A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify...A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify the behavior and state of the system on the base of analyzing the existing qualitative risk assessment methods. And a quantitative method based on fuzzy set is used to measure security risks of the system, A case study was performed on the WEB server of the Internet-banking System using fuzzy-set based assessment algorithm to quantitatively compute the security risk severity. The numeric result also provides a method to decide the most critical component which should amuse the system administrator enough attention to take the appropriate security measure or controls to alleviate the risk severity. The experiments show this method can be used to quantify the security properties for the Internet-banking System in practice.展开更多
After the digital revolution, the power system security becomes an important issue and it urges the power producers to maintain a well secured system in order to supply a quality power to the end users. This paper pre...After the digital revolution, the power system security becomes an important issue and it urges the power producers to maintain a well secured system in order to supply a quality power to the end users. This paper presents an integrated Corrective Security Constrained Optimal Power Flow (CSCOPF) with Flexible Transmission Line Impedance (FTLI) to enhance the power system security. The corrective approach of SCOPF is chosen, because it allows the corrective equipment to bring back the system to a stable operating point and hence, it offers high flexibility and better economics. The concept of FTLI arises from the ability of FACTS devices such as Thyristor Controlled Series Capacitor (TCSC), which can vary the line reactance to a certain extent. An enhanced security can be achieved by incorporating FTLI into the CSCOPF problem, since the power flow in a system is highly dependent on the line reactance. FTLI based CSCOPF can reduce the amount of rescheduling of generators, but it will result in an increased number of variables and thus, the complexity to the optimization process is increased. This highly complex problem is solved by using nonlinear programming. The AC based OPF model is preferred, since the corrective security actions require highly accurate solutions. IEEE 30 bus system is used to test the proposed scheme and the results are compared with the traditional CSCOPF. It can be seen that the proposed idea provides a notable improvement in the reduction of cost incurred for restoring the system security.展开更多
In developing power grids,setting standards is critical to its success.The development of China’s power industry has proposed new requirements for power systems to ensure secure and stable operations.The principal st...In developing power grids,setting standards is critical to its success.The development of China’s power industry has proposed new requirements for power systems to ensure secure and stable operations.The principal standards for the security and stability of China’s current power systems are analyzed in terms of operational control,generator-grid coordination and simulation.The shortcomings are pointed out and the directions of future development are discussed.In the end,the study highlighted the following key areas that require further research and improvement:the evaluation criteria of power system security and stability should be improved to ensure the secure and stable operation of China’s power systems;the operational control standards should be constantly enhanced to increase the reliability and flexibility of operational control strategies;generatorgrid coordination standards should be upgraded to improve the coordination between the generator control protection system and the grid;and the simulation methodology should be standardized in future power system security and stability research.展开更多
The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="fon...The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">assurance, such as consistency, durability, efficiency and accessibility, require or need resources. This target</span><span style="font-family:Verdana;">s</span><span style="font-family:Verdana;"> the System-of-Systems (SoS) problems with the exception of difficulties and concerns that apply similarly to subsystem interactions on a single system and system-as-component interactions on a large information</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">system. This research addresses security and information assurance for safety-critical systems, where security and safety </span><span style="font-family:Verdana;">are</span><span style="font-family:Verdana;"> addressed before going to actual implementation/development phase for component-based systems. For this purpose, require a conceptual idea or strategy that deals with the application logic security assurance issues. This may explore the vulnerability in single component or a reuse of specification in existing logic in component-based system. Keeping in view this situation, we have defined seven concepts of security assurance and security assurance design strategy for safety-critical systems.展开更多
