基于攻击预测的电力CPS安全风险评估

doi:10.11930/j.issn.1004-9649.201809104

中国电力 ›› 2019, Vol. 52 ›› Issue (1): 48-56.DOI: 10.11930/j.issn.1004-9649.201809104

• 信息物理电力系统(CPPS)专栏 • 上一篇下一篇

基于攻击预测的电力CPS安全风险评估

韩丽芳¹, 胡博文², 杨军³, 应欢¹, 周纯杰², 方锡康²

1. 中国电力科学研究院有限公司, 北京 100192;
2. 华中科技大学自动化学院, 湖北武汉 430074;
3. 国家电网有限公司, 北京 100031

收稿日期:2018-09-25 修回日期:2018-11-30 出版日期:2019-01-05 发布日期:2019-01-14
作者简介:韩丽芳(1984-),女,硕士,高级工程师,从事电力系统信息安全研究,E-mail:hanlifang@epri.sgcc.com.cn;胡博文(1993-),男,通信作者,博士研究生,从事电力系统入侵检测与风险传播分析研究,E-mail:hubowen@hust.edu.cn;杨军(1974-),男,硕士,高级工程师,从事电力系统自动化、安全监督与管理研究,E-mail:jun-yang@sgcc.com.cn;应欢(1988-),女,博士,工程师,从事电力系统信息安全、动态程序分析研究,E-mail:yinghuan@epri.sgcc.com.cn;周纯杰(1965-),男,教授,博士生导师,从事工业控制系统信息安全、工业互联网及智能系统、模式识别及计算机视觉等研究,E-mail:cjiezhou@hust.edu.cn;方锡康(1994-),男,硕士研究生,从事电力系统入侵检测与风险传播分析研究,E-mail:xikangfang@hust.edu.cn
基金资助:
国家电网公司科技项目资助（52110417001B）；国家自然科学基金重点项目资助（61433006）。

A New Security Risk Assessment Method for Cyber Physical Power System Based on Attack Prediction

HAN Lifang¹, HU Bowen², YANG Jun³, YING Huan¹, ZHOU Chunjie², FANG Xikang²

1. China Electric Power Research Institute, Beijing 100192, China;
2. School of Automation, Huazhong University of Science and Technology, Wuhan 430074, China;
3. State Grid Corporation of China, Beijing 100031, China

Received:2018-09-25 Revised:2018-11-30 Online:2019-01-05 Published:2019-01-14
Supported by:
This work is supported by Science and Technology Project of State Grid Corporation of China (No.52110417001B); Project of National Natural Science Foundation of China (NSFC) (No.61433006).

摘要/Abstract

摘要： 为准确评估当前电力信息物理系统（cyber physical system，CPS）的风险状态，针对信息、电力紧密耦合的特点，提出一种基于攻击预测的电力CPS风险评估方法。利用已检测到的攻击告警信息，基于隐马尔科夫模型（hidden Markov model，HMM）识别出可能的攻击场景，推测攻击者的攻击意图，分析其未来的攻击目标和概率。攻击预测结果表征着系统当前的攻击威胁状况，将其作为输入，结合传统的单域（信息域或物理域）风险评估方法计算单域风险，再基于电力CPS复杂网络模型评估跨域风险，融合二者的结果得到最终的风险值。基于智能配电网IEEE 33节点的仿真平台，对攻击预测方法以及安全风险评估方法进行了验证，证明了基于攻击预测的风险评估方法的可行性和合理性。

关键词: 信息物理系统（CPS）, 攻击预测, 风险评估, 复杂网络, 隐马尔科夫模型

Abstract: In order to analyze the current risk status of the cyber physical system (CPS) in power system, this paper proposes a risk assessment method for cyber physical power system based on attack prediction, with consideration of the close coupling characteristics of cyber system and power system. Firstly, we use alert message to identify the possible attack scenarios based on the hidden Markov model (HMM), and speculate the attacker's attack intention and analyze the next attack target and attack probability. The results of attack prediction represent the current attack threat status of the system and are used as the input of the risk assessment process. Secondly, we use the traditional single-domain (cyber domain or physical domain) risk assessment method to calculate the single-domain risk, and then assess the cross-domain risk based on the complex network model of cyber physical power system. The final risk value is obtained through integrating the results of both domains. Based on the smart distribution network simulation platform of IEEE 33 BUS, the attack prediction method and risk assessment method are verified, and the results have proved the feasibility and rationality of the attack prediction-based risk assessment method.

Key words: cyber physical system, attack prediction, risk assessment, complex network, hidden Markov model

中图分类号:

TM73

韩丽芳, 胡博文, 杨军, 应欢, 周纯杰, 方锡康. 基于攻击预测的电力CPS安全风险评估[J]. 中国电力, 2019, 52(1): 48-56.

HAN Lifang, HU Bowen, YANG Jun, YING Huan, ZHOU Chunjie, FANG Xikang. A New Security Risk Assessment Method for Cyber Physical Power System Based on Attack Prediction[J]. Electric Power, 2019, 52(1): 48-56.

