CN113676940B - Isolation test method and isolation test system for 5G power grid slicing - Google Patents
Isolation test method and isolation test system for 5G power grid slicing Download PDFInfo
- Publication number
- CN113676940B CN113676940B CN202110896214.1A CN202110896214A CN113676940B CN 113676940 B CN113676940 B CN 113676940B CN 202110896214 A CN202110896214 A CN 202110896214A CN 113676940 B CN113676940 B CN 113676940B
- Authority
- CN
- China
- Prior art keywords
- isolation
- service
- network
- test
- slice
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000002955 isolation Methods 0.000 title claims abstract description 111
- 238000012360 testing method Methods 0.000 title claims abstract description 64
- 238000010998 test method Methods 0.000 title claims abstract description 14
- 238000011990 functional testing Methods 0.000 claims abstract description 17
- 238000004891 communication Methods 0.000 claims description 54
- 238000012544 monitoring process Methods 0.000 claims description 14
- 238000005242 forging Methods 0.000 claims description 11
- 238000000034 method Methods 0.000 claims description 10
- 230000004044 response Effects 0.000 claims description 10
- 239000012634 fragment Substances 0.000 claims description 9
- 230000000903 blocking effect Effects 0.000 claims description 7
- 230000003993 interaction Effects 0.000 claims description 6
- 230000002708 enhancing effect Effects 0.000 claims 3
- 230000002159 abnormal effect Effects 0.000 abstract description 11
- 238000005516 engineering process Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 238000001612 separation test Methods 0.000 description 3
- 230000001360 synchronised effect Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 238000004088 simulation Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/06—Testing, supervising or monitoring using simulated traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W28/00—Network traffic management; Network resource management
- H04W28/02—Traffic management, e.g. flow control or congestion control
- H04W28/06—Optimizing the usage of the radio link, e.g. header compression, information sizing, discarding information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses an isolation test method and an isolation test system for 5G power grid slicing, and belongs to the technical field of 5G power grid slicing isolation test. The prior art does not disclose how to test the isolation of slices quickly and effectively. The isolation test method for 5G power grid slicing comprises a functional test for performing inter-slice isolation on service indexes or/and a functional test for performing inter-slice isolation on network open functions (NEFs). The invention carries out the function test of carrying out the inter-slice isolation for the service index and the function test of carrying out the inter-slice isolation for the network open function NEF by the existing data of the power grid, the type of each item of comprehensive data and the influence degree on the performance index of the power system, counterfeits the normal or abnormal data packet and the request packet, and verifies the isolation of the slices among the power service systems, thereby ensuring that the service scenes can not interfere with each other, and the scheme is detailed, practical and convenient to realize.
Description
Technical Field
The invention relates to an isolation test method and an isolation test system for 5G power grid slicing, and belongs to the technical field of 5G power grid slicing isolation test.
Background
The 5G network slice is a logic network which is constructed based on the wireless access network, the bearing network, the core network infrastructure and the network virtualization technology and is oriented to different service characteristics. Operators can respectively construct 5G network slices isolated from each other on a shared network infrastructure through technologies such as capability opening, intelligent scheduling, safety isolation and the like for different industry applications, and differentiated network services are provided. Smart grids will extend towards mass-connection, safety, efficiency, and peripheral, and will face more complex challenges.
The traditional distribution network adopts overcurrent protection, has large power failure influence range, cannot be accurately checked, and needs to improve the power supply reliability, so that the accurate positioning of the distribution network faults is realized. In order to realize the service scene of the power grid, network slicing service division is needed.
The network slicing technology is beneficial to constructing an open network ecology taking operators as centers, fully exerts the potential of network infrastructure and expands new income sources. Meanwhile, for the vertical industry, the network slicing is also beneficial to greatly reducing the construction and operation cost of the private network, and the dynamic network demand can be rapidly met by means of the flexible performance elastic shrinkage advantage of the network slicing. The application of the network slicing technology is a great innovation of the telecommunication network, and lays a solid foundation for the deep fusion of the telecommunication network and the industry application.
Unlike the privacy and closeness of traditional physical private networks, 5G network slices are virtualized private networks built on shared resources, and slice security needs to provide end-to-end security isolation mechanisms between network slices in addition to traditional mobile network security mechanisms (e.g., access authentication, access layer and non-access layer signaling and encryption and integrity protection of data, etc.).
Because the slicing involves each stage of communication, how to test the isolation of the slicing rapidly and effectively meets the requirements of service scenes is a problem to be solved urgently.
Disclosure of Invention
Aiming at the defects of the prior art, the invention aims to provide an isolation test method and an isolation test system for slicing a 5G power grid, which are used for performing inter-slice isolation test on service indexes by forging normal or abnormal data packets to realize the verification of the isolation of slices among the service systems of the power, thereby ensuring that all service scenes are not interfered with each other.
The second purpose of the invention is to provide an isolation test method and an isolation test system for slicing a 5G power grid, which are used for rapidly and effectively testing the interval between slices of functional indexes through forging a data request packet, and realizing the isolation verification of slices among power business systems, thereby ensuring that business scenes can not interfere with each other.
In order to achieve one of the above purposes, the technical scheme of the invention is as follows:
the isolation test method for 5G power grid slicing comprises a function test for performing inter-slice isolation for service indexes or/and a function test for performing inter-slice isolation for network open function (NEF);
the functional test for inter-slice isolation of the service index is an isolation test of service performance slices, and specifically comprises the following steps:
firstly, falsifying a service flow data packet;
step two, the business flow data packet in the step one is sent to a business network in a pressure test mode to carry out network blocking operation; monitoring another service network and collecting communication performance index data thereof;
thirdly, judging whether the service network performance is affected or not according to the communication performance index data in the second step;
if affected, indicating that the isolation of the service performance fragments fails;
if not, the isolation of the service performance fragments is successful;
the functional test of inter-slice isolation for the network open function NEF is an isolation test between network element slices, and specifically comprises the following steps:
step one, capturing a normal communication request packet of a certain service system;
step two, the other business system counterfeits the business data request packet according to the request packet in the step one;
step three, sending the forged business data request packet in the step two to a 5G communication network;
if a response data packet returned by the 5G communication network is received, indicating that the isolation between the service systems is invalid;
and if the response data packet returned by the 5G communication network is not received or the data packet identity error warning data packet is received, the isolation between the service systems is effective.
Through continuous exploration and test, the invention can carry out the inter-slice isolation test on the service indexes by forging normal or abnormal data packets, thereby realizing effective verification of the isolation of slices among the service systems of the electric power, meeting the requirements of service scenes, and the scheme is detailed, practical and feasible.
Or/and, the invention provides a method for rapidly and effectively testing the space between the slices of the functional index through forging the data request packet, so as to realize the isolation verification of the slices between the power business systems, meet the requirements of business scenes, and the scheme is detailed, practical and feasible.
Further, the invention verifies the isolation of the slices among the power service systems by the existing data of the power grid, the type of each data and the influence degree on the performance index of the power system, counterfeiting normal or abnormal data packets and request packets, carrying out the functional test of the inter-slice isolation for the service index and the functional test of the inter-slice isolation for the network open function NEF, thereby ensuring the non-interference among the service scenes, and the scheme is detailed, practical and feasible and convenient to realize.
As a preferred technical measure:
the first step, the forging method of the business flow data packet is as follows:
collecting protocol data packets of different services generated by the power grid according to different service requirements of the 5G power grid;
the protocol data packets are industrial control protocol packets (ModBus, profiBus etc.) or video traffic protocol packets (HLS, HDS etc.) or normal communication protocol packets (UDP/TCP etc.).
As a preferred technical measure:
the second step, the network blocking method is as follows:
by sending data packets with different proportions, a network congestion scene is simulated, flow and service performance characteristics are monitored, whether a service performance model is met or not is evaluated, and if not, isolation of a service slice fails.
The data packet is generated by a pressure testing tool LOIC.
As a preferred technical measure:
the service network is an enhanced mobile bandwidth (eMBB) slice or a mass machine communication (mMTC) slice or an ultra-high reliability low-delay communication (uRLLC) slice;
enhanced mobile bandwidth (eMBB) slicing to meet performance requirements of 5G network throughput, peak rate, and low latency;
mass machine communication (mctc) for satisfying a huge number of connections to support performance requirements of mass internet of things devices;
an ultra-high reliability low latency communication (uRLLC) slice is used for meeting the service performance of high reliability and ultra-low latency of a network.
As a preferred technical measure:
the isolation test between the network element slices further comprises the following contents:
in the scenes of the network element slice sharing mode, the partial exclusive mode and the full exclusive mode, aiming at different network element slices, a designated interface request test packet is sent through a network opening function (NEF) open interface, and meanwhile, a system log and performance indexes are monitored.
As a preferred technical measure:
the sending of the interface request test packet and the performance index monitoring comprise the following contents:
issuing a control command of a data interaction unit SMF, and monitoring performance indexes of a user interface function UPF service;
or a control command of the data interaction unit SMF is sent in a large batch, whether the service performance of other network element functions is affected is judged, and if the deviation or the deviation service performance index is too large, the slicing isolation fails.
As a preferred application technical measure:
an isolation test system for 5G power grid slicing,
comprises a terminal 1, a terminal 2 and a terminal 3;
a terminal 1 for transmitting a normal communication data packet;
a terminal 2, configured to generate a denial of service DoS attack, causing network congestion;
a terminal 3 for falsifying the identity of the terminal 1 to send a data request packet;
terminal 2 and terminal 3 are isolated from terminal 1 respectively;
the terminal 1 accesses the 5G communication network according to the normal service logic;
the terminal 2 simulates a network congestion scene by sending a large number of data packets, and if the communication of the terminal 1 is not affected, the isolation between the terminals 1 and 2 is effective;
if the terminal 1 is blocked, the 5G communication network cannot be accessed or the performance is obviously reduced, which indicates that the isolation is invalid;
the terminal 3 falsifies a data request packet of the identity of the terminal 1 and sends the data request packet to the 5G communication network;
if the terminal 3 receives a response data packet returned by the 5G communication network, the isolation failure is indicated; if the response data packet returned by the 5G communication network is not received or the data packet identity error warning data packet is received, the isolation between the terminal 1 and the terminal 3 is effective.
Through continuous exploration and test, the invention can perform inter-slice separation test on the service index and the functional index by forging normal or abnormal data packets and request packets; and further, the isolation of the slices among the service systems of the electric power is effectively verified, so that the mutual noninterference among service scenes is ensured, and the scheme is detailed, practical and feasible and convenient to realize.
As a preferred technical measure:
the terminal 2 uses the pressure test tool LOIC to launch a flooding attack, causing network congestion.
As a preferred technical measure:
the flooding attack comprises the following steps:
s1, a terminal 2 sends a synchronous sequence number SYN request message to a 5G communication network;
s2, after the S1 is completed, the terminal 2 selects to drop the line or change the IP;
and S3, after receiving the request message in the S1, the 5G communication network sends a synchronous sequence number SYN+ acknowledgement character ACK message to the terminal 2, and when the 5G communication network cannot receive the acknowledgement character ACK message of the terminal 2, the synchronous sequence number SYN+ acknowledgement character ACK message is continuously sent, so that the network is blocked.
As a preferred technical measure:
the terminal 3 grabs a normal communication request packet of the packet capturing terminal 1 through a network packet capturing tool, and counterfeits a data request packet of the identity of the terminal 1 according to the normal communication request packet.
Compared with the prior art, the invention has the following beneficial effects:
through continuous exploration and test, the invention can perform inter-slice separation test on the business index by forging normal or abnormal data packets; and then effectively verify the isolation of the slice between each service system of electric power, satisfy the demand of service scene, the scheme is thorough, practical, feasible.
Or/and, the invention provides a method for rapidly and effectively testing the inter-slice separation of the function indexes by forging a data request packet; and then effectively verify the isolation of the slice between each service system of electric power, satisfy the demand of service scene, the scheme is thorough, practical, feasible.
