电力信息物理系统跨域攻击协同防御架构及机制研究

张涛; 费稼轩; 王琦; 邵志鹏; 蔡星浦

doi:10.12263/DZXB.20231001

您当前的位置：

首页 >

文章列表页 >

电力信息物理系统跨域攻击协同防御架构及机制研究

中国电子学会科学技术奖特约专栏 | 更新时间：2025-12-08

- 电力信息物理系统跨域攻击协同防御架构及机制研究
- Research of Architecture and Mechanism of Coordinative Defense Methods for Cross-Domain Attacks of Cyber Physical System
- 电子学报 2024年52卷第4期页码：1205-1218
- 作者机构：
  
  1.国网智能电网研究院电网数字化技术研究所，北京 100190
  2.东南大学电气工程学院，江苏南京 210096
- 作者简介：
  
  [ "张涛男，1976年10月出生于陕西榆林.现为国网智能电网研究院有限公司电网数字化技术研究所副所长.主要研究方向为电力网络和数据安全." ]
  [ "费稼轩男，1984年11月出生于江苏江阴市.现为国网智能电网研究院电网数字化技术研究所业务安全研究室高级专家.主要研究方向为电力网络和数据安全." ]
  [ "王琦男，1989年4月出生于江苏南通市.现为东南大学电气工程学院副教授.主要研究方向为电网信息物理系统和电力系统网络安全.中国电子学会会员编号：E190035063M.E-mail: wangqi@seu.edu.cn" ]
  [ "邵志鹏男，1984年5月出生于江苏南京市.现为国网智能电网研究院电网数字化技术研究所业务安全研究室主任.主要研究方向为电力网络和数据安全." ]
  [ "蔡星浦男，1996年3月出生于浙江宁波市.东南大学电气工程学院硕士学位.现为国网浙江省电力有限公司杭州供电公司员工.主要研究方向为电网信息物理系统." ]
- 基金信息：
  
  国家自然科学基金(52261145704)
- DOI：10.12263/DZXB.20231001
  中图分类号： TN915.08;
- 收稿：2023-10-26，
  
  修回：2024-03-08，
  
  纸质出版：2024-04-25
- 稿件说明：
移动端阅览
张涛, 费稼轩, 王琦, 等. 电力信息物理系统跨域攻击协同防御架构及机制研究[J]. 电子学报, 2024, 52(04): 1205-1218.

ZHANG Tao, FEI Jia-xuan, WANG Qi, et al. Research of Architecture and Mechanism of Coordinative Defense Methods for Cross-Domain Attacks of Cyber Physical System[J]. Acta Electronica Sinica, 2024, 52(04): 1205-1218.
张涛, 费稼轩, 王琦, 等. 电力信息物理系统跨域攻击协同防御架构及机制研究[J]. 电子学报, 2024, 52(04): 1205-1218. DOI：10.12263/DZXB.20231001

ZHANG Tao, FEI Jia-xuan, WANG Qi, et al. Research of Architecture and Mechanism of Coordinative Defense Methods for Cross-Domain Attacks of Cyber Physical System[J]. Acta Electronica Sinica, 2024, 52(04): 1205-1218. DOI：10.12263/DZXB.20231001

摘要

我国电力基础设施已经发展成为具有高度信息化、自动化、智能化特征的信息物理融合系统.信息-物理交互在显著提升电力供给效率和性能的同时，也引入了新型网络安全威胁，通过发生于信息域并明确作用于物理域的跨域攻击，可造成电力基础设施系统性瘫痪，继而引发大面积停电事故，而当前孤立的信息侧或物理侧防御体系难以有效应对跨域攻击威胁.本文介绍了电力系统面临的信息物理跨域攻击威胁现状，分析了传统防御方法面对跨域攻击时存在的不足，提出了一种信息物理协同的跨域攻击防御架构，在针对跨域攻击传播的不同阶段，从感知、辨识、阻断三个角度设计了防御方法，通过算例验证了所提信息物理协同防御架构能够有效保障电力系统安全稳定运行.

Abstract

The electric power infrastructure of China has developed into a highly informationized

automated

and intelligent cyber physical integration system. The interaction of cyber and physical not only significantly improves the efficiency and performance of power supply

but also introduces new network security threat. Cross-domain attacks that occurring in the cyber domain and acting on the physical domain can cause the systematic breakdown of power infrastructure and then lead to large-scale power outages. However

the current isolated cyber side or physical side defense system is difficult to effectively deal with these cross-domain attack threats.This paper introduces the current situation of information and physical cross domain attack threats faced by the power system

elaborates on the shortcomings of traditional defense methods in facing cross domain attacks

proposes a cross domain attack defense architecture based on information and physical collaboration

and designs defense methods from the perspectives of perception

identification

and blocking on the attack time scale. Through example design

it is proven that the proposed information and physical collaboration defense architecture can ensure the safe and stable operation of the power system.

