CN111131331B - Network vulnerability guided information attack-oriented moving target defense deployment optimization method - Google Patents
Network vulnerability guided information attack-oriented moving target defense deployment optimization method Download PDFInfo
- Publication number
- CN111131331B CN111131331B CN202010044018.7A CN202010044018A CN111131331B CN 111131331 B CN111131331 B CN 111131331B CN 202010044018 A CN202010044018 A CN 202010044018A CN 111131331 B CN111131331 B CN 111131331B
- Authority
- CN
- China
- Prior art keywords
- line
- node
- data
- matrix
- power
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000007123 defense Effects 0.000 title claims abstract description 39
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000005457 optimization Methods 0.000 title claims abstract description 19
- 238000009434 installation Methods 0.000 claims abstract description 33
- 238000012545 processing Methods 0.000 claims abstract description 19
- 230000003068 static effect Effects 0.000 claims abstract description 12
- 238000001514 detection method Methods 0.000 claims abstract description 9
- 238000007781 pre-processing Methods 0.000 claims abstract description 3
- 239000011159 matrix material Substances 0.000 claims description 51
- 230000000694 effects Effects 0.000 claims description 13
- 239000002131 composite material Substances 0.000 claims description 9
- 238000005259 measurement Methods 0.000 claims description 9
- 230000005540 biological transmission Effects 0.000 claims description 7
- 238000002347 injection Methods 0.000 claims description 6
- 239000007924 injection Substances 0.000 claims description 6
- 238000003491 array Methods 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 claims description 4
- 230000005855 radiation Effects 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 abstract description 5
- 230000008878 coupling Effects 0.000 abstract description 2
- 238000010168 coupling process Methods 0.000 abstract description 2
- 238000005859 coupling reaction Methods 0.000 abstract description 2
- 230000006872 improvement Effects 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 230000009466 transformation Effects 0.000 description 3
- 238000013461 design Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000005206 flow analysis Methods 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 238000010248 power generation Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Supply And Distribution Of Alternating Current (AREA)
Abstract
The invention provides a network vulnerability guided information attack-oriented mobile target defense deployment optimization method, which is characterized by comprising the following steps: s1, collecting power grid system data; s2, preprocessing the acquired data; s3, static data processing; s4, processing dynamic data; s5, generating a configuration strategy; s6, configuring strategy weight coverage detection; s7, detecting the economic cost of the configuration strategy and the line regulation capacity; and S8, outputting the installation scheme. By analyzing the power grid topology and the node vulnerability, the optimal equipment number required by power grid operation and security defense is determined by taking the line deployment capacity and the deployment cost as constraints, and the installation position of the D-FACTS equipment is determined according to the coupling relation between the nodes and the lines, so that the deployed equipment can cover all vulnerable nodes. On the premise of ensuring normal operation and power flow scheduling of a power grid, the requirement of information safety is met, and the problem of D-FACTS equipment deployment when an MTD technology is applied to FDI attacks is solved.
Description
Technical Field
The invention relates to the technical field of power grid attack detection, in particular to a network vulnerability guided information attack-oriented moving target defense deployment optimization method.
Background
Since the introduction of False Data Injection Attack (FDIA) for power systems, researchers have made many studies in this field, and in recent years, information attacks for industrial control systems represented by power grids frequently occur, and how to meet the requirement of the system for information attacks on the premise of ensuring normal operation of the industrial control systems is one of the hot problems in the current industrial control system research field.
Aiming at the common problem of the current network security, namely easy attack and difficult guard, the technology of 'changing game rules' proposed in the united states is used for realizing active network Defense, wherein a Moving Target Defense (MTD) provides a new idea, and the core idea is as follows: and continuous dynamic transformation is carried out on the attack surface of the protected target in an internal manageable mode to confuse an attacker, so that the cost and complexity of the attacker for implementing successful attack are increased, the attack success probability is reduced, and the system elasticity and safety are improved.
MTD mainly consists of 4 basic concepts, moving object defense, attack surface and attack surface transformation. Where a moving target refers to a system that can move in multiple dimensions to reduce the advantages of an attacker and increase resilience. The moving target defense is to continuously transform the attack surface presented by the system in front of the attacker, thereby effectively increasing the cost of the attacker for exploring the target vulnerability. An attack plane is a set of ways in which an attacker can enter a system and pose a potential threat, and if resources of a system are defined as methods, channels and data, the attack plane is a subset of the resources of the system.
Specifically, Flexible Alternating Current Transmission Systems (FACTS) are used for periodically adjusting parameters of a power Transmission line, and key information of the system is dynamically updated to reduce attack faces of the system, so that the original basically uncontrollable power grid can be comprehensively controlled, meanwhile, the flexibility and stability of a power system can be improved, and the Transmission capacity of the existing power Transmission line is greatly improved.
The existing research mainly focuses on the aspects of theoretical demonstration, completeness discussion and the like of the MTD technology, and lacks research on fundamental problems faced by the MTD technology in practical application.
Disclosure of Invention
The embodiment of the invention provides a network vulnerability guided information attack-oriented mobile target defense deployment optimization method, which is used for solving the D-FACTS equipment safety deployment problem when applying MTD to solve FDI attack in a power grid.
In order to achieve the purpose, the invention adopts the following technical scheme:
a network vulnerability guided information attack-oriented mobile target defense deployment optimization method comprises the following steps:
s1, acquiring power grid system data:
collecting topology and power flow data of the power grid system during long-time operation, and switching to S2;
s2, preprocessing of collected data:
formatting the data, classifying the data according to data types, and transferring the static data to S3; the dynamic data is transferred to S4 for processing;
s3, static data processing:
the number of equipment required by the system is preliminarily analyzed by processing the static data acquired by the system;
s4, dynamic data processing:
through processing dynamic data collected by a system, calculating the weight of a line and the possibility of emergency accidents of nodes at two ends of the line during normal operation by historical load flow data and node line parameters, and comprehensively evaluating the specific weight of the line when D-FACTS equipment is configured;
s5, generating a configuration strategy:
generating a configuration strategy according to the device number and the node weight obtained in S3 and S4;
s6, configuring strategy weight coverage detection:
detecting whether the generated configuration strategy covers the required corresponding fragile node;
if the requirement is met, the operation goes to S7; if not, the step is shifted to S3, the number of the devices is recalculated, and the configuration strategy is updated;
s7, detecting the economic cost and the line regulation capacity of the configuration strategy:
detecting whether the configuration strategy meets the installation economic cost constraint and the physical safety constraint of the power grid operation when the line adjusting parameters;
if yes, outputting a configuration strategy; if not, the step is shifted to S3, the number of the devices is recalculated, and the configuration strategy is updated;
and S8, outputting the installation scheme.
As a further improvement of the present invention, in step S1, the system acquiring data includes: the system comprises a system topological structure, node injection power, line tide, node parameters, line parameters and system emergency accident data.
As a further improvement of the present invention, in step S2, the static data of the system itself includes network topology and line parameters; and the dynamic data generated during the operation of the system comprises node parameters, node injection power, line tide and system emergency accident data.
As a further improvement of the present invention, in step S3, the number of D-FACTS devices required by the system is calculated according to the system topology, and the specific method includes:
in a system with n nodes and m lines, m is generally more than or equal to (n-1), a measurement matrix of the system is H, H is an admittance matrix of the system after a balanced node column in the system is removed, and H is a system adjacent matrix of mx (n-1) order in the system after direct current simplification; after the line parameters are changed using D-FACTS, the measurement matrix of the system is changed to HtThen for the composite matrix M ═ H Ht]The dimension is mx 2(n-1), and the configuration scheme that maximizes the matrix M rank is the optimal defense scheme;
if M is larger than or equal to 2(n-1), the system is called a complete system, and when the number of the installed M matrix arrays is n-1, the M matrix arrays are full-rank, so that the defense requirements of all nodes are met; if the number m of lines in the system is less than 2(n-1), a complete D-FACTS equipment configuration scheme does not exist in the system, namely, security threats always exist in the system; the defense strategy aims to maximize the defense effect, in an incomplete system at the moment, when each line is provided with D-FACTS equipment, the defense effect is necessarily maximized, but unnecessary cost is caused, so the optimal installation quantity is the minimum installation quantity which accords with the maximum matrix, the maximum rank of the composite matrix is m at the moment, the rank of the original system measurement matrix H is n-1, when the installation quantity is m-n +1, the rank of the composite matrix is maximized, and the optimal installation scheme is the optimal installation scheme when the defense effect is maximized at the moment.
As a further improvement of the present invention, in step S4, a line weight is calculated according to the historical power flow data, the node line parameters and the node emergency power failure accident data, and the specific method is as follows:
the method comprises the following steps of calculating the influence of certain line parameters on the grid loss when changed, and determining the weight in the economic aspect, wherein the calculation method comprises the following steps:
when the emergency accident probability of a certain node is calculated, the node is calculated by using an independent time axis, namely whether the two adjacent nodes have power failure accidents or not is mutually independent, so that
Wherein P isoutIs the probability of an emergency; to the line lijThe weight of the line in configuring the D-FACTS device is
As a further improvement of the present invention, in step S5, the configuration policy includes: the method comprises the steps of configuring the number of devices, configuring positions of the devices and adjusting capacity of the devices, wherein the adjusting capacity of the devices refers to the maximum adjusting capacity of the D-FACTS devices at the line under the constraint of safe operation of a power grid.
As a further improvement of the present invention, in step S6, the vulnerability coverage of the configuration scheme is checked, and the specific method is as follows:
according to the result calculated by the S5, each node has its corresponding vulnerability, specifically, the resistance of the node in the face of power flow fluctuation and information attack, while the radiation capability of the D-FACTS devices configured on the same line to different nodes is different, and the deployment optimization method should satisfy: lines provided with the D-FACTS equipment are matched with one another, so that the resistance of each fragile node in the power grid reaches a certain threshold value; the overall resistance of the system reaches another threshold.
As a further improvement of the present invention, in step S7, the adjustment capability and economic cost detection method specifically includes:
the installation cost and the economic cost generated by the dispatching trend should be less than the precalculated value, i.e. c1ΔPLoss++c2nDC or less, wherein C1,c2Is the economic coefficient, C is the total budget; in addition, the regulation capability of the D-FACTS to the line should be within the normal operation allowable range of the power grid, namely
Wherein ijx,
Are respectively a line lijLower and upper bounds for the parameters.
As a further improvement of the present invention, in step S8, the output configuration policy includes: the number of devices configured, the location of the devices configured, and the adjustability of the devices.
Compared with the prior art, the invention has the following technical effects:
according to the deployment optimization method of the distributed flexible alternating current transmission equipment (D-FACTS) based on topology perception and model response analysis, by analyzing the topology of the power grid and the vulnerability of nodes, the line deployment capability and the deployment cost are taken as constraints, and when the deployment of the D-FACTS equipment is considered in step S5, the economic requirement of the operation of the power grid is considered, and the safety requirement of the power grid in the face of information attack is also considered, which is a point that has not been considered in the design of the traditional D-FACTS equipment configuration scheme. The method comprises the steps of firstly calculating the minimum number of devices meeting requirements of two aspects, and determining the optimal installation position of the D-FACTS device according to the coupling relation between the nodes and lines, so that deployed devices can cover all fragile nodes. On the premise of ensuring normal operation and power flow scheduling of a power grid, the requirement of information safety is met, and the problem of D-FACTS equipment deployment when an MTD technology is applied to FDI attack under the engineering constraint background of the power grid is solved.
Drawings
The conception, the specific structure and the technical effects of the present invention will be further described with reference to the accompanying drawings to fully understand the objects, the features and the effects of the present invention.
FIG. 1 is a flow chart of the present invention;
FIG. 2 is a diagram of an IEEE-9BUS system;
FIG. 3 shows the detection efficiency before and after configuration.
Detailed Description
In order to make the objects, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the embodiments described below are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, a network vulnerability guided information attack-oriented mobile target defense deployment optimization method provided by an embodiment of the present invention includes the following steps:
s1, collecting various data generated by the system in long-time operation, which specifically comprises the following steps: the method comprises the following steps of (1) transferring collected data to S2 for processing, wherein the collected data comprise a system topological structure, node injection power, line load flow (active power direction and reactive power amplitude), node parameters (voltage and phase angle), line parameters (node admittance matrix), and system emergency accident data (historical operation data at least comprising operation and unplanned power failure data within one year);
s2: formatting the collected data, classifying according to data types, wherein network topology, line parameters and the like belong to static data, and processing in S3;
the node parameters, the operation trend, the system emergency accident data and the like belong to dynamic data, and S4 is carried out for processing;
s3: static data processing:
the number of devices required by the system can be preliminarily analyzed by processing the static data acquired by the system.
In a system with n nodes and m lines, m is generally greater than or equal to (n-1), assuming that a measurement matrix of the system is H, which is an admittance matrix of the system after a balanced node column in the system is removed, and H is a system adjacent matrix of m x (n-1) order in a direct current simplified system. After the line parameters are changed using D-FACTS, the measurement matrix of the system is changed to HtThen for the composite matrix M ═ H Ht]The dimension is M × 2(n-1), and the configuration scheme that maximizes the matrix M rank is the optimal defense scheme.
Particularly, if M is larger than or equal to 2(n-1), the system is called a complete system, and when the number of installed M is n-1, the M matrix array is full-rank, so that the defense requirements of all nodes are met; if the number m of lines in the system is less than 2(n-1), a complete D-FACTS equipment configuration scheme does not exist in the system, namely, security threats always exist in the system. At this time, the defense strategy aims to maximize the defense effect, and in an incomplete system at this time, when each line is provided with a D-FACTS device, the defense effect is necessarily maximized, but unnecessary cost is caused, so the optimal installation quantity is the minimum installation quantity which accords with the maximum matrix, the maximum rank of the composite matrix is m at this moment, the rank of the original system measurement matrix H is n-1, when the installation quantity is m-n +1, the rank of the composite matrix is maximized, and the optimal installation scheme is the optimal installation scheme when the defense effect is maximized at this moment.
S4: dynamic data processing:
through the processing of dynamic data collected by a system, the weight of the line during normal operation and the possibility of emergency accidents of nodes at two ends of the line are calculated according to historical load flow data and node line parameters, and the specific weight of the line during the configuration of D-FACTS equipment is comprehensively evaluated.
The specific method comprises the following steps:
firstly, the influence on the grid loss of a certain line when the parameters of the line are changed is calculated, and the weight in the economic aspect is determined, wherein the calculation method comprises the following steps:
wherein G isijRepresents a line lijConductance value of (B)ijRepresents a line lijBoth data can be obtained by the system admittance matrix, xijIs line impedance, PlossFor the entire network loss, Pflow,ijIs a line lijFlow of (a), s(θ,V)Is the state value of the system node, including voltage and phase angle.
The formula represents the network loss change generated by the sum of the system node power and the line power flow when the line parameters are changed, and the network loss change is the influence of the changed line parameters on the network loss change of the whole system. As the equipment installation side is an operation mechanism, the mechanism is acquiescent to master operation data and emergency accident data of the system for a long time, the probability of emergency accidents of a certain node is analyzed on the basis, the probability of power failure of a certain line is the union set of the power failure probabilities of nodes at two ends of the line, and when the emergency accident probability of the certain node is calculated, the node is calculated by using an independent time axis, namely whether the power failure accidents of two adjacent nodes occur or not is mutually independent, so that the equipment installation side is an operation mechanism, the mechanism is acquiescent to master the operation data and the emergency accident data of the system for a long time, and the probability of the emergency accidents of the certain node is calculated
Wherein P isoutIs the probability of an emergency. To the line lijThe weight of the line in configuring the D-FACTS device is
w1,w2And the weights are respectively the line loss of the line and the fault rate of the line, and the specific numerical value is calculated according to system data.
S5: and (3) generating a configuration strategy:
generating a configuration strategy according to the device number and the node weight obtained in S3 and S4, specifically comprising: the method comprises the steps of configuring the number of devices, configuring positions of the devices and adjusting capacity of the devices, wherein the adjusting capacity of the devices refers to the maximum adjusting capacity of the D-FACTS devices at the line under the constraint of safe operation of a power grid.
S6: configuring policy weight coverage detection:
detecting whether the generated configuration strategy covers the required corresponding fragile node or not, wherein the specific method comprises the following steps: according to the result calculated by the S5, each node has its corresponding vulnerability, which can be understood as the resistance of the node in the face of power flow fluctuation and information attack, while the radiation capability of the D-FACTS device configured on the same line to different nodes is different, and according to the above, the obtained deployment optimization method should satisfy: lines provided with the D-FACTS equipment are matched with one another, so that the resistance of each fragile node in the power grid reaches a certain threshold value; the overall resistance of the system reaches another threshold. If the requirement is met, switching to S7, otherwise, switching to S3, recalculating the number of the devices and updating the configuration strategy;
s7: detecting economic cost and line regulation capacity of a configuration strategy:
whether a configuration strategy meets installation economic cost constraint and physical safety constraint of power grid operation when line adjusting parameters is detected, and the specific method comprises the following steps: the installation cost and the economic cost generated by the dispatching trend should be less than the precalculated value, i.e. c1ΔPLoss++c2nDC or less, wherein C1,c2And C is the total budget. In addition, the regulation capability of the D-FACTS to the line should be within the normal operation allowable range of the power grid, namely
Wherein ijx,
Are respectively a line lijLower and upper bounds for the parameters. Typically, the adjustment of the line parameters should be within ± 20%. If the condition is satisfied, the configuration policy is output, otherwise, the process proceeds to S3, the number of devices is recalculated, and the configuration policy is updatedSlightly less than
S8: outputting an installation scheme: the output configuration policy specifically includes: the configuration number of the equipment, the configuration position of the equipment and the adjustment capability of the equipment.
Another embodiment of the network vulnerability guided information attack-oriented mobile target defense deployment optimization method provided by the embodiment of the present invention will be described in detail.
Examples
Fig. 2 is a system structure diagram of a test case of an IEEE-9 node standard power system, where the system includes 9 nodes, where nodes 1, 2, and 3 are power generation nodes, nodes 5, 7, and 9 are load nodes, and there are 9 branches in total between the nodes, where the nodes 1 and 4, the nodes 2 and 8, and the nodes 3 and 6 are connected by transformers.
