Research On Cyber Security And Defence Strategy Of Wind Farm SC ADA System

With the development of new energy sources and the cleanning alternate energy sources,wind power installed capacity is increasing year by year.The need of wind farm centralized control and the continuous development of industrial Internet make it necessary for wind farm SCADA system to connect to the Internet.However,it’s increases the exposure area of wind farm internal control network on the Internet.The cyber attacks against industrial control systems make wind farm owners deeply worried about wind power access to the Internet and become the key bottleneck restricting the development of wind power.Therefore,it is the only way to promote the development of wind power and the construction of industrial Internet to study the information security protection method of wind farm SCADA system.(1)By analyzing the hierarchical structure of wind farm SCADA system,the vulnerab ility analysis of the system is carried out from three dimensions:host security,communication security and management security.The SCADA system of wind farm is tested on the basis of Achilles authentication standard.The test proves that the SCADA system of wind farm has so me security defects such as Dos and information leakage.(2)Aiming at the security defects of wind farm,the active security protection method of wind farm based on automatic decision is proposed.Based on the whitelist strategy,the blower control instructions are filtered by rules,and a filtering method combining static whitelist filtering and dynamic whitelist filtering is designed.Based on D-S evidence theory and method,the situation assessment of wind farm is carried out,and the security of wind turbine control instruction is evaluated by combining the reference factors such as wind speed,power grid dispatching information and alarm information of key unit components.Knowledge automation techniques such as knowledge discovery analysis model and safety rule list are used to integrate whitelist filtering mechanism and wind farm security situation assessment method to make cooperative security decision.(3)Based on SSAE method,an auxiliary generation mechanism for whitelist rules of Modbus TCP protocol is proposed.Through the bypass detection mechanism,grab the message in the communication network.After data preprocessing,the detection feature data of Modbus TCP communication message are extracted.A deep SSAE neural network composed of two layers of SAE is designed.The feature data are studied and classified by SSAE neural network,and the eigenvalues of normal communication packets are extracted.Thus auxiliary generation of Modbus TCP protocol communication whitelist rules.The linkage mechanism between snort intrusion detection system and netfiter/iptable is designed to form a IPS intrusion protection system,which can detect the data packet characteristics in the network in real time and execute the whitelist rules.(4)The wind farm SCADA network is built by using the domestic Wind turbine PLC and the wind farm SCADA system of related enterprises.Combined with the wind turbine data simulation chassis,the semi-physical simulation experiment platform of wind farm SCADA system is constructed.Based on this platform,the experiments of generating whitelist detection rules for SCADA system security vulnerability test in wind farm are carried out.The results show that the proposed method is scientific and effective.