Research On Defense Of Power Dispatching Automation System Based On Trap Technology

With the increasing requirements for the intelligentization of power systems,especially the continuous development of smart grids,various information technologies are continuously added to the regulation and control of power system operations,making the coupling and interaction between power information systems and physical systems greater and greater.The impact of cyber attacks on the safe and stable operation of power systems is getting more and more serious.The power dispatching automation system,which is the "brain" of power operation control,has become the target of attackers.The attacks against this system are numerous and diverse,making it unpredictable.Therefore,research on attack defense methods for power dispatching automation systems is urgent.This thesis first summarized the existing attack defense methods of cyber-physical system(CPS),and pointed out the lack of active defense methods in the existing defense research.By analyzing the attack patterns and impacts of typical attacks in power dispatching automation systems and the applicability of existing active defense methods in this system,the defense needs of power dispatching automation systems were obtained.Based on the analysis of defense needs,a general framework for active defense of power dispatching automation system has been designed.Based on the overall framework of active defense,an active defense system based on trap technology-"intrusion-resistant defense system" has been proposed.This defense system had strong attack immunity and ideal defense effect.In order to make up for the impact of the intrusion-resistant defense system on the performance of the scheduling system,a defense decision algorithm that combines attack prediction and cross-domain security risk assessment was proposed.This algorithm made defense decisions based on the current attack threats and security risks,and guided the defense process of the intrusion-resistant defense system.The active defense method combined with trap technology and defense decision algorithm proposed in this thesis solved the problems of "when defensive measures need to be taken" and "what targets need to take defensive measures".This method avoided the problem of performance degradation caused by the intrusion-resistant defense system which must always be run in the absence of real-time attack threats and security risk knowledge.Moreover,this method could also protect thesystem from attack,so it was a very feasible active defense method with ideal defense effect.