导出引用管理器 EndNote|Ris|BibTeX

链接本文: https://www.electricpower.com.cn/CN/10.11930/j.issn.1004-9649.201809104

https://www.electricpower.com.cn/CN/Y2019/V52/I1/48

参考文献 20

[1]	NGUYEN T. A modelling & simulation based engineering approach for socio-cyber-physical systems[C]//IEEE International Conference on Networking, Sensing and Control, 2017:702-707.
[2]	LEE, D, VINCENTELLI S. Modeling cyber-physical systems[J]. Proceedings of the IEEE, 2011, 100(1):13-28.
[3]	赵俊华, 文福拴, 薛禹胜, 等. 电力CPS的架构及其实现技术与挑战[J]. 电力系统自动化, 2010, 34(16):1-7 ZHAO Junhua, WEN Fushuan, XUE Yusheng, et al. Cyber physical power systems:architecture, implementation techniques and challenges[J]. Automation of Electric Power Systems, 2010, 34(16):1-7
[4]	CHEN Tongwen, ABUNIMEH S. Lessons from Stuxnet[J]. Computer, 2011, 44(4):91-93.
[5]	刘念, 余星火, 张建华. 网络协同攻击:乌克兰停电事件的推演与启示[J]. 电力系统自动化, 2016, 40(6):144-147 LIU Nian, YU Xinghuo, ZHANG Jianhua. Coordinated cyber attack:inference and thinking of incident on Ukrainian power grid[J]. Automation of Electric Power Systems, 2016, 40(6):144-147
[6]	张盛杰, 何冰, 王立富, 等. 乌克兰停电事件对全球能源互联网安全的启示[J]. 电力信息与通信技术, 2016(3):77-83 ZHANG Shengjie, HE Bing, WANG Lifu, et al. Enlightenments of the Ukraine blackout to cyber security of global energy interconnection[J]. Electric Power Information & Communication Technology, 2016(3):77-83
[7]	刘友波, 胡斌, 刘俊勇, 等. 电力系统连锁故障分析理论与应用(一):相关理论方法与应用[J]. 电力系统保护与控制, 2013, 41(9):148-155 LIU Youbo, HU Bin, LIU Junyong, et al. Power system cascading failure analysis theories and application I:related theories and applications[J]. Power System Protection and Control, 2013, 41(9):148-155
[8]	刘友波, 胥威汀, 丁理杰, 等. 电力系统连锁故障分析理论与应用(二):关键特征与研究启示[J]. 电力系统保护与控制, 2013, 41(10):146-155 LIU Youbo, XU Weiting, DING Lijie, et al. Power system cascading failure analysis theories and application Ⅱ:key features of real cascading failures and revelation aspects[J]. Power System Protection and Control, 2013, 41(10):146-155
[9]	马志远, 石立宝, 姚良忠, 等. 电网连锁故障的事故链搜索模型及策略研究[J]. 中国电机工程学报, 2015, 35(13):3292-3301 MA Zhiyuan, SHI Libao, YAO Liangzhong, et al. Study on the modeling and search strategy of event chain for cascading failure in power grid[J]. Proceedings of the CSEE, 2015, 35(13):3292-3301
[10]	王宇飞, 高昆仑, 赵婷, 等. 基于改进攻击图的电力信息物理系统跨空间连锁故障危害评估[J]. 中国电机工程学报, 2016, 36(6):1490-1499 WANG Yufei, GAO Kunlun, ZHAO Ting, et al. Assessing the harmfulness of cascading failures across space in electric cyber-physical system based on improved attack graph[J]. Proceedings of the CSEE, 2016, 36(6):1490-1499
[11]	叶夏明, 文福拴, 尚金成, 等. 电力系统中信息物理安全风险传播机制[J]. 电网技术, 2015, 39(11):3072-3079 YE Xiaming, WEN Fushuan, SHANG Jincheng, et al. Propagation mechanism of cyber physical security risks in power systems[J]. Power System Technology, 2015, 39(11):3072-3079
[12]	郭庆来, 辛蜀骏, 孙宏斌, 等. 电力系统信息物理融合建模与综合安全评估:驱动力与研究构想[J]. 中国电机工程学报, 2016, 36(6):1481-1489 GUO Qinglai, XIN Shujun, SUN Hongbin, et al. Power system cyber-physical modelling and security assessment:Motivation and ideas[J]. Proceedings of the CSEE, 2016, 36(6):1481-1489
[13]	XIN Shujun, GUO Qinglai, SUN Hongbin, et al. Cyber-physical modeling and cyber-contingency assessment of hierarchical control systems[J]. IEEE Transactions on Smart Grid, 2017, 6(5):2375-2385.
[14]	RUJ S, PAL A. Analyzing cascading failures in smart grids under random and targeted attacks[C]//IEEE International Conference on Advanced Information Networking and Applications, 2014:226-233.
[15]	岳猛, 张才峰, 吴志军. 隐马尔科夫模型检测LDoS攻击方法的研究[J]. 信号处理, 2015, 31(11):1454-1460 YUE Meng, ZHANG Caifeng, WU Zhijun. The research of detecting low-rate DoS attacks based on hidden markov model[J]. Signal Processing, 2015, 31(11):1454-1460
[16]	RABINER L. A tutorial on hidden markov models and selected applications in speech recognition[J]. Proc of the IEEE, 1990, 77(2):267-296.
[17]	丁明, 钱宇骋, 张晶晶. 考虑多时间尺度的连锁故障演化和风险评估模型[J]. 中国电机工程学报, 2017, 37(20):5902-5911 DING Ming, QIAN Yucheng, ZHANG Jingjing. Multi-times cale cascading failure evolution and risk assessment model[J]. Proceedings of the CSEE, 2017, 37(20):5902-5911
[18]	吴姜, 王奕, 王仁民. 电气二次设备风险量化评估体系设计[J]. 中国电力, 2013, 46(1):75-80 WU Jiang, WANG Yi, WANG Renmin. Design of quantitative risk assessment system for secondary equipment of power system[J]. Electric Power, 2013, 46(1):75-80
[19]	于尔铿. 电力系统状态估计[M]. 北京:水利水电出版社, 1985.
[20]	NEWMAN M. Networks:An introduction[J]. Astronomische Nachrichten, 2010, 327(8):741-743.

