许训炜,沈希澄,周霞,解相朋,戴剑丰
XU Xunwei,SHEN Xicheng,ZHOU Xia,XIE Xiangpeng,DAI Jianfeng

• 1:南京南瑞继保电气有限公司
• 2:南京邮电大学先进技术研究院

摘要(Abstract)：

源网荷储协同场景下，能源系统发展呈现多方数据交互频繁、多源数据融合的特点。随着安全防护大区外的终端接入不断增加，系统外部接口的多样化发展给传统以边界为核心的网络防护构架带来挑战。为保障源网荷储协同控制系统的安全，并对网络攻击进行有效识别，提出基于数据驱动的网络攻击异常事件关联规则分析方法。首先分析系统日志文件，建立异常事件序列；其次利用FP-Growth算法，生成源网荷储协同控制系统异常事件与网络攻击场景的关联规则；最后利用灰色关联分析算法，实现异常事件与攻击场景的在线匹配，建立源网荷储协同控制系统网络攻击关联分析框架，并验证了所提方法的可行性与有效性。
In the context of “generation-network-load-storage” coordination, energy system development presents the characteristics of frequent multi-party data interaction and multi-source data fusion. With the increasing access of terminals outside the security protection zone, the diversified development of external interfaces of the system brings challenges to the traditional border-centered network protection architecture. To guarantee the safety of the coordinated source-network-load-storage control system and identify cyberattacks effectively, a data-driven correlation analysis method of cyberattack anomaly is proposed. Firstly, the system log files are analyzed to establish the anomaly sequence. Secondly, the FP-Growth algorithm is used to generate the correlation rules between anomalies and cyberattack scenarios of the system. Finally, the gray correlation analysis(GRA) is used to realize the online matching of anomalies and cyberattack scenarios and establish a correlation analysis framework for the cyberattack of the system. The feasibility and effectiveness of the proposed method are verified.

关键词(KeyWords)： 源网荷储协同;关联规则分析;数据驱动;网络攻击
coordinated source-network-load-storage;correlation rule analysis;data-driven;cyberattack

Abstract:

Keywords:

基金项目(Foundation): 国家自然科学基金项目（61933005）

作者(Author): 许训炜,沈希澄,周霞,解相朋,戴剑丰
XU Xunwei,SHEN Xicheng,ZHOU Xia,XIE Xiangpeng,DAI Jianfeng

DOI: 10.19585/j.zjdl.202302010

参考文献(References)：

• [1]孙惠，翟海保，吴鑫.源网荷储多元协调控制系统的研究及应用[J].电工技术学报，2021,36(15):3264-3271.SUN Hui,ZHAI Haibao,WU Xin.Research and application of multi-energy coordinated control of generation,network,load and storage[J].Transactions of China Electrotechnical Society,2021,36(15):3264-3271.
• [2]曾鸣，杨雍琦，刘敦楠，等.能源互联网“源-网-荷-储”协调优化运营模式及关键技术[J].电网技术，2016,40(1):114-124.ZENG Ming,YANG Yongqi,LIU Dunnan,et al.“generation-grid-load-storage” coordinative optimal operation mode of energy Internet and key technologies[J].Power System Technology,2016,40(1):114-124.
• [3]孙秋野，胡杰，胡旌伟，等.中国特色能源互联网三网融合及其“自-互-群”协同管控技术框架[J].中国电机工程学报，2021,41(1):40-51.SUN Qiuye,HU Jie,HU Jingwei,et al.Triple play of energy Internet with Chinese characteristics and its selfmutual-group collaboration control technology framework[J].Proceedings of the CSEE,2021,41(1):40-51.
• [4]KOTOWICZ J,UCHMAN W.Analysis of the integrated energy system in residential scale:Photovoltaics,microcogeneration and electrical energy storage[J]. Energy,2021,227:120469.
• [5]周霞，卜成杰，解相朋，等.面向智慧园区的电力无线异构通信网络切换机制[J].浙江电力，2022,41(2):1-6.ZHOU Xia,BU Chengjie,XIE Xiangpeng,et al.Switching mechanism of heterogeneous wireless network of power communication for smart parks[J]. Zhejiang Electric Power,2022,41(2):1-6.
• [6]王伟亮，王丹，贾宏杰，等.能源互联网背景下的典型区域综合能源系统稳态分析研究综述[J].中国电机工程学报，2016,36(12):3292-3306.WANG Weiliang,WANG Dan,JIA Hongjie,et al. Review of steady-state analysis of typical regional integrated energy system under the background of energy Internet[J].Proceedings of the CSEE,2016,36(12):3292-3306.
• [7]游大宁，刘航航，鲍冠南，等.源网荷储多元协同调度体系研究与实践[J].浙江电力，2021,40(12):20-26.YOU Daning,LIU Hanghang,BAO Guannan,et al. Research and practice on the multiple collaborative scheduling system of source-grid-load-storage[J]. Zhejiang Electric Power,2021,40(12):20-26.
• [8]何金栋，王宇，赵志超，等.智能变电站嵌入式终端的网络攻击类型研究及验证[J].中国电力，2020,53(1):81-91.HE Jindong,WANG Yu,ZHAO Zhichao,et al.Type and verification of network attacks on embedded terminals of intelligent substation[J]. Electric Power,2020,53(1):81-91.
• [9]王栋，陈传鹏，颜佳，等.新一代电力信息网络安全架构的思考[J].电力系统自动化，2016,40(2):6-11.WANG Dong,CHEN Chuanpeng,YAN Jia,et al.Pondering a new-generation security architecture model for power information network[J]. Automation of Electric Power Systems,2016,40(2):6-11.
• [10]李田，苏盛，杨洪明，等.电力信息物理系统的攻击行为与安全防护[J].电力系统自动化，2017,41(22):162-167.LI Tian,SU Sheng,YANG Hongming,et al.Attacks and cyber security defense in cyber-physical power system[J].Automation of Electric Power Systems,2017,41(22):162-167.
• [11]陈郁林，齐冬莲，李真鸣，等.虚假数据注入攻击下的微电网分布式协同控制[J].电力系统自动化，2021,45(5):97-103.CHEN Yulin,QI Donglian,LI Zhenming,et al. Distributed cooperative control of microgrid under false data injection attacks[J]. Automation of Electric Power Systems,2021,45(5):97-103.
• [12]黄悦华，邹子豪，张赟宁，等.基于FP-Growth算法的配电网薄弱点分析研究[J].电测与仪表，2020,57(17):79-84.HUANG Yuehua,ZOU Zihao,ZHANG Yunning,et al.Research on weak point analysis of distribution network based on FP-Growth algorithm[J]. Electrical Measurement&Instrumentation,2020,57(17):79-84.
• [13]刘思怡，苏运，张焰.基于FP-Growth算法的10 kV配电网分支线断线故障诊断与定位方法[J].电网技术，2019,43(12):4575-4582.LIU Siyi,SU Yun,ZHANG Yan.Open-line fault diagnosis and positioning method for 10 kV power distribution network branch line based on FP-Growth algorithm[J].Power System Technology,2019,43(12):4575-4582.
• [14]陈勇，李胜男，张丽，等.基于改进Apriori算法的智能变电站二次设备缺陷关联性分析[J].电力系统保护与控制，2019,47(20):135-141.CHEN Yong,LI Shengnan,ZHANG Li,et al.Association analysis for defect data of secondary device in smart substations based on improved Apriori algorithm[J]. Power System Protection and Control,2019,47(20):135-141.
• [15]费稼轩，裴培，张明，等.电网工控网络攻击场景中的层次关联分析方法[J].南京理工大学学报，2020,44(6):715-723.FEI Jiaxuan,PEI Pei,ZHANG Ming,et al. Hierarchical association analysis method in industrial control cyber attack scenario of power grid[J].Journal of Nanjing University of Science and Technology,2020,44(6):715-723.
• [16]汤奕，李梦雅，王琦，等.电力信息物理系统网络攻击与防御研究综述（二）检测与保护[J].电力系统自动化，2019,43(10):1-9.TANG Yi,LI Mengya,WANG Qi,et al.A review on research of cyber-attacks and defense in cyber physical power systems part two detection and protection[J].Automation of Electric Power Systems,2019,43(10):1-9.
• [17]章锐，费稼轩，石聪聪，等.特定攻击场景下源网荷系统恶意攻击关联分析方法[J].中国电力，2019,52(10):1-10.ZHANG Rui,FEI Jiaxuan,SHI Congcong,et al. Malicious attack correlation analysis method of source-gridload system under specific attack scenarios[J]. Electric Power,2019,52(10):1-10.
• [18]张涛，赵东艳，薛峰，等.电力系统智能终端信息安全防护技术研究框架[J].电力系统自动化，2019,43(19):1-8.ZHANG Tao,ZHAO Dongyan,XUE Feng,et al. Research framework of cyber-security protection technologies for smart terminals in power system[J].Automation of Electric Power Systems,2019,43(19):1-8.