Further, the invention verifies the isolation of the slices among the power service systems by the existing data of the power grid, the type of each data and the influence degree on the performance index of the power system, counterfeiting normal or abnormal data packets and request packets, carrying out the functional test of the inter-slice isolation for the service index and the functional test of the inter-slice isolation for the network open function NEF, thereby ensuring the non-interference among the service scenes, and the scheme is detailed, practical and feasible and convenient to realize.
Drawings
FIG. 1 is a flow chart of an isolation test according to the present invention;
FIG. 2 is a flow chart of a network congestion according to the present invention;
fig. 3 is a flow chart of a fake data request packet according to the present invention.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
On the contrary, the invention is intended to cover any alternatives, modifications, equivalents, and variations as may be included within the spirit and scope of the invention as defined by the appended claims. Further, in the following detailed description of the present invention, certain specific details are set forth in order to provide a better understanding of the present invention. The present invention will be fully understood by those skilled in the art without the details described herein.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The term "or/and" as used herein includes any and all combinations of one or more of the associated listed items.
The isolation test method for 5G power grid slicing comprises a function test for performing inter-slice isolation for service indexes or/and a function test for performing inter-slice isolation for network open function (NEF);
the functional test for inter-slice isolation of the service index is an isolation test of service performance slices, and specifically comprises the following steps:
firstly, falsifying a service flow data packet;
step two, the business flow data packet in the step one is sent to a business network in a pressure test mode to carry out network blocking operation; monitoring another service network and collecting communication performance index data thereof;
thirdly, judging whether the service network performance is affected or not according to the communication performance index data in the second step;
if affected, indicating that the isolation of the service performance fragments fails;
if not, the isolation of the service performance fragments is successful;
the functional test of inter-slice isolation for the network open function NEF is an isolation test between network element slices, and specifically comprises the following steps:
step one, capturing a normal communication request packet of a certain service system;
step two, the other business system counterfeits the business data request packet according to the request packet in the step one;
step three, sending the forged business data request packet in the step two to a 5G communication network;
if a response data packet returned by the 5G communication network is received, indicating that the isolation between the service systems is invalid;
and if the response data packet returned by the 5G communication network is not received or the data packet identity error warning data packet is received, the isolation between the service systems is effective.
Through continuous exploration and test, the invention can perform inter-slice separation test on the business index by forging normal or abnormal data packets; and then effectively verify the isolation of the slice between each service system of electric power, satisfy the demand of service scene, the scheme is thorough, practical, feasible.
Or/and, the invention provides a method for rapidly and effectively testing the inter-slice separation of the function indexes by forging a data request packet; and then effectively verify the isolation of the slice between each service system of electric power, satisfy the demand of service scene, the scheme is thorough, practical, feasible.
Further, the invention verifies the isolation of the slices among the power service systems by the existing data of the power grid, the type of each data and the influence degree on the performance index of the power system, counterfeiting normal or abnormal data packets and request packets, carrying out the functional test of the inter-slice isolation for the service index and the functional test of the inter-slice isolation for the network open function NEF, thereby ensuring the non-interference among the service scenes, and the scheme is detailed, practical and feasible and convenient to realize.
As shown in fig. 1, a preferred embodiment of the present invention for performing a functional test of inter-slice isolation for traffic metrics:
the isolation test of the service performance fragments comprises the following steps:
(1) Falsifying a service flow data packet;
and collecting protocol data packets of different services generated by the power grid according to different service requirements of the 5G power grid. Such as industrial control protocol packets (ModBus, profiBus, etc.), video traffic protocol packets (HLS, HDS, etc.), normal communication protocol packets (UDP/TCP, etc.);
(2) Transmitting flow data packets with different proportions in a pressure test mode, simulating to block one service network, monitoring other service networks and collecting communication performance index data of the other service networks;
(3) And judging whether the service performance model is met or not by monitoring service and communication performance index data, and if the service performance model deviates or the deviation is too large, indicating that the isolation of the service performance fragments fails.
(4) And (3) specific scene simulation:
simulating current network congestion: and simulating a network congestion scene by sending a large number of data packets, monitoring flow and service performance characteristics, evaluating whether a service performance model is met, and if not, failing to isolate the service slice.
The invention relates to a best embodiment for performing a function test of inter-slice isolation for a network open function (NEF)
Isolation testing between network element slices, comprising the following:
aiming at the open function of the network open function NEF, in the scenes of the network element slice sharing mode, the partial exclusive mode and the full exclusive mode, aiming at different network element slices, a designated interface request test packet is sent through the network open function NEF open interface, and meanwhile, the system log and the performance index are monitored.
And (3) sending a control command of the data interaction unit SMF, monitoring the performance index of the user plane function UPF service, or sending the control command of the data interaction unit SMF in a large batch to influence the service performance of other network element functions, and if the deviation or deviation of the service performance index is overlarge, failing the slice isolation.
The steps are as follows:
(1) The normal or abnormal business data request packet is forged through the existing data of the power grid, the types of all data are synthesized, and the degree of influence on the performance index of the power system is reduced;
(2) Issuing a data request packet in a flow burst mode, and monitoring performance indexes of other services;
(3) And evaluating whether the service performance model is met by monitoring service and communication performance index data, and if the deviation or the deviation is excessive, indicating that the isolation of the service performance fragments fails.
(4) And (3) specific scene simulation:
terminal concurrent access test:
1> DoS test
2> spoofing data packet parallel communication test.
As shown in fig. 2, an embodiment of the isolation test system of the present invention for network congestion is applied:
the isolation test system is provided with a terminal 1 and a terminal 2, wherein the two terminals are isolated from each other, and simultaneously access to a 5G communication network.
The terminal 1 accesses the 5G communication network according to the normal service logic;
the terminal 2 uses the pressure test tool LOIC to launch a flooding attack, causing network congestion.
Analysis of results:
the terminal 2 performs denial of service DoS attack, which causes network blocking, the communication of the terminal 1 is not affected, which indicates that the isolation between the terminals 1 and 2 is effective, and if the terminal 1 is also subject to network blocking, the 5G communication network cannot be accessed or the performance is obviously reduced, which indicates that the isolation is invalid
As shown in fig. 3, an embodiment of the present invention for isolating a test system from spurious request instructions is applied:
the isolation test system comprises a terminal 1 and a terminal 3, wherein the two terminals are isolated from each other.
The terminal 3 transmits a forged data request packet of the terminal 1 to access the 5G communication network.
And sending a data request packet of the identity of the fake terminal 1 which is grabbed at the terminal 3 by a normal communication request packet of the packet grabbing tool, namely the packet grabbing terminal 1 through the network, if a response data packet returned by the 5G communication network is received, indicating that the isolation is invalid, and if the response data packet returned by the 5G communication network is not received or a data packet identity error alarm data packet is received, indicating that the isolation between the terminal 1 and the terminal 3 is effective.
The analysis of the results of the present invention is shown in Table 1 below:
TABLE 1
The invention is applied to the isolation test of the slice under the 5G power grid environment for the control service data packet and the acquisition service data packet, and the test result shown in the following table 2 is generated.
TABLE 2
According to the invention, through the existing data of the power grid, the types of all data and the influence degree on the performance index of the power system are synthesized, normal or abnormal data packets are forged, the function test of inter-slice isolation for service indexes and the function test of inter-slice isolation for network open function NEF are carried out, and the isolation of the slices among the power service systems is verified, so that the mutual noninterference among service scenes is ensured.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Finally, it should be noted that: the above embodiments are only for illustrating the technical aspects of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the above embodiments, it should be understood by those of ordinary skill in the art that: modifications and equivalents may be made to the specific embodiments of the invention without departing from the spirit and scope of the invention, which is intended to be covered by the claims.
Claims (5)
1. The isolation test method for the 5G power grid slice is characterized in that,
the method comprises the steps of performing a functional test of inter-slice isolation for service indexes and performing a functional test of inter-slice isolation for network open functions (NEFs);
the functional test for inter-slice isolation of the service index is an isolation test of service performance slices, and specifically comprises the following steps:
firstly, falsifying a service flow data packet;
step two, the business flow data packet in the step one is sent to a business network in a pressure test mode to carry out network blocking operation; monitoring another service network and collecting communication performance index data thereof;
thirdly, judging whether the service network performance is affected or not according to the communication performance index data in the second step;
if affected, indicating that the isolation of the service performance fragments fails;
if not, the isolation of the service performance fragments is successful;
the functional test of inter-slice isolation for the network open function NEF is an isolation test between network element slices, and the isolation test between the network element slices comprises the following contents:
aiming at the open function of the network open function NEF, in the scenes of a network element slice sharing mode, a partial exclusive mode and a full exclusive mode, aiming at different network element slices, a designated interface request test packet is sent through a network open function NEF open interface, and meanwhile, a system log and performance indexes are monitored; the method specifically comprises the following steps:
step one, capturing a normal communication request packet of a certain service system;
step two, the other business system counterfeits the business data request packet according to the request packet in the step one;
step three, sending the forged business data request packet in the step two to a 5G communication network;
if a response data packet returned by the 5G communication network is received, indicating that the isolation between the service systems is invalid;
if the response data packet returned by the 5G communication network is not received or the data packet identity error warning data packet is received, the isolation between the service systems is effective;
the sending of the interface request test packet and the performance index monitoring comprise the following contents:
issuing a control command of a data interaction unit SMF, and monitoring performance indexes of a user interface function UPF service;
or a control command of the data interaction unit SMF is sent in a large batch, whether the service performance of other network element functions is affected is judged, and if the deviation or the deviation service performance index is too large, the slicing isolation fails.
2. The isolation test method for 5G grid slices as set forth in claim 1, wherein,
the first step, the forging method of the business flow data packet is as follows:
collecting protocol data packets of different services generated by the power grid according to different service requirements of the 5G power grid;
the protocol data packet is an industrial control protocol packet or a video flow protocol packet or a common communication protocol packet.
3. The isolation test method for 5G grid slices as set forth in claim 1, wherein,
the second step, the network blocking method is as follows:
simulating a network congestion scene by sending data packets with different proportions, monitoring flow and service performance characteristics, evaluating whether a service performance model is met, and if not, failing to isolate the service slice;
the data packet is generated by a pressure testing tool LOIC.
4. The isolation test method for 5G grid slices as set forth in claim 3, wherein,
the service network is a mobile bandwidth enhancing slice or a mass machine communication enhancing slice or an ultra-high reliability low-delay communication slice;
enhancing mobile bandwidth slicing to meet performance requirements of 5G network throughput, peak rate, and low latency;
the mass machine communication is used for meeting the huge connection quantity so as to support the performance requirements of mass Internet of things equipment;
the ultra-high reliability low-delay communication slice is used for meeting the service performance of high reliability and ultra-low delay of a network.
5. An isolation test system for 5G power grid slicing is characterized in that,
isolation test method for 5G grid slices as claimed in any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110896214.1A CN113676940B (en) | 2021-08-05 | 2021-08-05 | Isolation test method and isolation test system for 5G power grid slicing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110896214.1A CN113676940B (en) | 2021-08-05 | 2021-08-05 | Isolation test method and isolation test system for 5G power grid slicing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113676940A CN113676940A (en) | 2021-11-19 |
| CN113676940B true CN113676940B (en) | 2023-12-26 |
Family
ID=78541569
