Security Risk Assessment Of Cyber Physical Distribution System Under Data Tampering Attack

Under the environment of energy internet promotion,the development of information and communication technologies and the existence of information physics resources have led to a variety of business approaches that can be obtained by external information to affect the control decisions of the cyber physical system for distribution networks(distribution network CPS).False data tampering intrusion attacks is a multi-level attack method focused on the SCADA core components of the distribution network CPS system.Because of the deep coupling of information and physical space,the existence and derivative of this attack can affect the safe operation of the distribution network CPS.Therefore,this paper mainly studies the security risk analysis and assessment of distribution network CPS under data tampering attack.Graph theory modeling is realized by combining the typical attack scenarios,and the risk quantitative evaluation method is explored.The main tasks include:(1)Based on the analysis of the attacker's behavioral pattern and the interaction process between the information and physical system,this paper summarizes the potential intrusion attack scenarios for the load terminal equipment,and establishes the security architecture of the distribution network CPS,including the security configuration and control strategy of the information communication system.(2)Secondly,based on the limited stochastic Petri net(LSPN)modeling method of cyber intrusion attacks,the communication network model of active distribution network under intrusion attack is established,specially focusing on the firewalls,computers and distributed energy resources.To combine the attack success probability with the influence factors on the power side,the security performance evaluation index of the active distribution network CPS is proposed.The evaluation results show that the differences in the communication network hierarchy and power node attributes will affect the operational safety.Moreover,the response speed of the communication network model also has an indirect effect by changing the transition probability.(3)Then,according to the potential multi-level data attack behavior under real-time load control,a data attack graph associated with information device vulnerability is established based on Bayesian graph theory.By analyzing the causal relationship between information equipment and power entity,the "completely-corresponding" interaction model of distribution network CPS is proposed and the system security risk assessment based on attack graph is studied based on Bayesian dynamic inference method.Through simulation experiments,the system security operation is related to the change of the transmission path of attack information,the topological structure of information communication system and the evidence points observed by intrusion detection system.(4)Finally,based on the simulation environment of improved IEEE33-node active distributed test system,a distribution network CPS model is built to simulate the system operation safety under false data tampering attack,and verify the effectiveness of the evaluation index and quantitative assessment method.