电网信息物理系统网络安全风险分析与防护对策
|
摘要
为有效应对电网信息物理系统(Power Grid Cyber Physical Systems,PGCPS)所面临的网络安全风险和保证PGCPS的安全稳定运行,文章结合我国PGCPS的网络安全防护现状总结了目前管理和技术2方面存在的主要问题,从结构安全、本体安全、监测应急、安全管理4个方面系统分析了目前存在的安全风险,从网络边界防护、设备接入和防病毒、源代码安全检测与漏洞修补、网络安全态势感知平台建设、威胁情报通报与应急队伍建设5个角度提出对应的安全防护对策,从而提高了PGCPS网络安全水平。
In order to effectively deal with the network security risks faced by power grid cyber physical systems(PGCPS) and ensure its safe and stable operation, fi rstly, based on the actual situation of network security protection of China's PGCPS, the main problems existing in management and technology are summarized. Then the existing security risks are systematically analyzed from the aspects of structure security, system ontology, perception and emergency, and security management. Finally, this paper puts forward some security protection countermeasures to improve the level of PGCPS network security from five aspects, including network border protection, equipment access and anti-virus, source code security detection and vulnerability remediation, construction of network security situation awareness platform, threat intelligence reporting and emergency team building.
In order to effectively deal with the network security risks faced by power grid cyber physical systems(PGCPS) and ensure its safe and stable operation, fi rstly, based on the actual situation of network security protection of China's PGCPS, the main problems existing in management and technology are summarized. Then the existing security risks are systematically analyzed from the aspects of structure security, system ontology, perception and emergency, and security management. Finally, this paper puts forward some security protection countermeasures to improve the level of PGCPS network security from five aspects, including network border protection, equipment access and anti-virus, source code security detection and vulnerability remediation, construction of network security situation awareness platform, threat intelligence reporting and emergency team building.
引文
[1]刘东,盛万兴,王云,等.电网信息物理系统的关键技术及其进展[J].中国电机工程学报,2015,35(14):3522-3511.LIU Dong,SHENG Wanxing,WANG Yun,et al.Key technologies and trends of cyber physical system for powergrid[J].Proceedings of CSEE,2015,35(14):3522-3511.
[2]郭庆来,辛蜀骏,孙宏斌,等.电力系统信息物理融合建模与综合安全评估:驱动力与研究构想[J].中国电机工程学报,2016,36(6):1481-1489.GUO Qinglai,XIN Shujun,SUN Hongbin,et al.Power system cyber physical modelling and security assessment:motivation and ideas[J].Proceedings of the CESS,2016,36(6):1481-1489.
[3]赵俊华,文福栓,薛禹胜,等.电力CPS的架构及其实现技术与挑战[J].电力系统自动化,2014,34(16):1-7.ZHAO Junhua,WEN Fushuan,XUE Yusheng,et al.Cyber physical power systems:architecture,implementation techniques and challenges[J].Automation of Electric Power Systems,2014,34(16):1-7.
[4]叶夏明,文福栓,尚金成,等.电力系统中信息物理安全风险传播机制[J].电网技术,2015,39(11):3072-3079.YE Xiaming,WEN Fushuan,SHANG Jincheng,et al.Propagation mechanism of cyber physical security risks in power systems[J].Power System Technology,2015,39(11):3072-3079.
[5]叶夏明.电力信息物理系统通信网络性能分析及网络安全评估[D].杭州:浙江大学,2015.
[6]赵俊华,梁高琪,文福拴,等.乌克兰事件的启示:防范针对电网的虚假数据注入攻击[J].电力系统自动化,2016,40(7):149-151.ZHAO Junhua,LIANG Gaoqi,WEN Fushuan,et al.Lessons learnt from the Ukrainian blackout:protecting power grids against false data injection attacks[J].Automation of Electric Power Systems,2016,40(7):149-151.
[7]倪明,颜洁,柏瑞,等.电力系统防恶意信息攻击的思考[J].电力系统自动化,2016,40(5):148-151.NI Ming,YAN Jie,BAI Rui,et al.Power system cyber attack and its defense[J].Automation of Electric Power Systems,2016,40(5):148-151.
[8]苏盛,吴长江,马钧,等.基于攻击方视角的电力CPS网络攻击模式分析[J].电网技术,2014,38(11):3115-3120.SU Sheng,WU Changjiang,MA Jun,et al.Attacker's perspective based analysis on cyber attack mode to cyberphysical system[J].Power System Technology,2014,38(11):3115-3120.
[9]国家发展改革委办公厅.电力监控系统安全防护规定[Z].2014.
[10]国家能源局.电力监控系统安全总体方案[Z].2015.
[11]工业和信息化部.工业控制系统信息安全防护指南[Z].2016.
[12]吴克河,刘吉臻,张彤,等.电力信息系统安全防御体系及关键技术[M].北京:科学出版社,2011.
