考虑攻击方身份的电力监控系统网络安全风险分析

Risk analysis of power system cyber security considering identity of malicious adversaries

信息与物理系统的深度耦合使得网络攻击成为影响电力系统运行可靠性的重要因素。首先,从攻击方视角进行网路安全威胁风险分析,根据攻击者身份推断其可动用的资源,分析想要达成的攻击目的及可能采取的渗透入侵路径和破坏模式,为研制针对性的防护方法提供指导;其次,分析电力行业正在推进的可信计算、等级保护、安全态势感知等防御机制的缺陷,指出软、硬件系统的供应链安全威胁;然后考虑到攻击不同电力监控系统造成的风险水平和危害后果有所差异,从成功攻击可能性和危害后果2个维度构建电力系统网络攻击风险矩阵,并指出多目标协同攻击相比于单点攻击将使风险出现跃迁现象;最后,从国家支持型网络攻击可动用的资源和想要达成的攻击目的出法,提出2种高危潜在网络攻击破坏模式,并对其攻击实现过程和危害机制进行概要分析。

The ever-increasing coupling relationship between cyber and physical systems makes cyber-attacks become an important factor affecting the reliability of power system operations.First,this article conducts the analysis of the network security risk from the attacker’s perspective,infers the available resources of the attacker based on the identity of the attacker,analyzes the purpose of the attack to be achieved,and infers the possible penetration and intrusion path and damage modes.The guidance can be provided to develop the specific protection methods based on the above analysis.Then this paper analyzes the deficiencies of the trusted computing,hierarchical protection,security situation awareness and other defense mechanisms being implemented in the power industry,and this paper points out the potential supply chain security threats in the security detection of software and hardware systems.Considering the difference of the risk levels and the harmful consequences caused by attacks on different power monitoring systems,the power system risk matrix is constructed from the aspect of the possibility of successful attack and the harmful consequences,and it is pointed out that the multi-target coordinated attack will increase the risk compared to the single-point attack.Finally,from the available resources of the state-supported cyber-attacks and the purpose of the attack,two high-risk potential cyber-attack damage modes are proposed,and the attack realization process and damage mechanism are summarized.