作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2021, Vol. 47 ›› Issue (12): 131-140. doi: 10.19678/j.issn.1000-3428.0059716

• 网络空间安全 • 上一篇    下一篇

面向电力系统网络安全的多层协同防御模型研究

王梓1,2, 王治华3, 韩勇1,2, 金建龙1,2, 黄天明1,2, 朱江1,2   

  1. 1. 南瑞集团有限公司(国网电力科学研究院有限公司), 南京 211106;
    2. 南京南瑞信息通信科技有限公司, 南京 211106;
    3. 国网上海市电力公司, 上海 200122
  • 收稿日期:2020-10-13 修回日期:2020-12-16 发布日期:2020-12-24
  • 作者简介:王梓(1988-),男,高级工程师、硕士,主研方向为电力监控系统、网络空间安全;王治华、韩勇,高级工程师;金建龙,工程师;黄天明、朱江,高级工程师。
  • 基金资助:
    国家电网有限公司总部管理科技项目“电力监控系统网络空间脆弱性分析与威胁探测关键技术研究”。

Research on Mulit-Layer Cooperative Defense Model Oriented to Network Security of Power System

WANG Zi1,2, WANG Zhihua3, HAN Yong1,2, JIN Jianlong1,2, HUANG Tianming1,2, ZHU Jiang1,2   

  1. 1. NARI Group Corporation(State Grid Electric Power Research Institute), Nanjing 211106, China;
    2. NARI Information & Communication Technology Co., Ltd., Nanjing 211106, China;
    3. State Grid Shanghai Municipal Electric Power Company, Shanghai 200122, China
  • Received:2020-10-13 Revised:2020-12-16 Published:2020-12-24

摘要: 为满足电力监控系统组网架构及网络安全协同防护的需求,提出一种多层次且纵深分布的主动安全协同防御模型,并从模型架构、功能机制等方面设计一整套实现方案。基于域内自防御和跨域协防的特性,通过基于灰色关联分析的最高关联度防御决策,并协同安全防护设备间协作,实现从主机层、安防设备层到网络层的网络安全多级防御。通过电力监控系统典型现场对网络安全应用场景进行实验验证,结果表明,该协同防御模型增强了各层级间安全防护能力,能够提供更高效的安全风险监测、安全事件响应及动态处置的手段。

关键词: 电力系统网络安全, 主动防御, 多层协同防御, 协同防御模型, 灰色关联决策

Abstract: The security control and production management of the power system are highly dependent on the network communication between the levels of regulatory agencies, and cyberspace security events always threaten the stable operation of the power grid.In order to meet the needs of power monitoring system architecture and network security collaborative protection, a multi-level, deep distributed collaborative defense model is designed and proposed, and a set of implementation methods are given from the perspective of model architecture, technical methods and functional mechanisms of each module.Based on the characteristics of self-defense and cross-domain cooperative defense in the domain, the model cooperates with security protection devices to perform multi-level active collaborative defense from the host layer, security device layer to the network layer by the highest degree of correlation defense decision-making based on the gray correlation decision.Through the analysis, it is found that the model has the capability of real-time monitoring of network security risks, rapid response to security threats, and dynamic handling of cyber security events, which can effectively improve the level of network security protection of power monitoring systems.

Key words: network security of power system, active defense, multi-layer collaborative defense, collaborative defense model, gray correlation decision

中图分类号: