CN102761122B - Defense method of false data injection attack of power state estimation system - Google Patents

Abstract

The invention discloses a defense method of false data injection attack of a power state estimation system, belonging to the field of intelligent power grid and information safety. The method comprises the following steps of: firstly establishing a power system state estimating model and a false data attack model; subsequently calculating a system configuration matrix so as to obtain the solution of the state quantity of the power system state estimating model; further establishing the safety set of the system; and updating the safety set when the power system is changed in structure. The method is based on a protection set and by arranging an expansion protection set, the false data injection attack can be defended even a network structure is changed, thereby ensuring the security of the power system.

Description

A kind of defence method of power state estimating system false data injection attacks

Technical field

The invention belongs to intelligent grid and information security field, relate in particular to a kind of defence method of power state estimating system false data injection attacks.

Background technology

Intelligent grid has been contained generating, transmission network and region distribution network, and the most at last power delivery to user.In order to ensure the normal operation of reliability and the systemic-function of system, real-time system monitoring seems very necessary.The numerical value that Power system state estimation is measured by collection measuring appliance and analytical system model carry out the running status of estimating system.In interaction error Data Detection, have many methods and technology, but these methods cannot effectively be resisted the attack that malicious data is injected.There is at present the novel false data injection attacks for Power system state estimation system, invade by the measured value of distorting measuring appliance, this attack pattern can be introduced mistake arbitrarily to Power system state estimation, thereby network system is caused to tremendous influence.Therefore study the mechanism of this false data injection attacks, and propose effectively to detect with defence method and be very important.

In network system, traditional error-detecting method all adopt residue and mode, current false data injection attacks, intercept and capture and revise measured value by invasion measuring appliance terminal or transmission network, thereby generation false data, and then can walk around the detection of system, implement effectively hiding false data injection attacks.By conditions such as the minimum measured values that needs in analytical attack, can adopt one group of measured value of protection to take precautions against this attack, but also not have at present a kind of effective method to defend this attack.

Protection diversity method can be resisted false data injection attacks; in intelligent grid; can be protected and be authenticated compared with small part measured value by selection; thereby system is not invaded; this mode is simple and direct; but protection diversity method can be caused by the variation of topology of networks its fail safe to reduce, namely, in the time that the configuration of system changes, protection diversity method completely protection system is not subject to false data injection attacks.

Summary of the invention

For the method for mentioning opposing false data injection attacks in above-mentioned background technology implement and validity on deficiency, the present invention proposes a kind of defence method of effective employing extended protection collection.

Technical scheme of the present invention is that a kind of defence method of power state estimating system false data injection attacks, is characterized in that said method comprising the steps of:

Step 1: build Power system state estimation model and false data challenge model;

Step 2: try to achieve system configuration matrix, and then obtain the solution of quantity of state in Power system state estimation model;

Step 3: on the basis of step 1 and step 2, the safe collection of constructing system;

Step 4: in the time that NETWORK STRUCTURE PRESERVING POWER SYSTEM changes, upgrade safe collection.

Described Power system state estimation model is:

z＝h(x)+ε

Wherein:

Z is m dimension measured value vector;

H () is the non-linear estimations function of system;

X is the n dimension state value vector of system;

ε is that n maintains system error vector.

Described false data challenge model is:

||z _a-h(x _bad)||≤τ

Wherein:

Z _afor attacking the measured value vector injecting after mistake;

X _badfor the system mode value vector of estimating to obtain according to wrong measured value;

τ is that system determines the threshold value whether measurement is correct.

In described Power system state estimation model, the computing formula of the solution of quantity of state is:

$\hat{x}={\left(H^T{R}^{-1}H\right)}^{-1}{H}^T{R}^{-1}z$

Wherein:

for the solution of quantity of state in Power system state estimation model;

R is error diagonal matrix.