Based on the wide application of cloud computing and wireless sensor networks in various fields,the Sensor-Cloud System(SCS)plays an indispensable role between the physical world and the network world.However,due to t...Based on the wide application of cloud computing and wireless sensor networks in various fields,the Sensor-Cloud System(SCS)plays an indispensable role between the physical world and the network world.However,due to the close connection and interdependence between the physical resource network and computing resource network,there are security problems such as cascading failures between systems in the SCS.In this paper,we propose a model with two interdependent networks to represent a sensor-cloud system.Besides,based on the percolation theory,we have carried out a formulaic theoretical analysis of the whole process of cascading failure.When the system’s subnetwork presents a steady state where there is no further collapse,we can obtain the largest remaining connected subgroup components and the penetration threshold.Theoretically,this result is the critical maximum that the coupled SCS can withstand.To verify the correctness of the theoretical results,we further carried out actual simulation experiments.The results show that a scale-free network priority attack’s percolation threshold is always less than that of ER network which is priority attacked.Similarly,when the scale-free network is attacked first,adding the power law exponentλcan be more intuitive and more effective to improve the network’s reliability.展开更多
With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an atta...With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code, and discuss the critical techniques of implementation and prevention against the malicious code. The remaining problems and emerging trends in this area are also addressed in the paper.展开更多
The National Electricity Market(NEM)in Australia was suspended during June 15-23,2022,with a primary attribution to the lack of available generation capacity.This incident is noteworthy because it was the first market...The National Electricity Market(NEM)in Australia was suspended during June 15-23,2022,with a primary attribution to the lack of available generation capacity.This incident is noteworthy because it was the first market suspension in NEM’s history and took place in a major energy exporting country.In this letter,we review the outline and impacts of the incident.From the perspectives of market regulation,electricity supply,and electricity demand,we identify three underlying causes of the market suspension and offer four recommendations for the market mechanism evolution to ensure power supply security.展开更多
Buffer overflow poses a serious threat to the memory security of modern operating systems.It overwrites the con-tents of other memory areas by breaking through the buffer capacity limit,destroys the system execution e...Buffer overflow poses a serious threat to the memory security of modern operating systems.It overwrites the con-tents of other memory areas by breaking through the buffer capacity limit,destroys the system execution environ-ment,and provides implementation space for various system attacks such as program control flow hijacking.That makes it a wide range of harms.A variety of security technologies have been proposed to deal with system security problems including buffer overflow.For example,No eXecute(NX for short)is a memory management technology commonly used in Harvard architecture.It can refuse the execution of code which residing in a specific memory,and can effectively suppress the abnormal impact of buffer overflow on control flow.Therefore,in recent years,it has also been used in the field of system security,deriving a series of solutions based on NX technology,such as ExecShield,DEP,StackGuard,etc.However,these security solutions often rely too much on the processor archi-tecture so that the protection coverage is insufficient and the accuracy is limited.Especially in the emerging system architecture field represented by RiSC-V,there is still a lack of effective solutions for buffer overflow vulnerabilities.With the continuous rapid development of the system architecture,it is urgent to develop defense methods that are applicable to different system application environments and oriented to all executable memory spaces to meet the needs of system security development.Therefore,we propose BOP,A new system memory security design method based on RISC-V extended instructions,to build a RISC-V buffer overflow detection and defense system and deal with the buffer overflow threat in RIsC-V.According to this method,NX technology can be combined with program control flow analysis,and Nx bit mechanism can be used to manage the executability of memory space,so as to achieve a more granular detection and defense of buffer overflow attacks that may occur in RISC-V system environment.In addition,The memory management and control function of BOP is not only very suitable for solving the security problems in the existing single architecture system,but also widely applicable to the combina-tion of multiple heterogeneous systems.展开更多
Due to the increasing implementation of high voltage direct current(HVDC)and the integration of renewable resources,frequency stability problems in power systems are drawing greater attention in recent years.It has be...Due to the increasing implementation of high voltage direct current(HVDC)and the integration of renewable resources,frequency stability problems in power systems are drawing greater attention in recent years.It has become necessary to carry out online frequency security assessments to ensure the safe operation of power systems.Considering the low time-efficiency of simulation-based methods,analytical models,such as the frequency nadir prediction(FNP)model,are more suitable for online assessment,which requires calculating the worst frequency deviation under various contingencies.Based on the FNP model,the FNP-L model for online frequency security assessment is proposed in this paper.The proposed model implements security assessment by calculating and checking the frequency features,including the nadir time and frequency,followed by contingencies.The effect of the governor,including nonlinear constraints,is approximated into polynomial functions so that the results are obtained by solving multiple polynomial equations.Case studies are carried out using the New-England 39-bus system and a regional power grid,which shows that the proposed model could achieve both high speed and high accuracy,and can therefore be applied in online security assessment.展开更多
