针对网络攻击严重威胁电力系统安全运行的现状,文中对面向网络攻击的电力信息物理系统风险量化评估问题展开分析。本文从由网络攻击造成的典型停电事故出发,阐述电力信息物理系统的风险来源及传播机理。然后对比传统信息系统及电力系统...针对网络攻击严重威胁电力系统安全运行的现状,文中对面向网络攻击的电力信息物理系统风险量化评估问题展开分析。本文从由网络攻击造成的典型停电事故出发,阐述电力信息物理系统的风险来源及传播机理。然后对比传统信息系统及电力系统,对电力信息物理系统风险量化评估的特点展开讨论,并进一步基于节点风险概率、风险传播概率和物理量损失量三个方面,对电力系统风险量化计算方法进行分析总结。最后,面向网络攻击的发展方向,对未来研究提出建议和展望。In view of the current situation that cyber attacks pose a serious threat to the safe operation of power systems, this paper analyzes the quantitative risk assessment of cyber-physical power systems for cyber attacks. Based on the typical power outages caused by cyber attacks, the sources of risk and the mechanisms of risk propagation within cyber-physical power systems is elucidated. Then, compared with traditional information systems and power systems, the distinctive characteristics of risk quantification assessment for cyber-physical power systems are discussed. Furthermore, based on nodal risk probability, risk propagation probability, and physical quantity loss, the quantitative risk calculation methods for power systems is summarized. Finally, facing the development direction of network attacks, suggestions and prospects for future research are proposed.展开更多
入侵攻击模拟验证系统作为提高电网安全性的一种代表性工具,通过自动模拟从内外部对网络、系统和应用程序发起的广泛攻击,实现模拟攻击,评估系统安全能力。然而,针对电力网络中主要面临的长期且多阶段的高级持续攻击,现存入侵攻击模拟...入侵攻击模拟验证系统作为提高电网安全性的一种代表性工具,通过自动模拟从内外部对网络、系统和应用程序发起的广泛攻击,实现模拟攻击,评估系统安全能力。然而,针对电力网络中主要面临的长期且多阶段的高级持续攻击,现存入侵攻击模拟验证系统的设计却普遍存在一定的局限性,不能有效地进行全面模拟和防御。针对上述问题,本文提出了一种面向电力网络高级持续攻击防御的自动化入侵攻击模拟验证系统设计方案,该方案采用虚拟化与流量模拟技术实现了对电力网络的实战仿真,并在仿真环境中,通过对比防护前后攻击的效果来对高级持续攻击的防护措施进行有效性验证。本文首先基于虚拟化技术实现了针对高级持续攻击的基础网络与组件的模拟,其次采用流量模拟技术实现了系统中电网业务流量和高级持续攻击流量的双重模拟,最后搭建了面向高级持续攻击的实战场景,实现了防护措施的有效性验证模块。经试验表明,本文所提方案能够较好地进行电力网络攻防实验和防御长期多阶段的高级持续攻击。As a representative tool to improve the security of power grids, the Intrusion Attack Simulation Verification System automatically simulates a wide range of attacks on networks, systems, and applications from inside and outside, realizes simulated attacks, and evaluates system security capabilities. However, in view of the long-term and multi-stage advanced persistent attacks mainly faced in power networks, the design of the existing intrusion attack simulation and verification system has some limitations, and it cannot be effectively simulated and defended. In order to solve the above problems, this paper proposes a design scheme for the automatic intrusion attack simulation and verification system for advanced continuous attack defense of power network, which uses virtualization and traffic simulation technology to realize the actual combat simulation of power network, and verifies the effectiveness of the protection measures of advanced continuous attack by comparing the effect of attack before and after protection in the simulation environment. In this paper, the simulation of the basic network and components for advanced persistent attacks is realized based on virtualization technology, and secondly, the dual simulation of power grid service traffic and advanced persistent attack traffic in the system is realized by using traffic simulation technology, and finally the actual combat scenario for advanced persistent attacks is built, and the effectiveness verification module of protective measures is realized. Experiments show that the proposed scheme can be better for power network attack and defense experiments and defense against long-term and multi-stage advanced persistent attacks.展开更多
文摘针对网络攻击严重威胁电力系统安全运行的现状,文中对面向网络攻击的电力信息物理系统风险量化评估问题展开分析。本文从由网络攻击造成的典型停电事故出发,阐述电力信息物理系统的风险来源及传播机理。然后对比传统信息系统及电力系统,对电力信息物理系统风险量化评估的特点展开讨论,并进一步基于节点风险概率、风险传播概率和物理量损失量三个方面,对电力系统风险量化计算方法进行分析总结。最后,面向网络攻击的发展方向,对未来研究提出建议和展望。In view of the current situation that cyber attacks pose a serious threat to the safe operation of power systems, this paper analyzes the quantitative risk assessment of cyber-physical power systems for cyber attacks. Based on the typical power outages caused by cyber attacks, the sources of risk and the mechanisms of risk propagation within cyber-physical power systems is elucidated. Then, compared with traditional information systems and power systems, the distinctive characteristics of risk quantification assessment for cyber-physical power systems are discussed. Furthermore, based on nodal risk probability, risk propagation probability, and physical quantity loss, the quantitative risk calculation methods for power systems is summarized. Finally, facing the development direction of network attacks, suggestions and prospects for future research are proposed.
文摘入侵攻击模拟验证系统作为提高电网安全性的一种代表性工具,通过自动模拟从内外部对网络、系统和应用程序发起的广泛攻击,实现模拟攻击,评估系统安全能力。然而,针对电力网络中主要面临的长期且多阶段的高级持续攻击,现存入侵攻击模拟验证系统的设计却普遍存在一定的局限性,不能有效地进行全面模拟和防御。针对上述问题,本文提出了一种面向电力网络高级持续攻击防御的自动化入侵攻击模拟验证系统设计方案,该方案采用虚拟化与流量模拟技术实现了对电力网络的实战仿真,并在仿真环境中,通过对比防护前后攻击的效果来对高级持续攻击的防护措施进行有效性验证。本文首先基于虚拟化技术实现了针对高级持续攻击的基础网络与组件的模拟,其次采用流量模拟技术实现了系统中电网业务流量和高级持续攻击流量的双重模拟,最后搭建了面向高级持续攻击的实战场景,实现了防护措施的有效性验证模块。经试验表明,本文所提方案能够较好地进行电力网络攻防实验和防御长期多阶段的高级持续攻击。As a representative tool to improve the security of power grids, the Intrusion Attack Simulation Verification System automatically simulates a wide range of attacks on networks, systems, and applications from inside and outside, realizes simulated attacks, and evaluates system security capabilities. However, in view of the long-term and multi-stage advanced persistent attacks mainly faced in power networks, the design of the existing intrusion attack simulation and verification system has some limitations, and it cannot be effectively simulated and defended. In order to solve the above problems, this paper proposes a design scheme for the automatic intrusion attack simulation and verification system for advanced continuous attack defense of power network, which uses virtualization and traffic simulation technology to realize the actual combat simulation of power network, and verifies the effectiveness of the protection measures of advanced continuous attack by comparing the effect of attack before and after protection in the simulation environment. In this paper, the simulation of the basic network and components for advanced persistent attacks is realized based on virtualization technology, and secondly, the dual simulation of power grid service traffic and advanced persistent attack traffic in the system is realized by using traffic simulation technology, and finally the actual combat scenario for advanced persistent attacks is built, and the effectiveness verification module of protective measures is realized. Experiments show that the proposed scheme can be better for power network attack and defense experiments and defense against long-term and multi-stage advanced persistent attacks.