基于攻击预测的电力CPS安全风险评估

A New Security Risk Assessment Method for Cyber Physical Power System Based on Attack Prediction

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献 20

相关文章 15

编辑推荐

Metrics

[1]	汪林光, 李旭涛, 任勇, 谢小荣. 基于元启发式算法的新能源电力系统振荡稳定性最差工况搜索方法[J]. 中国电力, 2025, 58(3): 65-72.
[2]	杨珂, 王栋, 李达, 张王俊, 向尕, 李军. 虚拟电厂网络安全风险评估指标体系构建及量化计算[J]. 中国电力, 2024, 57(8): 130-137.
[3]	许竞, 赵铁军, 高小刚, 叶鞠, 孙玲玲. 高比例新能源电力系统调节资源灵活性不足风险分析[J]. 中国电力, 2024, 57(11): 129-138.
[4]	吴亚宁, 罗毅, 雷成, 黄豫, 梁宇, 周生存, 聂金峰. 基于改进型PEM和L指标的含风电场电力系统静态电压稳定评估[J]. 中国电力, 2022, 55(9): 192-203.
[5]	杜岩, 谢从珍, 李彦丞, 谢心昊, 栾乐, 罗思敏. 基于加权马氏距离型TOPSIS算法的10 kV配电网雷害风险评估[J]. 中国电力, 2022, 55(4): 108-116.
[6]	沈培锋, 王徐延, 张昊亮, 卫志农, 徐广开, 孙国强. 考虑规模化快充负荷的低压互联配电台区风险评估[J]. 中国电力, 2021, 54(5): 56-64.
[7]	李雪松, 蒋宇, 刘胥雯, 王阳, 丁羽. 基于改进Critic-G1算法的发电商市场力综合评价方法[J]. 中国电力, 2021, 54(11): 59-67.
[8]	吴昊, 朱自伟. 基于熵权-层次分析法综合指标的电网关键线路辨识[J]. 中国电力, 2020, 53(5): 39-47,55.
[9]	张博, 唐钰政, 代双寅, 陈韵竹, 王盼盼, 肖先勇. 供用电双方满意的电压暂降治理增值服务策略[J]. 中国电力, 2020, 53(11): 50-59.
[10]	李晓, 李满礼, 倪明. 配电信息物理系统分析与控制研究综述[J]. 中国电力, 2020, 53(1): 11-21.
[11]	丁茂生, 孙维佳, 蔡星浦, 王琦. 电力系统极端事件的风险评估与防范[J]. 中国电力, 2020, 53(1): 32-39,65.
[12]	陈缨, 郭小敏, 黄宇, 王瑶, 杨健维. 基于动态概率潮流的输电网断线风险评估[J]. 中国电力, 2019, 52(5): 155-163.
[13]	王申华, 何湘威, 方小方, 陈冰松, 郭创新. 基于泛在电力物联网多源信息的电网动态风险评估系统[J]. 中国电力, 2019, 52(12): 10-19.
[14]	孙舟, 潘鸣宇, 陈振, 袁小溪, 陈平. 电动汽车充电桩自动化渗透测试系统的研究和设计[J]. 中国电力, 2019, 52(1): 57-62,109.
[15]	高志远, 黄海峰, 孙芊, 张鸿, 曹阳, 唐保国. 跨国调度与交易系统互联的信息通信支撑研究[J]. 中国电力, 2019, 52(1): 40-47.

模态框（Modal）标题

基于攻击预测的电力CPS安全风险评估

A New Security Risk Assessment Method for Cyber Physical Power System Based on Attack Prediction

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献 20

相关文章 15

编辑推荐

Metrics