Strict enforcement of government policies to integrate high generation share from renewable energy sources(RES)like wind and PV would create inevitable operational challenges for the utilities to deliver Frequency Res...Strict enforcement of government policies to integrate high generation share from renewable energy sources(RES)like wind and PV would create inevitable operational challenges for the utilities to deliver Frequency Response(FR)services.Uncertain RES generation characteristics would worsen the situation for SO,to detain initial frequency deviation following the largest generation outage.This necessitates investigation of optimal generator combination for securing PFR adequacy with simultaneous characterization of uncertainty.In this regard,this paper proposes a novel Modified Interval(MI)based optimal generation mix formulation for operation cost minimization and FR adequacy.RES uncertainty is characterised by forecasted upper and lower bound,while hourly ramp needs are based on the net load scenarios.Proposed model is assessed on one area IEEE reliability test system.Rate of change of frequency(ROCOF)and frequency deviation are considered as network security limits to obtain optimal generation mix.Results obtained provide,overall cost performance,PFR and optimal generation mix,without violating system security criteria.This model would certainly assist SO,to enhance system’s inertia and PFR adequacy at short-term system operations and could be extended for long-term planning framework.展开更多
In a smart grid,state estimation(SE)is a very important component of energy management system.Its main functions include system SE and detection of cyber anomalies.Recently,it has been shown that conventional SE techn...In a smart grid,state estimation(SE)is a very important component of energy management system.Its main functions include system SE and detection of cyber anomalies.Recently,it has been shown that conventional SE techniques are vulnerable to false data injection(FDI)attack,which is a sophisticated new class of attacks on data integrity in smart grid.The main contribution of this paper is to propose a new FDI attack detection technique using a new data-driven SE model,which is different from the traditional weighted least square based SE model.This SE model has a number of unique advantages compared with traditional SE models.First,the prediction technique can better maintain the inherent temporal correlations among consecutive measurement vectors.Second,the proposed SE model can learn the actual power system states.Finally,this paper shows that this SE model can be effectively used to detect FDI attacks that otherwise remain stealthy to traditional SE-based bad data detectors.The proposed FDI attack detection technique is evaluated on a number of standard bus systems.The performance of state prediction and the accuracy of FDI attack detection are benchmarked against the state-ofthe-art techniques.Experimental results show that the proposed FDI attack detection technique has a higher detection rate compared with the existing techniques while reducing the false alarms significantly.展开更多
基金Supported by the National Natural Science Foun-dation of China (2002AA142150)
文摘A fuzzy set-based evaluation approach is demonstrated to assess the security risks for internet-banking System. The Internet-banking system is semi-formally described using Unified Modeling Language (UML) to specify the behavior and state of the system on the base of analyzing the existing qualitative risk assessment methods. And a quantitative method based on fuzzy set is used to measure security risks of the system, A case study was performed on the WEB server of the Internet-banking System using fuzzy-set based assessment algorithm to quantitatively compute the security risk severity. The numeric result also provides a method to decide the most critical component which should amuse the system administrator enough attention to take the appropriate security measure or controls to alleviate the risk severity. The experiments show this method can be used to quantify the security properties for the Internet-banking System in practice.
文摘After the digital revolution, the power system security becomes an important issue and it urges the power producers to maintain a well secured system in order to supply a quality power to the end users. This paper presents an integrated Corrective Security Constrained Optimal Power Flow (CSCOPF) with Flexible Transmission Line Impedance (FTLI) to enhance the power system security. The corrective approach of SCOPF is chosen, because it allows the corrective equipment to bring back the system to a stable operating point and hence, it offers high flexibility and better economics. The concept of FTLI arises from the ability of FACTS devices such as Thyristor Controlled Series Capacitor (TCSC), which can vary the line reactance to a certain extent. An enhanced security can be achieved by incorporating FTLI into the CSCOPF problem, since the power flow in a system is highly dependent on the line reactance. FTLI based CSCOPF can reduce the amount of rescheduling of generators, but it will result in an increased number of variables and thus, the complexity to the optimization process is increased. This highly complex problem is solved by using nonlinear programming. The AC based OPF model is preferred, since the corrective security actions require highly accurate solutions. IEEE 30 bus system is used to test the proposed scheme and the results are compared with the traditional CSCOPF. It can be seen that the proposed idea provides a notable improvement in the reduction of cost incurred for restoring the system security.
