网络攻击下基于贝叶斯图论的配电系统安全分析
|
摘要
随着信息通信技术的发展,信息网络与物理系统深度融合,使配电网信息物理融合系统(cyber physical system,CPS)面临网络攻击的运行安全风险增加。文章分析了网络虚假数据攻击下配电网CPS运行安全性,并提出了基于贝叶斯攻击信息传递图论的融合建模与动态安全风险综合评估方法。通过分析信息设备漏洞的不同利用模式,构建了与设备漏洞关联的潜在数据攻击图以及信息-物理系统间的交互作用模型。结合贝叶斯概率量化理论与攻击证据点动态更新了信息传递后验概率,并在此基础上提出了动态安全风险综合评估指标与框架,定量分析了攻击对于信息网络以及配电网CPS系统运行安全的影响。最后基于改进的IEEE 33节点配电CPS系统的算例仿真验证了所提安全风险评估方法的有效性。
With the development of information and communication technology,the deep integration of physical system with information network has increased the operational risk of distribution cyber physical system( CPS) against network attacks. By analyzing the different utilization modes of the vulnerabilities existing in the information devices,the potential data attack model associated with device vulnerabilities and the information-physical interaction model are constructed.Combined with Bayesian probability quantification theory and real-time attack evidence points,the information transfer posterior probability is updated dynamically. On this basis,comprehensive evaluation index and framew ork of dynamic security risk are proposed to quantitatively analyze the attack influence on the information networks and distribution CPS system. Finally,an experimental simulation is given to demonstrate the effectiveness of the proposed security risk assessment method through the improved IEEE 33-node pow er distribution CPS system.
With the development of information and communication technology,the deep integration of physical system with information network has increased the operational risk of distribution cyber physical system( CPS) against network attacks. By analyzing the different utilization modes of the vulnerabilities existing in the information devices,the potential data attack model associated with device vulnerabilities and the information-physical interaction model are constructed.Combined with Bayesian probability quantification theory and real-time attack evidence points,the information transfer posterior probability is updated dynamically. On this basis,comprehensive evaluation index and framew ork of dynamic security risk are proposed to quantitatively analyze the attack influence on the information networks and distribution CPS system. Finally,an experimental simulation is given to demonstrate the effectiveness of the proposed security risk assessment method through the improved IEEE 33-node pow er distribution CPS system.
引文
[1]赵俊华,文福拴,薛禹胜,等.电力CPS的架构及其实现技术与挑战[J].电力系统自动化,2010,34(16):1-7.ZHAO Junhua,WEN Fushuan,XUE Yusheng,et al. Cyber physical pow er systems:Architecture, implementation techniques and challenges[J]. Automation of Electric Pow er Systems,2010,34(16):1-7.
[2]陈璨,吴文传,张伯明,等.基于多场景技术的有源配电网可靠性评估[J].中国电机工程学报,2012,32(34):67-73.CHEN Can,WU Wenchuan,ZHANG Boming,et al. An active distribution system reliability evaluation method based on multiple scenarios technique[J]. Proceedings of the CSEE,2012,32(34):67-73.
[3] National Institute of Standards and Technology. Introduction to NISTIR 7628 guidelines for smart grid cyber security[EB/OL].[2018-05-04]. http://www. nist. gov/smartgrid/upload/nistir-7628_total. pdf.
[4] LIU Y. Wireless sensor network applications in smart grid:Recent trends and challenges[J]. International Journal of Distributed Sensor Netw orks,2012(9):1-8.
[5] ATHAR A K,MUBASHIR H R,MARTIN R. Cognitive radio for smart grids:Survey of architectures,spectrum sensing mechanisms,and netw orking protocols[J]. IEEE Communications Surveys&Tutorials,2016,18(1):860-898.
[6] WANG Y F,LIN W M,ZHANG T. Study on security of wireless sensor netw orks in smart grid[C]//2010 International Conference on Pow er System Technology. Hangzhou:IEEE,2010:1-7.
[7]汤奕,王琦,倪明,等.电力信息物理融合系统中的网络攻击分析[J].电力系统自动化,2016,40(6):1-4.TANG Yi,WANG Qi,NI M ing,et al. Analysis of cyber attacks in cyber physical pow er system[J]. Automation of Electric Pow er Systems,2016,40(6):1-4.
[8]郭庆来,辛蜀骏,王剑辉,等.由乌克兰停电事件看信息能源系统综合安全评估[J].电力系统自动化,2016,40(5):1-3.GUO Qinglai,XIN Shujun,WANG Jianhui,et al. Comperhensive security accessment for a cyber physical energy system:a lesson from Ukraine’s blackout[J]. Automation of Electric Pow er Systems,2016,40(5):1-3.
[9] RAWAT D B,BAIRA C. Cyber security for smart grid systems:Status, challenges and perspectives[C]//IEEE Southeast Conference. Fort Lauderdale:IEEE,2015:1-6.
[10] LIU X,BAO Z,LU D,et al. Modeling of local false data in jection attacks w ith reduced netw ork information[J]. IEEE Transactions on Smart Grid,2015,6(4):1686-1696.
[11] WANG W,LU Z. Cyber security in thesmart grid:Survey and challenges[J]. Computer Netw orks,2013,57(5):1344-1371.
[12]贾炜,连一峰,冯登国,等.基于贝叶斯网络近似推理的网络脆弱性评估方法[J].通信学报,2008,29(10):191-198.JIA Wei,LIAN Yifeng,FENG Dengguo,et al. Bayesian-netw orkapproximate-reasoning-based method for netw ork vulnerabilities evaluation[J]. Journal on Communications,2008,29(10):191-198.
[13] KIM J,TONG L. On topology attack of a smart grid:undetectable attacks and countermeasures[J]. IEEE Journal on Selected Areas in Communications,2013,31(7):1294-1305.
[14] LIU S,CHEN B,ZOURNTOS T,et al. A coordinated multisw itch attack for cascading failures in smart grid[J]. IEEE Transactions on Smart Grid,2014,5(3):1183-1195.
[15]叶夏明,赵俊华,文福拴.基于邻接矩阵的电力信息系统脆弱性定量评估[J].电力系统自动化,2013,37(22):41-46.YE Xiaming, ZHAO Junhua, WEN Fushuan. Quantitative vulnerability assessment for pow er information system based on adjacency matrix[J]. Automation of Electric Pow er Systems,2013,37(22):41-46.
[16] LIM I H, HONG S, CHOI M S, et al. Security protocols againstcyber attacks in the distribution automation system[J].IEEE Trans on Pow er Delivery,2010,25(1):448-455.
[17] BYES E J,FRANZ M,MILLER D. The use of attack trees in assessing vulnerabilities in SCADA systems[C]//2014 IEEE Conference on international Infrastructure Survivability Workshop.Piscataw ay,NJ:IEEE,2014,210-217.
[18] PATEL S C,GRANHAM J H,RALSTON A S. Quantitatively assessing the vulnerability of critical information systems:A new method for evaluating security enhancements[J]. International Journal of Information M anagement,2008,28(6):483-491.
[19] TEN C W,LIU CC,MANIMARAN G. Vulnerability assessment of cyber security for SCADA systems[J]. IEEE Transaction on Pow er Systems,2008,23(4):1836-1846.
[20]郭庆来,辛蜀骏,孙宏斌,等.电力系统信息物理融合建模与综合安全评估:驱动力与研究构想[J].中国电机工程学报,2016,36(6):1481-1489.GUO Qinglai,XIN Shujun,SUN Hongbin,et al. Pow er system cyber-physical modelling and security assessment:M otivation and ideas[J]. Proceedings of the CSEE,2016,36(6):1481-1489.
[21]张天宇,罗凤章,王成山,等.信息系统对微电网运行可靠性的影响分析[J].电力系统自动化,2016,40(23):28-35.ZHANG Tianyu,LUO Fengzhang,WANG Chengshan,et al.Influence of information system on micro-grid operation reliability[J]. Automation of Electric Power Systems,2016,40(23):28-35.
[22] YANG Q Y,YANG J,ZHAO W. On false data-injectionattacks against pow er system state estimation:M odeling and countermeasures[J]. IEEE Transactions on parallel and distributed systems,2014,25(3):717-729.
[23]张少俊,李建华,宋珊珊,等.贝叶斯推理在攻击图节点置信度计算中的应用[J].软件学报,2010,21(9):2376-2386.ZHANG Shaojun,LI Jianhua,SONG Shanshan,et al. Using bayesian inference for computing attack graph node beliefs[J].Journal of Softw are,2010,21(9):2376-2386.
[24]茹叶棋,周斌,吴亦贝,等.考虑网络攻击因素的电网信息物理系统业务可靠性分析[J].电力建设,2017,38(5):38-45.RU Yeqi,ZHOU Bin,WU Yibei,et al. Reliability analysis of business in grid cyber physical system considering the factors of cyber attacks[J]. Electric Pow er Construction,2017,38(5):38-45.
[25]武文博,康锐,李梓.基于攻击图的信息物理系统信息安全风险评估方法[J].计算机应用,2016,36(1):203-206.WU Wenbo,KANG Rui,LI Xin. Attack graph based risk assessment method for cyber security of cyber-physical system[J].Journal of Computer Applications,2016,36(1):203-206.