Described step 3 comprises the following steps:

Step 3.1: utilize higher limit and the lower limit of element number in system configuration matrix computations safe collection,

Step 3.2: the not measured value of access in system is divided into and does not travel through set of measurements, the measured value of having accessed is divided into and travels through in set of measurements, according to transition matrix and the false data challenge model of the solution of quantity of state in Power system state estimation model, never traveling through in set of measurements selects a measured value to conduct interviews, this measured value is joined and travels through in set of measurements and go, find out quantity of state and change maximum element and calculate the measured value corresponding with this element;

Step 3.3: according to the physical location of system configuration and network environment, from the historical failure number of times of measurer corresponding to measured value, whether adopt and encrypt and safe host-host protocol judges whether safety of this measured value; If dangerous, perform step 3.4, otherwise return to step 3.2;

Step 3.4: judge current safety concentrates element number whether to exceed the higher limit of element number in safe collection, if exceed the higher limit of element number in safe collection, performs step 3.7, otherwise execution step 3.5;

Step 3.5: described measured value is added in safe collection;

Step 3.6: judge whether safe collection element number is greater than the lower limit of element number in safe collection, if so, performs step 3.7, otherwise return to step 3.2;

Step 3.7: according to the challenge model in step 1, can judgement generate vector of attack under safe collection, if end step, otherwise increase the lower limit of safe collection element number, execution step 3.6.

The computing formula of the lower limit of described safe collection element number is:

$k_{\mathrm{low}}=\min (\underset{c}{\min }{\left|\right|H^{\stackrel{\‾}{S}}c\left|\right|}_0,n)$

s.t?H ^Sc＝0,

c _i＝1

Wherein:

K _lowfor the lower limit of safe collection element number;

H ^scan be modified the remaining matrix of state variable respective column for removing in system configuration matrix H;

C is the false error vector of attacking the n dimension of introducing to state variable;

N is the number of state variable;

C _ifor i element in c.

The computing formula of the higher limit of described safe collection element number is:

$k_{\mathrm{upper}}=\min (\underset{i:H_{k,i}\≠0}{\min }{\left|\right|H_{\·,i}\left|\right|}_0,k_{\mathrm{fact}})$

Wherein:

K _upperfor the higher limit of safe collection element number;

H _{, i}for the i row of system configuration matrix;

H _k,ifor the k row element in the i row of system configuration matrix;

K _factfor the greatest measurement number of safe energy collecting protection in actual conditions.

Described step 4 comprises the following steps:

Step 4.1: the measured value corresponding to state variable of trunk roads in search electric power system, and added extended protection to concentrate;

Step 4.2: State selective measurements Value Data and historical data relatively change more than preset proportion and corresponding measured value in safe collection not;

Step 4.3: the measured value that step 4.2 is obtained adds extended protection to concentrate;

Step 4.4: judge whether to travel through all measured values, the protection collection that is if so, expanded, Output rusults, otherwise return to step 4.2;

Step 4.5: whether the structure that judges electric power system changes; if structure changes; and there is variation in the corresponding element that step 3 is obtained in safe collection; from step 4.4 be expanded protection concentrate choice structure to change unchanged measured value join in safe collection, the measured value changing after NETWORK STRUCTURE PRESERVING POWER SYSTEM change in safe collection is removed.

The present invention is directed to the method that still there is no effectively to defend at present power state estimating system false data injection attacks; propose taking protection collection as basis; and by setting up the defence method of false data injection attacks of extended protection collection; in the time that network configuration changes, also can defend false data injection attacks, ensure the safety of electric power system.

Brief description of the drawings

Fig. 1 is protection diversity method flow chart;

Fig. 2 is IEEE4 bus system resolution chart;

Fig. 3 is the selection flow chart of basic security collection;

Fig. 4 is the selection flow chart of extended protection collection.

Embodiment

Below in conjunction with accompanying drawing, preferred embodiment is elaborated.Should be emphasized that, following explanation is only exemplary, instead of in order to limit the scope of the invention and to apply.

The present invention proposes a kind of defence method for power state estimating system false data injection attacks, adopts extended protection diversity method, makes system when structure changes, still can effectively defend false data injection attacks.

Below in conjunction with accompanying drawing, taking the IEEE4 node system revised as example, extended protection diversity method of the present invention is implemented to elaborate.Should be emphasized that, following explanation is only exemplary, instead of in order to limit the scope of the invention and to apply.

Fig. 1 is the defence method flow chart of a kind of false data injection attacks provided by the invention.In Fig. 1, method provided by the invention comprises the steps;

Step 1: the relation between structure and electrical properties from electric power system, obtains Power system state estimation model and false data challenge model;

A. the relation between electrical properties from electric power system, obtains Power system state estimation model and is:

z＝h(x)+ε

Wherein:

Z is m dimension measured value vector;

H () is the non-linear estimations function of system;

X is the n dimension state value vector of system;

ε is that n maintains system error vector, obeys N (0, R) normal distribution, and R is diagonal matrix variance.

B. the Power system state estimation model obtaining according to previous step, adopts weighted least-squares (weighted least square, WLS) method to carry out estimated state amount and can be expressed as to measured value:

Wherein:

J () is state estimation feature function, for solving the quantity of state x that makes its functional value system hour;

R (x) is residue and the vector of model, and its value is z-h (x);

R is diagonal matrix.

C. in power system state estimation method, generally adopt residue and method carry out Data Detection. recent findings false data is attacked the detection that can get around this method, and its false data challenge model is:

||z _a-h(x _bad)||≤τ

Wherein:

Z _afor attacking the measured value vector injecting after mistake;

X _badfor the system mode value vector of estimating to obtain according to wrong measured value;

τ is that system determines the threshold value whether measurement is correct.

Fig. 2 is IEEE4 bus system resolution chart, and whole system comprises 4 buses, comprising measured value z ₁, z ₂, z ₃, z ₄with bus phase angle state variable δ ₁, δ ₂, δ ₃, δ ₄, the magnitude of voltage V of bus ₁, V ₂, V ₃, V ₄.Have bus i (i=1,2,3,4) can be expressed as to the electric current of bus j (j=1,2,3,4):

$P_{\mathrm{ij}}=\frac{V_i{V}_j}{X_{\mathrm{ij}}}\sin ({\mathrm{\δ}}_i-{\mathrm{\δ}}_j)$

Wherein:

P _ijfor bus i is to the electric current of bus j;

X _ijfor bus i is to the impedance of bus j;

And suppose that system does not have energy loss, make the model of system become simplification.

Step 2: according in NETWORK STRUCTURE PRESERVING POWER SYSTEM, obtain the solution of quantity of state in the system configuration matrix of Power system state estimation and state estimation;

Step 2.1: determine NETWORK STRUCTURE PRESERVING POWER SYSTEM, obtain its system configuration matrix;

Be example for 4 bus testing systems, obtain z ₁, z ₂configuration parameter calculate by following formula:

$\left(\begin{array}{c}{z}_1\\ z_2\end{array}\right)=\left(\begin{array}{c}\frac{V_1{V}_2}{X_1}\sin ({\mathrm{\δ}}_1-{\mathrm{\δ}}_2)+\frac{V_1{V}_3}{X_{13}}\sin ({\mathrm{\δ}}_1-{\mathrm{\δ}}_3)\\ \frac{V_1{V}_2}{X_{12}}\sin ({\mathrm{\δ}}_1-{\mathrm{\δ}}_2)\end{array}\right)+\left(\begin{array}{c}{\mathrm{\ϵ}}_1\\ {\mathrm{\ϵ}}_2\end{array}\right)$

Wherein:

Z ₁, z ₂for the measured value of bus current;

V ₁, V ₂, V ₃be respectively the magnitude of voltage of each bus;

δ ₁, δ ₂, δ ₃be respectively the angle values of each bus;

X ₁₂, X ₁₃be respectively the resistance value of each bus;

ε ₁, ε ₂be respectively systematic error.

Can convert it into the form of z=Hx+ ε, thereby then the parameters substitution of test macro be entered to obtain configuring matrix H=(z-ε) x of system ^-1.

The system parameters variable mainly comprising is:

A. the population of measured values m of system and state variable number n;

B. m × n matrix H of representative system topological structure;

C. the R of diagonal matrix m × m, wherein R _i,i=σ _i ²;

D. system is for the threshold tau of decision error.

Step 2.2: adopt Newton iteration method, obtain the solution of quantity of state in its electric power system WLS method of estimation:

$\hat{x}={\left(H^T{R}^{-1}H\right)}^{-1}{H}^T{R}^{-1}z$

Wherein:

for the solution of quantity of state in Power system state estimation model;

H is system configuration m × n matrix;

R is error diagonal angle m × m battle array.

Step 3: the safe collection of constructing system

According to the structure of electric power system, with power system state estimation method, selection can protection system be resisted the safe collection that false data is attacked;

Fig. 3 has shown the detailed operation of step 3.Step 3 specifically comprises the following steps:

Step 3.1: calculate and make system can resist higher limit and the lower limit of the safe collection element number of false data injection attacks, computing formula is as follows:

Safe collection element number lower limit computing formula is:

$k_{\mathrm{low}}=\min (\underset{c}{\min }{\left|\right|H^{\stackrel{\‾}{S}}c\left|\right|}_0,n)$

s.t?H ^Sc＝0,

c _i＝1

Wherein:

K _lowfor the lower limit of safe collection element number;

H ^sfor removing and can be modified state variable respective column in system configuration matrix H

Remaining matrix;

C is the false error vector of attacking the n dimension of introducing to state variable;

N is the number of state variable;

C _ifor i element in c.

Safe collection element number upper limit computing formula is:

$k_{\mathrm{upper}}=\min (\underset{i:H_{k,i}\≠0}{\min }{\left|\right|H_{\·,i}\left|\right|}_0,k_{\mathrm{fact}})$

Wherein:

K _upperfor the higher limit of safe collection element number;

H _{, i}for the i row of system configuration matrix;

H _k,ifor the k row element in the i row of system configuration matrix;

K _factfor the greatest measurement number of safe energy collecting protection in actual conditions.

Step 3.2: the not measured value of access in system is divided into and does not travel through set of measurements, the measured value of having accessed is divided into and travels through in set of measurements, according to transition matrix and the false data challenge model of the solution of quantity of state in Power system state estimation model, never traveling through in set of measurements selects a measured value to conduct interviews, this measured value is joined and travels through in set of measurements and go, find out quantity of state and change maximum element and calculate the measured value corresponding with this element;

Measured value is exactly all elements in the measured value vector of state estimation model, be a=Hc according to the solution of vector of attack in step 1 challenge model, wherein, a, H, c is respectively the error status value vector of erroneous measurements vector, system configuration matrix and the injection of injection.Never travel through in set of measurements and select a measured value to conduct interviews, this measured value is modified, for example, get 10% of correct measurement value herein, obtain vector of attack a, other measured value gets 0.Transition matrix by the solution of the state estimation obtaining in step 2.2 obtains vectorial c=(H ^tr ^-1h) ^-1h ^tr ^-1a, more vectorial c with do not inject the vectorial c that a obtains before, then from error condition amount, find out and change maximum element, i.e. maxc _ithe i quantity of state of lower correspondence.Find out the measured value that there be direct correlation corresponding with this state variable.

Step 3.3: according to the physical location of system configuration and network environment, from the historical failure number of times of measurer corresponding to measured value, whether adopt and encrypt and safe host-host protocol judges whether safety of this measured value;

For larger system, some measuring appliances are deployed in unsafe environment, be easy to be invaded by physics or in unsafe network environment, if the historical failure number of times of measuring appliance is higher than average level, or do not adopt encryption (for example AES) and safe host-host protocol (for example SSL), perform step 3.4, otherwise execution step 3.2;

Step 3.4: judge current safety collection I _melement number whether exceed higher limit k _upper, wherein, safe collection I _mfor the measured value protection set of safety, if exceed the higher limit k of element number in safe collection _upper, perform step 3.7, otherwise execution step 3.5;

Step 3.5: the measured value of gained is added to safe collection I _m;

Step 3.6: judge safe collection I _mwhether element number is greater than lower limit k _lowif, end step, otherwise execution step 3.2.

Step 3.7: according to the challenge model in step 1, can judgement generate vector of attack under basic security collection, if can not, end step, otherwise the lower limit of increase safe collection element number, recruitment implements to get 1 measured value herein, execution step 3.6.

The corresponding measuring instrument of measured value of the basic security collection that above-mentioned steps is obtained is implemented protection, thus the resistivity that guarantee system is attacked false data.Because the generation of imaginary number Data attack vector is mainly by the Ba=0 that solves an equation, B=H (H ^th) ^-1h ^t-I, wherein, H is system configuration matrix, and I is unit square, and a is vector of attack, and corresponding is the amendment to measured value.Remove the measured value at safe concentrated protection in vector of attack, obtain equation B'a'=0, wherein, B' removes the matrix that in safe collection, measured value respective column obtains, and a' removes the vector of attack obtaining at the measured value of safe concentrated protection.If this equation is not separated, cannot generate vector of attack.

Step 4: in NETWORK STRUCTURE PRESERVING POWER SYSTEM changes, search special variable and generation extended protection collection, supplement basic security collection, ensures the safety of system.

Fig. 4 represents the selection detail flowchart of extended protection collection, and described step 4 specifically comprises the following steps:

Step 4.1: the measured value corresponding to state variable of trunk roads in search electric power system, and added extended protection collection in;

Step 4.2: State selective measurements Value Data and historical data relatively change more than 10% and not at basic security collection I _mthe measured value of middle correspondence;

System configuration matrix is carried out to the operation of matrix triangle decomposition,

$H=P\left[\begin{array}{c}{I}_n\\ Y\end{array}\right]U$

Wherein:

H is the configuring matrix of system;

P is the line translation matrix of full rank;

I _nfor the unit matrix of n × n, the number that n is system state variables;

Y is the lower remaining m-n row matrix of triangle battle array after triangle decomposition, and m is for being

System population of measured values;

U is the upper triangular matrix after triangle decomposition.

Select measured value corresponding to Y matrix, therefrom select the not measured value in basic security collection to carry out next step operation.

Step 4.3: the measured value that step 4.2 is obtained adds extended protection collection in;

Step 4.4: judge whether to travel through all measured values, the protection collection that is if so, expanded, Output rusults, otherwise return to step 4.2;

Step 4.5: whether the structure that judges electric power system changes; if step 3 obtains structural change corresponding to the concentrated element of basic security; from step 4.4 be expanded protection concentrate select unchanged measured value join basic security concentrate, original measured value is removed.

The present invention is directed to the method that still there is no effectively to defend at present power state estimating system false data injection attacks, propose taking protection collection as basis, and by using extended protection collection, in the time that network configuration changes, also can defend this attack.

The above; only for preferably embodiment of the present invention, but protection scope of the present invention is not limited to this, is anyly familiar with in technical scope that those skilled in the art disclose in the present invention; the variation that can expect easily or replacement, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.

Claims (7)

1. a defence method for power state estimating system false data injection attacks, is characterized in that said method comprising the steps of:

Step 1: build Power system state estimation model and false data challenge model;

Step 2: try to achieve system configuration matrix, and then obtain the solution of quantity of state in Power system state estimation model;

Step 3: on the basis of step 1 and step 2, the safe collection of constructing system, concrete steps are:

Step 3.1: higher limit and the lower limit of utilizing element number in system configuration matrix computations safe collection;

Step 3.2: the not measured value of access in system is divided into and does not travel through set of measurements, the measured value of having accessed is divided into and travels through in set of measurements, according to transition matrix and the false data challenge model of the solution of quantity of state in Power system state estimation model, never traveling through in set of measurements selects a measured value to conduct interviews, this measured value is joined and travels through in set of measurements and go, find out quantity of state and change maximum element and calculate the measured value corresponding with this element;

Step 3.3: according to the physical location of system configuration and network environment, if the historical failure number of times of measuring appliance higher than average level, or do not adopt encrypt and safe host-host protocol, perform step 3.4, otherwise perform step 3.2;

Step 3.4: judge current safety concentrates element number whether to exceed the higher limit of element number in safe collection, if exceed the higher limit of element number in safe collection, performs step 3.7, otherwise execution step 3.5;

Step 3.5: described measured value is added in safe collection;

Step 3.6: judge whether safe collection element number is greater than the lower limit of element number in safe collection, if so, performs step 3.7, otherwise return to step 3.2;

Step 3.7: according to the challenge model in step 1, can judgement generate vector of attack under safe collection, if end step 3.7, otherwise increase the lower limit of safe collection element number, execution step 3.6;

Step 4: in the time that NETWORK STRUCTURE PRESERVING POWER SYSTEM changes, upgrade safe collection.

2. the defence method of a kind of power state estimating system false data injection attacks according to claim 1, is characterized in that described Power system state estimation model is:

z＝h(x)+ε

Wherein:

Z is m dimension measured value vector;

H () is the non-linear estimations function of system;

X is the n dimension state value vector of system;

ε is that n maintains system error vector.

3. the defence method of a kind of power state estimating system false data injection attacks according to claim 2, is characterized in that described false data challenge model is:

‖z _a-h(x _bad)‖≤τ

Wherein:

Z _afor attacking the measured value vector injecting after mistake;

X _badfor the system mode value vector of estimating to obtain according to wrong measured value;

τ is that system determines the threshold value whether measurement is correct.

4. the defence method of a kind of power state estimating system false data injection attacks according to claim 1, is characterized in that the computing formula of the solution of quantity of state in described Power system state estimation model is:

$\hat{x}={\left(H^T{R}^{-1}H\right)}^{-1}{H}^T{R}^{-1}z$

Wherein:

for the solution of quantity of state in Power system state estimation model;

H is system configuration matrix;

Z is measured value vector;

R is error diagonal matrix.

5. the defence method of a kind of power state estimating system false data injection attacks according to claim 1, is characterized in that the computing formula of the lower limit of described safe collection element number is:

$k_{\mathrm{low}}=\min (\underset{c}{\min }{\left|\right|H^{\stackrel{\‾}{S}}c\left|\right|}_0,n)$

s.t?H ^Sc＝0,

c _i＝1

Wherein:

K _lowfor the lower limit of safe collection element number;

H ^sfor removing and can be modified state variable respective column in system configuration matrix H

Remaining matrix;

C is the false error vector of attacking the n dimension of introducing to state variable;

N is the number of state variable;

C _ifor i element in c.

6. the defence method of a kind of power state estimating system false data injection attacks according to claim 1, is characterized in that the computing formula of the higher limit of described safe collection element number is:

$k_{\mathrm{upper}}=\min (\underset{i:H_{k,i}\≠0}{\min }{\left|\right|H_{.,i}\left|\right|}_0,k_{\mathrm{fact}})$

Wherein:

K _upperfor the higher limit of safe collection element number;

H _{., i}for the i row of system configuration matrix;

H _k,ifor the k row element in the i row of system configuration matrix;

K _factfor the greatest measurement number of safe energy collecting protection in actual conditions.

7. the defence method of a kind of power state estimating system false data injection attacks according to claim 1, is characterized in that described step 4 comprises the following steps:

Step 4.1: the measured value corresponding to state variable of trunk roads in search electric power system, and added extended protection to concentrate;

Step 4.2: measured value data and historical data comparison, select to change more than preset proportion and corresponding measured value in safe collection not;

Step 4.3: the measured value that step 4.2 is obtained adds extended protection to concentrate;

Step 4.4: judge whether to travel through all measured values, the protection collection that is if so, expanded, Output rusults, otherwise return to step 4.2;

Step 4.5: whether the structure that judges electric power system changes; if structure changes; and there is variation in the corresponding element that step 3 is obtained in safe collection; from step 4.4 be expanded protection concentrate choice structure to change unchanged measured value join in safe collection, the measured value changing after NETWORK STRUCTURE PRESERVING POWER SYSTEM change in safe collection is removed.