The control center can control the on-off of each branch in the system and the working condition of each generator, each generator in the system is in an on state under normal operation, and after an attacker invades the control center, a false control instruction for the generator can be issued, for example, the attacker sends the control instruction to close the generator on the node 2, and after receiving the instruction, the generator responds to the instruction, so that the operation state of the system can be possibly damaged.
Under the MATPOWER environment, a physical response model of the power system is constructed according to the connection structure, the electrical parameters and the on-off states of the generators of the power system, and power flow analysis can be performed on the power system through the physical response model, and the physical response model specifically comprises the following steps in combination with fig. 2:
step S101: setting the value of a reference capacity baseMVA of the whole system as 100MVA, and initially generating the following bus matrix according to the node power parameter and the voltage parameter:
the first column of the Bus matrix is an NO parameter, the second column is a Type parameter, the third column is a Pd parameter, the fourth column is an Od parameter, the fifth column is a Gs parameter, the sixth column is a Bs parameter, the seventh column is an area parameter, the eighth column is a Vm parameter, the ninth column is a Va parameter, the tenth column is a baseKV parameter, the eleventh column is a zone parameter, the twelfth column is a Vmax parameter, and the thirteenth column is a Vmin parameter.
Type in the Bus matrix represents the Type of the node, wherein 1 is a PQ node, 2 is a PV node, and 3 is a balance node; pd and Qd represent active power and reactive power injected by the node pair load; gs and Bs represent the conductance value and the susceptance value of the parallel connection of the nodes, and the values are set to be 0 in the system; vm, Va, Vmax and Vmin respectively represent an initial amplitude value, an initial phase value, a highest amplitude value and a lowest amplitude value of the node voltage, wherein the voltage amplitude values are unit values under reference capacity, for simplification of a system model, the initial phase value of each node is uniformly set to be 0, and the highest amplitude value and the lowest amplitude value are uniformly set to be 1.1 and 0.9; baseKV represents a node reference voltage, and is consistent with the system reference capacity; area and zone are used for setting the section number and the partition number of the power grid, and are generally set to be 1;
step S102: according to the line connection relation among the nodes and the impedance and admittance parameters on each branch, determining a branch matrix as follows:
in the branch matrix, the first column is fb parameter, the second column is tb parameter, the third column is R parameter, the fourth column is X parameter, the fifth column is B parameter, the sixth column is rA parameter, the seventh column is rB parameter, the eighth column is rC parameter, the ninth column is ratio parameter, the tenth column is ang parameter, the eleventh column is S parameter, the twelfth column is angmin parameter, and the thirteenth column is angmax parameter.
Fb and tb in the branch matrix represent the node numbers connected with the branches; column R, X, B indicates the resistance, reactance and susceptance values on the branch, respectively; rA, rB and rC respectively represent the allowed power of the branch in long term, short term and emergency, and the values of the three columns are uniformly set to 250 in order to simplify the system model; the ratio represents the voltage transformation ratio of the branch circuit, if the branch circuit is a conducting wire, the value of the ratio is 0, and if a transformer exists in the branch circuit, the value of the ratio is the reference voltage ratio of two sides of the transformer; s represents the closed state of the branch, wherein 1 is the branch is closed, and 0 is the branch is open; ang, angmin, angmax respectively represent the phase angle of the branch and the maximum and minimum angle difference;
step S103: according to the power parameters and the electrical parameters of the generator, the following generator matrix (gen matrix) is determined:
the first column in the gen matrix is a bus parameter, the second column is a Pg parameter, the third column is a Qg parameter, the fourth column is a Qmax parameter, the fifth column is a Qmin parameter, the sixth column is a Vg parameter, the seventh column is an mBase parameter, the eighth column is an S parameter, the ninth column is a Pmax parameter, and the tenth column is a Pmin parameter.
Pg, Pmax and Pmin in the gen matrix respectively represent the active power of the generator and the maximum and minimum allowable values; qg, Qmax and Qmin represent the reactive power of the generator and the maximum and minimum allowable values respectively; vg represents the operating voltage of the generator, and the value of Vg is a per unit value under the basic capacity; mBase represents the power reference of the generator, consistent with the reference capacity; s represents the working state of the generator, wherein 1 is the running of the generator, and 0 is the closing of the generator;
step S2: and calculating a system load flow to determine a system state matrix s and a line load flow matrix l.
The first column of the s matrix is node number data, the second column is a voltage amplitude, the third column is a voltage phase angle, the fourth column injects active power into the node, the fifth column injects reactive power into the node, the nodes without the two values are load nodes, the sixth column is nodes absorbing active power, the seventh column is nodes absorbing reactive power, and the nodes without the two values are generator nodes.
The first column of the l-matrix is the line number data, the second column is the line power start node, the third column is the line power end node, the fourth column injects active power for the line start node, the fifth column injects reactive power for the start node, the sixth column injects active power for the end node, the negative value indicates that the node absorbs active power from the line, the seventh column indicates that the end node injects reactive power, the negative value indicates that the node absorbs reactive power from the line, and the eighth and ninth columns respectively indicate the active and reactive power of the line loss.
Step S3: the system has 9 nodes and 9 lines, m is less than 2(n-1), and if the system is incomplete, the installation number with the maximum defense effect is 9-9+1 to 1, and in a small system such as an IEEE-9 node, the maximum defense effect can be achieved by installing equipment on one line.
TABLE 1
Note: the weights are normalized.
Step S4: calculating line weight according to system operation load flow data and node line parameters, and respectively calculating w in experiments1,w2The values of (a) were set to 0.75 and 0.25, and the calculation results are shown in table 1 above.
Step S5: the configuration strategy is generated as follows:
TABLE 2
| Number of installations | Installation circuit | Capacity of |
| 1 | 8-9 | ±(0.017+0.0322j) |
Before and after the configuration scheme is adopted, the detection efficiency of the attack quantity with different magnitudes is shown in figure 3. After the D-FACTS equipment is installed, the probability of attack detection of the system on different orders of magnitude is obviously increased, the influence on the budget of the system after the installation is small, and the scheme is considered to meet the design requirement.
The above is a detailed description of the present invention with reference to specific preferred embodiments, and it should not be considered that the present invention is limited to the specific embodiments, but that the present invention can be easily derived or substituted by those skilled in the art without departing from the spirit of the present invention, and all of them should be considered as falling within the scope of the patent protection defined by the claims of the present invention.
Claims (7)
1. A network vulnerability guided information attack oriented moving target defense deployment optimization method is characterized by comprising the following steps:
s1, acquiring power grid system data:
collecting topology and power flow data of the power grid system during long-time operation, and switching to S2;
s2, preprocessing of collected data:
formatting the data, classifying the data according to data types, and transferring the static data to S3; the dynamic data is transferred to S4 for processing;
s3, static data processing:
the number of equipment required by the system is preliminarily analyzed by processing the static data acquired by the system;
s4, dynamic data processing:
through processing dynamic data collected by the system, calculating the weight of the line and the possibility of emergency accidents of nodes at two ends of the line during normal operation by historical load flow data and node line parameters, and comprehensively evaluating the specific weight of the line when a distributed flexible alternating current power transmission system device is configured;
s5, generating a configuration strategy:
generating a configuration strategy according to the device number and the node weight obtained in S3 and S4;
s6, configuring strategy weight coverage detection:
detecting whether the generated configuration strategy covers the required corresponding fragile node;
if the requirement is met, the operation goes to S7; if not, the step is shifted to S3, the number of the devices is recalculated, and the configuration strategy is updated;
s7, detecting the economic cost and the line regulation capacity of the configuration strategy:
detecting whether the configuration strategy meets the installation economic cost constraint and the physical safety constraint of the power grid operation when the line adjusting parameters;
if yes, outputting a configuration strategy; if not, the step is shifted to S3, the number of the devices is recalculated, and the configuration strategy is updated;
s8, outputting the installation scheme;
in step S3, calculating the number of distributed flexible ac power transmission system devices required by the system according to the system topology structure, the specific method is:
in a system with n nodes and m lines, m is generally more than or equal to (n-1), a measurement matrix of the system is set to be H, H is substantially an admittance matrix of the system after a balanced node column in the system is removed, and in a direct current simplified system, H is a system adjacent matrix of mx (n-1) order; after the line parameters are changed using D-FACTS, the measurement matrix of the system is changed to HtThen for the composite matrix M ═ H Ht]The dimension is mx 2(n-1), and the configuration scheme that maximizes the matrix M rank is the optimal defense scheme;
if M is larger than or equal to 2(n-1), the system is called a complete system, and when the number of the installed M matrix arrays is n-1, the M matrix arrays are full-rank, so that the defense requirements of all nodes are met; if the number m of lines in the system is less than 2(n-1), a complete D-FACTS equipment configuration scheme does not exist in the system, namely, security threats always exist in the system; the defense strategy aims at maximizing the defense effect, in an incomplete system at the moment, when each line is provided with D-FACTS equipment, the optimal installation quantity is the minimum installation quantity which enables the maximum matrix to be met, the maximum rank of the composite matrix is m at the moment, the rank of an original system measurement matrix H is n-1, when the installation quantity is m-n +1, the rank of the composite matrix is maximized, and the optimal installation scheme is the optimal installation scheme when the defense effect is maximum at the moment;
in step S4, a line weight is calculated according to the historical power flow data, the node line parameters, and the emergency power failure accident data of the node, and the specific method is as follows:
the method comprises the following steps of calculating the influence of certain line parameters on the grid loss when changed, and determining the weight in the economic aspect, wherein the calculation method comprises the following steps:
when the emergency accident probability of a certain node is calculated, the node is calculated by using an independent time axis, namely whether the two adjacent nodes have power failure accidents or not is mutually independent, so that
Wherein P isoutIs the probability of an emergency; to the line lijThe weight of the line in configuring the D-FACTS device is
2. The network vulnerability guided information attack oriented mobile target defense deployment optimization method of claim 1,
in step S1, the system acquiring data includes: the system comprises a system topological structure, node injection power, line tide, node parameters, line parameters and system emergency accident data.
3. The network vulnerability guided information attack oriented mobile target defense deployment optimization method of claim 1,
in step S2, the static data of the system itself includes network topology and line parameters; and the dynamic data generated during the operation of the system comprises node parameters, node injection power and emergency accident data of the line tide system.
4. The network vulnerability guided information attack oriented mobile target defense deployment optimization method of claim 1,
in step S5, the configuration policy includes: the method comprises the steps of configuring the number of devices, configuring positions of the devices and adjusting capacity of the devices, wherein the adjusting capacity of the devices refers to the maximum adjusting capacity of the D-FACTS devices at the line under the constraint of safe operation of a power grid.
5. The network vulnerability guided information attack oriented mobile target defense deployment optimization method of claim 1,
in step S6, the vulnerability coverage of the configuration scheme is checked, and the specific method is as follows:
according to the result calculated by the S5, each node has its corresponding vulnerability, specifically, the resistance of the node in the face of power flow fluctuation and information attack, while the radiation capability of the D-FACTS devices configured on the same line to different nodes is different, and the deployment optimization method should satisfy: lines provided with the D-FACTS equipment are matched with one another, so that the resistance of each fragile node in the power grid reaches a certain threshold value; the overall resistance of the system reaches another threshold.
6. The network vulnerability guided information attack oriented mobile target defense deployment optimization method of claim 1,
in step S7, the adjustment capability and the economic cost are detected, and the specific method is as follows:
the installation cost and the economic cost generated by the dispatching trend should be less than the precalculated value, i.e. c1ΔPLoss++c2nDC or less, wherein C1,c2Is the economic coefficient, C is the total budget; in addition, the regulation capability of the D-FACTS to the line should be within the normal operation allowable range of the power grid, namely
Wherein ijx,
Are respectively a line lijLower and upper bounds for the parameters.
7. The network vulnerability guided information attack oriented mobile target defense deployment optimization method of claim 1,
in step S8, the outputting the configuration policy includes: the number of devices configured, the location of the devices configured, and the adjustability of the devices.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010044018.7A CN111131331B (en) | 2020-01-15 | 2020-01-15 | Network vulnerability guided information attack-oriented moving target defense deployment optimization method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010044018.7A CN111131331B (en) | 2020-01-15 | 2020-01-15 | Network vulnerability guided information attack-oriented moving target defense deployment optimization method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111131331A CN111131331A (en) | 2020-05-08 |
| CN111131331B true CN111131331B (en) | 2022-02-22 |
Family
ID=70490723
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010044018.7A Active CN111131331B (en) | 2020-01-15 | 2020-01-15 | Network vulnerability guided information attack-oriented moving target defense deployment optimization method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111131331B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112651110B (en) * | 2020-12-14 | 2024-01-26 | 国网辽宁省电力有限公司经济技术研究院 | Malignant data injection attack defense method based on multi-stage dynamic game |
| CN114124546B (en) * | 2021-11-25 | 2023-06-20 | 广东电网有限责任公司 | Hidden type moving target defense strategy generation method and device |
| CN114301700B (en) * | 2021-12-31 | 2023-09-08 | 上海纽盾科技股份有限公司 | Method, device, system and storage medium for adjusting network security defense scheme |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105429133A (en) * | 2015-12-07 | 2016-03-23 | 国网智能电网研究院 | Information network attack-oriented vulnerability node evaluation method for power grid |
| CN107909276A (en) * | 2017-11-20 | 2018-04-13 | 广东电网有限责任公司电力调度控制中心 | A kind of vulnerability assessment method of power information physics emerging system |
| CN108989330A (en) * | 2018-08-08 | 2018-12-11 | 广东工业大学 | The double-deck defence method of false data injection attacks in a kind of electric system |
| CN109936133A (en) * | 2019-02-28 | 2019-06-25 | 国网山东省电力公司青岛供电公司 | Consider the power system vulnerability analysis method that information physical gangs up against |
| CN109961160A (en) * | 2017-12-14 | 2019-07-02 | 中国电力科学研究院有限公司 | A kind of power grid future operation trend predictor method and system based on trend parameter |
| TWI668987B (en) * | 2018-04-26 | 2019-08-11 | 中華電信股份有限公司 | System of host protection based on moving target defense and method thereof |
-
2020
- 2020-01-15 CN CN202010044018.7A patent/CN111131331B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105429133A (en) * | 2015-12-07 | 2016-03-23 | 国网智能电网研究院 | Information network attack-oriented vulnerability node evaluation method for power grid |
| CN107909276A (en) * | 2017-11-20 | 2018-04-13 | 广东电网有限责任公司电力调度控制中心 | A kind of vulnerability assessment method of power information physics emerging system |
| CN109961160A (en) * | 2017-12-14 | 2019-07-02 | 中国电力科学研究院有限公司 | A kind of power grid future operation trend predictor method and system based on trend parameter |
| TWI668987B (en) * | 2018-04-26 | 2019-08-11 | 中華電信股份有限公司 | System of host protection based on moving target defense and method thereof |
| CN108989330A (en) * | 2018-08-08 | 2018-12-11 | 广东工业大学 | The double-deck defence method of false data injection attacks in a kind of electric system |
| CN109936133A (en) * | 2019-02-28 | 2019-06-25 | 国网山东省电力公司青岛供电公司 | Consider the power system vulnerability analysis method that information physical gangs up against |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111131331A (en) | 2020-05-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111131331B (en) | Network vulnerability guided information attack-oriented moving target defense deployment optimization method | |
| Lai et al. | A tri-level optimization model to mitigate coordinated attacks on electric power systems in a cyber-physical environment | |
| CN108923415B (en) | Information physical cooperative attack analysis method in intelligent power grid line protection | |
| Sundareswaran et al. | Optimal placement of static var compensators (SVC's) using particle swarm optimization | |
| CN115049270B (en) | Power system risk assessment method considering network attack success probability of transformer substation | |
| Kumar et al. | Statistical analysis based reactive power optimization using improved differential evolutionary algorithm | |
| CN110350522A (en) | A kind of electric system vulnerable line identifying method based on Weighted H index | |
| Mancer et al. | Optimal coordination of directional overcurrent relays using PSO-TVAC | |
| CN111162531A (en) | Moving target defense dynamic response strategy generation method based on abnormal traffic | |
| CN111262856B (en) | Mobile target defense response method guided by economic and safety requirements | |
| Tong et al. | Dynamic lightning protection of Smart Grid transmission system | |
| CN107196313A (en) | A kind of extra-high-voltage alternating current power network high voltage reactor Optimal Configuration Method | |
| Laifa et al. | FACTS allocation for power systems voltage stability enhancement using MOPSO | |
| Zhu et al. | Bi‐level optimised emergency load/generator shedding strategy for AC/DC hybrid system following DC blocking | |
| Dong et al. | Local‐area STVS control system | |
| Sridhar et al. | Survey on Wireless Sensor Network Attack Detection using Machine Learning Approach | |
| Xu et al. | Admm-based OPF problem against cyber attacks in smart grid | |
| Jamian et al. | A novel TVA-REPSO technique in solving generators sizing problems for south sulawesi network | |
| Poursmaeil et al. | Robust defense strategy against cyber physical attacks in networked microgrids | |
| Alluri et al. | System security enhancement using hybrid HUA‐GPC approach under transmission line (s) and/or generator (s) outage conditions | |
| He et al. | Defense resources optimization for AC-DC hybrid system against the coordination attack of false data injection attack and physical attack | |
| Ghosh et al. | Impact of crash override and tampering communication data cyber-attacks on the power quality of the hybrid system | |
| Amrane et al. | Particle swarm optimization based reactive power planning for line stability improvement | |
| Xiang et al. | A robust power grid defense model considering load demand and wind generation uncertainties | |
| Charles et al. | Comparative study between Interior Point and Particle Swarm methods for Optimal Renewable Distributed Generation location |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240520 Address after: No. 669, Aerospace Middle Road, National Civil Aerospace Industry Base, Xi'an City, Shaanxi Province 710199 Patentee after: Electric Power Research Institute of State Grid Shaanxi Electric Power Co.,Ltd. Country or region after: China Patentee after: XI'AN JIAOTONG University Patentee after: STATE GRID CORPORATION OF CHINA Address before: No.669, Hangtian Middle Road, Chang'an District, Xi'an City, Shaanxi Province Patentee before: STATE GRID SHAANXI ELECTRIC POWER Research Institute Country or region before: China Patentee before: XI'AN JIAOTONG University Patentee before: STATE GRID CORPORATION OF CHINA |