网络环境下变电站自动化系统的信息资产识别  被引量：6

作　　者：刘念[1] 张建华[1] 张昊[1] 

机构地区：[1]华北电力大学电力系统保护与动态安全监控教育部重点实验室,北京市102206

出　　处：《电力系统自动化》2009年第13期53-57,共5页Automation of Electric Power Systems

基　　金：国家自然科学基金资助项目(50877026)~~

摘　　要：结合电力控制过程的信息安全风险评估是目前尚未妥善解决的问题,缺乏符合电力信息系统特点的资产识别方法是其中的主要因素之一。网络环境下变电站自动化系统属于典型的电力信息系统,在分析该系统资产识别难点的基础上,从资产分类、业务识别和资产赋值等3个方面提出完整的信息资产识别方法。在资产分类问题上,结合IEC61850标准,将实际的智能电子设备与虚拟的逻辑节点结合,定义结构化的资产模型;在业务识别问题上,以变电站自动化功能作为业务识别的对象,定义功能图的概念来反映功能与资产以及资产之间的逻辑关系;在资产赋值问题上,分别定义了功能级和变电站级2个层次的资产价值,来量化资产在信息安全属性上的达成程度和信息安全价值未达成时可能造成的事故影响。最后,基于IEC61850标准构建了分析实例,验证了资产识别方法的有效性。Information security risk assessment combined with the power control process remains an unresolved problem, the lack of an asset identifying method in conformity with the characteristics of power information system being one of the main factors. Network-based substation automation systems （SAS） are typical power information systems. Based on an analysis of the difficulties in asset identification, a complete information asset identifying method is proposed from three perspectives, including asset classification, business identification, and asset valuation. In asset classification, by referring to the IEC 61850 standard, a structured asset model is defined based on the association between actual intelligent electronic devices and virtual logical nodes. In business identification, with the functions of substation automation as the object of business, the concept of function graph is defined to reflect the logical relations between functions and assets, as well as the logical relation between the assets. In asset valuation, two levels of asset value including the function level and substation level, are defined to quantify the information security properties of assets and the effects of possible accidents. Finally, an evaluation instance is constructed according to the IEC 61850 standard for verification of the applicability of the method proposed to asset identification of network-based SAS.

关 键 词：电力信息系统 变电站自动化 资产识别 功能 资产价值 

分 类 号：TM764[电气工程—电力系统及自动化] TM73