[26] FREI S,MAY M,FIEDLER U,et al. Large-scale vulnerability analysis[C]//Proceedings of the 2006 SIGCOM M Workshop on Large-Scale Attack Defense. New York:ACM,2006:131-138.
[27]高妮,高岭,贺毅岳,等.基于贝叶斯攻击图的动态安全风险评估模型[J].四川大学学报,2016,48(1):111-118.GAO Ni,GAO Lin,HE Yiyue,et al. Dynamic security risk assessment model based on bayesian attack graph[J]. Journal of Sichuan University,2016,48(1):111-118.
[28] CEEMAN V,ANURAG S,SAMAN Z,et al. CPINDEX:Cyberphysical vulnerability assessment for pow er-grid infrastructures[J].IEEE Transaction on Smart Grid,2015,6(2):566-575.
[29]汤奕,李峰,王琦,等.通信系统故障对电力系统实时负荷控制影响的量化评价方法[J].电力自动化设备,2017,37(2):90-96.TANG Yi,LI Feng,WANG Qi,et al. Quantitative evaluation of communication system fault effect on real-time load control of pow er system[J]. Electric Pow er Automation Equipment,2017,37(2):90-96.
[30] DEEPA K,FENG X Y,LIU S,et al. Towards a framework for cyber attack impact analysis of the electric smart grid[C]//2010First IEEE International Conference on Smart Grid Communications. Gaithersburg:IEEE,2010:244-249.
[2]陈璨,吴文传,张伯明,等.基于多场景技术的有源配电网可靠性评估[J].中国电机工程学报,2012,32(34):67-73.CHEN Can,WU Wenchuan,ZHANG Boming,et al. An active distribution system reliability evaluation method based on multiple scenarios technique[J]. Proceedings of the CSEE,2012,32(34):67-73.
[3] National Institute of Standards and Technology. Introduction to NISTIR 7628 guidelines for smart grid cyber security[EB/OL].[2018-05-04]. http://www. nist. gov/smartgrid/upload/nistir-7628_total. pdf.
[4] LIU Y. Wireless sensor network applications in smart grid:Recent trends and challenges[J]. International Journal of Distributed Sensor Netw orks,2012(9):1-8.
[5] ATHAR A K,MUBASHIR H R,MARTIN R. Cognitive radio for smart grids:Survey of architectures,spectrum sensing mechanisms,and netw orking protocols[J]. IEEE Communications Surveys&Tutorials,2016,18(1):860-898.
[6] WANG Y F,LIN W M,ZHANG T. Study on security of wireless sensor netw orks in smart grid[C]//2010 International Conference on Pow er System Technology. Hangzhou:IEEE,2010:1-7.
[7]汤奕,王琦,倪明,等.电力信息物理融合系统中的网络攻击分析[J].电力系统自动化,2016,40(6):1-4.TANG Yi,WANG Qi,NI M ing,et al. Analysis of cyber attacks in cyber physical pow er system[J]. Automation of Electric Pow er Systems,2016,40(6):1-4.
[8]郭庆来,辛蜀骏,王剑辉,等.由乌克兰停电事件看信息能源系统综合安全评估[J].电力系统自动化,2016,40(5):1-3.GUO Qinglai,XIN Shujun,WANG Jianhui,et al. Comperhensive security accessment for a cyber physical energy system:a lesson from Ukraine’s blackout[J]. Automation of Electric Pow er Systems,2016,40(5):1-3.
[9] RAWAT D B,BAIRA C. Cyber security for smart grid systems:Status, challenges and perspectives[C]//IEEE Southeast Conference. Fort Lauderdale:IEEE,2015:1-6.
[10] LIU X,BAO Z,LU D,et al. Modeling of local false data in jection attacks w ith reduced netw ork information[J]. IEEE Transactions on Smart Grid,2015,6(4):1686-1696.
[11] WANG W,LU Z. Cyber security in thesmart grid:Survey and challenges[J]. Computer Netw orks,2013,57(5):1344-1371.
[12]贾炜,连一峰,冯登国,等.基于贝叶斯网络近似推理的网络脆弱性评估方法[J].通信学报,2008,29(10):191-198.JIA Wei,LIAN Yifeng,FENG Dengguo,et al. Bayesian-netw orkapproximate-reasoning-based method for netw ork vulnerabilities evaluation[J]. Journal on Communications,2008,29(10):191-198.
[13] KIM J,TONG L. On topology attack of a smart grid:undetectable attacks and countermeasures[J]. IEEE Journal on Selected Areas in Communications,2013,31(7):1294-1305.
[14] LIU S,CHEN B,ZOURNTOS T,et al. A coordinated multisw itch attack for cascading failures in smart grid[J]. IEEE Transactions on Smart Grid,2014,5(3):1183-1195.
