电力高级量测体系网络攻击致损路径图构建及风险评估  被引量：3

作　　者：梁皓澜 刘东奇 曾祥君[1] 翟运朋 张琼 LIANG Haolan;LIU Dongqi;ZENG Xiangjun;ZHAI Yunpeng;ZHANG Qiong(National Key Laboratory of Disaster Prevention and Reduction for Power Grid(Changsha University of Science and Technology),Changsha 410114,China;School of Electrical and Information Engineering,Hunan Institute of Engineering,Xiangtan 411104,China)

机构地区：[1]电网防灾减灾全国重点实验室(长沙理工大学),湖南省长沙市410114 [2]湖南工程学院电气与信息工程学院,湖南省湘潭市411104

出　　处：《电力系统自动化》2024年第12期89-99,共11页Automation of Electric Power Systems

基　　金：国家自然科学基金联合基金重点支持项目(U22B20113);国家自然科学基金资助项目(52177068);湖南省自然科学基金资助项目(2023JJ30028)。

摘　　要：高级量测体系(AMI)是新型电力系统的重要组成部分,随着大量智能终端和异构通信链路广泛接入,网络攻击的风险与日俱增。因此,提出电力AMI网络攻击致损路径图构建及风险量化评估方法,量化分析网络攻击对系统的影响。首先,考虑AMI中的3种网络攻击场景,构建了各场景攻击致损路径图及贝叶斯攻击图。其次,考虑到漏洞利用的难度和攻击者的技术水平,建立了漏洞平均攻破时间(MTTC)模型,计算各攻击目标的攻破概率。然后,建立了针对AMI虚假数据注入的负荷损失评估模型,求解出负荷削减问题,并结合攻击概率提出了安全风险综合定量评估模型。最后,基于IEEE 39节点系统,对比分析了不同级别攻击者在AMI不同攻击致损路径下的MTTC,计算了网络攻击下系统的安全风险值,验证了所提方法的有效性。Advanced metering infrastructure(AMI)is a key component of the new power system.With the wide access of a large number of intelligent terminals and heterogeneous communication links,the risk of cyber-attacks is increasing.Therefore,a method of cyber-attack damage path diagram construction and quantitative risk assessment for power AMI is proposed to quantitatively analyze the impact of cyber-attacks on power system.Firstly,considering three kinds of cyber-attack scenarios in AMI,the attack damage path diagram and Bayesian attack diagram of each scenario are constructed.Secondly,considering the difficulty of vulnerability exploitation and the skill level of attackers,the mean time to compromise(MTTC)model of vulnerability is established to calculate the attack probability of each attack target.Then,a load loss evaluation model for false data injection in AMI is established,and the load reduction is solved.Combined with the attack probability,a comprehensive quantitative assessment model of security risk is proposed.Finally,based on the IEEE 39-bus system,the MTTC of different levels of attackers in different attack damage paths of AMI is compared and analyzed,and the security risk value of the system under cyberattacks is calculated,which verifies the effectiveness of the proposed method.

关 键 词：信息安全 风险评估 高级量测体系 网络攻击 新型电力系统 攻击致损路径图 

分 类 号：TM73[电气工程—电力系统及自动化] TP393.08[自动化与计算机技术—计算机应用技术]