2.793

2018影响因子

(CJCR)

  • 中文核心
  • EI
  • 中国科技核心
  • Scopus
  • CSCD
  • 英国科学文摘

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于蠕虫传播和FDI的电力信息物理协同攻击策略

冯晓萌 孙秋野 王冰玉 高嘉文

冯晓萌, 孙秋野, 王冰玉, 高嘉文. 基于蠕虫传播和FDI的电力信息物理协同攻击策略. 自动化学报, 2020, 45(x): 1−13 doi: 10.16383/j.aas.c190574
引用本文: 冯晓萌, 孙秋野, 王冰玉, 高嘉文. 基于蠕虫传播和FDI的电力信息物理协同攻击策略. 自动化学报, 2020, 45(x): 1−13 doi: 10.16383/j.aas.c190574
Feng Xiao-Meng, Sun Qiu-Ye, Wang Bing-Yu, Gao Jia-Wen. The coordinated cyber physical power attack strategy based on worm propagation and false data injection. Acta Automatica Sinica, 2020, 45(x): 1−13 doi: 10.16383/j.aas.c190574
Citation: Feng Xiao-Meng, Sun Qiu-Ye, Wang Bing-Yu, Gao Jia-Wen. The coordinated cyber physical power attack strategy based on worm propagation and false data injection. Acta Automatica Sinica, 2020, 45(x): 1−13 doi: 10.16383/j.aas.c190574

基于蠕虫传播和FDI的电力信息物理协同攻击策略

doi: 10.16383/j.aas.c190574
基金项目: 国家自然科学基金重点项目(61433004), 国家自然科学基金(61573094)
详细信息
    作者简介:

    冯晓萌:东北大学信息科学与工程学院硕士研究生. 主要研究方向为电力信息物理系统建模及安全防御.E-mail: 1700686@stu.neu.edu.cn

    孙秋野:东北大学信息科学与工程学院教授. 主要研究方向为网络控制技术, 分布式控制技术, 分布式优化分析及其在能源互联网, 微网, 配电网等领域相关应用. 本文通信作者.E-mail: sunqiuye@mail.neu.edu.cn

    王冰玉:东北大学 信息科学与工程学院 博士研究生主要研究方向: 信息物理能源系统, 微电网控制和多智能体系统.E-mail: 1610266@stu.neu.edu.cn

    高嘉文:东北大学信息科学与工程学院 硕士研究生. 主要研究方向为电力信息物理系统建模及安全防御.E-mail: helensun0708@outlook.com

The Coordinated Cyber Physical Power Attack Strategy Based on Worm Propagation and False Data Injection

Funds: Key Program of National Natural Science Foundation of China (61433004), Project Supported by National Natural Science Foundation of China (61573094)
  • 摘要: 随着信息技术与现代电力系统的结合日趋紧密, 通信系统异常和网络攻击均可能影响到电力系统的安全稳定运行. 为了研究工控蠕虫病毒对电网带来的安全隐患, 本文首次建立了基于马尔科夫决策过程(Markov Decision Process, MDP)的电力信息物理系统跨空间协同攻击模型, 该模型同时考虑通信设备漏洞被利用的难易程度为代价以及对电力网络的破坏程度为收益两方面因素, 能够更有效的识别系统潜在风险. 其次, 采用Q学习算法求解在该模型下的最优攻击策略, 并依据电力系统状态估计的误差值来评定该攻击行为对电力系统造成的破坏程度. 最后, 本文在通信8节点-电力14节点的耦合系统上进行联合仿真, 对比结果表明相较单一攻击方式, 协同攻击对电网的破坏程度更大. 与传统的不考虑通信网络的电力层攻击研究相比, 本模型辨识出的薄弱节点也考虑了信息层的关键节点的影响, 对防御资源的分配有指导作用.
  • 图  1  电力信息物理协同攻击示意图

    Fig.  1  Diagram of electrical cyber-physical cooperative attacks

    图  2  通信网络的SIR蠕虫扩散模型状态转换图

    Fig.  2  SIR worm diffusion model state transition diagram of the cyber network

    图  3  电力信息物理耦合网络

    Fig.  3  The network of cyber-physical power coupling system

    图  4  信息物理协同攻击下跨空间渗透和反馈决策机理

    Fig.  4  Cross-space penetration and feedback decision mechanism under cyber-physical collaborative attack

    图  5  通信8节点-电力IEEE14节点耦合系统

    Fig.  5  Cyber 8-Power IEEE14 node coupling system

    图  6  每个训练周期的累积收益

    Fig.  6  Accumulated benefit for each trial

    图  7  优攻击策略下攻击者的攻击序列和病毒扩散序列

    Fig.  7  The attack sequence and virus spreading sequence under the optimal attack strategy

    图  8  在最优攻击策略下电压幅值差百分比

    Fig.  8  Difference percentage in voltage amplitude under optimal attack strategy

    图  9  注入虚假数据取不同符号下电力设备被攻击的可能性分析

    Fig.  9  The vulnerability analysis of power equipment under different signs of false data

    表  1  考虑不同攻击方法下的影响

    Table  1  Attack effect under different attack methods

    攻击类型 参数 n = 1 n = 2 n = 3
    网络攻击 $\pi^*$ 1 $2\rightarrow 3$ $2\rightarrow 3\rightarrow 4$
    $f(\Delta \theta )$ 0.022 0.103 0.2333
    $f(\Delta V )$ 0.043 0.115 0.245
    物理攻击 $\pi^*$ 4 $5 \rightarrow 6$ $5\rightarrow 4\rightarrow 7$
    $f(\Delta \theta )$ 0.035 0.144 0.344
    $f(\Delta V )$ 0.061 0.134 0.444
    协同攻击 $\pi^*$ 3 $6 \rightarrow 7$ $2 \rightarrow 4 \rightarrow 8$
    $f(\Delta \theta )$ 0.077 0.223 0.523
    $f(\Delta V )$ 0.062 0.267 0.667
    下载: 导出CSV

    表  2  电力设备被攻击可能性分析(%)

    Table  2  The vulnerability analysis of power equipment

    通信-电力 C-n 1 C-n 2 C-n 3 C-n 4 C-n 5 C-n 6 C-n 7 C-n 8
    节点耦合 Bus 2 Bus 4 Bus 6 Bus 7 Bus 8 Bus 10 Bus 13 Bus 14
    协同攻击 31.65 32.51 30.60 0.67 0.85 1.00 1.44 1.25
    物理攻击 16.66 16.40 11.27 15.26 5.97 19.54 8.70 6.20
    下载: 导出CSV

    表  3  系统离散程度不同时电力设备被攻击的可能性分析

    Table  3  vulnerability analysis of power equipment under different discrete degrees of false data

    离散状态数目 各个电力设备被攻击的可能性分析(%)
    标号 Bus 2 Bus 4 Bus 6 Bus 7 Bus 8 Bus 10 Bus 13 Bus 14
    $N_V^g = N_\theta^g = 4$ 7.18 20.88 13.36 18.25 6.54 16.03 9.02 6.31
    $N_V^g = N_\theta^g = 6$ 8.31 19.95 12.97 17.66 6.43 17.38 10.50 6.80
    $N_V^g = N_\theta^g = 8$ 8.11 20.45 12.27 17.66 6.97 17.54 9.70 7.20
    下载: 导出CSV

    表  4  NS2中通信网络的参数配置

    Table  4  The parameters of cyber network in NS2

    起点 终点 带宽 Mbps 时延 ms
    C-n 1 C-n 2 60 60
    C-n 2 C-n 6 60 20
    C-n 2 C-n 8 60 20
    C-n 7 C-n 8 60 20
    C-n 7 C-n 6 60 20
    C-n 1 C-n 3 60 60
    C-n 3 C-n 4 60 20
    C-n 3 C-n 5 60 20
    C-n 4 C-n 5 60 20
    下载: 导出CSV

    表  5  每个通信设备上存在的漏洞的CVSS评分

    Table  5  The CVSS standards of each cyber node

    标号 漏洞ID标号 影响度量分数 漏洞利用分数 基础分数
    C-n 1 CVE-2016-8366 3.4 3.9 7.3
    C-n 2 CVE-2016-8366 3.4 3.9 7.3
    C-n 3 CVE-2016-8366 3.4 3.9 7.3
    C-n 4 CVE-2017-14470 2.7 2.8 5.5
    C-n 5 CVE-2017-14470 2.7 2.8 5.5
    C-n 6 CVE-2017-14470 2.7 2.8 5.5
    C-n 7 CVE-2018-16210 5.9 3.9 9.8
    C-n 8 CVE-2018-16210 5.9 3.9 9.8
    下载: 导出CSV
  • [1] 王冰玉, 孙秋野, 马大中. 能源互联网多时间尺度的信息物理融合模型. 电力系统自动化, 2016, 40(17): 13−21

    Wang B Y, Sun Q Y, Ma D Z, Huang Bo-Nan. A cyber physical model of the Energy Internet based on multiple time scales. Automation of Electric Power Systems, 2016, 40(17): 13−21
    [2] 刘烃, 田决, 王稼舟. 信息物理融合系统综合安全威胁与防御研究. 自动化学报, 2019, 45(1): 5−24

    Liu T, Tian J, Wang J Z, Wu H Y. Integrated security threats and defense of cyber-physical systems. Acta Automatica Sinica, 2019, 45(1): 5−24
    [3] Mo Y, Xing L, Zhong F. Reliability Evaluation of Network Systems with Dependent Propagated Failures Using Decision Diagrams. IEEE Transactions on Dependable and Secure Computing, 2016, 13(6): 672−83
    [4] YAO Y, SHENG C, FU Q, et al. A propagation model with defensive measures for PLC-PC worms in industrial networks. Applied Mathematical Modelling, 2019, 69(696-713)
    [5] 王先培, 田猛, 董政呈. 输电网虚假数据攻击研究综述. 电网技术, 2016, 40(11): 3406−14

    DONG Z, TIAN M, WANG X. Survey of False Data Injection Attacks in Power Transmission Systems. Power System Technology, 2016, 40(11): 3406−14
    [6] Hug G, Giampapa J A. Vulnerability Assessment of AC State Estimation With Respect to False Data Injection Cyber-Attacks. IEEE Transactions on Smart Grid, 2012, 3(3): 1362−70 doi: 10.1109/TSG.2012.2195338
    [7] 王琦, 邰伟, 汤奕. 面向电力信息物理系统的虚假数据注入攻击研究综述. 自动化学报, 2019, 45(1): 72−83

    Wang Q, Tai W, Tang Y. A review on false data injection attack toward cyber-physical power system. Acta Automatica Sinica, 2019, 45(1): 72−83
    [8] Xiang Y, Wang L, Liu N. Coordinated attacks on electric power systems in a cyber-physical environment. Electric Power Systems Research, 2017, 149: 156−68
    [9] 杨飞生, 汪璟, 潘泉, 等. 网络攻击下信息物理融合电力系统的弹性事件触发控制. 自动化学报, 2019, 45(1): 110−119

    Yang F S, Wang J, Pan Q. Resilient event-triggered control of grid cyber-physical systems against cyber attack. Acta Automatica Sinica, 2019, 45(1): 110−119
    [10] DENG R, PENG Z, HAO L. CCPA: Coordinated Cyber-Physical Attacks and Countermeasures in Smart Grid. IEEE Transactions on Smart Grid, 2017, 8(5): 2420−30 doi: 10.1109/TSG.2017.2702125
    [11] 郭庆来, 辛蜀骏, 王剑辉. 由乌克兰停电事件看信息能源系统综合安全评估. 电力系统自动化, (5): 145−147

    Guo Q L, Xin S J, Wang J H. Comprehensive Security Assessment for a Cyber Physical Energy System: a Lesson from Ukraine"s Blackout. Automation of Electric Power Systems, (5): 145−147
    [12] Liang G, Weller S R, Zhao J. The 2015 Ukraine Blackout: Implications for False Data Injection Attacks. IEEE Transactions on Power Systems, 2017, 32(4): 3317−8 doi: 10.1109/TPWRS.2016.2631891
    [13] Korkali M, Veneman J G, Tivnan B F. Reducing Cascading Failure Risk by Increasing Infrastructure Network Interdependence. Scientific Reports, 2017: 7
    [14] Buldyrev S V, Roni P, Gerald P. Catastrophic cascade of failures in interdependent networks. Nature, 2010, 464(7291): 1025−8
    [15] 汤奕, 韩啸, 吴英俊, 鞠勇, 周霞, 倪明. 考虑通信系统影响的电力系统综合脆弱性评估. 中国电机工程学报, 2015, 35(23): 6066−74

    TANG Y, HAN X, WU Y J, Ju Y, Zhou X, Ni M. Electric Power System Vulnerability Assessment Considering the Influence of Communication System. Proceedings of the CSEE, 2015, 35(23): 6066−74
    [16] 田猛, 董政呈, 王先培, 赵乐, 简子倪. 目标冲突下电力信息物理协同攻击分析. 电网技术, 2019, 43(07): 2336−44

    Tian M, Dong Z C, Wang X P, Zhao L, Jian Z N. Analysis of Electrical Coordinated Cyber Physical Attacks Under Goal Conflict. Power System Technology, 2019, 43(07): 2336−44
    [17] Xuan L, Li Z, Liu X. Masking Transmission Line Outages via False Data Injection Attacks. IEEE Transactions on Information Forensics & Security, 2016, 11(7): 1592−602
    [18] Zhang J, Sankar L. Physical System Consequences of Unobservable State-and-Topology Cyber-Physical Attacks. IEEE Transactions on Smart Grid, 2017, 7(4): 2016−25. 19
    [19] Hao Y, Wang M, Chow J H. Likelihood Analysis of Cyber Data Attacks to Power Systems With Markov Decision Processes. IEEE Transactions on Smart Grid, 2018, 9(4): 3191−202 doi: 10.1109/TSG.2016.2628522
    [20] Duan J, Mo-Yuen C. A Novel Data Integrity Attack on Consensus-based Distributed Energy Management Algorithm using Local Information. IEEE Transactions on Industrial Informatics, 2018, PP(99): 1−88
    [21] 孙秋野, 杨凌霄, 张化光. 智慧能源-人工智能技术在电力系统中的应用与展望. 控制与决策, 2018, 33(05): 938−49

    Sun Q Y, Yang L X, Zhang H G. Smart energy -Applications and prospects of artificial intelligence technology in power system. Control and Decision, 2018, 33(05): 938−49
    [22] Yan J, He H, Zhong X, et al. Q-Learning-Based Vulnerability Analysis of Smart Grid Against Sequential Topology Attacks. IEEE Transactions on Information Forensics & Security, 2017, 12(1): 200−210
    [23] 石立宝, 简洲. 基于动态攻防博弈的电力信息物理融合系统脆弱性评估. 电力系统自动化, 2016, 40(17): 99−105

    Shi L B, Jian Zhou. Vulnerability assessment of cyberphysical power system based on dynamic attack-defense game model. Automation of Electric Power Systems, 2016, 40(17): 99−105
    [24] Wei L, Sarwat A I, Saad W. Stochastic Games for Power Grid Protection Against Coordinated Cyber-Physical Attacks. IEEE Transactions on Smart Grid, 2018, 9(2): 684−94 doi: 10.1109/TSG.2016.2561266
    [25] 周彦衡, 吴俊勇, 张广韬, 苗青, 屈博, 胡艳梅. 考虑级联故障的电力系统脆弱性评估. 电网技术, 2013, 37(2): 444−9

    Zhou Y H, Wu J Y, Zhang G T, Miao Q, Qu T, Hu Y M. Electric Power System Vulnerability Assessment Considering the Influence of Communication System. Power System Technology, 2013, 37(2): 444−9
    [26] Langner, R. Stuxnet: Dissecting a Cyberwarfare Weapon. IEEE Security & Privacy, 2011, 9(3): 49−51
    [27] Warda H, Zhioua S, AlmulhemAL A. PLC access control: a security analysis. In: Proceedings of the 2016 World Congress on Industrial Control Systems Security (WCICSS).IEEE, 2016.
    [28] 叶夏明, 文福拴, 尚金成, 何洋. 电力系统中信息物理安全风险传播机制. 电网技术, 384(11): 88−95 doi: 10.3321/j.issn:1000-3673.2007.11.017

    Ye X M, W en, F S, Shang J C, He Y. Propagation Mechanism of Cyber Physical Security Risks in Power Systems. Power System Technology, 384(11): 88−95 doi: 10.3321/j.issn:1000-3673.2007.11.017
    [29] Tarali A, Abur A. Bad data detection in two-stage state estimation using phasor measurements. In: Proceedings of the 2012 3rd IEEE PES Innovative Smart Grid Technologies (ISGT). Europe: IEEE, 2012
    [30] WANG X, SHI D, WANG J. Online Identification and Data Recovery for PMU Data Manipulation Attack. IEEE Transactions on Smart Grid, 2019, 10(6): 5889−98
    [31] Beasley C, Zhong X, Deng J, et al. A survey of electric power synchrophasor network cyber security. In: Proceedings of the IEEE PES Innovative Smart Grid Technologies (ISGT). Europe: IEEE, 2014 12−15
    [32] 李强, 周京阳, 于尔铿, 刘树春, 王磊. 基于相量量测的电力系统线性状态估计. 电力系统自动化, 2005, 29(18): 24−8 doi: 10.3321/j.issn:1000-1026.2005.18.005

    Li Q, Zhou J Y, Yu E J, Liu S C, Wang L. Power System Linear State Estimation Based on Phasor Measurement. Automation of Electric Power Systems, 2005, 29(18): 24−8 doi: 10.3321/j.issn:1000-1026.2005.18.005
    [33] Li P, Liu Y, Xin H, et al. A Robust Distributed Economic Dispatch Strategy of Virtual Power Plant Under Cyber-Attacks. IEEE Transactions on Industrial Informatics, 2018, 14(10): 4343−4352 doi: 10.1109/TII.2017.2788868
    [34] Liang J, Sankar L, Kosut O. Vulnerability Analysis and Consequences of False Data Injection Attack on Power System State Estimation. IEEE Transactions on Power Systems, 2016, 31(5): 3864−7
  • 加载中
计量
  • 文章访问数:  30
  • HTML全文浏览量:  21
  • 被引次数: 0
出版历程
  • 收稿日期:  2019-08-09
  • 录用日期:  2020-04-07

目录

    /

    返回文章
    返回