,2015,39(11):3072-3079(in Chinese).
- [8]Lehlogonolo L,Venter H S.A threat-vulnerability based risk analysis model for cyber physical system security[C]//Hawaii International Conference on System Sciences.2017:6021-6030.
- [9]Deng Song,Yue Dong,Fu Xiong,et al.Security risk assessment of cyber physical power system based on rough set and gene expression programming[J].IEEE/CAA Journal of Automatica Sinica,2015,2(4):431-439.
- [10]韩宇奇,郭嘉,郭创新,等.考虑软件失效的信息物理融合电力系统智能变电站安全风险评估[J].中国电机工程学报,2016,36(6):1500-1508.Han Yuqi,Guo Jia,Guo Chuangxin,et al.Intelligent substation security risk assessment of cyber physical power systems incorporating software failures[J].Proceedings of the CSEE,2016,36(6):1500-1508(in Chinese).
- [11]Zhao Ting,Wang Dong,Lu Dongxu,et al.A risk assessment method for cascading failure caused by electric cyber-physical system(ECPS)[C]//International Conference on Electric Utility Deregulation and Restructuring and Power Technologies.IEEE,2016:787-791.
- [12]Wu Wenbo,Kang Rui,Li Zi.Risk assessment method for cyber security of cyber-physical systems based on inter-dependency of vulnerabilities[C]//IEEE International Conference on Industrial Engineering and Engineering Management.IEEE,2016:1618-1622.
- [13]Patapanchala Panini Sai,Chen Huo,Bobba Rakesh B,et al.Exploring security metrics for electric grid infrastructures leveraging attack graphs[C]//Technologies for Sustainability.IEEE,2017:89-95.
- [14]石立宝,简洲.基于动态攻防博弈的电力信息物理融合系统脆弱性评估[J].电力系统自动化,2016,40(17):99-105.Shi Libao,Jian Zhou.Vulnerability assessment of cyber physical power system based on dynamic attack-defense game model[J].Automation of Electric Power Systems,2016,40(17):99-105(in Chinese).
- [15]薛禹胜,李满礼,罗剑波,等.基于关联特性矩阵的电网信息物理系统耦合建模方法[J].电力系统自动化,2018,42(2):11-19.Xue Yusheng,Li Manli,Luo Jianbo,et al.Modeling method for coupling relations in cyber physical power systems based on correlation characteristic matrix[J].Automation of Electric Power Systems,2018,42(2):11-19(in Chinese).
- [16]Xin Shujun,Guo Qinglai,Sun Hongbin,et al.Cyber-physical modeling and cyber-contingency assessment of hierarchical control systems[J].IEEE Transactions on Smart Grid,2017,6(5):2375-2385.
- [17]汤奕,王琦,倪明,等.电力信息物理融合系统中的网络攻击分析[J].电力系统自动化,2016,40(6):148-151.Tang Yi,Wang Qi,Ni Ming,et al.Analysis of cyber attacks in cyber physical power system[J].Automation of Electric Power Systems2016,40(6):48-151(in Chinese).
- [18]国家电监会第5号令.电力二次系统安全防护规定[S].北京:国家电监会,2004.
- [19]Knapp Eric D.Industrial network security:securing critical infrastructure networks for smart grid,SCADA,and other industrial control systems[M].225 Wyman Street,Waltham,MA 02451,USA Syngress 2014:402-407.
- [20]Zhang Yichi,Wang Lingfeng,Xiang Yingmeng.Power system reliability analysis with intrusion tolerance in SCADA systems[J].IEEE Transactions on Smart Grid,2016,7(2):669-683.
- [21]王一枫,汤伟,刘路登,等.电网运行风险评估与定级体系的构建及应用[J].电力系统自动化,2015,39(8):141-148.Wang Yifeng,Tang Wei,Liu Ludeng,et al.System construction and application of power grid operation risk assessment and rating system[J].Automation of Electric Power Systems,2015,39(8):141-148(in Chinese).
- [22]Ni Ming,Mccalley J D,Vijay V,et al.Software implementation of online risk-based security assessment[J].IEEE Power Engineering Review,2007,22(11):59-59.
- [23]Xiang Yingmeng,Wang Lingfeng.An improved defender-attackerdefender model for transmission line defense considering offensive resource uncertainties[J].IEEE Transactions on Smart Grid,2018,PP(99):1-1.
- [24]梁潇,高昆仑,徐志博,等.美国电力行业信息安全工作现状与特点分析[J].电网技术,2011,35(12):221-228.Liang Xiao,Gao Kunlun,Xu Zhibo,et al.A survey on cybersecurity of US electric power industry[J].Power System Technology,2011,35(12):221-228(in Chinese).
- [25]张盛杰,顾昊旻,李祉岐,等.电力工业控制系统信息安全风险分析与应对方案[J].电力信息与通信技术,2017,15(4):100-106.Zhang Shengjie,Gu Haomin,Li Zhiqi,et al.The information security risk analysis and response plan for power industry control system[J].Electric Power Information and Communication Technology,2017,15(4):100-106(in Chinese).
- [26]丁伟,唐洁瑶,曹扬,等.电网信息物理系统网络安全风险分析与防护对策[J].电力信息与通信技术,2018,16(9):37-42.Ding Wei,Tang Jieyao,Cao Yang,et al.Network security risk analysis and protective countermeasures for power grid cyber physical system[J].Electric Power Information and Communication Technology,2018,16(9):37-42(in Chinese).
- [27]李彬,张洁,陈宋宋,等.基于复杂网络的电力通信网扩容保护策略[J].电网技术,2018,42(6):1974-1980.Li Bin,Zhang Jie,Chen Songsong,et al.Expansion strategy of power communication network survivability based on complex network[J].Power System Technology,2018,42(6):1974-1980(in Chinese).
- [28]张殷,肖先勇,李长松.考虑信息物理交互的电力-信息耦合网络脆弱性分析与改善策略研究[J].电网技术,2018,42(10):3136-3144.Zhang Yin,Xiao Xianyong,Li Changsong,et al.Vulnerability analysis and improvement strategy of power-information coupled networks considering cyber physical interaction[J].Power System Technology,2018,42(10):3136-3144(in Chinese).
- [29]胡娟,李智欢,段献忠.电力调度数据网结构特性分析[J].中国电机工程学报,2009,29(4):53-59.Hu Juan,Li Zhihuan,Duan Xianzhong.Structural feature analysis of the electric power dispatching data network[J].Proceedings of the CSEE,2009,29(4):53-59(in Chinese).