[15]叶夏明,赵俊华,文福拴.基于邻接矩阵的电力信息系统脆弱性定量评估[J].电力系统自动化,2013,37(22):41-46.YE Xiaming, ZHAO Junhua, WEN Fushuan. Quantitative vulnerability assessment for pow er information system based on adjacency matrix[J]. Automation of Electric Pow er Systems,2013,37(22):41-46.
[16] LIM I H, HONG S, CHOI M S, et al. Security protocols againstcyber attacks in the distribution automation system[J].IEEE Trans on Pow er Delivery,2010,25(1):448-455.
[17] BYES E J,FRANZ M,MILLER D. The use of attack trees in assessing vulnerabilities in SCADA systems[C]//2014 IEEE Conference on international Infrastructure Survivability Workshop.Piscataw ay,NJ:IEEE,2014,210-217.
[18] PATEL S C,GRANHAM J H,RALSTON A S. Quantitatively assessing the vulnerability of critical information systems:A new method for evaluating security enhancements[J]. International Journal of Information M anagement,2008,28(6):483-491.
[19] TEN C W,LIU CC,MANIMARAN G. Vulnerability assessment of cyber security for SCADA systems[J]. IEEE Transaction on Pow er Systems,2008,23(4):1836-1846.
[20]郭庆来,辛蜀骏,孙宏斌,等.电力系统信息物理融合建模与综合安全评估:驱动力与研究构想[J].中国电机工程学报,2016,36(6):1481-1489.GUO Qinglai,XIN Shujun,SUN Hongbin,et al. Pow er system cyber-physical modelling and security assessment:M otivation and ideas[J]. Proceedings of the CSEE,2016,36(6):1481-1489.
[21]张天宇,罗凤章,王成山,等.信息系统对微电网运行可靠性的影响分析[J].电力系统自动化,2016,40(23):28-35.ZHANG Tianyu,LUO Fengzhang,WANG Chengshan,et al.Influence of information system on micro-grid operation reliability[J]. Automation of Electric Power Systems,2016,40(23):28-35.
[22] YANG Q Y,YANG J,ZHAO W. On false data-injectionattacks against pow er system state estimation:M odeling and countermeasures[J]. IEEE Transactions on parallel and distributed systems,2014,25(3):717-729.
[23]张少俊,李建华,宋珊珊,等.贝叶斯推理在攻击图节点置信度计算中的应用[J].软件学报,2010,21(9):2376-2386.ZHANG Shaojun,LI Jianhua,SONG Shanshan,et al. Using bayesian inference for computing attack graph node beliefs[J].Journal of Softw are,2010,21(9):2376-2386.
[24]茹叶棋,周斌,吴亦贝,等.考虑网络攻击因素的电网信息物理系统业务可靠性分析[J].电力建设,2017,38(5):38-45.RU Yeqi,ZHOU Bin,WU Yibei,et al. Reliability analysis of business in grid cyber physical system considering the factors of cyber attacks[J]. Electric Pow er Construction,2017,38(5):38-45.
[25]武文博,康锐,李梓.基于攻击图的信息物理系统信息安全风险评估方法[J].计算机应用,2016,36(1):203-206.WU Wenbo,KANG Rui,LI Xin. Attack graph based risk assessment method for cyber security of cyber-physical system[J].Journal of Computer Applications,2016,36(1):203-206.
[26] FREI S,MAY M,FIEDLER U,et al. Large-scale vulnerability analysis[C]//Proceedings of the 2006 SIGCOM M Workshop on Large-Scale Attack Defense. New York:ACM,2006:131-138.
[27]高妮,高岭,贺毅岳,等.基于贝叶斯攻击图的动态安全风险评估模型[J].四川大学学报,2016,48(1):111-118.GAO Ni,GAO Lin,HE Yiyue,et al. Dynamic security risk assessment model based on bayesian attack graph[J]. Journal of Sichuan University,2016,48(1):111-118.
[28] CEEMAN V,ANURAG S,SAMAN Z,et al. CPINDEX:Cyberphysical vulnerability assessment for pow er-grid infrastructures[J].IEEE Transaction on Smart Grid,2015,6(2):566-575.
[29]汤奕,李峰,王琦,等.通信系统故障对电力系统实时负荷控制影响的量化评价方法[J].电力自动化设备,2017,37(2):90-96.TANG Yi,LI Feng,WANG Qi,et al. Quantitative evaluation of communication system fault effect on real-time load control of pow er system[J]. Electric Pow er Automation Equipment,2017,37(2):90-96.
[30] DEEPA K,FENG X Y,LIU S,et al. Towards a framework for cyber attack impact analysis of the electric smart grid[C]//2010First IEEE International Conference on Smart Grid Communications. Gaithersburg:IEEE,2010:244-249.