关键词

Keywords

references

YU X H , XUE Y S . Smart grids: A cyber-physical systems perspective [J ] . Proceedings of the IEEE , 2016 , 104 ( 5 ): 1058 - 1070 .

张涛 , 赵东艳 , 薛峰 , 等 . 电力系统智能终端信息安全防护技术研究框架 [J ] . 电力系统自动化 , 2019 , 43 ( 19 ): 1 - 8, 67 .

ZHANG T , ZHAO D Y , XUE F , et al . Research framework of cyber-security protection technologies for smart terminals in power system [J ] . Automation of Electric Power Systems , 2019 , 43 ( 19 ): 1 - 8, 67 . (in Chinese)

徐飞阳 , 薛安成 , 常乃超 , 等 . 电力系统自动发电控制网络攻击与防御研究现状与展望 [J ] . 电力系统自动化 , 2021 , 45 ( 3 ): 3 - 14 .

XU F Y , XUE A C , CHANG N C , et al . Research status and prospect of cyber attack and defense on automatic generation control in power system [J ] . Automation of Electric Power Systems , 2021 , 45 ( 3 ): 3 - 14 . (in Chinese)

蔡晔 , 刘放 , 曹一家 , 等 . 电力信息物理系统低代价多阶段高危攻击策略研究 [J ] . 电力系统自动化 , 2021 , 45 ( 20 ): 1 - 8 .

CAI Y , LIU F , CAO Y J , et al . Research on low-cost multi-stage high-risk attack strategy for power cyber-physical system [J ] . Automation of Electric Power Systems , 2021 , 45 ( 20 ): 1 - 8 . (in Chinese)

李满礼 , 倪明 , 颜云松 , 等 . 面向恶意攻击的安全稳定控制系统信息物理协调防御方法 [J ] . 电力系统自动化 , 2021 , 45 ( 18 ): 113 - 121 .

LI M L , NI M , YAN Y S , et al . Cyber-physical coordinated defense method against malicious attacks for security and stability control system [J ] . Automation of Electric Power Systems , 2021 , 45 ( 18 ): 113 - 121 . (in Chinese)

刘依晗 , 王宇飞 . 新型电力系统中跨域连锁故障的演化机理与主动防御探索 [J ] . 中国电力 , 2022 , 55 ( 2 ): 62 - 72, 81 .

LIU Y H , WANG Y F . Exploring the evolution mechanism and active defense of cross-domain cascading failures in new type power system [J ] . Electric Power , 2022 , 55 ( 2 ): 62 - 72, 81 . (in Chinese)

王宇飞 , 邱健 , 李俊娥 . 考虑攻击损益的电网CPS场站级跨空间连锁故障早期预警方法 [J ] . 中国电力 , 2020 , 53 ( 1 ): 92 - 99 .

WANG Y F , QIU J , LI J E . A station level early warning method of cascading failures across space based on attack gain and cost principle in GCPS [J ] . Electric Power , 2020 , 53 ( 1 ): 92 - 99 . (in Chinese)

章锐 , 费稼轩 , 石聪聪 , 等 . 特定攻击场景下源网荷系统恶意攻击关联分析方法 [J ] . 中国电力 , 2019 , 52 ( 10 ): 1 - 10 .

ZHANG R , FEI J X , SHI C C , et al . Malicious attack correlation analysis method of source-grid-load system under specific attack scenarios [J ] . Electric Power , 2019 , 52 ( 10 ): 1 - 10 . (in Chinese)

汤涌 . 基于响应的电力系统广域安全稳定控制 [J ] . 中国电机工程学报 , 2014 , 34 ( 29 ): 5041 - 5050 .

TANG Y . Response-based wide area control for power system security and stability [J ] . Proceedings of the CSEE , 2014 , 34 ( 29 ): 5041 - 5050 . (in Chinese)

王琦 , 李梦雅 , 汤奕 , 等 . 电力信息物理系统网络攻击与防御研究综述(一)建模与评估 [J ] . 电力系统自动化 , 2019 , 43 ( 9 ): 9 - 21 .

WANG Q , LI M Y , TANG Y , et al . A review on research of cyber-attacks and defense in cyber physical power systems part one modelling and evaluation [J ] . Automation of Electric Power Systems , 2019 , 43 ( 9 ): 9 - 21 . (in Chinese)

胡向东 , 吕高飞 , 白银 . 基于优化支持向量回归的工业互联网安全态势预测方法 [J ] . 电子学报 , 2023 , 51 ( 2 ): 446 - 454 .

HU X D , LÜ G F , BAI Y . A method of security situation prediction for industrial Internet based on optimized support vector regression [J ] . Acta Electronica Sinica , 2023 , 51 ( 2 ): 446 - 454 . (in Chinese)

XIANG D M , LIN S , WANG X H , et al . Checking missing-data errors in cyber-physical systems based on the merged process of petri nets [J ] . IEEE Transactions on Industrial Informatics , 2023 , 19 ( 3 ): 3047 - 3056 .

安宇 , 刘东 , 陈飞 , 等 . 考虑信息攻击的配电网信息物理运行风险分析 [J ] . 电网技术 , 2019 , 43 ( 7 ): 2345 - 2352 .

AN Y , LIU D , CHEN F , et al . Risk analysis of cyber physical distribution network operation considering cyber attack [J ] . Power System Technology , 2019 , 43 ( 7 ): 2345 - 2352 . (in Chinese)

XU Y . A review of cyber security risks of power systems: From static to dynamic false data attacks [J ] . Protection and Control of Modern Power Systems , 2020 , 5 : 19 .

CHE L , LIU X , LI Z Y . Mitigating false data attacks induced overloads using a corrective dispatch scheme [J ] . IEEE Transactions on Smart Grid , 2019 , 10 ( 3 ): 3081 - 3091 .

陈刘东 , 刘念 . 面向互动需求响应的虚假数据注入攻击及其检测方法 [J ] . 电力系统自动化 , 2021 , 45 ( 3 ): 15 - 23 .

CHEN L D , LIU N . False data injection attack and its detection method for interactive demand response [J ] . Automation of Electric Power Systems , 2021 , 45 ( 3 ): 15 - 23 . (in Chinese)

刘权莹 , 李俊娥 , 倪明 , 等 . 电网信息物理系统态势感知: 现状与研究构想 [J ] . 电力系统自动化 , 2019 , 43 ( 19 ): 9 - 21, 51 .

LIU Q Y , LI J E , NI M , et al . Situation awareness of grid cyber-physical system: Current status and research ideas [J ] . Automation of Electric Power Systems , 2019 , 43 ( 19 ): 9 - 21, 51 . (in Chinese)

陈碧云 , 李弘斌 , 李滨 . 伪量测建模与AUKF在配电网虚假数据注入攻击辨识中的应用 [J ] . 电网技术 , 2019 , 43 ( 9 ): 3226 - 3236 .

CHEN B Y , LI H B , LI B . Application research on pseudo measurement modeling and AUKF in FDIAs identification of distribution network [J ] . Power System Technology , 2019 , 43 ( 9 ): 3226 - 3236 . (in Chinese)

LIN H , SLAGELL A , KALBARCZYK Z T , et al . Runtime semantic security analysis to detect and mitigate control-related attacks in power grids [J ] . IEEE Transactions on Smart Grid , 2018 , 9 ( 1 ): 163 - 178 .

SRIDHAR S , GOVINDARASU M . Model-based attack detection and mitigation for automatic generation control [J ] . IEEE Transactions on Smart Grid , 2014 , 5 ( 2 ): 580 - 591 .

曹翔 , 张阳 , 宋林川 , 等 . 基于深度报文检测和安全增强的正向隔离装置设计及实现 [J ] . 电力系统自动化 , 2019 , 43 ( 2 ): 162 - 167 .

CAO X , ZHANG Y , SONG L C , et al . Design and implementation of forward isolation device based on deep packet inspection and security enhancement [J ] . Automation of Electric Power Systems , 2019 , 43 ( 2 ): 162 - 167 . (in Chinese)

WANG H Z , RUAN J Q , WANG G B , et al . Deep learning-based interval state estimation of AC smart grids against sparse cyber attacks [J ] . IEEE Transactions on Industrial Informatics , 2018 , 14 ( 11 ): 4766 - 4778 .

李元诚 , 曾婧 . 基于改进卷积神经网络的电网假数据注入攻击检测方法 [J ] . 电力系统自动化 , 2019 , 43 ( 20 ): 97 - 104 .

LI Y C , ZENG J . Detection method of false data injection attack on power grid based on improved convolutional neural network [J ] . Automation of Electric Power Systems , 2019 , 43 ( 20 ): 97 - 104 . (in Chinese)

ZHENG P L , XU Q Q , LUO X P , et al . Aeolus: Distributed execution of permissioned blockchain transactions via state sharding [J ] . IEEE Transactions on Industrial Informatics , 2022 , 18 ( 12 ): 9227 - 9238 .

POLITOU E , CASINO F , ALEPIS E , et al . Blockchain mutability: Challenges and proposed solutions [J ] . IEEE Transactions on Emerging Topics in Computing , 2021 , 9 ( 4 ): 1972 - 1986 .

SANJAB A , SAAD W . Data injection attacks on smart grids with multiple adversaries: A game-theoretic perspective [J ] . IEEE Transactions on Smart Grid , 2016 , 7 ( 4 ): 2038 - 2049 .

刘亮 , 苏盛 , 曹一家 , 等 . 基于Kalman滤波的持续卫星时间同步攻击防护方法 [J ] . 电力系统自动化 , 2020 , 44 ( 10 ): 119 - 126 .

LIU L , SU S , CAO Y J , et al . Kalman filtering based protection method of sustained satellite time synchronization attack [J ] . Automation of Electric Power Systems , 2020 , 44 ( 10 ): 119 - 126 . (in Chinese)

CHLELA M , MASCARELLA D , JOÓS G , et al . Fallback control for isochronous energy storage systems in autonomous microgrids under denial-of-service cyber-attacks [J ] . IEEE Transactions on Smart Grid , 2018 , 9 ( 5 ): 4702 - 4711 .

汤奕 , 李梦雅 , 王琦 , 等 . 电力信息物理系统网络攻击与防御研究综述(二)检测与保护 [J ] . 电力系统自动化 , 2019 , 43 ( 10 ): 1 - 9, 18 .

TANG Y , LI M Y , WANG Q , et al . A review on research of cyber-attacks and defense in cyber physical power systems part two detection and protection [J ] . Automation of Electric Power Systems , 2019 , 43 ( 10 ): 1 - 9, 18 . (in Chinese)

费稼轩 , 裴培 , 张明 , 等 . 电网工控网络攻击场景中的层次关联分析方法 [J ] . 南京理工大学学报 , 2020 , 44 ( 6 ): 715 - 723 .

FEI J X , PEI P , ZHANG M , et al . Hierarchical association analysis method in industrial control cyber attack scenario of power grid [J ] . Journal of Nanjing University of Science and Technology , 2020 , 44 ( 6 ): 715 - 723 . (in Chinese)

薛禹胜 , 李满礼 , 罗剑波 , 等 . 基于关联特性矩阵的电网信息物理系统耦合建模方法 [J ] . 电力系统自动化 , 2018 , 42 ( 2 ): 11 - 19 .

XUE Y S , LI M L , LUO J B , et al . Modeling method for coupling relations in cyber physical power systems based on correlation characteristic matrix [J ] . Automation of Electric Power Systems , 2018 , 42 ( 2 ): 11 - 19 . (in Chinese)

汤奕 , 王琦 , 邰伟 , 等 . 基于OPAL-RT和OPNET的电力信息物理系统实时仿真 [J ] . 电力系统自动化 , 2016 , 40 ( 23 ): 15 - 21, 92 .

TANG Y , WANG Q , TAI W , et al . Real-time simulation of cyber-physical power system based on OPAL-RT and OPNET [J ] . Automation of Electric Power Systems , 2016 , 40 ( 23 ): 15 - 21, 92 . (in Chinese)

YANG Z W , LIU H , BI T S , et al . Bad data detection algorithm for PMU based on spectral clustering [J ] . Journal of Modern Power Systems and Clean Energy , 2020 , 8 ( 3 ): 473 - 483 .

蔡星浦 , 王琦 , 黄建业 , 等 . 电力系统网络攻击信息物理双层协同紧急控制方法 [J ] . 全球能源互联网 , 2020 , 3 ( 6 ): 560 - 568 .

CAI X P , WANG Q , HUANG J Y , et al . Double-layered cyber-physical cooperative emergency control-strategy-adjustment method to prevent power-system cyber attacks [J ] . Journal of Global Energy Interconnection , 2020 , 3 ( 6 ): 560 - 568 . (in Chinese)

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于国密SM9的分层标识签名方案

基于改进Res2Net与自适应多尺度窗口池化的调制识别方法

基于加权优先级与数据包到达时间的MP-QUIC调度算法

基于简化复合左右手零阶谐振器的二阶微带频变耦合带通滤波器

基于多域表征对齐融合的雷达目标无监督异常检测方法