[13]高昆仑,辛耀中,李钊,等.智能电网调度控制系统安全防护技术及发展[J].电力系统自动化,2015,39(1):48-52.GAO Kunlun,XIN Yaozhong,LI Zhao,et al.Development and process of cyber security protection architecture for smart grid dispatching and control systems[J].Automation of Electric Power Systems,2015,39(1):45-52.
[14]李中伟,佟为明,金显吉.智能电网信息安全防御体系与信息安全测试系统构建[J].电力系统自动化,2016,40(8):147-151.LI Zhongwei,TONG Weiming,JIN Xianji.Design and application of integrated energy management system in active distribution network[J].Automation of Electric Power Systems,2016,40(8):147-151.
[15]郭创新,陆海波,俞斌,等.电力二次系统安全风险评估研究综述[J].电网技术,2013,37(1):112-118.GUO Chuangxin,LU Haibo,YU Bin,et al.A survey of research on security risk assessment of secondary system[J].Power System Technology,2013,37(1):112-118.
[16]李存斌,李小鹏,田世明,等.能源互联网电力信息深度融合风险传递:挑战与展望[J].电力系统自动化,2017,41(11):17-25.LI Cunbin,LI Xiaopeng,TIAN Shiming,et al.Challenges and prospects of risk transmission in deep fusion of electric power and information for energy internet[J].Automation of Electric Power Systems,2017,41(11):17-25.
[17]李田,苏胜,杨洪明,等.电力信息物理系统的攻击行为与安全防护[J].电力系统自动化,2017,41(22):162-167.LI Tian,SU Sheng,YANG Hongming,et al.Attacks and cyber security defense in cyber-physical power system[J].Automation of Electric Power Systems,2017,41(22):162-167.
[18]王栋,陈传鹏,颜佳,等.新一代电力信息网络安全架构的思考[J].电力系统自动化,2016,40(2):6-11.WANG Dong,CHEN Chuanpeng,YAN Jia,et al.Pondering a new generation security architecture model for power information network[J].Automation of Electric Power Systems,2016,40(1):6-11.
[19]严博.电力信息系统病毒防控管理工作标准化流程[J].电力信息与通信技术,2015,13(8):33-35.YAN Bo.Standardized virus prevention and control process of electric information system[J].Electric Power Information and Communication Technology,2015,13(8):33-35.
[20]叶亮.基于安全规则的源代码分析方法研究[D].武汉:华中科技大学,2013.
[21]蒋诚智,余勇,林为民.基于智能Agent的电力信息网络安全态势感知模型研究[J].计算机科学,2012,39(12):98-101.JIANG Chengzhi,YU Yong,LIN Weimin.Research on electricinformation network security situation awareness model based on intelligent agent[J].Computer Science,2012,39(12):98-101.
[22]徐诚,梁睿,程真何,等.面向能源互联网的智能配电网安全态势感知[J].电力自动化设备,2016,36(6):13-18.XU Cheng,LIANG Rui,CHENG Zhenhe,et al.Security situation awareness of smart distribution grid for future energy internet[J].Electric Power Automation Equipment,2016,36(6):13-18.
[23]李刚,唐正鑫,李纪锋,等.智能电网安全态势感知与组合预测[J].电力信息与通信技术,2016,14(11):1-7.LI Gang,TANG Zhengxin,LI Jifeng,et al.Security situation awareness and combination forecasting in smart grid[J].Electric Power Information and Communication Technology,2016,14(11):1-7.
[24]管小娟,张涛,马媛媛,等.网络安全态势感知研究综述[J].电力信息与通信技术,2014,12(5):1-4.GUAN Xiaojuan,ZHANG Tao,MA Yuanyuan,et al.A survey of network security situation awareness[J].Electric Power Information and Communication Technology,2014,12(5):1-4.
[2]郭庆来,辛蜀骏,孙宏斌,等.电力系统信息物理融合建模与综合安全评估:驱动力与研究构想[J].中国电机工程学报,2016,36(6):1481-1489.GUO Qinglai,XIN Shujun,SUN Hongbin,et al.Power system cyber physical modelling and security assessment:motivation and ideas[J].Proceedings of the CESS,2016,36(6):1481-1489.
[3]赵俊华,文福栓,薛禹胜,等.电力CPS的架构及其实现技术与挑战[J].电力系统自动化,2014,34(16):1-7.ZHAO Junhua,WEN Fushuan,XUE Yusheng,et al.Cyber physical power systems:architecture,implementation techniques and challenges[J].Automation of Electric Power Systems,2014,34(16):1-7.
[4]叶夏明,文福栓,尚金成,等.电力系统中信息物理安全风险传播机制[J].电网技术,2015,39(11):3072-3079.YE Xiaming,WEN Fushuan,SHANG Jincheng,et al.Propagation mechanism of cyber physical security risks in power systems[J].Power System Technology,2015,39(11):3072-3079.
[5]叶夏明.电力信息物理系统通信网络性能分析及网络安全评估[D].杭州:浙江大学,2015.
