CN102761122A - Defense method of false data injection attack of power state estimation system - Google Patents

Abstract

The invention discloses a defense method of false data injection attack of a power state estimation system, belonging to the field of intelligent power grid and information safety. The method comprises the following steps of: firstly establishing a power system state estimating model and a false data attack model; subsequently calculating a system configuration matrix so as to obtain the solution of the state quantity of the power system state estimating model; further establishing the safety set of the system; and updating the safety set when the power system is changed in structure. The method is based on a protection set and by arranging an expansion protection set, the false data injection attack can be defended even a network structure is changed, thereby ensuring the security of the power system.

Description

A kind of defence method of power state estimating system false data injection attacks

Technical field

The invention belongs to intelligent grid and information security field, relate in particular to a kind of defence method of power state estimating system false data injection attacks.

Background technology

Intelligent grid has been contained generating, transmission network and region distribution network, and power delivery is given the user the most at last.In order to ensure the normal operation of the reliability and the systemic-function of system, it is very necessary that the real-time system monitoring seems.The running status that Power system state estimation is come estimating system through the numerical value collecting measuring appliance and measure and analytical system model.In the interaction error Data Detection, have many methods and technology, but these methods can't effectively be resisted the attack that malicious data is injected.There has been at present novel false data injection attacks to the Power system state estimation system; Measured value through distorting measuring appliance is invaded; This attack pattern can be introduced mistake arbitrarily to Power system state estimation, thereby network system is caused tremendous influence.Therefore study the mechanism of this false data injection attacks, and propose effectively to detect to be very important with defence method.

In network system; Traditional error-detecting method all adopt the residue and mode; Measured value is intercepted and captured and revised to current false data injection attacks through invasion measuring appliance terminal or transmission network, thereby produce false data; And then can walk around the detection of system, implement the false data injection attacks of effectively hiding.Through the conditions such as minimum measured value that need in the analytical attack, can adopt one group of measured value of protection to take precautions against this attack, but also not have a kind of effective method to defend this attack at present.

The protection diversity method can be resisted the false data injection attacks; In intelligent grid, can protect and authentication through selecting less part measured value, thereby system is not invaded; This mode is simple and direct; But the protection diversity method can be caused its fail safe to reduce by the variation of topology of networks, and just when the configuration of system changed, protection diversity method protection system did not completely receive the false data injection attacks.

Summary of the invention

To the deficiency of method on enforcement and validity of mentioning opposing false data injection attacks in the above-mentioned background technology, the present invention proposes a kind of defence method of effective employing extended protection collection.

Technical scheme of the present invention is that a kind of defence method of power state estimating system false data injection attacks is characterized in that said method comprising the steps of:

Step 1: make up Power system state estimation model and false data attack model;

Step 2: try to achieve the system configuration matrix, and then obtain separating of quantity of state in the Power system state estimation model;

Step 3: on the basis of step 1 and step 2, the safety collection of constructing system;

Step 4: when NETWORK STRUCTURE PRESERVING POWER SYSTEM changes, upgrade the safety collection.

Said Power system state estimation model is:

z＝h(x)+ε

Wherein:

Z is a m dimension measured value vector;

H () is the non-linear estimations function of system;

X is the n dimension state value vector of system;

ε is that n maintains the system error vector.

Said false data attack model is:

||z _a-h(x _bad)‖≤τ

Wherein:

z _aBe the measured value vector after the attack injection mistake;

x _BadEstimate that according to the measured value of mistake the system mode value that obtains is vectorial;

τ is that whether correct system decision measure a threshold value.

The computing formula of separating of quantity of state is in the said Power system state estimation model:

$\hat{x}={\left(H^T{R}^{-1}H\right)}^{-1}{H}^T{R}^{-1}z$

Wherein:

separates for quantity of state in the Power system state estimation model;

R is the error diagonal matrix.

Said step 3 may further comprise the steps:

Step 3.1: utilize system configuration matrix computations safety to concentrate the higher limit and the lower limit of element number,

Step 3.2: the not measured value of visit in the system is divided into and does not travel through set of measurements; The measured value of having visited is divided into and travels through in the set of measurements; Transition matrix of separating and false data attack model according to quantity of state in the Power system state estimation model; Never travel through and select a measured value to conduct interviews in the set of measurements, this measured value is joined to travel through in the set of measurements go, find out quantity of state and change maximum element and calculate the measured value corresponding with this element;

Step 3.3:,, whether adopt to encrypt and judge whether safety of this measured value with the host-host protocol of safety from the historical failure number of times of the corresponding measurer of measured value according to the physical location and the network environment of system configuration; If dangerous, then execution in step 3.4, otherwise return step 3.2;

Step 3.4: judge current safety concentrates element number whether to surpass the higher limit that safety is concentrated element number, if surpass the higher limit that safety is concentrated element number, then execution in step 3.7, otherwise execution in step 3.5;

Step 3.5: said measured value is added in the safety collection;

Step 3.6: judge that whether the plain number of safe element of set concentrate the lower limit of element number greater than safety,, otherwise return step 3.2 if then execution in step 3.7;

Step 3.7: according to the attack model in the step 1, can judgement generate vector of attack under the safety collection, if end step then, otherwise increases the lower limit of the plain number of safe element of set, execution in step 3.6.

The computing formula of the lower limit of the plain number of said safe element of set is:

$k_{\mathrm{low}}=\min (\underset{c}{\min }{\left|\right|H^{\stackrel{\‾}{S}}c\left|\right|}_0,n)$

s.tH ^Sc＝0,

c _i＝1

Wherein:

k _LowLower limit for the plain number of safety element of set;

H ^SCan be modified the remaining matrix of state variable respective column for removing in the system configuration matrix H;

C is the false error vector of attacking the n dimension of introducing to state variable;

N is the number of state variable;

c _iBe i element among the c.

The computing formula of the higher limit of the plain number of said safe element of set is:

$k_{\mathrm{upper}}=\min (\underset{i:H_{k,i}\≠0}{\min }{\left|\right|H_{\·,i}\left|\right|}_0,k_{\mathrm{fact}})$

Wherein:

k _UpperHigher limit for the plain number of safety element of set;

H _{., i}I row for the system configuration matrix;

H _{K, i}Be the k row element in the i row of system configuration matrix;

k _FactGreatest measurement number for safe energy collecting protection in the actual conditions.

Said step 4 may further comprise the steps:

Step 4.1: the corresponding measured value of state variable of trunk roads in the search electric power system, and its adding extended protection is concentrated;

Step 4.2: select measured value data and historical data relatively change more than preset proportion and not at the concentrated corresponding measured value of safety;

Step 4.3: the measured value adding extended protection that step 4.2 obtains is concentrated;

Step 4.4: judge whether to travel through all measured values, if, the protection collection that then is expanded, the output result, otherwise return step 4.2;

Step 4.5: whether the structure of judging electric power system changes; If structure changes; And make step 3 obtain the concentrated corresponding element of safety variation has taken place; Then concentrate choice structure to change the unchanged measured value in back to join safety and concentrate from step 4.4 protection that is expanded, the measured value that changes after concentrating NETWORK STRUCTURE PRESERVING POWER SYSTEM to change safety removes.

The present invention is directed to the method that does not still have effectively to defend at present power state estimating system false data injection attacks; Proposition is the basis with the protection collection; And the defence method of the false data injection attacks through setting up the extended protection collection; When network configuration changes, also can defend the false data injection attacks, guarantee the safety of electric power system.

Description of drawings

Fig. 1 is a protection diversity method flow chart;

Fig. 2 is IEEE 4 bus system resolution charts;

Fig. 3 is the selection flow chart of basic security collection;

Fig. 4 is the selection flow chart of extended protection collection.

Embodiment

Below in conjunction with accompanying drawing, preferred embodiment is elaborated.Should be emphasized that following explanation only is exemplary, rather than in order to limit scope of the present invention and application thereof.

The present invention proposes a kind of defence method to power state estimating system false data injection attacks, adopts the extended protection diversity method, makes system when structure changes, still can effectively defend the false data injection attacks.

Below in conjunction with accompanying drawing, be example with the IEEE4 node system of revising, extended protection diversity method of the present invention is implemented to elaborate.Should be emphasized that following explanation only is exemplary, rather than in order to limit scope of the present invention and application thereof.

Fig. 1 is the defence method flow chart of a kind of false data injection attacks provided by the invention.Method provided by the invention comprises the steps in Fig. 1;

Step 1: structure from electric power system and the relation between the electrical properties obtain Power system state estimation model and false data attack model;

A. the relation between the electrical properties from electric power system obtains the Power system state estimation model and is:

z＝h(x)+ε

Wherein:

Z is a m dimension measured value vector;

H () is the non-linear estimations function of system;

X is the n dimension state value vector of system;

ε is that n maintains the system error vector; Obey N (0; R) normal distribution, R is

diagonal matrix variance.

B. the Power system state estimation model that obtains according to a last step, to measured value adopt weighted least-squares (weighted least square, WLS) method comes the estimated state amount to be expressed as:

Wherein:

J () is the state estimation feature function, is used to find the solution the quantity of state x that makes its functional value system hour;

R (x) is the residue and the vector of model, and its value is z-h (x);

R is

diagonal matrix.

C. in power system state estimation method, generally adopt residue and method carry out Data Detection. the recent findings false data is attacked the detection that can get around this method, and its false data attack model is:

||z _a-h(x _bad)‖≤τ

Wherein:

z _aBe the measured value vector after the attack injection mistake;

x _BadBe the system mode value vector of estimating according to the measured value of mistake to obtain;

τ is that whether correct system decision measure a threshold value.

Fig. 2 is an IEEE4 bus system resolution chart, and whole system comprises 4 buses, comprising measured value z ₁, z ₂, z ₃, z ₄With bus phase angle state variable δ ₁, δ ₂, δ ₃, δ ₄, the magnitude of voltage V of bus ₁, V ₂, V ₃, V ₄Then have bus i (i=1,2,3,4) can be expressed as to the electric current of bus j (j=1,2,3,4):

$P_{\mathrm{ij}}=\frac{V_i{V}_j}{X_{\mathrm{ij}}}\sin ({\mathrm{\δ}}_i-{\mathrm{\δ}}_j)$

Wherein:

P _IjBe the electric current of bus i to bus j;

X _IjBe the impedance of bus i to bus j;

And the supposition system do not have energy loss, makes the simplification that becomes of the model of system.

Step 2: foundation is in NETWORK STRUCTURE PRESERVING POWER SYSTEM, and quantity of state separates in the system configuration matrix of acquisition Power system state estimation and the state estimation;

Step 2.1: confirm NETWORK STRUCTURE PRESERVING POWER SYSTEM, obtain its system configuration matrix;

For 4 bus testing systems is example, obtains z ₁, z ₂Configuration parameter calculate through following formula:

$\left(\begin{array}{c}{z}_1\\ z_2\end{array}\right)=\left(\begin{array}{c}\frac{V_1{V}_2}{X_{12}}\sin ({\mathrm{\δ}}_1-{\mathrm{\δ}}_2)+\frac{V_1{V}_3}{X_{13}}\sin ({\mathrm{\δ}}_1-{\mathrm{\δ}}_3)\\ \frac{V_1{V}_2}{X_{12}}\sin ({\mathrm{\δ}}_1-{\mathrm{\δ}}_2)\end{array}\right)+\left(\begin{array}{c}{\mathrm{\ϵ}}_1\\ {\mathrm{\ϵ}}_2\end{array}\right)$

Wherein:

z ₁, z ₂Measured value for bus current;

V ₁, V ₂, V ₃Be respectively the magnitude of voltage of each bus;

δ ₁, δ ₂, δ ₃Be respectively the angle values of each bus;

X ₁₂, X ₁₃Be respectively the resistance value of each bus;

ε ₁, ε ₂Be respectively systematic error.

Can convert it into the form of z=Hx+ ε, thereby each parameter substitution of test macro entered to obtain configuring matrix H=(z-ε) x of system again ^-1

The system parameters variable that mainly comprises is:

A. the population of measured values m of system and state variable number n;

B. the m of representative system topological structure * n matrix H;

C. the R of diagonal matrix m * m, wherein

D. system is used for the threshold tau of decision error.

Step 2.2: adopt Newton iteration method, obtain separating of quantity of state in its electric power system WLS method of estimation:

$\hat{x}={\left(H^T{R}^{-1}H\right)}^{-1}{H}^T{R}^{-1}z$

Wherein:

separates for quantity of state in the Power system state estimation model;

H is system configuration m * n matrix;

R is error diagonal angle m * m battle array.

Step 3: the safety collection of constructing system

According to the structure of electric power system with power system state estimation method, the safety collection that selection can protection system opposing false data be attacked;

Fig. 3 has showed the detail operations of step 3.Step 3 specifically may further comprise the steps:

Step 3.1: calculating makes system can resist the higher limit and the lower limit of the plain number of safe element of set of false data injection attacks, and computing formula is following:

The plain number lower limit of safe element of set computing formula is:

$k_{\mathrm{low}}=\min (\underset{c}{\min }{\left|\right|H^{\stackrel{\‾}{S}}c\left|\right|}_0,n)$

s.tH ^Sc＝0,

c _i＝1

Wherein:

k _LowLower limit for the plain number of safety element of set;

H ^SCan be modified the remaining matrix of state variable respective column for removing in the system configuration matrix H;

C is the false error vector of attacking the n dimension of introducing to state variable;

N is the number of state variable;

c _iBe i element among the c.

The plain number upper limit of safe element of set computing formula is:

$k_{\mathrm{upper}}=\min (\underset{i:H_{k,i}\≠0}{\min }{\left|\right|H_{\·,i}\left|\right|}_0,k_{\mathrm{fact}})$

Wherein:

k _UpperHigher limit for the plain number of safety element of set;

H _{., i}I row for the system configuration matrix;

H _{K, i}Be the k row element in the i row of system configuration matrix;

k _FactGreatest measurement number for safe energy collecting protection in the actual conditions.

Step 3.2: the not measured value of visit in the system is divided into and does not travel through set of measurements; The measured value of having visited is divided into and travels through in the set of measurements; Transition matrix of separating and false data attack model according to quantity of state in the Power system state estimation model; Never travel through and select a measured value to conduct interviews in the set of measurements, this measured value is joined to travel through in the set of measurements go, find out quantity of state and change maximum element and calculate the measured value corresponding with this element;

Measured value is exactly that corresponding power must be asked all elements in the measured value vector of state estimation model in 1; Be a=Hc according to separating of vector of attack in step 1 attack model, wherein, a; H, c are respectively the error status value vector of erroneous measurements vector, system configuration matrix and the injection of injection.Never travel through and select a measured value to conduct interviews in the set of measurements, this measured value is made amendment, for example get 10% of correct measurement value here, obtain vector of attack a, other measured value then gets 0.The transition matrix of separating by the state estimation that obtains in the step 2.2 obtains vectorial c=(H ^TR ^-1H) ^-1H ^TR ^-1A, more vectorial c with do not inject the vectorial c that a obtains before, from the error condition amount, find out then and change maximum element, i.e. maxc _iFollowing corresponding i quantity of state.Find out the measured value that direct correlation arranged corresponding with this state variable.

Step 3.3:,, whether adopt to encrypt and judge whether safety of this measured value with the host-host protocol of safety from the historical failure number of times of the corresponding measurer of measured value according to the physical location and the network environment of system configuration;

For larger system; The measuring appliance that has is deployed in unsafe environment; Be easy to perhaps be in unsafe network environment by the physics invasion; If the historical failure number of times of measuring appliance is higher than average level, perhaps do not adopt the host-host protocol (for example SSL) of encrypting (for example AES) and safety, then execution in step

3.4, otherwise execution in step 3.2;

Step 3.4: judge current safety collection I _mElement number whether surpass higher limit k _Upper, wherein, safety collection I _mFor the measured value protection set of safety, if surpass the higher limit k that safety is concentrated element number _Upper, then execution in step 3.7, otherwise execution in step 3.5;

Step 3.5: the measured value of gained is added safety collection I _m

Step 3.6: judge safety collection I _mWhether element number is greater than lower limit k _LowIf, end step then, otherwise execution in step 3.2.

Step 3.7: according to the attack model in the step 1, can judgement generate vector of attack under the basic security collection, if can not, end step then, otherwise increase the lower limit of the plain number of safe element of set, recruitment implements to get 1 measured value, execution in step 3.6 here.

The pairing measuring instrument of the measured value of the basic security collection that above-mentioned steps is obtained is implemented protection, thus the resistivity that the assurance system attacks false data.Because the generation of imaginary number data vector of attack mainly is through the Ba=0 that solves an equation, B=H (H ^TH) ^-1H ^T-I, wherein, H is the system configuration matrix, and I is the unit square, and a is a vector of attack, and corresponding is the modification to measured value.Remove in the vector of attack at the measured value of safety concentrated protection, obtain equation B'a'=0, wherein, B' removes safety to concentrate the resulting matrix of measured value respective column, and a' removes at the resulting vector of attack of the measured value of safety concentrated protection.If this equation is not separated, then can't generate vector of attack.

Step 4: in NETWORK STRUCTURE PRESERVING POWER SYSTEM changed, search special variable and generation extended protection collection replenished the basic security collection, guarantee the safety of system.

Fig. 4 representes the selection detail flowchart of extended protection collection, and said step 4 specifically may further comprise the steps:

Step 4.1: the corresponding measured value of state variable of trunk roads in the search electric power system, and with in its adding extended protection collection

;

Step 4.2: select measured value data and historical data relatively change more than 10% and not at basic security collection I _mMiddle corresponding measured value;

The system configuration matrix is carried out the operation of matrix triangle decomposition,

$H=P\left[\begin{array}{c}{I}_n\\ Y\end{array}\right]U$

Wherein:

H is the configuring matrix of system;

P is the line translation matrix of full rank;

I _nBe the unit matrix of n * n, n is the number of system state variables;

Y is the following remaining m-n row matrix of triangle battle array after the triangle decomposition, and m is a systematic survey value number;

U is the upper triangular matrix after the triangle decomposition.

Select the corresponding measured value of Y matrix, therefrom selecting not, the measured value in the basic security collection carries out next step operation.

Step 4.3: the measured value that step 4.2 is obtained adds in the extended protection collection

;

Step 4.4: judge whether to travel through all measured values, if, the protection collection that then is expanded, the output result, otherwise return step 4.2;

Step 4.5: whether the structure of judging electric power system changes; If step 3 obtains the corresponding structural change of element that basic security is concentrated; Then concentrate to select unchanged measured value to join basic security to concentrate, original measured value is removed from step 4.4 protection that is expanded.

The present invention is directed to the method that does not still have effectively to defend at present power state estimating system false data injection attacks, propose to be the basis, and, when network configuration changes, also can defend this attack through using the extended protection collection with the protection collection.

The above; Be merely the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, any technical staff who is familiar with the present technique field is in the technical scope that the present invention discloses; The variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.

Claims (8)

1. the defence method of a power state estimating system false data injection attacks is characterized in that said method comprising the steps of:

Step 1: make up Power system state estimation model and false data attack model;

Step 2: try to achieve the system configuration matrix, and then obtain separating of quantity of state in the Power system state estimation model;

Step 3: on the basis of step 1 and step 2, the safety collection of constructing system;

Step 4: when NETWORK STRUCTURE PRESERVING POWER SYSTEM changes, upgrade the safety collection.

2. the defence method of a kind of power state estimating system false data injection attacks according to claim 1 is characterized in that said Power system state estimation model is:

z＝h(x)+ε

Wherein:

Z is a m dimension measured value vector;

H () is the non-linear estimations function of system;

X is the n dimension state value vector of system;

ε is that n maintains the system error vector.

3. the defence method of a kind of power state estimating system false data injection attacks according to claim 2 is characterized in that said false data attack model is:

||z _a-h(x _bad)‖≤τ

Wherein:

z _aBe the measured value vector after the attack injection mistake;

x _BadBe the system mode value vector of estimating according to the measured value of mistake to obtain;

τ is that whether correct system decision measure a threshold value.

4. the defence method of a kind of power state estimating system false data injection attacks according to claim 1 is characterized in that the computing formula of separating of quantity of state in the said Power system state estimation model is:

$\hat{x}={\left(H^T{R}^{-1}H\right)}^{-1}{H}^T{R}^{-1}z$

Wherein:

separates for quantity of state in the Power system state estimation model;

R is the error diagonal matrix.

5. the defence method of a kind of power state estimating system false data injection attacks according to claim 1 is characterized in that said step 3 may further comprise the steps:

Step 3.1: utilize system configuration matrix computations safety to concentrate the higher limit and the lower limit of element number,

Step 3.2: the not measured value of visit in the system is divided into and does not travel through set of measurements; The measured value of having visited is divided into and travels through in the set of measurements; Transition matrix of separating and false data attack model according to quantity of state in the Power system state estimation model; Never travel through and select a measured value to conduct interviews in the set of measurements, this measured value is joined to travel through in the set of measurements go, find out quantity of state and change maximum element and calculate the measured value corresponding with this element;

Step 3.3:,, whether adopt to encrypt and judge whether safety of this measured value with the host-host protocol of safety from the historical failure number of times of the corresponding measurer of measured value according to the physical location and the network environment of system configuration; If dangerous, then execution in step 3.4, otherwise return step 3.2;

Step 3.4: judge current safety concentrates element number whether to surpass the higher limit that safety is concentrated element number, if surpass the higher limit that safety is concentrated element number, then execution in step 3.7, otherwise execution in step 3.5;

Step 3.5: said measured value is added in the safety collection;

Step 3.6: judge that whether the plain number of safe element of set concentrate the lower limit of element number greater than safety,, otherwise return step 3.2 if then execution in step 3.7;

Step 3.7: according to the attack model in the step 1, can judgement generate vector of attack under the safety collection, if end step then, otherwise increases the lower limit of the plain number of safe element of set, execution in step 3.6.

6. the defence method of a kind of power state estimating system false data injection attacks according to claim 5 is characterized in that the computing formula of the lower limit of the plain number of said safe element of set is:

$k_{\mathrm{low}}=\min (\underset{c}{\min }{\left|\right|H^{\stackrel{\‾}{S}}c\left|\right|}_0,n)$

s.tH ^Sc＝0,

c _i＝1

Wherein:

k _LowLower limit for the plain number of safety element of set;

H ^SCan be modified the remaining matrix of state variable respective column for removing in the system configuration matrix H;

C is the false error vector of attacking the n dimension of introducing to state variable;

N is the number of state variable;

c _iBe i element among the c.

7. the defence method of a kind of power state estimating system false data injection attacks according to claim 5 is characterized in that the computing formula of the higher limit of the plain number of said safe element of set is:

$k_{\mathrm{upper}}=\min (\underset{i:H_{k,i}\≠0}{\min }{\left|\right|H_{\·,i}\left|\right|}_0,k_{\mathrm{fact}})$

Wherein:

k _UpperHigher limit for the plain number of safety element of set;

H _{., i}I row for the system configuration matrix;

H _{K, i}Be the k row element in the i row of system configuration matrix;

k _FactGreatest measurement number for safe energy collecting protection in the actual conditions.

8. the defence method of a kind of power state estimating system false data injection attacks according to claim 1 is characterized in that said step 4 may further comprise the steps:

Step 4.1: the corresponding measured value of state variable of trunk roads in the search electric power system, and its adding extended protection is concentrated;

Step 4.2: select measured value data and historical data relatively change more than preset proportion and not at the concentrated corresponding measured value of safety;

Step 4.3: the measured value adding extended protection that step 4.2 obtains is concentrated;

Step 4.4: judge whether to travel through all measured values, if, the protection collection that then is expanded, the output result, otherwise return step 4.2;

Step 4.5: whether the structure of judging electric power system changes; If structure changes; And make step 3 obtain the concentrated corresponding element of safety variation has taken place; Then concentrate choice structure to change the unchanged measured value in back to join safety and concentrate from step 4.4 protection that is expanded, the measured value that changes after concentrating NETWORK STRUCTURE PRESERVING POWER SYSTEM to change safety removes.

Images