Integrated Intelligent Energy

Research on AMI communication intrusion detection combining KNN and optimized feature engineering

LU Guanyu, TIAN Xiuxia, ZHANG Yue

2021, 43(2): 1-8. doi:10.3969/j.issn.1674-1951.2021.02.001

Asbtract ( 385 )

HTML ( 105)

PDF (1248KB) ( 379 )

Figures and Tables | References | Related Articles | Metrics

With the widespread use of internet technology in smart grids, it is particularly important to identify intrusion attacks in power systems. Based on the communication network architecture in Advanced Metering Infrastructure（AMI）, an AMI communication intrusion detection scheme combining K Nearest Neighbor （KNN） and optimized feature engineering is proposed in response to the smart grid intrusion detection requirements. Intrusion attack flow can be identified through four modules： data collection, data preprocessing, feature engineering and model training. In feature engineering module, the features inputted into KNN training model are optimized by text feature extraction method, and the redundant feature vectors are removed based on the information gain values. In model training part, the types of data are judged by the labels of the k nearest neighbour training samples. The proposed scheme was tested on public intrusion detection data sets ADFA-LD, and the detection accuracy of various intrusion attacks was obtained. The experimental results show that the detection performance of this scheme is superior to the traditional intrusion detection scheme, with an 21.96% increase in the classification accuracy under the optimal feature extraction model.

An intrusion detection method for integrated energy network based on GRU-CNN

LYU Zhengquan, LI Zhaoyang, WANG Haifeng, CHEN Yijun, PENG Daogang

2021, 43(2): 9-14. doi:10.3969/j.issn.1674-1951.2021.02.002

Asbtract ( 249 )

HTML ( 83)

PDF (1013KB) ( 427 )

Figures and Tables | References | Related Articles | Metrics

Influenced by the transformation of power system to an integrated energy one and the evolution of network attack technology, power information security and protection is getting mounting challenges. Network intrusion detection system （NIDS）can identify weaknesses in the power system. Pursuing detection accuracy, but neglecting the missing data in manual feature extraction is the problem in the course of improving the traditional algorithm. Thus, an intrusion detection method based on the Gated Recurrent Unit （GRU） and Convolutional Neural Network （CNN） is proposed. The method uses GRU to extract the original time series features, takes CNN to obtain multi-dimensional features, and realizes the mapping of abnormal traffic with Softmax classifier. The method has been practiced in the training of two experimental models, KDD99 data set and False Data Injection Attack （FDIAs）. The results show that the method performs better in classification and detection accuracy than the traditional one, which verifies the effectiveness and practicability of the method.

Research on dynamic trust evaluation mechanism on MAC layer in G3-PLC

DONG Chongchong, XIE Wei, SUN Bingyu, JIAN Zini, JIANG Jiu, WANG Xianpei

2021, 43(2): 15-21. doi:10.3969/j.issn.1674-1951.2021.02.003

Asbtract ( 252 )

HTML ( 82)

PDF (1001KB) ( 296 )

Figures and Tables | References | Related Articles | Metrics

G3-PLC is one of the most widely used power line communication standard protocols. It is suitable for applications which make moderate requests on data transmission speed, such as meter reading and smart grid monitoring. In order to ensure the security of power line carrier communication under the standard G3, an extra MAC sensing sublayer was added on the existing MAC communication layer and 6LoWPAN security authentication layer of Media Access Control （MAC） layer, in compliance with the wireless communication security technology standard. And a dynamic trust evaluation mechanism model was constructed to make reasonable allocation of user spectrum resources. The trust mechanism makes evaluation according to users' behavior by reinforcement learning. Taking trust value as the reward and punishment system, the trust value is used as the criterion to distribute spectrum resources between clients. Ensuring that each perception client can be fused with high-reputation nodes in the process of communication,the trust value of malicious users will be reduced. The method can perform correct spectrum sensing, suppress the spectrum resources allocated to malicious users, and finally remove malicious users away from the entire network.

Smart meter authentication scheme based on PUF and MtE

JIN Xin, TIAN Xiuxia

2021, 43(2): 22-27. doi:10.3969/j.issn.1674-1951.2021.02.004

Asbtract ( 268 )

HTML ( 6)

PDF (957KB) ( 342 )

Figures and Tables | References | Related Articles | Metrics

In recent years,technologies of smart grid have developed rapidly. As one of the basic devices for data collection in smart grid, smart meter has problems of insufficient authentication and user privacy leakage. A secured authentication scheme using Physical Unclonable Function（PUF）, MAC-then-Encrypt（MtE） and one-way Hash Function is proposed . In the security analysis, the improved BAN logic is used in formal analysis. The results show that this scheme can resist physical attacks, smart meter internal attacks, man-in-the-middle attacks,etc., and ensure the confidentiality and integrity of the transmitted data.

Research on insulator detection technology based on end-to-end algorithm

XIAO Xinshuai, TIAN Xiuxia, XU Man

2021, 43(2): 28-33. doi:10.3969/j.issn.1674-1951.2021.02.005

Asbtract ( 194 )

HTML ( 2)

PDF (3715KB) ( 356 )

Figures and Tables | References | Related Articles | Metrics

Insulators are important electrical components in power systems, so it is important to study the target detection of insulators. Traditional recognition methods are of low utilization rate of image information and low accuracy. With the development of deep learning, good recognition results have been achieved in image identification and image detection. End-to-end deep learning target detection methods （YOLOv1,SSD,YOLOv2）are used in testing a custom dataset of an insulator and the results are compared. The experimental results show that the end-to-end deep learning algorithm can identify and locate the insulator. Maintaining the current detection performance, the method can improve the detection speed for insulators and meet the requirement of real-time power inspection.

Research on DoS attack to the communication system between DTU and master station

YU Peng, WANG Yong

2021, 43(2): 34-39. doi:10.3969/j.issn.1674-1951.2021.02.006

Asbtract ( 265 )

HTML ( 5)

PDF (1229KB) ( 307 )

Figures and Tables | References | Related Articles | Metrics

A distribution automation system is mainly composed of a distribution master station,distribution substations and distribution terminals.The working status of the terminals and the master station will influence the stable operation of the whole system.In order to keep the communication security of the system,a communication system was built between the DTU （Data Transfer Unit） and the master station based on TCP protocol.DoS attacks were made to the system to verifies the existence of security threats.In order to enhance the anti-DoS attack capability of the communication system,a whitelist-based protection strategy is proposed.

Security risks and models of energy industry's cyberspace

GONG Yue, LI Qiuxiang, ZHANG Xinyu, GONG Gangjun, JIN Lu

2021, 43(2): 40-45. doi:10.3969/j.issn.1674-1951.2021.02.007

Asbtract ( 264 )

HTML ( 2)

PDF (881KB) ( 335 )

Figures and Tables | References | Related Articles | Metrics

The increasing demand for an open,interconnective and standardized technical system of energy industry exerts sustained pressure on the traditional physical isolated control system.From the perspective of key infrastructure and critical information infrastructure,the importance of control system security in energy industry and the difference of security protection levels in different energy industrial systems were analyzed.At the same time,security risks on the fusion of operation technology（OT） and information communication technology（ICT） in energy industry cyberspace based on the information physical systems were studied ,and the security characteristics of the deep integrations of energy flow,business flow and information flow were described.Finally,a security management model for energy industry cyberspace was proposed to realize its intelligent perception,active defense,predictive maintenance,and improvement of the protection capacity.

Design of a comprehensive protection and control system for industrial control PLC in electric industry

LIU Wenbin

2021, 43(2): 46-52. doi:10.3969/j.issn.1674-1951.2021.02.008

Asbtract ( 238 )

HTML ( 5)

PDF (1280KB) ( 298 )

Figures and Tables | References | Related Articles | Metrics

With the integrating of informatization and industrialization,industrial communication and automatic control technologies have become more networked,standardized and open.Meanwhile,the security vulnerabilities in communication protocol and security strategy are exposed for the lack of information security functions in Programmable Logic Controller（PLC） itself.And this traditional threat to information security has developed into the field of industrial control（IC）.Massive PLCs are widely used in electric power enterprises,especially in their core part.Once the medium or high risk vulnerabilities be attacked,PLC will malfunction,leading to data tampering,information leakage and even PLC breakdown and DoS.To solve the prominent hidden danger in information security of PLC,a multidimensional comprehensive protection and control system for industrial PLC in electric industry is proposed.The system can execute protection from three aspects,network boundary division of auxiliary network control systems,self security protection and comprehensive management.This design have been deployed in an electric power enterprise and achieved satisfied results.It could improve the security protection for plant-level PLC systems to a new level.

Exploration for new management and control mode of Energy Internet information security

WEI Feng, ZHANG Xun

2021, 43(2): 53-59. doi:10.3969/j.issn.1674-1951.2021.02.009

Asbtract ( 268 )

HTML ( 3)

PDF (1782KB) ( 258 )

Figures and Tables | References | Related Articles | Metrics

With the rapid development of information and communication technologies such as big data,cloud computing,Internet of Things（IoT）,mobile internet,Artificial Intelligence and blockchain,information communication network is accelerating development towards ubiquitous sensing,ubiquitous connection and intelligent connection. And there are increasing numbers of Power IoT devices in modern industries and lives.However,the supporting infrastructures and security functions are incomplete,and security problems in Power IoT are emerging rapidly.New business forms including full-covered massive terminal equipment,all-round comprehensive energy services,full-process lean management,full-service online operation,full-time and space interaction and unified data across all services have proposed higher requirements on the safe operation management and technical protection for Power IoT.The security technology and management measures for Energy IoT are discussed from three aspects：all-component coding technology,cloud data security management mode and human-network secured interaction.In the context of the Power IoT,power grid companies must make further exploration on IoT safety management and technical protection system,improve the safety awareness and practical capabilities,and effectively guarantee high-quality power supply and provide comprehensive energy services.

Research on power network security protection system in digital new infrastructure construction

LIU Chao, ZHANG Peng, QIANG Ren, ZHAO Yupeng, JU Wei, XIA Yongxin, YUAN Linlin

2021, 43(2): 60-65. doi:10.3969/j.issn.1674-1951.2021.02.010

Asbtract ( 292 )

HTML ( 4)

PDF (1464KB) ( 292 )

Figures and Tables | References | Related Articles | Metrics

Digitalization has become an important issue in new infrastructure construction of China.As an important propeller for developing new industries and advancing modern productivity,the construction closely connects deepening network interactivity,digital integration and information coupling to network security incidents.At the beginning,the development trend of power network security in digital new infrastructure construction was analyzed.And a power network security protection system was proposed complying with the requirements made by new-form cybersecurity protection for all services under"classified protection of cybersecurity 2.0".Then,by expounding opportunities and challenges faced by the power network security in the new infrastructure construction,a full life cycle model for network development and management was set up. Finally,a healthy and effective power network security protection and supervision model was constructed to secure a safe and operative power network in digital new infrastructure.

Research on the security control mechanism of power intelligent terminals during new digital infrastructure construction

ZHANG Peng, LIU Chao, ZHAO Yupeng, YUAN Linlin, JU Wei, QIANG Ren, XIA Yongxin

2021, 43(2): 66-71. doi:10.3969/j.issn.1674-1951.2021.02.011

Asbtract ( 231 )

HTML ( 4)

PDF (1079KB) ( 505 )

Figures and Tables | References | Related Articles | Metrics

In order to realize safe data transmission and information interaction between power intelligent terminals during new digital infrastructure construction,sustainable development has to be kept in power industry.In the discussion on the different application scenarios of power intelligent terminals and their security threats,the focuses are laid on analyzing the full life cycle management and control mode for terminal equipment and data.The security management and control mechanism including"real-time detection,dynamic management and control-active supervision"can realize the secured data and information communication between equipment of power intelligent terminals,which provides an important reference for the safe,efficient and rapid development of power industry.

Comparative study on IEC 62443 and the baseline for classified protection of cybersecurity

WANG Jian, WANG Tianyi, ZHAI Yahong, JIANG Tianlun

2021, 43(2): 72-76. doi:10.3969/j.issn.1674-1951.2021.02.012

Asbtract ( 515 )

HTML ( 17)

PDF (917KB) ( 917 )

Figures and Tables | References | Related Articles | Metrics

Information security problems exposed in industrial production process make industrial control security a hot spot.International serial standards IEC 62443 and the baseline for classified protection of China have proposed security requirements for industrial control systems,respectively.Focused on the information security requirements for industrial control systems,the security requirements and classified protection standards in IEC 62443-3-3 and the equivalence part in GB/T 22239—2019 are compared.Analysis and comparison carried out on these standards from application scope,safety level and specific indicators can tutor the practitioners in industrial control security.

Evolution analysis on security program requirements for operation and maintenance service providers in IEC 62443

GONG Gangjun, MENG Zhiruo, TIAN Huiwen, LIU Ren, JIN Lu

2021, 43(2): 77-82. doi:10.3969/j.issn.1674-1951.2021.02.013

Asbtract ( 181 )

HTML ( 4)

PDF (1270KB) ( 273 )

Figures and Tables | References | Related Articles | Metrics

Standard IEC 62443-2-4 in promotion has vague contents,as well as differences among various editions.Making contrast on the items in 2015 edition and 2017 edition,the updated requirement description,basic principles and documents in the body and appendix A of the standard are summarized.Meanwhile,the ratios of new items and different updating ways are calculated,and the classic items are listed.The influence brought by the later edition and the causes of the update are concluded,which facilitates users' understanding and application,and alleviates the potential mistakes made in the course of referring to IEC 62443.

Table of Content