[6]赵俊华,梁高琪,文福拴,等.乌克兰事件的启示:防范针对电网的虚假数据注入攻击[J].电力系统自动化,2016,40(7):149-151.ZHAO Junhua,LIANG Gaoqi,WEN Fushuan,et al.Lessons learnt from the Ukrainian blackout:protecting power grids against false data injection attacks[J].Automation of Electric Power Systems,2016,40(7):149-151.
[7]倪明,颜洁,柏瑞,等.电力系统防恶意信息攻击的思考[J].电力系统自动化,2016,40(5):148-151.NI Ming,YAN Jie,BAI Rui,et al.Power system cyber attack and its defense[J].Automation of Electric Power Systems,2016,40(5):148-151.
[8]苏盛,吴长江,马钧,等.基于攻击方视角的电力CPS网络攻击模式分析[J].电网技术,2014,38(11):3115-3120.SU Sheng,WU Changjiang,MA Jun,et al.Attacker's perspective based analysis on cyber attack mode to cyberphysical system[J].Power System Technology,2014,38(11):3115-3120.
[9]国家发展改革委办公厅.电力监控系统安全防护规定[Z].2014.
[10]国家能源局.电力监控系统安全总体方案[Z].2015.
[11]工业和信息化部.工业控制系统信息安全防护指南[Z].2016.
[12]吴克河,刘吉臻,张彤,等.电力信息系统安全防御体系及关键技术[M].北京:科学出版社,2011.
[13]高昆仑,辛耀中,李钊,等.智能电网调度控制系统安全防护技术及发展[J].电力系统自动化,2015,39(1):48-52.GAO Kunlun,XIN Yaozhong,LI Zhao,et al.Development and process of cyber security protection architecture for smart grid dispatching and control systems[J].Automation of Electric Power Systems,2015,39(1):45-52.
[14]李中伟,佟为明,金显吉.智能电网信息安全防御体系与信息安全测试系统构建[J].电力系统自动化,2016,40(8):147-151.LI Zhongwei,TONG Weiming,JIN Xianji.Design and application of integrated energy management system in active distribution network[J].Automation of Electric Power Systems,2016,40(8):147-151.
[15]郭创新,陆海波,俞斌,等.电力二次系统安全风险评估研究综述[J].电网技术,2013,37(1):112-118.GUO Chuangxin,LU Haibo,YU Bin,et al.A survey of research on security risk assessment of secondary system[J].Power System Technology,2013,37(1):112-118.
[16]李存斌,李小鹏,田世明,等.能源互联网电力信息深度融合风险传递:挑战与展望[J].电力系统自动化,2017,41(11):17-25.LI Cunbin,LI Xiaopeng,TIAN Shiming,et al.Challenges and prospects of risk transmission in deep fusion of electric power and information for energy internet[J].Automation of Electric Power Systems,2017,41(11):17-25.
[17]李田,苏胜,杨洪明,等.电力信息物理系统的攻击行为与安全防护[J].电力系统自动化,2017,41(22):162-167.LI Tian,SU Sheng,YANG Hongming,et al.Attacks and cyber security defense in cyber-physical power system[J].Automation of Electric Power Systems,2017,41(22):162-167.
[18]王栋,陈传鹏,颜佳,等.新一代电力信息网络安全架构的思考[J].电力系统自动化,2016,40(2):6-11.WANG Dong,CHEN Chuanpeng,YAN Jia,et al.Pondering a new generation security architecture model for power information network[J].Automation of Electric Power Systems,2016,40(1):6-11.
[19]严博.电力信息系统病毒防控管理工作标准化流程[J].电力信息与通信技术,2015,13(8):33-35.YAN Bo.Standardized virus prevention and control process of electric information system[J].Electric Power Information and Communication Technology,2015,13(8):33-35.
[20]叶亮.基于安全规则的源代码分析方法研究[D].武汉:华中科技大学,2013.
[21]蒋诚智,余勇,林为民.基于智能Agent的电力信息网络安全态势感知模型研究[J].计算机科学,2012,39(12):98-101.JIANG Chengzhi,YU Yong,LIN Weimin.Research on electricinformation network security situation awareness model based on intelligent agent[J].Computer Science,2012,39(12):98-101.
[22]徐诚,梁睿,程真何,等.面向能源互联网的智能配电网安全态势感知[J].电力自动化设备,2016,36(6):13-18.XU Cheng,LIANG Rui,CHENG Zhenhe,et al.Security situation awareness of smart distribution grid for future energy internet[J].Electric Power Automation Equipment,2016,36(6):13-18.
[23]李刚,唐正鑫,李纪锋,等.智能电网安全态势感知与组合预测[J].电力信息与通信技术,2016,14(11):1-7.LI Gang,TANG Zhengxin,LI Jifeng,et al.Security situation awareness and combination forecasting in smart grid[J].Electric Power Information and Communication Technology,2016,14(11):1-7.
[24]管小娟,张涛,马媛媛,等.网络安全态势感知研究综述[J].电力信息与通信技术,2014,12(5):1-4.GUAN Xiaojuan,ZHANG Tao,MA Yuanyuan,et al.A survey of network security situation awareness[J].Electric Power Information and Communication Technology,2014,12(5):1-4.