【作者】 刘念；

【导师】 张建华；

【作者基本信息】 华北电力大学（北京） ， 电力系统及其自动化， 2009， 博士

【摘要】 电力系统的信息安全问题来源于通信与信息系统,影响的最大作用点是电力一次系统。根据电力系统信息基础架构的分区结构,以电力监控系统为主的生产控制大区是信息基础架构和电力基础架构紧密耦合的交叉点。通过对电力监控系统的特点分析,该类系统与常规计算机网络相比,在安全威胁、安全需求、事故后果、事故样本、信息架构和控制流程等方面都表现出全新的信息安全特征,导致常规信息安全方法难以完全适用。因此,本文以网络环境下的电力监控系统为切入点,参考常规领域的信息安全方法,重点研究因电力系统信息安全新特征而导致的安全评估和安全通信机制等难点问题。具体内容包括如下方面。(1)电力监控系统的脆弱性评估。根据电力监控系统的网络结构和特点,定义了基于攻击图的脆弱性分析模型;考虑电力监控系统涉及的信息安全影响因素,设计了基于AHP-TOPSIS的脆弱性量化方法。最后,根据IEC 61850构建了评估算例,通过不同安全方案下的计算比较,验证了评估方法的有效性。(2)电力监控系统的资产识别。以变电站自动化系统作为典型的电力监控系统研究对象,在分析该系统资产识别难点的基础上,从资产分类、业务识别和资产赋值等三个方面提出完整的信息资产识别方法。并基于IEC 61850标准构建了分析实例,验证了资产识别方法的合理性。(3)电力监控系统的可靠性评估。以广域测量系统(WAMS)作为典型的电力监控系统研究对象。将WAMS的可靠性评估模型分为监控中心、数据采集子系统和SDH广域通信系统等三部分,并定义系统可用度作为WAMS的可靠性指标。以IEEE14节点的WAMS系统为应用实例,计算获得系统可用度的时变曲线。(4)电力系统安全通信机制的设计方法。以IEC 61850体系下的电力监控系统通信模型为研究对象,分析了与安全通信机制设计相关的影响因素,由此构建电力安全通信机制的设计框架。并基于安全设计框架,针对当前安全标准和研究成果尚未解决的两类通信安全问题进行实例化研究:在风电场远程监控过程中,设计了基于Web服务的风电场远程安全通信机制,能够在不改变标准报文结构的前提下满足通信安全需求;在变电站远程配置过程中,设计了一种基于XML Security的变电站远程配置安全通信机制,通过SCL的安全扩展和安全处理方法,满足配置过程中的安全需求。更多还原

【Abstract】 The information security of power systems derives from communication and information systems,but effects on the operation of power systems.According to the partition structure of power information architecture,the production and control region that are mainly composed by power monitoring and control systems is the cross-point of tightly coupled information architecture and power architecture of power system.On the one hand,this kind of information security issues,easily lead to serious consequences,and very likely affect the stability of power system operation.On the other hand,compared with conventional computer network,such system in the security threats,security requirements,accident consequences, accident sample,information architecture and control flow,etc.have shown some new information security features,leading to conventional methods of information security can not be completely applicable.Therefore,this thesis focuses on the information security assessment methods and security communication mechanisms of power system,and takes the network based power monitoring and control systems as study object,tries to solve following problems.1.Vulnerability assessment of power monitoring and control systems.Through the formal definition,the attack graph based vulnerability analysis model is defined for power monitoring and control systems.Further more,considering the information security properties,an AHP-TOPSIS based vulnerability quantification method is designed.Finally,a studying instace are construced according to IEC 61850,the validity and rationality of this method is verified by comparison of results calculated by different security scheme.2.Asset identification of power monitoring and control systems.Taking substation automation systems as typical study object of power monitoring and control systems.On the analysis of difficulities,a complete assets identification method is proposed from three aspects,including asset classification,task identification,and asset quantification. Furthermore,a study instance is constructed based on IEC 61850 to verify the effectiveness of proposed method.3.Reliability assessment of power monitoring and control systems.Taking wide area measurement systems(WAMS) as typical study object of power monitoring and control systems.Reliability analysis of the WAMS is divided into three parts,including control center,data acquisition subsystem,and wide-area communication system such as SDH. Furthermore,the system availability is defined as the reliability index of WAMS.Using the WAMS system of IEEE-14 testing system as study instance,the availability curve can be calculated.4.Designing method for security communication mechanisms of power systems. Taking the communication models in IEC 61850 as study object,the designing related factors of security communication mechiansms are analyzed,and thus construct the designing framework for security communication mechiansms of power systems.Based on the designing framework,two instance studies of unsolved problems are developed. One is a security communication mechanism for remote monitoring and control of wind power plants,which could be used to fulfil the security requirements without any change to SOAP messages of IEC 61400-25.Another one is a security communication mechanism of substation remote configuration,which could meet the security requirements of SCL configurations via the definion of SCL security extension and security process method.更多还原