文摘In developing power grids,setting standards is critical to its success.The development of China’s power industry has proposed new requirements for power systems to ensure secure and stable operations.The principal standards for the security and stability of China’s current power systems are analyzed in terms of operational control,generator-grid coordination and simulation.The shortcomings are pointed out and the directions of future development are discussed.In the end,the study highlighted the following key areas that require further research and improvement:the evaluation criteria of power system security and stability should be improved to ensure the secure and stable operation of China’s power systems;the operational control standards should be constantly enhanced to increase the reliability and flexibility of operational control strategies;generatorgrid coordination standards should be upgraded to improve the coordination between the generator control protection system and the grid;and the simulation methodology should be standardized in future power system security and stability research.
文摘The security assurance of computer-based systems that rely on safety and security</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">assurance, such as consistency, durability, efficiency and accessibility, require or need resources. This target</span><span style="font-family:Verdana;">s</span><span style="font-family:Verdana;"> the System-of-Systems (SoS) problems with the exception of difficulties and concerns that apply similarly to subsystem interactions on a single system and system-as-component interactions on a large information</span><span style="font-family:'Minion Pro Capt','serif';"> </span><span style="font-family:Verdana;">system. This research addresses security and information assurance for safety-critical systems, where security and safety </span><span style="font-family:Verdana;">are</span><span style="font-family:Verdana;"> addressed before going to actual implementation/development phase for component-based systems. For this purpose, require a conceptual idea or strategy that deals with the application logic security assurance issues. This may explore the vulnerability in single component or a reuse of specification in existing logic in component-based system. Keeping in view this situation, we have defined seven concepts of security assurance and security assurance design strategy for safety-critical systems.
基金supported by National Natural Science Foundation of China under Grant No.62072412,61902359,U1736115in part by the Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security under Grant No.AGK2018001.
文摘Based on the wide application of cloud computing and wireless sensor networks in various fields,the Sensor-Cloud System(SCS)plays an indispensable role between the physical world and the network world.However,due to the close connection and interdependence between the physical resource network and computing resource network,there are security problems such as cascading failures between systems in the SCS.In this paper,we propose a model with two interdependent networks to represent a sensor-cloud system.Besides,based on the percolation theory,we have carried out a formulaic theoretical analysis of the whole process of cascading failure.When the system’s subnetwork presents a steady state where there is no further collapse,we can obtain the largest remaining connected subgroup components and the penetration threshold.Theoretically,this result is the critical maximum that the coupled SCS can withstand.To verify the correctness of the theoretical results,we further carried out actual simulation experiments.The results show that a scale-free network priority attack’s percolation threshold is always less than that of ER network which is priority attacked.Similarly,when the scale-free network is attacked first,adding the power law exponentλcan be more intuitive and more effective to improve the network’s reliability.
文摘With the explosive growth of network applications, the threat of the malicious code against network security becomes increasingly serious. In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code, and discuss the critical techniques of implementation and prevention against the malicious code. The remaining problems and emerging trends in this area are also addressed in the paper.
基金supported by the National Natural Science Foundation of China (No.U2166201)China Postdoctoral Science Foundation (No.2022TQ0206)。
文摘The National Electricity Market(NEM)in Australia was suspended during June 15-23,2022,with a primary attribution to the lack of available generation capacity.This incident is noteworthy because it was the first market suspension in NEM’s history and took place in a major energy exporting country.In this letter,we review the outline and impacts of the incident.From the perspectives of market regulation,electricity supply,and electricity demand,we identify three underlying causes of the market suspension and offer four recommendations for the market mechanism evolution to ensure power supply security.
基金Strategic Priority Research Program of CAS(XDC05040000).
文摘Buffer overflow poses a serious threat to the memory security of modern operating systems.It overwrites the con-tents of other memory areas by breaking through the buffer capacity limit,destroys the system execution environ-ment,and provides implementation space for various system attacks such as program control flow hijacking.That makes it a wide range of harms.A variety of security technologies have been proposed to deal with system security problems including buffer overflow.For example,No eXecute(NX for short)is a memory management technology commonly used in Harvard architecture.It can refuse the execution of code which residing in a specific memory,and can effectively suppress the abnormal impact of buffer overflow on control flow.Therefore,in recent years,it has also been used in the field of system security,deriving a series of solutions based on NX technology,such as ExecShield,DEP,StackGuard,etc.However,these security solutions often rely too much on the processor archi-tecture so that the protection coverage is insufficient and the accuracy is limited.Especially in the emerging system architecture field represented by RiSC-V,there is still a lack of effective solutions for buffer overflow vulnerabilities.With the continuous rapid development of the system architecture,it is urgent to develop defense methods that are applicable to different system application environments and oriented to all executable memory spaces to meet the needs of system security development.Therefore,we propose BOP,A new system memory security design method based on RISC-V extended instructions,to build a RISC-V buffer overflow detection and defense system and deal with the buffer overflow threat in RIsC-V.According to this method,NX technology can be combined with program control flow analysis,and Nx bit mechanism can be used to manage the executability of memory space,so as to achieve a more granular detection and defense of buffer overflow attacks that may occur in RISC-V system environment.In addition,The memory management and control function of BOP is not only very suitable for solving the security problems in the existing single architecture system,but also widely applicable to the combina-tion of multiple heterogeneous systems.
基金This work is supported by the National Key Research&Development Program of China(No.2018YFB0904500)the Science and Technology Foundation of the State Grid Corporation of China(SGLNDK00KJJS1800236).
文摘Due to the increasing implementation of high voltage direct current(HVDC)and the integration of renewable resources,frequency stability problems in power systems are drawing greater attention in recent years.It has become necessary to carry out online frequency security assessments to ensure the safe operation of power systems.Considering the low time-efficiency of simulation-based methods,analytical models,such as the frequency nadir prediction(FNP)model,are more suitable for online assessment,which requires calculating the worst frequency deviation under various contingencies.Based on the FNP model,the FNP-L model for online frequency security assessment is proposed in this paper.The proposed model implements security assessment by calculating and checking the frequency features,including the nadir time and frequency,followed by contingencies.The effect of the governor,including nonlinear constraints,is approximated into polynomial functions so that the results are obtained by solving multiple polynomial equations.Case studies are carried out using the New-England 39-bus system and a regional power grid,which shows that the proposed model could achieve both high speed and high accuracy,and can therefore be applied in online security assessment.
基金This work is supported by the DST grant for UKICERI project,DST/RCUK/JVCCE/2015/02.
文摘Strict enforcement of government policies to integrate high generation share from renewable energy sources(RES)like wind and PV would create inevitable operational challenges for the utilities to deliver Frequency Response(FR)services.Uncertain RES generation characteristics would worsen the situation for SO,to detain initial frequency deviation following the largest generation outage.This necessitates investigation of optimal generator combination for securing PFR adequacy with simultaneous characterization of uncertainty.In this regard,this paper proposes a novel Modified Interval(MI)based optimal generation mix formulation for operation cost minimization and FR adequacy.RES uncertainty is characterised by forecasted upper and lower bound,while hourly ramp needs are based on the net load scenarios.Proposed model is assessed on one area IEEE reliability test system.Rate of change of frequency(ROCOF)and frequency deviation are considered as network security limits to obtain optimal generation mix.Results obtained provide,overall cost performance,PFR and optimal generation mix,without violating system security criteria.This model would certainly assist SO,to enhance system’s inertia and PFR adequacy at short-term system operations and could be extended for long-term planning framework.
文摘In a smart grid,state estimation(SE)is a very important component of energy management system.Its main functions include system SE and detection of cyber anomalies.Recently,it has been shown that conventional SE techniques are vulnerable to false data injection(FDI)attack,which is a sophisticated new class of attacks on data integrity in smart grid.The main contribution of this paper is to propose a new FDI attack detection technique using a new data-driven SE model,which is different from the traditional weighted least square based SE model.This SE model has a number of unique advantages compared with traditional SE models.First,the prediction technique can better maintain the inherent temporal correlations among consecutive measurement vectors.Second,the proposed SE model can learn the actual power system states.Finally,this paper shows that this SE model can be effectively used to detect FDI attacks that otherwise remain stealthy to traditional SE-based bad data detectors.The proposed FDI attack detection technique is evaluated on a number of standard bus systems.The performance of state prediction and the accuracy of FDI attack detection are benchmarked against the state-ofthe-art techniques.Experimental results show that the proposed FDI attack detection technique has a higher detection rate compared with the existing techniques while reducing the false alarms significantly.