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110896214.1A Active CN113676940B (en) | 2021-08-05 | 2021-08-05 | Isolation test method and isolation test system for 5G power grid slicing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113676940B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114845305B (en) * | 2022-03-31 | 2024-02-02 | 国网江苏省电力有限公司电力科学研究院 | High-flow 5G slice isolation test method based on marks |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107071799A (en) * | 2017-02-16 | 2017-08-18 | 北京小米移动软件有限公司 | Network section collocation method and device, wireless access network RAN node and terminal |
| CN109787849A (en) * | 2017-11-10 | 2019-05-21 | 中国信息通信研究院 | A kind of OLT logical network test method |
| US10764175B1 (en) * | 2019-03-19 | 2020-09-01 | Cisco Technology, Inc. | Validating resource isolation between network slices in a mobile network |
| CN112003825A (en) * | 2020-07-24 | 2020-11-27 | 国家电网有限公司 | SDN-based virtual network isolation method and SDN controller |
| CN112881826A (en) * | 2021-01-12 | 2021-06-01 | 国网山东省电力公司经济技术研究院 | Method for testing performance of power-bearing service based on SPN technology |
| CN113055887A (en) * | 2021-05-18 | 2021-06-29 | 全球能源互联网研究院有限公司 | Network channel safety protection system for electric power 5G application |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR102504850B1 (en) * | 2016-05-12 | 2023-03-02 | 인터디지탈 패튼 홀딩스, 인크 | Connecting to virtualized mobile core networks |
| US11277777B2 (en) * | 2019-06-11 | 2022-03-15 | Spirent Communications, Inc. | Abnormal mobility pattern detection for misbehaving devices |
-
2021
- 2021-08-05 CN CN202110896214.1A patent/CN113676940B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107071799A (en) * | 2017-02-16 | 2017-08-18 | 北京小米移动软件有限公司 | Network section collocation method and device, wireless access network RAN node and terminal |
| CN109787849A (en) * | 2017-11-10 | 2019-05-21 | 中国信息通信研究院 | A kind of OLT logical network test method |
| US10764175B1 (en) * | 2019-03-19 | 2020-09-01 | Cisco Technology, Inc. | Validating resource isolation between network slices in a mobile network |
| CN112003825A (en) * | 2020-07-24 | 2020-11-27 | 国家电网有限公司 | SDN-based virtual network isolation method and SDN controller |
| CN112881826A (en) * | 2021-01-12 | 2021-06-01 | 国网山东省电力公司经济技术研究院 | Method for testing performance of power-bearing service based on SPN technology |
| CN113055887A (en) * | 2021-05-18 | 2021-06-29 | 全球能源互联网研究院有限公司 | Network channel safety protection system for electric power 5G application |
Non-Patent Citations (1)
| Title |
|---|
| 基于5G网络切片的电力物联技术研究与应用;李欢 等;《邮电设计技术 》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113676940A (en) | 2021-11-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Rawat et al. | Cyber security for smart grid systems: Status, challenges and perspectives | |
| Hussein et al. | SDN VANETs in 5G: An architecture for resilient security services | |
| CN111092869B (en) | Security management and control method for terminal access to office network and authentication server | |
| US10284373B2 (en) | Smart grid secure communications method and apparatus | |
| WO2015018303A1 (en) | Method and device for detecting distributed denial of service attack | |
| CN106330951B (en) | A kind of network protection methods, devices and systems | |
| CN113037745A (en) | Intelligent substation risk early warning system and method based on security situation awareness | |
| CN109951440A (en) | A kind of 5G network slice example dynamic switching method and function | |
| CN113676940B (en) | Isolation test method and isolation test system for 5G power grid slicing | |
| CN110266650A (en) | The recognition methods of Conpot industry control honey jar | |
| Elbez et al. | A cost-efficient software testbed for cyber-physical security in iec 61850-based substations | |
| Jain et al. | SCADA security: a review and enhancement for DNP3 based systems | |
| Darwish et al. | Vulnerability Assessment and Experimentation of Smart Grid DNP3. | |
| Wang et al. | A new model approach of electrical cyber physical systems considering cyber security | |
| Pourmirza et al. | Cybersecurity analysis for the communication protocol in smart grids | |
| CN109040086B (en) | Industrial control system DDOS attack simulation method and device | |
| Ni et al. | A novel design method of high throughput blockchain for 6g networks: Performance analysis and optimization model | |
| CN109150829B (en) | Software-defined cloud network trusted data distribution method, readable storage medium and terminal | |
| CN113316178A (en) | Power grid node security evaluation method and system based on 5G intelligent power grid system | |
| Sahu et al. | Modeling AMI network for real-time simulation in NS-3 | |
| CN110290124B (en) | Switch input port blocking method and device | |
| CN110971565A (en) | Source network load system vulnerability evaluation method and system based on malicious attack modeling | |
| Lekidis | Cyber-security measures for protecting EPES systems in the 5G area | |
| KR101253615B1 (en) | Security system on 3g wcdma networks | |
| Liang et al. | Analysis and protection of DDoS attack based on RSSP-II protocol |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |