Combined with characteristics of network-based substation automation system (SAS) and the concept of distributed system vulnerability,a vulnerability assessment method for network-based SAS is proposed in this paper.The substation automation system has been defined formally to construct vulnerability state graph(VSG).The vulnerability of single action is defined based on exponential distribution function including parameters,which are called vulnerability factor and equivalent attacking cost, and then the vulnerability value of target systems are calculated by three connection models of VSG.Furthermore,considering the characteristics of information security in SAS,a vulnerability factor quantification method based on AHP-TOPSIS is designed. An assessment instance is constructed according to IEC 61850 standard.By comparison of vulnerability calculation in different schemes,the proposed method is applicable to quantify vulnerability of network-based SAS effectively and provide guidance for security strategy establishment.
|