智能变电站嵌入式终端的网络攻击类型研究及验证

doi:10.11930/j.issn.1004-9649.201912050

中国电力 ›› 2020, Vol. 53 ›› Issue (1): 81-91.DOI: 10.11930/j.issn.1004-9649.201912050

• 信息物理电力系统(CPPS)专栏 • 上一篇下一篇

智能变电站嵌入式终端的网络攻击类型研究及验证

何金栋¹, 王宇², 赵志超¹, 李俊娥², 谢新志¹, 张锐文², 柳玙卿², 裘德熙²

1. 国网福建省电力有限公司电力科学研究院, 福建福州 350007;
2. 空天信息安全与可信计算教育部重点实验室(武汉大学国家网络安全学院), 湖北武汉 430072

收稿日期:2019-12-10 发布日期:2020-01-15
通讯作者: 李俊娥(1966-),女,通信作者,博士,教授,博士研究生导师,从事电网信息物理系统、信息安全、通信网络研究,E-mail:jeli@whu.edu.cn
作者简介:何金栋(1982-),男,硕士,高级工程师,从事网络安全技术研究,E-mail:dky.he_jindong@fj.sgcc.com.cn;王宇(1996-),男,硕士研究生,从事电力工控系统安全研究,E-mail:564943524@qq.com
基金资助:
国家自然科学基金资助项目(协同网络攻击下电网CPS跨空间级联故障演化机理及早期防御研究，51977155)；国网福建省电力公司科技项目(智能变电站网络安全测试技术研究，SGFJDK00NYJS1900308)

Type and Verification of Network Attacks on Embedded Terminals of Intelligent Substation

HE Jindong¹, WANG Yu², ZHAO Zhichao¹, LI June², XIE Xinzhi¹, ZHANG Ruiwen², LIU Yuqing², QIU Dexi²

1. State Grid Fujian Electric Power Research Institute, Fuzhou 350007, China;
2. Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China

Received:2019-12-10 Published:2020-01-15
Supported by:
This work is supported by National Natural Science Foundation of China (Research on the Evolution Mechanism and Early Defense of GCPS Cascading Failures under Cooperative Cyber Attacks, No.51977155), Science and Technology Program of State Grid Fujian Electric Power Corporation (Research on Network Security Test of Intelligent Substation, No. SGFJDK00NYJS1900308)

摘要/Abstract

摘要： 全面掌握智能变电站嵌入式终端可能遭受的网络攻击方式及其对电力一次系统的影响，是建立有效安全防护措施的基础。目前，有关智能变电站嵌入式终端网络攻击的研究大都针对单一类型的网络攻击，且仅停留在理论分析阶段，未对提出的网络攻击类型进行验证。在分析智能变电站嵌入式终端及其通信环境的脆弱性的基础上，从攻击检测所需要的数据源和检测方法角度总结了终端可能遭受的网络攻击类型；提出了实物与仿真相结合的攻击验证方案；分析了泛洪类和报文类主要攻击的原理，给出了相应攻击工具的构造方法；使用所构造的攻击工具在验证方案设计的实验环境中进行了测试，结果证明这些攻击会对智能变电站嵌入式终端及电力一次设备造成影响，且终端抵御泛洪类攻击能力较差。

关键词: 智能变电站, 嵌入式终端, 网络攻击, 攻击验证

Abstract: A comprehensive understanding of the ways of network attacks on the embedded terminals of intelligent substation and their impacts on the primary power system is the basis for taking effective security protection measures. At present, most researches on the embedded terminal attack of intelligent substation focus on the single type of network attack and stay in the theoretical analysis stage, and no verification is conducted on the presented types of network attack. Based on a vulnerability analysis of the embedded terminals of intelligent substation and their communication environment, the types of network attacks on the terminals are summarized in terms of the data sources and detection methods required for attack detection. Then, an attack verification scheme is proposed with combination of physical testing and simulation. Meanwhile, the principles of flooding and message attacks are analyzed, and the construction methods of the corresponding attack tools are presented. Finally, the constructed attack tools are tested in the experiment environment of the designed verification scheme. The test results show that the presented two attacks can affect the embedded terminals of intelligent substation and the primary equipment, and the embedded terminals are poor in resisting flooding attack.

Key words: intelligent substation, embedded terminal, network attack, attack verification

何金栋, 王宇, 赵志超, 李俊娥, 谢新志, 张锐文, 柳玙卿, 裘德熙. 智能变电站嵌入式终端的网络攻击类型研究及验证[J]. 中国电力, 2020, 53(1): 81-91.

HE Jindong, WANG Yu, ZHAO Zhichao, LI June, XIE Xinzhi, ZHANG Ruiwen, LIU Yuqing, QIU Dexi. Type and Verification of Network Attacks on Embedded Terminals of Intelligent Substation[J]. Electric Power, 2020, 53(1): 81-91.

导出引用管理器 EndNote|Ris|BibTeX

链接本文: https://www.electricpower.com.cn/CN/10.11930/j.issn.1004-9649.201912050

https://www.electricpower.com.cn/CN/Y2020/V53/I1/81

参考文献

[1] 梁潇. 嵌入式电力测控设备信息安全分析与工作建议[C]//2012电力行业信息化年会论文集. 北京, 2012:194-197.
[2] 韩丽芳, 胡博文, 杨军, 等. 基于攻击预测的电力CPS安全风险评估[J]. 中国电力, 2019, 52(1):48-56
HAN Lifang, HU Bowen, YANG Jun, et al. A new security risk assessment method for cyber physical power system based on attack prediction[J]. Electric Power, 2019, 52(1):48-56
[3] 应欢, 刘松华, 韩丽芳, 等. 电力工业控制系统安全技术综述[J]. 电力信息与通信技术, 2018, 16(3):56-63
YING Huan, LIU Songhua, HAN Lifang, et al. Overview of power industry control system security technology[J]. Electric Power Information and Communication Technology, 2018, 16(3):56-63
[4] 杨国泰, 王宇飞, 罗剑波, 等. 电力CPS信息网络脆弱性及其评估方法[J]. 中国电力, 2018, 51(1):83-89
YANG Guotai, WANG Yufei, LUO Jianbo, et al. Electric CPS information network vulnerability and assessment method[J]. Electric Power, 2018, 51(1):83-89
[5] 锁延锋, 王少杰, 秦宇, 等. 工业控制系统的安全技术与应用研究综述[J]. 计算机科学, 2018, 45(4):25-33
SUO Yanfeng, WANG Shaojie, QIN Yu, et al. Summary of security technology and application in industrial control system[J]. Computer Science, 2018, 45(4):25-33
[6] HONG J, LIU C C, GOVINDARASU M. Detection of cyber intrusions using network-based multicast messages for substation automation[C]//ISGT 2014, February 19-22, 2014. Washington, DC, USA. IEEE, 2014:1-5.
[7] RASHID M T A, YUSSOF S, YUSOFF Y, et al. A review of security attacks on IEC61850 substation automation system network[C]//Proceedings of the 6th International Conference on Information Technology and Multimedia, November 18-20, 2014. Putrajaya, Malaysia. IEEE, 2014:5-10..
[8] HOYOS J, DEHUS M, BROWN T X. Exploiting the GOOSE protocol:a practical attack on cyber-infrastructure[C]//2012 IEEE Globecom Workshops, December 3-7, 2012. Anaheim, CA, USA. IEEE, 2012:1508-1513.
[9] LIANG G Q, ZHAO J H, LUO F J, et al. A review of false data injection attacks against modern power systems[J]. IEEE Transactions on Smart Grid, 2017, 8(4):1630-1638.
[10] 王电钢, 黄林, 刘捷, 等. 考虑负荷虚假数据注入攻击的电力信息物理系统防御策略[J]. 电力系统保护与控制, 2019, 47(1):28-34
WANG Diangang, HUANG Lin, LIU Jie, et al. Cyber-physical system defense strategy considering loaded false data injection attacks[J]. Power System Protection and Control, 2019, 47(1):28-34
[11] 丁明, 李晓静, 张晶晶. 面向SCADA的网络攻击对电力系统可靠性的影响[J]. 电力系统保护与控制, 2018, 46(11):37-45
DING Ming, LI Xiaojing, ZHANG Jingjing. Effect of SCADA-oriented cyber attack on power system reliability[J]. Power System Protection and Control, 2018, 46(11):37-45
[12] DENG R L, XIAO G X, LU R X, et al. False data injection on state estimation in power systems:attacks, impacts, and defense:A survey[J]. IEEE Transactions on Industrial Informatics, 2017, 13(2):411-423.
[13] BHARDWAJ A, SUBRAHMANYAM G V B, AVASTHI V, et al. DDoS attacks, new DDoS taxonomy and mitigation solutions:a survey[C]//2016 International Conference on Signal Processing, Communication, Power and Embedded System (SCOPES), October 3-5, 2016. Paralakhemundi, Odisha, India. IEEE, 2016:793−798.
[14] KUSH N, AHMED E, BRANAGAN M, et al. Poisoned GOOSE:exploiting the GOOSE protocol[C]//Twelfth Australasian Information Security Conference. Australian Computer Society. 2014:17−22.
[15] 王琦, 李梦雅, 汤奕, 等. 电力信息物理系统网络攻击与防御研究综述(一)建模与评估[J]. 电力系统自动化, 2019, 43(9):9-21
WANG Qi, LI Mengya, TANG Yi, et al. A review on research of cyber-attacks and defense in cyber physical power systems part one modelling and evaluation[J]. Automation of Electric Power Systems, 2019, 43(9):9-21
[16] LOPEZ C, SARGOLZAEI A, SANTANA H, et al. Smart grid cyber security:an overview of threats and countermeasures[J]. Journal of Energy and Power Engineering, 2015, 9(7):632-647.
[17] 张盛杰, 顾昊旻, 李祉岐, 等. 电力工业控制系统信息安全风险分析与应对方案[J]. 电力信息与通信技术, 2017, 15(4):96-102
ZHANG Shengjie, GU Haomin, LI Zhiqi, et al. The information security risk analysis and response plan for power industry control system[J]. Electric Power Information and Communication Technology, 2017, 15(4):96-102
[18] 李中伟, 佟为明, 金显吉. 智能电网信息安全防御体系与信息安全测试系统构建乌克兰和以色列国家电网遭受网络攻击事件的思考与启示[J]. 电力系统自动化, 2016, 40(8):147-151
LI Zhongwei, TONG Weiming, JIN Xianji. Construction of cyber security defense hierarchy and cyber security testing system of smart grid:thinking and enlightenment for network attack events to national power grid of Ukraine and Israel[J]. Automation of Electric Power Systems, 2016, 40(8):147-151
[19] 丁杰, 奚后玮, 陈爱林, 等. 基于IEC 62351安全体系的变电站自动化系统[J]. 电网技术, 2006, 30(增刊2):345−348.
DING Jie, XI Houwei, CHEN Ailin, et al. Research on substation automation system based on IEC 62351 security standards[J]. Power System Technology, 2006, 30(S2):345−348.

智能变电站嵌入式终端的网络攻击类型研究及验证

Type and Verification of Network Attacks on Embedded Terminals of Intelligent Substation

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	叶远波, 王吉文, 汪伟, 毛玉荣, 王志华. 基于哈希和编辑距离算法的SCD双层向量化与变更校验技术[J]. 中国电力, 2024, 57(1): 255-262.
[2]	皮志勇, 朱益, 廖玄, 李振兴, 方豪, 吴沛. 智能变电站多信息融合建模的通信链路故障定位方法[J]. 中国电力, 2023, 56(8): 207-215.
[3]	皮志勇, 朱益, 廖玄, 李振兴, 方豪, 吴沛. 基于深度学习的智能变电站通信链路故障定位方法[J]. 中国电力, 2023, 56(7): 136-145.
[4]	钟鸣, 陶军, 刘洵宇, 杨逸, 杨炳元. 智能变电站光纤虚实回路映射及故障诊断技术[J]. 中国电力, 2023, 56(10): 171-178.
[5]	翟峰, 冯云, 程凯, 蔡绍堂, 于丽莹, 杨挺. 基于信息熵的多源电力物联终端设备信任度评价方法[J]. 中国电力, 2022, 55(5): 158-165.
[6]	姚鹏超, 颜秉晶, 郝唯杰, 杨强. 电力信息物理系统入侵容忍能力评估方法[J]. 中国电力, 2022, 55(4): 13-22.
[7]	刘林彬, 苗泉强, 李俊娥. 基于模糊测试的GOOSE协议解析漏洞挖掘方法[J]. 中国电力, 2022, 55(4): 33-43.
[8]	李肖博, 于杨, 姚浩, 习伟, 蔡田田. 新一代智能变电站采控装置[J]. 中国电力, 2022, 55(4): 85-92.
[9]	刘依晗, 王宇飞. 新型电力系统中跨域连锁故障的演化机理与主动防御探索[J]. 中国电力, 2022, 55(2): 62-72,81.
[10]	胡源, 薛松, 张寒, 张桦, 冯昕欣, 唐程辉, 林毅, 郑鹏. 近30年全球大停电事故发生的深层次原因分析及启示[J]. 中国电力, 2021, 54(10): 204-210.
[11]	王宇飞, 邱健, 李俊娥. 考虑攻击损益的电网CPS场站级跨空间连锁故障早期预警方法[J]. 中国电力, 2020, 53(1): 92-99.
[12]	王利平, 庞晓艳, 朱雨, 刘鑫, 赵子涵, 张旭丰, 丁希亮. 基于物联网和移动互联的二次设备运维技术研究与应用[J]. 中国电力, 2019, 52(3): 177-184.
[13]	王平, 贾立莉, 李守学, 李抗, 律方成. 110 kV全户内智能变电站接地网优化设计[J]. 中国电力, 2018, 51(3): 42-48.
[14]	汪东, 何瑞文, 江青云. 智能变电站虚拟局域网精细化配置方法[J]. 中国电力, 2018, 51(11): 147-153.
[15]	邹振宇, 孙中尉, 修黎明, 韩本帅, 牛得存. 智能变电站信息模型组态解耦技术研究[J]. 中国电力, 2018, 51(1): 78-82.

模态框（Modal）标题

智能变电站嵌入式终端的网络攻击类型研究及验证

Type and Verification of Network Attacks on Embedded Terminals of Intelligent Substation

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics