电力系统信息安全评估方法与安全通信机制
|
摘要
电力系统的信息安全问题来源于通信与信息系统,影响的最大作用点是电力一次系统。根据电力系统信息基础架构的分区结构,以电力监控系统为主的生产控制大区是信息基础架构和电力基础架构紧密耦合的交叉点。通过对电力监控系统的特点分析,该类系统与常规计算机网络相比,在安全威胁、安全需求、事故后果、事故样本、信息架构和控制流程等方面都表现出全新的信息安全特征,导致常规信息安全方法难以完全适用。因此,本文以网络环境下的电力监控系统为切入点,参考常规领域的信息安全方法,重点研究因电力系统信息安全新特征而导致的安全评估和安全通信机制等难点问题。具体内容包括如下方面。
(1)电力监控系统的脆弱性评估。根据电力监控系统的网络结构和特点,定义了基于攻击图的脆弱性分析模型;考虑电力监控系统涉及的信息安全影响因素,设计了基于AHP-TOPSIS的脆弱性量化方法。最后,根据IEC 61850构建了评估算例,通过不同安全方案下的计算比较,验证了评估方法的有效性。
(2)电力监控系统的资产识别。以变电站自动化系统作为典型的电力监控系统研究对象,在分析该系统资产识别难点的基础上,从资产分类、业务识别和资产赋值等三个方面提出完整的信息资产识别方法。并基于IEC 61850标准构建了分析实例,验证了资产识别方法的合理性。
(3)电力监控系统的可靠性评估。以广域测量系统(WAMS)作为典型的电力监控系统研究对象。将WAMS的可靠性评估模型分为监控中心、数据采集子系统和SDH广域通信系统等三部分,并定义系统可用度作为WAMS的可靠性指标。以IEEE14节点的WAMS系统为应用实例,计算获得系统可用度的时变曲线。
(4)电力系统安全通信机制的设计方法。以IEC 61850体系下的电力监控系统通信模型为研究对象,分析了与安全通信机制设计相关的影响因素,由此构建电力安全通信机制的设计框架。并基于安全设计框架,针对当前安全标准和研究成果尚未解决的两类通信安全问题进行实例化研究:在风电场远程监控过程中,设计了基于Web服务的风电场远程安全通信机制,能够在不改变标准报文结构的前提下满足通信安全需求;在变电站远程配置过程中,设计了一种基于XML Security的变电站远程配置安全通信机制,通过SCL的安全扩展和安全处理方法,满足配置过程中的安全需求。
The information security of power systems derives from communication and information systems,but effects on the operation of power systems.According to the partition structure of power information architecture,the production and control region that are mainly composed by power monitoring and control systems is the cross-point of tightly coupled information architecture and power architecture of power system.On the one hand,this kind of information security issues,easily lead to serious consequences,and very likely affect the stability of power system operation.On the other hand,compared with conventional computer network,such system in the security threats,security requirements,accident consequences, accident sample,information architecture and control flow,etc.have shown some new information security features,leading to conventional methods of information security can not be completely applicable.Therefore,this thesis focuses on the information security assessment methods and security communication mechanisms of power system,and takes the network based power monitoring and control systems as study object,tries to solve following problems.
1.Vulnerability assessment of power monitoring and control systems.Through the formal definition,the attack graph based vulnerability analysis model is defined for power monitoring and control systems.Further more,considering the information security properties,an AHP-TOPSIS based vulnerability quantification method is designed.Finally,a studying instace are construced according to IEC 61850,the validity and rationality of this method is verified by comparison of results calculated by different security scheme.
2.Asset identification of power monitoring and control systems.Taking substation automation systems as typical study object of power monitoring and control systems.On the analysis of difficulities,a complete assets identification method is proposed from three aspects,including asset classification,task identification,and asset quantification. Furthermore,a study instance is constructed based on IEC 61850 to verify the effectiveness of proposed method.
3.Reliability assessment of power monitoring and control systems.Taking wide area measurement systems(WAMS) as typical study object of power monitoring and control systems.Reliability analysis of the WAMS is divided into three parts,including control center,data acquisition subsystem,and wide-area communication system such as SDH. Furthermore,the system availability is defined as the reliability index of WAMS.Using the WAMS system of IEEE-14 testing system as study instance,the availability curve can be calculated.
4.Designing method for security communication mechanisms of power systems. Taking the communication models in IEC 61850 as study object,the designing related factors of security communication mechiansms are analyzed,and thus construct the designing framework for security communication mechiansms of power systems.Based on the designing framework,two instance studies of unsolved problems are developed. One is a security communication mechanism for remote monitoring and control of wind power plants,which could be used to fulfil the security requirements without any change to SOAP messages of IEC 61400-25.Another one is a security communication mechanism of substation remote configuration,which could meet the security requirements of SCL configurations via the definion of SCL security extension and security process method.
(1)电力监控系统的脆弱性评估。根据电力监控系统的网络结构和特点,定义了基于攻击图的脆弱性分析模型;考虑电力监控系统涉及的信息安全影响因素,设计了基于AHP-TOPSIS的脆弱性量化方法。最后,根据IEC 61850构建了评估算例,通过不同安全方案下的计算比较,验证了评估方法的有效性。
(2)电力监控系统的资产识别。以变电站自动化系统作为典型的电力监控系统研究对象,在分析该系统资产识别难点的基础上,从资产分类、业务识别和资产赋值等三个方面提出完整的信息资产识别方法。并基于IEC 61850标准构建了分析实例,验证了资产识别方法的合理性。
(3)电力监控系统的可靠性评估。以广域测量系统(WAMS)作为典型的电力监控系统研究对象。将WAMS的可靠性评估模型分为监控中心、数据采集子系统和SDH广域通信系统等三部分,并定义系统可用度作为WAMS的可靠性指标。以IEEE14节点的WAMS系统为应用实例,计算获得系统可用度的时变曲线。
(4)电力系统安全通信机制的设计方法。以IEC 61850体系下的电力监控系统通信模型为研究对象,分析了与安全通信机制设计相关的影响因素,由此构建电力安全通信机制的设计框架。并基于安全设计框架,针对当前安全标准和研究成果尚未解决的两类通信安全问题进行实例化研究:在风电场远程监控过程中,设计了基于Web服务的风电场远程安全通信机制,能够在不改变标准报文结构的前提下满足通信安全需求;在变电站远程配置过程中,设计了一种基于XML Security的变电站远程配置安全通信机制,通过SCL的安全扩展和安全处理方法,满足配置过程中的安全需求。
The information security of power systems derives from communication and information systems,but effects on the operation of power systems.According to the partition structure of power information architecture,the production and control region that are mainly composed by power monitoring and control systems is the cross-point of tightly coupled information architecture and power architecture of power system.On the one hand,this kind of information security issues,easily lead to serious consequences,and very likely affect the stability of power system operation.On the other hand,compared with conventional computer network,such system in the security threats,security requirements,accident consequences, accident sample,information architecture and control flow,etc.have shown some new information security features,leading to conventional methods of information security can not be completely applicable.Therefore,this thesis focuses on the information security assessment methods and security communication mechanisms of power system,and takes the network based power monitoring and control systems as study object,tries to solve following problems.
1.Vulnerability assessment of power monitoring and control systems.Through the formal definition,the attack graph based vulnerability analysis model is defined for power monitoring and control systems.Further more,considering the information security properties,an AHP-TOPSIS based vulnerability quantification method is designed.Finally,a studying instace are construced according to IEC 61850,the validity and rationality of this method is verified by comparison of results calculated by different security scheme.
2.Asset identification of power monitoring and control systems.Taking substation automation systems as typical study object of power monitoring and control systems.On the analysis of difficulities,a complete assets identification method is proposed from three aspects,including asset classification,task identification,and asset quantification. Furthermore,a study instance is constructed based on IEC 61850 to verify the effectiveness of proposed method.
3.Reliability assessment of power monitoring and control systems.Taking wide area measurement systems(WAMS) as typical study object of power monitoring and control systems.Reliability analysis of the WAMS is divided into three parts,including control center,data acquisition subsystem,and wide-area communication system such as SDH. Furthermore,the system availability is defined as the reliability index of WAMS.Using the WAMS system of IEEE-14 testing system as study instance,the availability curve can be calculated.
4.Designing method for security communication mechanisms of power systems. Taking the communication models in IEC 61850 as study object,the designing related factors of security communication mechiansms are analyzed,and thus construct the designing framework for security communication mechiansms of power systems.Based on the designing framework,two instance studies of unsolved problems are developed. One is a security communication mechanism for remote monitoring and control of wind power plants,which could be used to fulfil the security requirements without any change to SOAP messages of IEC 61400-25.Another one is a security communication mechanism of substation remote configuration,which could meet the security requirements of SCL configurations via the definion of SCL security extension and security process method.
引文
[1]薛禹胜,徐伟,Zhaoyang Dong,万秋兰.关于广域测量系统及广域控制保护系统的评述,电力系统自动化,2007,31(15):1-5,16.
[2]薛禹胜.时空协调的大停电防御框架(一)从孤立防线到综合防御[J].电力系统自动化.2006,30(1):8-16.
[3]薛禹胜.时空协调的大停电防御框架(二)广域信息、在线量化分析和自适应优化控制[J].电力系统自动化.2006,30(2):1-10.
[4]韩帧祥,曹一家.电力系统安全性及防治措施.电网技术,2004,28(9):1-6.
[5]Frances Cleveland.IEC TC57 Security Standards for the Power System's Information Infrastructure- Beyond Simple Encryption[C].IEEE PES TD 2005/2006,May 21-24,2006,1079-1087.
[6]IEC TS 62351-1.Power systems management and associated information exchange-data and communications security Part 1:Communication network and system security -Introduction to security issues,First edition,2007-05.
[7]辛耀中.新世纪电网调度自动化技术发展趋势.电网技术,2001,25(12):1-10.
[8]Frances Cleveland.Enhancing the reliability and security of the information infrastructure used to manage the power system.Security subcommittee presentations and papers,PSCC and PSSC,IEEE PES,2007.
[9]Dacfey Dzung,Martin Naedele,Thomas P Von HolT,et al.Security for industrial communication systems[J].Proc.of the IEEE,2005,93(6):1152-1177.
[10]胡炎,谢小荣,韩英铎,辛耀中.电力信息系统安全体系设计方法综述.电网技术,2005,29(1):35-39.
[11]国家电力监管委员会令(第5号).电力二次系统安全防护规定.2004年.
[12]Marek Zima,Mats Larsson,Petr Korba,et al.Design aspects for wide-area monitoring and control systems.Proceedings of the IEEE,2005,93(5):980-996.
[13]段斌,王键.变电站自动化信息交换安全认证体系.电力系统自动化,2005,29(9):55-59.
[14]Goran N Ericsson,Toward a framework for managing information security for an electric power utility - CIGRE experiences.IEEE transactions on power delivery,2007,22(3):1461-1469.
[15]K.Schneider,C.C.Liu,J.P.Paul.Assessment of interactions between power and telecommunications infrastructures.IEEE transactions on power systems,vol.21,no.3,2006.
[16]Daniel C D Leon,Jim Alves-Foss,Axel Krings,et al.Modeling complex control systems to identify remotely accessible devices vulnerable to cyber attack.Proc.of SACT,Nov 2002.
[17]朱永利,黄敏,邸剑.基于广域网的电力远动系统的研究[J].中国电机工程学报,2005,25(7):119-124.
[18]G.N.Ericsson.On requirements specifications for a power system communications system.IEEE transactions on power delivery,vol.20,no.2,2005.
[19]吴亚非,李新友,禄凯.信息安全风险评估,清华大学出版社,2006年12月.
[20]中华人民共和国国家标准GB/T20984-2007.信息安全技术信息安全风险评估规范,2007.
[21]European workshop on industrial computer systems.Electric power systems cyber security:power substation case study[OL/DB].www.ewics.org/attach-m ents/security-subgroup-bps/,2007.
[22]L.Nordstrom.Assessment of information security levels in power communication systems using evidential reasoning,IEEE Trans.Power Del.,vol.23,No.3,pp.1384-1391,2008.
[23]从琳,李志民,潘明惠,等.基于模糊综合评判法的电力系统信息安全评估,电力系统自动化,2004,28(12):65-69.
[24]Carol Taylor,Axel Krings,Jim Alver-Foss.Risk analysis and probabilistic survivability assessment(RAPSA):an assessment approach for power substation hardening.Proc.of SACT,Nov.2002
[25]胡炎,谢小荣,辛耀中.电力信息系统建模和定量安全评估.电力系统自动化,2005,29(10):30-35.
[26]王连强,吕述望,张剑,等.组合对象信息安全风险评估研究.计算机工程与应用,2006,42(26):17-19.
[27]L.Beaudoin.Asset valuation technique for network management and security,in Sixth IEEE International Conference on Data Mining - Workshops,Hong Kong,Dec.2006,pp.718-721.
[28]王钢,丁茂生,李晓华,等.数字继电保护装置可靠性研究.中国电机工程学报,2004,24(7):47-52.
[29]张沛超,高翔.全数字化保护系统的可靠性及元件重要度分析.中国电机工程学报,2008,28(1):77-82.
[30]IEC TS 62351-2.Power systems management and associated information exchange-data and communications security Part 2:Glossary of terms,2008-08.
[31]IEC TS 62351-3.Power systems management and associated information exchange-data and communications security Part 3:Communication network and system security -Profiles including TCP/IP,First edition,2007-06.
[32]IEC TS 62351-4.Power systems management and associated information exchange-data and communications security Part 4:Communication network and system security -Profiles including MMS,First edition,2007-06.
[33]IEC TS 62351-5.Power systems management and associated information exchange-data and communications security Part 5:Security for IEC 60870-5 and Derivatives,Work in Progress.
[34]IEC TS 62351-6.Power systems management and associated information exchange-data and communications security Part 6:Communication network and system security - Security for IEC 61850,First edition,2007-06.
[35]IEC TS 62351-7.Power systems management and associated information exchange-data and communications security Part 7:Network and system management(NSM) data object models,Work in Progress.
[36]IEC61850-1,Communication Network and Systems in Substations-Part 1:Introduction and overview[S].Geneva:IEC,2003.
[37]IEC61850-2,Communication Network and Systems in Substations-Part 2:Glossary[S].Geneva:IEC,2003.
[38]IEC 61850-3,Communication Network and Systems in Substations-Part 3:General repuirements[S].Geneva:IEC,2003.
[39]IEC 61850-4,Communication Network and Systems in Substations-Part 4:System and project management[S].Geneva:IEC,2003.
[40]IEC 61850-5,Communication networks and systems in substation-Part 5:Communication requirement for functions and device models[S].Geneva:IEC,2003.
[41]IEC 61850-6,Communication networks and systems in substation-Part 6:Configuration description language for communication in electrical substations related to IEDs[S].Geneva:IEC,2004.
[42]IEC 61850-7-1,Communication networks and systems in substation-Part 7-1:Basic communication structure for substation and feeder equipment- Principles and models[S].Geneva:IEC,2003.
[43]IEC 61850-7-2,Communication networks and systems in substation Part 7-2:Basic communication structure for substation and feeder equipment—Abstract communication service interface(ACSI)[S].Geneva:IEC,2003.
[44]IEC 61850-7-3,Communication networks and systems in substation Part 7-3:Basic communication structure for substation and feeder equipment- Common data classes[S].Geneva:IEC,2003.
[45]IEC 61850-7-4,Communication networks and systems in substation Part 7-4:Basic communication structure for substation and feeder equipment—Compatible logical node classes and data classes[S].Geneva:IEC,2003.
[46]IEC 61850-8-1,Communication networks and systems in substation- Part 8-1:Specific communication service mapping(SCSM)-Mapping to MMS(ISO/IEC 9506-1 and ISO/IEC 9506-2) and to ISO/IEC 8802-3[S].Geneva:IEC,2003.
[47]IEC 61850-9-1,Communication networks and systems in substation- Part 9-1:Specific communication service mapping(SCSM)—Sampled values over serial unidirectional multidrop point to point link[S].Geneva:IEC,2003.
[48]IEC 61850-9-2,Communication networks and systems in substation- Part 9-2:Specific Communication service mapping(SCSM)- Sampled values over ISO/IEC 8802-3[S].Geneva:IEC,2004.
[49]胡炎,董名垂.用SSL协议加强电力系统网络应用的安全性,电力系统自动化,2002,26(15):70-73,77.
[50]段斌,刘念,王键,等.基于PKI/PMI的变电站自动化系统访问安全管理[J].电力系统自动化,2005,29(9):58-63.
[51]Liu Nian,Duan Bin,Wang Jian,et al.Study on PMI based Access Control of Substation Automation System.Proceedings of 2006 IEEE PES General Meeting,Jun 18-22,Montreal,Quebec,Canada,2006.
[52]刘念,段斌.IEC 60870-5-104远动协议的一种安全报文探讨[J].电力系统自动化,2005,29(2):93-96.
[53]O.M.Sheyner."Scenario graphs and attack graphs",Ph.D.dissertation,Dept.Comput.Sci.,Carnegie Mellon Univ.,Pittsburgh,PA,2004.
[54]Satty T L.The analytic Hierarchy Process[M].NewYork:McGraw-Hill,Inc,1980.
[55]S.J.Chen,C.L.Hwang."Fuzzy multiple attributes decision making:methods and applications".Berlin:Springer,1992.
[56]冯萍慧,连一峰,戴英侠,等.基于可靠性理论的分布式系统脆弱性模型[J].软件学报,2006,17(7):1633-1640.
[57]冯萍慧,连一峰,戴英侠,等.面向网络系统的脆弱性利用成本估算模型[J].计算机学报,2006,29(8):1375-1382.
[58]李欣然,刘杨华,朱湘有,等.高压配电网建设规模的评估指标体系及其应用研究[J].中国电机工程学报,2006,26(17):18-24.
[59]吴立云,杨玉中,张强,等.综采工作面安全性评估的逼近理想解(TOPSIS)方法[J].中国安全科学学报,2006,16(4):109-113.
[60]冯永青,吴文传,孙宏斌,等.现代能量控制中心的运行风险评估研究初探[J].中国电机工程学报,2005,25(13):73-79.
[61]Otto Preiss,Tatjana Kostic.Unified Information Models in Support of Location Transparency for Future Utility Applications.Proceedings of the 39th Hawaii International Conference on System Sciences,2006.
[62]秦立军,刘麟,石俊峰,等.IEC 61850体系下的配电网自动化系统.电力设备,2007,8(12):13-15.
[63]IEC 61850-7-420,Communication networks and systems for power utility automation-Part 7-420:Basic communication structure - Distributed energy resources logical nodes,Geneva:IEC,2009.
[64]ISO/IEC 17799:2005,Information technology - Security techniques - Code of practice for information security management,ISO,2005.
[65]ISO/IEC TR 13335-3:1998,Information technology-Guidelines for the management of IT Security -Part3:Techniques foe the management of IT Security,ISO,1998.
[66]刘念,张建华,段斌,等.网络环境下变电站自动化通信系统脆弱性评估,电力系统自动化,2008,32(8):28-33.
[67]K.P.BRAND,C.BRUNNER,W.WIMMER.Design of IEC 61850 based Substation Automation Systems According to Customer Requirements.CIGRE 2004.
[68]李禾,王述洋.信息安全评估的模型和方法研究[J].中国安全科学学报,2007,17(2):144-148.
[69]丁军策,蔡泽祥,王克英.基于广域测量系统的混合量测状态估计算法.中国电机工程学报,2006,26(2):58-63.
[70]丁军策,蔡泽祥,王克英.基于广域测量系统的状态估计研究综述.电力系统自动化,2006,30(7):98-103.
[71]季坤,王克英,蔡泽祥.广域测量系统中PMU的通信方案.电力系统自动化,2005,29(3):77-80.
[72]胡志祥,谢小荣,肖晋宇,等.广域测量系统的延迟分析及其测试.电力系统自动化,2004,28(15):39-43.
[73]常乃超,兰洲,甘德强,等.广域测量系统在电力系统分析及控制中的应用综述,2005,29(10):46-52.
[74]江全元,白碧蓉,邹振宇,等.计及广域测量系统时滞影响的TCSC控制器设计,2004,28(20):21-25.
[75]郭创新,金成生,王林青,等.基于CIM的广域测量系统的信息模型.电力系统及其自动化学报.2007,19(1).
[76]高松,贺仁睦,马进,等.电力系统动态仿真误差评定准则研究.电力系统自动化.2006,30(4):6-10.
[77]冯源,夏立.广域监控系统研究的新进展.电力自动化设备,2007,27(3):107-111.
[78]易鹏兴,杜润生,杨叔子等.基于Markov的分布式监测系统可靠性研究.机械工程学报,2005,41(6):143-148.
[79]孙新利,陆长捷.工程可靠性教程.北京:国防工业出版社,2005.
[80]宋晓秋.软件可靠性GO模型的特性分析.计算机工程与设计.1996,17(6):55-57.
[81]梅启智,廖炯生,孙惠中.系统可靠性工程基础,北京:科学出版社,1987.
[82]周联红,伍翔,王一超,等.一种光纤通信系统可用性的算法及分析.电子学报,2001,29(12):1713-1716.
[83]许剑冰,薛禹胜,张启平,等.基于系统同调性的PMU最优布点.电力系统自动化.2004,28(19):22-26.
[84]沙智明,郝育黔,郝玉山,等.电力系统PMU安装地点选择优化算法的研究.继电器.2005,33(7):31-36.
[85]尹晶杰.软件可靠性模型算法分析与评价[2006-12-4].http://www.reliability.com.cn/2006doc/.
[86]张海藩.软件工程.北京:人民邮电出版社,2006.
[87]陈海焱,陈金富,段献忠.含风电场电力系统经济调度的模糊建模及优化算法.电力系统自动化,2006,30(2):22-26.
[88]王成山,孙玮,王兴刚.含大型风电场的电力系统最大输电能力计算.电力系统自动化,2007,3l(2):17-21.
[89]宋晓萍,廖明夫.基于Internet的风电场SCADA系统框架设计.电力系统自动化,2006,30(17):89-93.
[90]IEC 61400-25-1.Wind turbines - Part 25-1:Communications for monitoring and control of wind power plants - Overall description of principles and models.2006.
[91]IEC 61400-25-2.Wind turbines - Part 25-2:Communications for monitoring and control of wind power plants - information models.2006.
[92]IEC 61400-25-3.Wind turbines - Part 25-3:Communications for monitoring and control of wind power plants - information exchange models.2006.
[93]IEC 61400-25-4.Wind turbines - Part 25-3:Communications for monitoring and control of wind power plants - mapping to communication profile(in progress).2007.
[94]John Viega,Jeremy Epstein.Why applying standards to web services is not enough.IEEE Security & Privacy,2006,4(4):25-31.
[95]陈荻玲,怀进鹏.一种Web服务安全通信机制研究与实现.计算机研究与发展,2004,41(4):679-688.
[96]A.Nadalin,C.Kaler,R.Monzillo et al.,Web Services Security:SOAP Message Security 1.1,OASIS Standard Specification,2006.
[97]J.Woerner,H.Woern,"A security architecture integrated co-operative engineering platform for organized model exchange in a digital factory environment",Comput.Ind.,vol.56,No.4,pp.347-360,May 2005.
[98]Z.Wu,A.Weaver,"Using Web Services to exchange security tokens for federated trust management",in IEEE Int.Conf.Web Services,Salt Lake City,UT,USA,Jul.9-13,2007,pp.1176-1178.
[99]M.Anlauff,D.Pavlovic,and A.Suenbuel,"Deriving secure network protocols for enterprise services architectures",in IEEE Int.Conf.Comm.,Istanbul,Jun.2006,pp.2283-2287.
[100]L.Liao,J.Schwenk,"Secure emails in XML format using web services",in Fifth Eur.Conf.Web Services,Halle,Germany,Nov.26-28,2007,pp.129-136.
[101]O.Anaya-Lara,N.Jenkins,and J.McDonald,"Communications requirements and technology for wind farm operation and maintenance",in First Int.Conf.Ind.and Inf.Syst.,Aug.8-11,Sri Lanka,2006,pp.173-178.
[102]William Young,Jason Stamp,John Dillinger,et al.Communication vulnerabilities and mitigations in wind power SCADA systems.American Wind Energy Association WINDPOWER 2003 Conference,Austin,Texas,May 19,2003.
[103]余勇,林为民,何军.电力数字证书服务系统的设计及应用.电力系统自动化,2005,29(10):64-68.
[104]王前,王磊,谢寿生.DDoS攻击和防御机制分类研究.计算机应用研究,2006,(10):110-112.
[105]Anthony Nadalin,Chris Kaler,Ronald Monzillo,et al.Web services security Username Token Profile 1.1.OASIS standard specification,2006.
[106]Mark Barrel,John Boyer,Barb Fox,et al.Signature Syntax and Processing.http://www.w3.org/TR/xmldsig-core/,2002.
[107]Takeshi Imamura,Blair Dillaway,Ed Simon.XML Encryption Syntax and Processing.http://www.w3.org/TR/xmlenc-core/,2002.
[108]卞鹏,潘贞存,高湛军,等.使用XML实现变电站中IED的自动识别和远程配置[J].电力系统自动化,2004,28(10):69-72.
[109]李蓓,沐连顺,苏剑,等.基于关系模型映射的IEC 61850 SCL配置器建模[J].电网技术,2006,30(10):94-99.
[110]邹晓玉,王浩,吴晓博.IEC 61850标准中SCL语言的几个实践应用问题探讨[J].电力系统自动化,2006,30(15):94-99.
[111]卞鹏,潘贞存,高湛军,等.SCL在变电站远程配置管理中的应用[J].电力自动化设备[J],2004,24(4):54-56.
[112]徐宁,朱永利,邸剑,等.基于IEC 61850的变电站自动化对象建模[J].电力自动化设备,2006,26(3):85-88.
[113]程渤,浮花玲,杨国纬,等.面向服务的企业集成体系中信息安全模型研究[J].计算机集成制造系统,2005,11(8):1088-1095.
[114]崔晓玲,李磊,魏峻.一种新型SOAP消息附件安全保障模型.计算机科学,2007,34(4):243-249.
[115]洪帆,陈卓,王瑞民.IPSec安全机制的体系结构与应用研究[J].小型微型计算机系统,2002,23(8):946-949
[2]薛禹胜.时空协调的大停电防御框架(一)从孤立防线到综合防御[J].电力系统自动化.2006,30(1):8-16.
[3]薛禹胜.时空协调的大停电防御框架(二)广域信息、在线量化分析和自适应优化控制[J].电力系统自动化.2006,30(2):1-10.
[4]韩帧祥,曹一家.电力系统安全性及防治措施.电网技术,2004,28(9):1-6.
[5]Frances Cleveland.IEC TC57 Security Standards for the Power System's Information Infrastructure- Beyond Simple Encryption[C].IEEE PES TD 2005/2006,May 21-24,2006,1079-1087.
[6]IEC TS 62351-1.Power systems management and associated information exchange-data and communications security Part 1:Communication network and system security -Introduction to security issues,First edition,2007-05.
[7]辛耀中.新世纪电网调度自动化技术发展趋势.电网技术,2001,25(12):1-10.
[8]Frances Cleveland.Enhancing the reliability and security of the information infrastructure used to manage the power system.Security subcommittee presentations and papers,PSCC and PSSC,IEEE PES,2007.
[9]Dacfey Dzung,Martin Naedele,Thomas P Von HolT,et al.Security for industrial communication systems[J].Proc.of the IEEE,2005,93(6):1152-1177.
[10]胡炎,谢小荣,韩英铎,辛耀中.电力信息系统安全体系设计方法综述.电网技术,2005,29(1):35-39.
[11]国家电力监管委员会令(第5号).电力二次系统安全防护规定.2004年.
[12]Marek Zima,Mats Larsson,Petr Korba,et al.Design aspects for wide-area monitoring and control systems.Proceedings of the IEEE,2005,93(5):980-996.
[13]段斌,王键.变电站自动化信息交换安全认证体系.电力系统自动化,2005,29(9):55-59.
[14]Goran N Ericsson,Toward a framework for managing information security for an electric power utility - CIGRE experiences.IEEE transactions on power delivery,2007,22(3):1461-1469.
[15]K.Schneider,C.C.Liu,J.P.Paul.Assessment of interactions between power and telecommunications infrastructures.IEEE transactions on power systems,vol.21,no.3,2006.
[16]Daniel C D Leon,Jim Alves-Foss,Axel Krings,et al.Modeling complex control systems to identify remotely accessible devices vulnerable to cyber attack.Proc.of SACT,Nov 2002.
[17]朱永利,黄敏,邸剑.基于广域网的电力远动系统的研究[J].中国电机工程学报,2005,25(7):119-124.
[18]G.N.Ericsson.On requirements specifications for a power system communications system.IEEE transactions on power delivery,vol.20,no.2,2005.
[19]吴亚非,李新友,禄凯.信息安全风险评估,清华大学出版社,2006年12月.
[20]中华人民共和国国家标准GB/T20984-2007.信息安全技术信息安全风险评估规范,2007.
[21]European workshop on industrial computer systems.Electric power systems cyber security:power substation case study[OL/DB].www.ewics.org/attach-m ents/security-subgroup-bps/,2007.
[22]L.Nordstrom.Assessment of information security levels in power communication systems using evidential reasoning,IEEE Trans.Power Del.,vol.23,No.3,pp.1384-1391,2008.
[23]从琳,李志民,潘明惠,等.基于模糊综合评判法的电力系统信息安全评估,电力系统自动化,2004,28(12):65-69.
[24]Carol Taylor,Axel Krings,Jim Alver-Foss.Risk analysis and probabilistic survivability assessment(RAPSA):an assessment approach for power substation hardening.Proc.of SACT,Nov.2002
[25]胡炎,谢小荣,辛耀中.电力信息系统建模和定量安全评估.电力系统自动化,2005,29(10):30-35.
[26]王连强,吕述望,张剑,等.组合对象信息安全风险评估研究.计算机工程与应用,2006,42(26):17-19.
[27]L.Beaudoin.Asset valuation technique for network management and security,in Sixth IEEE International Conference on Data Mining - Workshops,Hong Kong,Dec.2006,pp.718-721.
[28]王钢,丁茂生,李晓华,等.数字继电保护装置可靠性研究.中国电机工程学报,2004,24(7):47-52.
[29]张沛超,高翔.全数字化保护系统的可靠性及元件重要度分析.中国电机工程学报,2008,28(1):77-82.
[30]IEC TS 62351-2.Power systems management and associated information exchange-data and communications security Part 2:Glossary of terms,2008-08.
[31]IEC TS 62351-3.Power systems management and associated information exchange-data and communications security Part 3:Communication network and system security -Profiles including TCP/IP,First edition,2007-06.
[32]IEC TS 62351-4.Power systems management and associated information exchange-data and communications security Part 4:Communication network and system security -Profiles including MMS,First edition,2007-06.
[33]IEC TS 62351-5.Power systems management and associated information exchange-data and communications security Part 5:Security for IEC 60870-5 and Derivatives,Work in Progress.
[34]IEC TS 62351-6.Power systems management and associated information exchange-data and communications security Part 6:Communication network and system security - Security for IEC 61850,First edition,2007-06.
[35]IEC TS 62351-7.Power systems management and associated information exchange-data and communications security Part 7:Network and system management(NSM) data object models,Work in Progress.
[36]IEC61850-1,Communication Network and Systems in Substations-Part 1:Introduction and overview[S].Geneva:IEC,2003.
[37]IEC61850-2,Communication Network and Systems in Substations-Part 2:Glossary[S].Geneva:IEC,2003.
[38]IEC 61850-3,Communication Network and Systems in Substations-Part 3:General repuirements[S].Geneva:IEC,2003.
[39]IEC 61850-4,Communication Network and Systems in Substations-Part 4:System and project management[S].Geneva:IEC,2003.
[40]IEC 61850-5,Communication networks and systems in substation-Part 5:Communication requirement for functions and device models[S].Geneva:IEC,2003.
[41]IEC 61850-6,Communication networks and systems in substation-Part 6:Configuration description language for communication in electrical substations related to IEDs[S].Geneva:IEC,2004.
[42]IEC 61850-7-1,Communication networks and systems in substation-Part 7-1:Basic communication structure for substation and feeder equipment- Principles and models[S].Geneva:IEC,2003.
[43]IEC 61850-7-2,Communication networks and systems in substation Part 7-2:Basic communication structure for substation and feeder equipment—Abstract communication service interface(ACSI)[S].Geneva:IEC,2003.
[44]IEC 61850-7-3,Communication networks and systems in substation Part 7-3:Basic communication structure for substation and feeder equipment- Common data classes[S].Geneva:IEC,2003.
[45]IEC 61850-7-4,Communication networks and systems in substation Part 7-4:Basic communication structure for substation and feeder equipment—Compatible logical node classes and data classes[S].Geneva:IEC,2003.
[46]IEC 61850-8-1,Communication networks and systems in substation- Part 8-1:Specific communication service mapping(SCSM)-Mapping to MMS(ISO/IEC 9506-1 and ISO/IEC 9506-2) and to ISO/IEC 8802-3[S].Geneva:IEC,2003.
[47]IEC 61850-9-1,Communication networks and systems in substation- Part 9-1:Specific communication service mapping(SCSM)—Sampled values over serial unidirectional multidrop point to point link[S].Geneva:IEC,2003.
[48]IEC 61850-9-2,Communication networks and systems in substation- Part 9-2:Specific Communication service mapping(SCSM)- Sampled values over ISO/IEC 8802-3[S].Geneva:IEC,2004.
[49]胡炎,董名垂.用SSL协议加强电力系统网络应用的安全性,电力系统自动化,2002,26(15):70-73,77.
[50]段斌,刘念,王键,等.基于PKI/PMI的变电站自动化系统访问安全管理[J].电力系统自动化,2005,29(9):58-63.
[51]Liu Nian,Duan Bin,Wang Jian,et al.Study on PMI based Access Control of Substation Automation System.Proceedings of 2006 IEEE PES General Meeting,Jun 18-22,Montreal,Quebec,Canada,2006.
[52]刘念,段斌.IEC 60870-5-104远动协议的一种安全报文探讨[J].电力系统自动化,2005,29(2):93-96.
[53]O.M.Sheyner."Scenario graphs and attack graphs",Ph.D.dissertation,Dept.Comput.Sci.,Carnegie Mellon Univ.,Pittsburgh,PA,2004.
[54]Satty T L.The analytic Hierarchy Process[M].NewYork:McGraw-Hill,Inc,1980.
[55]S.J.Chen,C.L.Hwang."Fuzzy multiple attributes decision making:methods and applications".Berlin:Springer,1992.
[56]冯萍慧,连一峰,戴英侠,等.基于可靠性理论的分布式系统脆弱性模型[J].软件学报,2006,17(7):1633-1640.
[57]冯萍慧,连一峰,戴英侠,等.面向网络系统的脆弱性利用成本估算模型[J].计算机学报,2006,29(8):1375-1382.
[58]李欣然,刘杨华,朱湘有,等.高压配电网建设规模的评估指标体系及其应用研究[J].中国电机工程学报,2006,26(17):18-24.
[59]吴立云,杨玉中,张强,等.综采工作面安全性评估的逼近理想解(TOPSIS)方法[J].中国安全科学学报,2006,16(4):109-113.
[60]冯永青,吴文传,孙宏斌,等.现代能量控制中心的运行风险评估研究初探[J].中国电机工程学报,2005,25(13):73-79.
[61]Otto Preiss,Tatjana Kostic.Unified Information Models in Support of Location Transparency for Future Utility Applications.Proceedings of the 39th Hawaii International Conference on System Sciences,2006.
[62]秦立军,刘麟,石俊峰,等.IEC 61850体系下的配电网自动化系统.电力设备,2007,8(12):13-15.
[63]IEC 61850-7-420,Communication networks and systems for power utility automation-Part 7-420:Basic communication structure - Distributed energy resources logical nodes,Geneva:IEC,2009.
[64]ISO/IEC 17799:2005,Information technology - Security techniques - Code of practice for information security management,ISO,2005.
[65]ISO/IEC TR 13335-3:1998,Information technology-Guidelines for the management of IT Security -Part3:Techniques foe the management of IT Security,ISO,1998.
[66]刘念,张建华,段斌,等.网络环境下变电站自动化通信系统脆弱性评估,电力系统自动化,2008,32(8):28-33.
[67]K.P.BRAND,C.BRUNNER,W.WIMMER.Design of IEC 61850 based Substation Automation Systems According to Customer Requirements.CIGRE 2004.
[68]李禾,王述洋.信息安全评估的模型和方法研究[J].中国安全科学学报,2007,17(2):144-148.
[69]丁军策,蔡泽祥,王克英.基于广域测量系统的混合量测状态估计算法.中国电机工程学报,2006,26(2):58-63.
[70]丁军策,蔡泽祥,王克英.基于广域测量系统的状态估计研究综述.电力系统自动化,2006,30(7):98-103.
[71]季坤,王克英,蔡泽祥.广域测量系统中PMU的通信方案.电力系统自动化,2005,29(3):77-80.
[72]胡志祥,谢小荣,肖晋宇,等.广域测量系统的延迟分析及其测试.电力系统自动化,2004,28(15):39-43.
[73]常乃超,兰洲,甘德强,等.广域测量系统在电力系统分析及控制中的应用综述,2005,29(10):46-52.
[74]江全元,白碧蓉,邹振宇,等.计及广域测量系统时滞影响的TCSC控制器设计,2004,28(20):21-25.
[75]郭创新,金成生,王林青,等.基于CIM的广域测量系统的信息模型.电力系统及其自动化学报.2007,19(1).
[76]高松,贺仁睦,马进,等.电力系统动态仿真误差评定准则研究.电力系统自动化.2006,30(4):6-10.
[77]冯源,夏立.广域监控系统研究的新进展.电力自动化设备,2007,27(3):107-111.
[78]易鹏兴,杜润生,杨叔子等.基于Markov的分布式监测系统可靠性研究.机械工程学报,2005,41(6):143-148.
[79]孙新利,陆长捷.工程可靠性教程.北京:国防工业出版社,2005.
[80]宋晓秋.软件可靠性GO模型的特性分析.计算机工程与设计.1996,17(6):55-57.
[81]梅启智,廖炯生,孙惠中.系统可靠性工程基础,北京:科学出版社,1987.
[82]周联红,伍翔,王一超,等.一种光纤通信系统可用性的算法及分析.电子学报,2001,29(12):1713-1716.
[83]许剑冰,薛禹胜,张启平,等.基于系统同调性的PMU最优布点.电力系统自动化.2004,28(19):22-26.
[84]沙智明,郝育黔,郝玉山,等.电力系统PMU安装地点选择优化算法的研究.继电器.2005,33(7):31-36.
[85]尹晶杰.软件可靠性模型算法分析与评价[2006-12-4].http://www.reliability.com.cn/2006doc/.
[86]张海藩.软件工程.北京:人民邮电出版社,2006.
[87]陈海焱,陈金富,段献忠.含风电场电力系统经济调度的模糊建模及优化算法.电力系统自动化,2006,30(2):22-26.
[88]王成山,孙玮,王兴刚.含大型风电场的电力系统最大输电能力计算.电力系统自动化,2007,3l(2):17-21.
[89]宋晓萍,廖明夫.基于Internet的风电场SCADA系统框架设计.电力系统自动化,2006,30(17):89-93.
[90]IEC 61400-25-1.Wind turbines - Part 25-1:Communications for monitoring and control of wind power plants - Overall description of principles and models.2006.
[91]IEC 61400-25-2.Wind turbines - Part 25-2:Communications for monitoring and control of wind power plants - information models.2006.
[92]IEC 61400-25-3.Wind turbines - Part 25-3:Communications for monitoring and control of wind power plants - information exchange models.2006.
[93]IEC 61400-25-4.Wind turbines - Part 25-3:Communications for monitoring and control of wind power plants - mapping to communication profile(in progress).2007.
[94]John Viega,Jeremy Epstein.Why applying standards to web services is not enough.IEEE Security & Privacy,2006,4(4):25-31.
[95]陈荻玲,怀进鹏.一种Web服务安全通信机制研究与实现.计算机研究与发展,2004,41(4):679-688.
[96]A.Nadalin,C.Kaler,R.Monzillo et al.,Web Services Security:SOAP Message Security 1.1,OASIS Standard Specification,2006.
[97]J.Woerner,H.Woern,"A security architecture integrated co-operative engineering platform for organized model exchange in a digital factory environment",Comput.Ind.,vol.56,No.4,pp.347-360,May 2005.
[98]Z.Wu,A.Weaver,"Using Web Services to exchange security tokens for federated trust management",in IEEE Int.Conf.Web Services,Salt Lake City,UT,USA,Jul.9-13,2007,pp.1176-1178.
[99]M.Anlauff,D.Pavlovic,and A.Suenbuel,"Deriving secure network protocols for enterprise services architectures",in IEEE Int.Conf.Comm.,Istanbul,Jun.2006,pp.2283-2287.
[100]L.Liao,J.Schwenk,"Secure emails in XML format using web services",in Fifth Eur.Conf.Web Services,Halle,Germany,Nov.26-28,2007,pp.129-136.
[101]O.Anaya-Lara,N.Jenkins,and J.McDonald,"Communications requirements and technology for wind farm operation and maintenance",in First Int.Conf.Ind.and Inf.Syst.,Aug.8-11,Sri Lanka,2006,pp.173-178.
[102]William Young,Jason Stamp,John Dillinger,et al.Communication vulnerabilities and mitigations in wind power SCADA systems.American Wind Energy Association WINDPOWER 2003 Conference,Austin,Texas,May 19,2003.
[103]余勇,林为民,何军.电力数字证书服务系统的设计及应用.电力系统自动化,2005,29(10):64-68.
[104]王前,王磊,谢寿生.DDoS攻击和防御机制分类研究.计算机应用研究,2006,(10):110-112.
[105]Anthony Nadalin,Chris Kaler,Ronald Monzillo,et al.Web services security Username Token Profile 1.1.OASIS standard specification,2006.
[106]Mark Barrel,John Boyer,Barb Fox,et al.Signature Syntax and Processing.http://www.w3.org/TR/xmldsig-core/,2002.
[107]Takeshi Imamura,Blair Dillaway,Ed Simon.XML Encryption Syntax and Processing.http://www.w3.org/TR/xmlenc-core/,2002.
[108]卞鹏,潘贞存,高湛军,等.使用XML实现变电站中IED的自动识别和远程配置[J].电力系统自动化,2004,28(10):69-72.
[109]李蓓,沐连顺,苏剑,等.基于关系模型映射的IEC 61850 SCL配置器建模[J].电网技术,2006,30(10):94-99.
[110]邹晓玉,王浩,吴晓博.IEC 61850标准中SCL语言的几个实践应用问题探讨[J].电力系统自动化,2006,30(15):94-99.
[111]卞鹏,潘贞存,高湛军,等.SCL在变电站远程配置管理中的应用[J].电力自动化设备[J],2004,24(4):54-56.
[112]徐宁,朱永利,邸剑,等.基于IEC 61850的变电站自动化对象建模[J].电力自动化设备,2006,26(3):85-88.
[113]程渤,浮花玲,杨国纬,等.面向服务的企业集成体系中信息安全模型研究[J].计算机集成制造系统,2005,11(8):1088-1095.
[114]崔晓玲,李磊,魏峻.一种新型SOAP消息附件安全保障模型.计算机科学,2007,34(4):243-249.
[115]洪帆,陈卓,王瑞民.IPSec安全机制的体系结构与应用研究[J].小型微型计算机系统,2002,23(8):946-949
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |