2025年4月5日 周六
首页 > 过刊浏览>2022年第37卷第5期 >3-16. DOI:10.19781/j.issn.1673-9140.2022.05.001
PDF HTML阅读 XML下载 导出引用 引用提醒
考虑攻击方身份的电力监控系统网络安全风险分析
CSTR:
[cstr]
作者:
中图分类号:

TM863

基金项目:

国家自然科学基金(51777015);国网河南省电力公司科研项目(SGHADK00DWJS2200211)


Risk analysis of power system cyber security considering identity of malicious adversaries
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [78]
    • | | | |
  • 文章评论
    摘要:

    信息与物理系统的深度耦合使得网络攻击成为影响电力系统运行可靠性的重要因素.首先,从攻击方视角进行网路安全威胁风险分析,根据攻击者身份推断其可动用的资源,分析想要达成的攻击目的及可能采取的渗透入侵路径和破坏模式,为研制针对性的防护方法提供指导;其次,分析电力行业正在推进的可信计算、等级保护、安全态势感知等防御机制的缺陷,指出软、硬件系统的供应链安全威胁;然后考虑到攻击不同电力监控系统造成的风险水平和危害后果有所差异,从成功攻击可能性和危害后果2个维度构建电力系统网络攻击风险矩阵,并指出多目标协同攻击相比于单点攻击将使风险出现跃迁现象;最后,从国家支持型网络攻击可动用的资源和想要达成的攻击目的出法,提出2种高危潜在网络攻击破坏模式,并对其攻击实现过程和危害机制进行概要分析.

    Abstract:

    The ever-increasing coupling relationship between cyber and physical systems makes cyber-attacks become an important factor affecting the reliability of power system operations. First, this article conducts the analysis of the network security risk from the attacker’s perspective, infers the available resources of the attacker based on the identity of the attacker, analyzes the purpose of the attack to be achieved, and infers the possible penetration and intrusion path and damage modes. The guidance can be provided to develop the specific protection methods based on the above analysis. Then this paper analyzes the deficiencies of the trusted computing, hierarchical protection, security situation awareness and other defense mechanisms being implemented in the power industry, and this paper points out the potential supply chain security threats in the security detection of software and hardware systems. Considering the difference of the risk levels and the harmful consequences caused by attacks on different power monitoring systems, the power system risk matrix is constructed from the aspect of the possibility of successful attack and the harmful consequences, and it is pointed out that the multi-target coordinated attack will increase the risk compared to the single-point attack. Finally, from the available resources of the state-supported cyber-attacks and the purpose of the attack, two high-risk potential cyber-attack damage modes are proposed, and the attack realization process and damage mechanism are summarized.

    参考文献
    [1] 王子骏,刘杨,鲍远义,等.电力系统安全仿真技术:工程安全、网络安全与信息物理综合安全[J].中国科学:信息科学,2022,52(3):399-429.WANG Zijun,LIU Yang,BAO Yuanyi,et al.Power system security simulation technologies:engineering safety,network security and cyber-physical integrated security[J].Science in China(Information Sciences),2022,52(3):399-429.
    [2] 秦博雅,刘东.电网信息物理系统分析与控制的研究进展与展望[J].中国电机工程学报,2020,40(18):5816-5827.QIN Boya,LIU Dong.Research progress and prospects of analysis and control of cyber-physical system power grid[J].Proceedings of the CSEE,2020,40(18):5816-5827.
    [3] 李田,苏盛,杨洪明,等.电力信息物理系统的攻击行为与安全防护[J].电力系统自动化,2017,41(22):162-167.LI Tian,SU Sheng,YANG Hongming,et al.Attacks and cyber security defense in cyber-physical power system[J].Automation of Electric Power Systems,2017,41(22):162-167.
    [4] DENG R,ZHUANG P,LIANG H.CCPA:Coordinated cyber-physical attacks and countermeasures in smart grid[J].IEEE Transactions on Smart Grid,2017,8(5):2420-2430.
    [5] LIAO W,SALINAS S,LI M,et al.Cascading failure attacks in the power system:a stochastic game perspective[J].IEEE Internet of Things Journal,2017,4(6):2247-2259.
    [6] CHEN L,YUE D,DOU C X,et al.Study on attack paths of cyber attack in cyber-physical power systems[J].IET Generation Transmission & Distribution,2020,14(12):2352-2360.
    [7] ZHANG H,LIU B,WU H.Smart grid cyber-physical attack and defense:a review[J].IEEE Access,2021,9:29641-29659.
    [8] MUSLEH A S,CHEN G,DONG Z Y.A survey on the detection algorithms for false data injection attacks in smart grids[J].IEEE Transactions on Smart Grid,2019,11(3):2218-2234.
    [9] 王琦,邰伟,汤奕,等.面向电力信息物理系统的虚假数据注入攻击研究综述[J].自动化学报,2019,45(1):72-83.WANG Qi,TAI Wei,TANG Yi,et al.Summary of research on false data injection attacks for power cyber-physical systems[J].Acta Automatica Sinica,2019,45(1):72-83.
    [10] SUN C C,HAHN A,LIU C C.Cyber security of a power grid:state-of-the-art[J].International Journal of Electrical Power & Energy Systems,2018,99:45-56.
    [11] 张涛,赵东艳,薛峰,等.电力系统智能终端信息安全防护技术研究框架[J].电力系统自动化,2019,43(19):1-8+67.ZHANG Tao,ZHAO Dongyan,XUE Feng,et al.Research framework of cyber-security protection technologies for smart terminals in power system[J].Automation of Electric Power Systems,2019,43(19):1-8+67.
    [12] MO H,SANSAVINI G.Dynamic defense resource allocation for minimizing unsupplied demand in cyber-physical systems against uncertain attacks[J].IEEE Transactions on Reliability,2017,66(4):1253-1265.
    [13] 计丽妍,李存斌,贾雪枫,等.多证据融合下电力信息物理系统风险评估研究[J].智慧电力,2021,49(10):23-29.JI Liyan,LI Cunbin,JIA Xuefeng,et al.Risk assessment of cyber-physical power system based on multi-evidence fusion[J].Smart Power,2021,49(10):23-29.
    [14] YAN J,HU B,XIE K,et al.Data-driven transmission defense planning against extreme weather events[J].IEEE Transactions on Smart Grid,2020,11(3):2257-2270.
    [15] 刘天浩,朱元振,孙润稼,等.极端自然灾害下电力信息物理系统韧性增强策略[J].电力系统自动化,2021,45(3):40-48.LIU Tianhao,ZHU Yuanzhen,SUN Runjia,et al.Resilience-enhanced strategy for cyber-physical power system under extreme natural disasters[J].Automation of Electric Power Systems,2021,45(3):40-48.
    [16] LIU X,SHAHIDEHPOUR M,CAO Y,et al.Risk assessment in extreme events considering the reliability of protection systems[J].IEEE Transactions on Smart Grid,2015,6(2):1073-1081.
    [17] 郭庆来,辛蜀骏,王剑辉,等.由乌克兰停电事件看信息能源系统综合安全评估[J].电力系统自动化,2016,40(5):145-147.GUO Qinglai,XIN Shujun,WANG Jianhui,et al.By the Ukrainian blackout incident to see the information energy system integrated security assessment[J].Automation of Electric Power Systems,2016,40(5):145-147.
    [18] 刘烃,田决,王稼舟,等.信息物理融合系统综合安全威胁与防御研究[J].自动化学报,2019,45(1):5-24.LIU Ting,TIAN Jue,WANG Jiazhou,et al.Integrated security threats and defense of cyber-physical systems[J].Acta Automatica Sinica,2019,45(1):5-24.
    [19] PARKER D B.Fighting computer crime:a new framework for protecting information[M].John Wiley & Sons,Inc,1998:70-88.
    [20] 朱海鹏,赵磊,秦昆,等.基于大数据分析的电力监控网络安全主动防护策略研究[J].电测与仪表,2020,57(21):133-139.ZHU Haipeng,ZHAO Lei,QIN Kun,et al.Active protection strategy of power monitoring network security based on big data analysis[J].Electrical Measurement & Instrumentation,2020,57(21):133-139.
    [21] SANGER D E,PERLROTH N.US escalates online attacks on Russia’s power grid[EB/OL].https://www.nytimes.com/2019/06/15/us/politics/trump-cyber-russia-grid.html,2021-04-26.
    [22] SAMAMTHA F,Ravich,FIXLER Annie.The economic dimension of great-power competition and the role of cyber as a key strategic weapon[EB/OL].https://www.heritage.org/military-strength/topical-essays/the-economic-dimension-great-power-competition-and-the-role,2021-04-26.
    [23] BEY M.Great powers in cyberspace:the strategic drivers behind US,Chinese and Russian competition[J].The Cyber Defense Review,2018,3(3):31-36.
    [24] FARWELL J P,ROHOZINSKI R.Stuxnet and the future of cyber war[J].Survival,2011,53(1):23-40.
    [25] 谢清玉,张耀坤,李经纬.面向智能电网的电力大数据关键技术应用[J].电网与清洁能源,2021,37(12):39-46.XIE Qingyu,ZHANG Yaokun,LI Jingwei.Application of key technologies of power big data in smart grids[J].Power System and Clean Energy,2021,37(12):39-46.
    [26] FALLIERE N,MURCHU L O,CHIN E.W32.stuxnet dossier[J].White Paper,Symantec Corp,SecurityResponse,2011,5(6):29.
    [27] LEE R M,ASSANTE M J,CONWAY T.Analysis of the cyber-attack on the Ukrainian power grid[EB/OL].https://ics.sans.org/media/E-ISAC_SANS_Ukraine_DUC_5.pdf,2016-03-18.
    [28] 刘念,余星火,王剑辉,等.泛在物联的配用电优化运行:信息物理社会系统的视角[J].电力系统自动化,2020,44(1):1-12.LIU Nian,YU Xinghuo,WANG Jianhui,et al.Optimal operation of Power distribution and consumption system based on ubiquitous internet of things:a cyber-physical-social system perspective[J].Automation of Electric Power Systems,2020,44(1):1-12.
    [29] XUE Y,YU X.Beyondsmart grid-cyber-physical-social system in energy future[J].Proceedings of the IEEE,2017,105(12):2290-2292.
    [30] POZZEBON S,BRITTON B.Huge power outage leaves most of Venezuela in darkness[EB/OL].https://edition.cnn.com/2019/03/08/americas/venezuela-blackout-power-intl/index.html,2021-04-21.
    [31] 布雨.“逻辑炸弹”炸毁科技功臣[J].中国高新区,2002,9(2):39-40.BU Yu.Logic bomb blows up the hero of science and technology[J].China High-tech Zone,2002,9(2):39-40.
    [32] RUSSON M A.US fuel pipeline hackers 'didn't mean to create problems?[EB/OL].https://www.bbc.com/news/business-57050690,2021-05-24.
    [33] DAVID R B.After ransomware attack,focus turns to backup and prevention services[EB/OL].https://www.timesofisrael.com/after-ransomware-attack-focus-turns-to-backup-and-prevention-services/,2021-05-24.
    [34] AKWEI I.Africa least hit by WannaCry ransomware cyber-attack[EB/OL].https://www.africanews.com/2017/05/15/africa-least-hit-by-wannacry-ransomware-cyber-attack/,2021-05-24.
    [35] WEIMANN G.Terrorist migration to the dark web[J].Perspectives on Terrorism,2016,10(3):40-44.
    [36] GEHL R W.Power/freedom on the dark web:a digital ethnography of the dark web social network[J].New Media & Society,2016,18(7):1219-1235.
    [37] 陈武晖,陈文淦,薛安成.面向协同信息攻击的物理电力系统安全风险评估与防御资源分配[J].电网技术,2019,43(7):2353-2360.CHEN Wuhui,CHEN Wengan,XUE Ancheng.Physical power system security risk assessment and defense resource allocation for coordinated information attacks[J].Power System Technology,2019,43(7):2353-2360.
    [38] 苏盛,吴长江,马钧,等.基于攻击方视角的电力CPS网络攻击模式分析[J].电网技术,2014,38(11):3115-3120.SU Sheng,WU Changjiang,MA Jun,et al.Analysis of the attack mode of the electric power CPS network based on the attacker's perspective[J].Power System Technology,2014,38(11):3115-3120.
    [39] 倪伟东,武利会,王俊丰.基于自主安全芯片的配网自动化系统网络安全防护及硬件加速[J].电力科学与技术学报,2020,35(3):166-172.NI Weidong,WU Lihui,WANG Junfeng.Cybersecurity protection and hardware acceleration of distribution automation system based on autonomous security chip[J].Journal of Electric Power Science and Technology,2020,35(3):166-172.
    [40] 高昆仑,王志皓,安宁钰,等.基于可信计算技术构建电力监测控制系统网络安全免疫系统[J].工程科学与技术,2017,49(2):28-35.GAO Kunlun,WANG Zhihao,AN Ningyu,et al.Building a network security and immune system for power monitoring and control system based on trusted computing technology[J].Engineering Science and Technology,2017,49(2):28-35.
    [41] 亢超群,李二霞,李玉凌,等.新一代配电主站主动防御架构设计方法[J].电力信息与通信技术,2021,19(3):65-73.KANG Chaoqun,LI Erxia,LI Yuling,et al.A new generation of active defense architecture design method for distribution master stations[J].Electric Power Information and Communication Technology,2021,19(3):65-73.
    [42] 彭安妮,周威,贾岩,等.物联网操作系统安全研究综述[J].通信学报,2018,39(3):22-34.PENG Anni,ZHOU Wei,JIA Yan,et al.Survey of the internet of things operating system security[J].Journal on Communications,2018,39(3):22-34.
    [43] 王宇,李俊娥,周亮,等.针对嵌入式终端安全威胁的电力工控系统自愈体系[J].电网技术,2020,44(9):3582-3594.WANG Yu,LI Jun?e,ZHOU Liang,et al.A self-healing architecture for power industrial control systems against security threats to embedded terminals[J].Power System Technology,2020,44(9):3582-3594.
    [44] 张焕国,韩文报,来学嘉,等.网络空间安全综述[J].中国科学:信息科学,2016,46(2):125-164.ZHANG Huanguo,HAN Wenbao,LAI Xuejia,et al.Survey on cyberspace security[J].Science in China(Information Sciences),2016,46(2):125-164.
    [45] 苏盛,汪干,刘亮,等.电力物联网终端安全防护研究综述[J].高电压技术,2022,48(2):513-525.SU Sheng,WANG Gan,LIU Liang,et al.A review of research on terminal security protection for power internet of things[J].High voltage technology,2022,48(2):513-525.
    [46] OPPLIGER R,RYTZ R.Does trusted computing remedy computer security problems[J].IEEE Security & Privacy,2005,3(2):16-19.
    [47] 李志强,苏盛,曾祥君,等.基于虚构诱骗陷阱的电力调度系统针对性攻击主动安全防护[J].电力系统自动化,2016,40(17):106-112.LI Zhiqiang,SU Sheng,ZENG Xiangjun,et al.Fabricated traps based active cyber security defense against targeted cyber-attack in electric power dispatching sys-tems[J].Automation of Electric Power Systems,2016,40(17):106-112.
    [48] GB/T 22239—2019.信息安全技术网络安全等级保护基本要求[S].
    [49] GB/T 25070—2019.信息安全技术网络安全等级保护安全设计技术要求[S].
    [50] GB/T 22240—2020.信息安全技术网络安全等级保护定级指南[S].
    [51] 钱斌,蔡梓文,肖勇,等.基于模糊推理的计量自动化系统网络安全态势感知[J].南方电网技术,2019,13(2):51-58.QIAN Bin,CAI Ziwen,XIAO Yong,et al.Network security situation awareness of metering automation system based on fuzzy inference[J].Southern Power Grid Technology,2019,13(2):51-58.
    [52] BRAD D W.DARPA’s rapid power grid restoration tech goes live[EB/OL].https://breakingdefense.com/2021/03/darpas-rapid-power-grid-restoration-tech-goes-live/,2021-05-24.
    [53] 刘权莹,李俊娥,倪明,等.电网信息物理系统态势感知:现状与研究构想[J].电力系统自动化,2019,43(19):9-21.LIU Quanying,LI Jun?e,NI Ming,et al.Situation awareness of grid cyber-physical system:current situation and research ideas[J].Automation of Electric Power Systems,2019,43(19):9-21.
    [54] 陈秀真,郑庆华,管晓宏,等.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897.CHEN Xiuzhen,ZHENG Qinghua,GUAN Xiaohong,et al.Hierarchical network security threat situation quantitative assessment method[J].Journal of Software,2006,17(4):885-897.
    [55] 吴海涛,代尚林,乔中伟,等.基于RBF-SVM智能配变终端的网络安全态势评估[J].电力科学与技术学报,2021,36(5):35-40.WU Haitao,DAI Shanglin,QIAO Zhongwei,et al.Research on network security situation awareness of intelligent distribution transformer terminal based on RBF-SVM[J].Journal of Electric Power Science and Technology,2021,36(5):35-40.
    [56] 赖积保,王慧强,金爽.基于Netflow的网络安全态势感知系统研究[J].计算机应用研究,2007,24(8):167-172.LAI Jibao,WANG Huiqiang,JIN Shuang.Research on network security situation awareness system based on Netflow[J].Computer Application Research,2007,24(8):167-172.
    [57] 谢丽霞,王亚超,于巾博.基于神经网络的网络安全态势感知[J].清华大学学报(自然科学版),2013,53(12):1750-1760.XIE Lixia,WANG Yachao,YU Jinbo.Network security situation awareness based on neural network[J].Journal of Tsinghua University(Natural Science Edition),2013,53(12):1750-1760.
    [58] 谢丽霞,王亚超.网络安全态势感知新方法[J].北京邮电大学学报,2014,37(5):31-35.XIE Lixia,WANG Yachao.A new method of network security situation awareness[J].Journal of Beijing University of Posts and Telecommunications,2014,37(5):31-35.
    [59] 郝唯杰,杨强,李炜.基于FARIMA模型的智能变电站通信流量异常分析[J].电力系统自动化,2019,43(1):158-167.HAO Weijie,YANG Qiang,LI Wei.FARIMA model based analysis of communication traffic anomaly in smart substation[J].Automation of Electric Power Systems,2019,43(1):158-167.
    [60] 朱炳铨,郭逸豪,郭创新,等.信息失效威胁下的电力信息物理系统安全评估与防御研究综述[J].电力系统保护与控制,2021,49(1):178-187.ZHU Bingquan,GUO Yihao,GUO Chuangxin,et al.A survey of the security assessment and security defense of a cyber physical power system under cyber failure threat[J].Power System Protection and Control,2021,49(1):178-187.
    [61] DUMAN O,GHAFOURI M,KASSOUF M,et al.Modeling supply chain attacks in IEC 61850 substations[C]//2019 IEEE International Conference on Communications,Control,and Computing Technologies for Smart Grids,Beijing,China:IEEE,2019.
    [62] APRIL P.Internet security threat report[R].Symantec,2014.
    [63] EGGERS S L.The nuclear digital I&C system supply chain cyber-attack surface[R].Idaho National Lab.(INL),Idaho Falls,ID(United States),2020.
    [64] NICHOLS S V.Greg Kroah-Hartman bans University of Minnesota from Linux development for deliberately buggy patches[EB/OL].https://www.zdnet.com/article/greg-kroah-hartman-bans-university-of-minnesota-from-linux-development-for-deliberately-buggy-patches/,2021-04-26.
    [65] FIELD Rupert.Attackers found building malicious container images directly on host[EB/OL].https://www.infoq.com/news/2020/09/Malicious-Container-Images/,2021-4-26.
    [66] MILLER S.DARPA?s first bug bounty:Find vulnerabilities in hardware-based security[EB/OL].https://gcn.com/articles/2020/06/15/darpa-ssith-bug-bounty.aspx,2021-05-25.
    [67] 邓松,蔡清媛,高昆仑,等.基于函数挖掘的能源信息物理系统数据安全风险识别算法[J].中国电力,2021,54(3):23-30+37.DENG Song,CAI Qingyuan,GAO Kunlun,et al.Data security risk recognition algorithm for energy cyber physics system based on function mining[J].Electric Power,2021,54(3):23-30+37.
    [68] YANG Z,TEN C W,GINTER A.Extended enumeration of hypothesized substations outages incorporating overload implication[J].IEEE Transactions on Smart Grid,2017,9(6):6929-6938.
    [69] TEN C,YAMASHITA K,YANG Z,et al.Impact assessment of hypothesized cyberattacks on interconnected bulk power systems[J].IEEE Transactions on Smart Grid,2018,9(5):4405-4425,
    [70] 吴亦贝,李俊娥,陈汹,等.大规模可控负荷被恶意控制场景下配电网风险分析[J].电力系统自动化,2018,42(10):30-37.WU Yibei,LI Jun’e,CHEN Xiong,et al.Risk analysis of distribution network with large-scale controllable loads with attacks[J].Automation of Electric Power Systems,2018,42(10):30-37.
    [71] 王坤,苏盛,赵奕,等.变电站自动化系统时间同步协同攻击的检测与防护方法[J].电力系统自动化,2021,45(6):231-239.WANG Kun,SU Sheng,ZHAO Yi,et al.Detection and protection method for time-synchronized coordinated cyber-attack on substation automation system[J].Automation of Electric Power Systems,2021,45(6):231-239.
    [72] SU S,WANG Y K,LONG Y Y,et al.Cyber attack impact on power system blackout[C]//IET Conference on Reliability of Transmission and Distribution Networks(RTDN 2011),London,UK,2011.
    [73] 胡国,梅德冬.智能变电站采样值报文安全分析与实现[J].中国电机工程学报,2017,37(8):2215-2222.HU Guo,MEI Dedong.Safety analysis and implementation of sampled value messages in intelligent substations[J].Proceedings of the CSEE,2017,37(8):2215-2222.
    [74] CHEREPANOV A.Win32/Industroyer:a new threat for industrial control systems[R].White Paper,ESET,2017.
    [75] 苏盛,刘亮,曹一家,等.基于系统时钟加速的无通信时间同步/扰动同步协同攻击逻辑炸弹检测方法[P].中国,CN110602710A,2019-12-20.
    [76] KRISHNA V B,WU Z,AMBARDEKAR V V,et al.Cyberattacks on primary frequency response mechanisms in power grids[J].Computer,2018,51(11):37-45.
    [77] KAMAL K R,SINGH L K,PANDEY B.Security analysis of smart grids:successes and challenges[J].IEEE Consumer Electronics Magazine,2019,8(2):10-15.
    [78] 刘世涛,杨凯,伍弘,等.基于多维信息特征映射的电网风险区段路径匹配模型研究[J].高压电器,2020,56(9):87-93.LIU Shitao,YANG Kai,WU Hong,et al.Research on path matching model of power grid risk section based on multidimensional information feature mapping[J].High Voltage Apparatus,2020,56(9):87-93.
    相似文献
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

单瑞卿,盛阳,苏盛,等.考虑攻击方身份的电力监控系统网络安全风险分析[J].电力科学与技术学报,2022,37(5):3-16.
Shan Ruiqing, Sheng Yang, Su Sheng, et al. Risk analysis of power system cyber security considering identity of malicious adversaries[J]. Journal of Electric Power Science and Technology,2022,37(5):3-16.

复制
分享
文章指标
  • 点击次数:286
  • 下载次数: 1286
  • HTML阅读次数: 0
  • 引用次数: 0
历史
  • 在线发布日期: 2022-12-01
文章二维码

微信公众号二维码

您是本站第 83996 访问者

通信地址:长沙市(天心区)万家丽南路960号长沙理工大学

电话/传真:0731-85258195 E-mail:dlxb04@163.com

版权所有:电力科学与技术学报 ® 2025 版权所有

京公网安备 11010802026262号