Intelligent grid dynamic data encryption method based on state estimation
Technical field:
The present invention relates to intelligent grid safety communication technology field, particularly use state estimation to generate the intelligent grid communication encrypting method of dynamic key.
Background technology:
Intelligent grid utilizes information network technique to carry out Real-Time Monitoring and optimal control to generating in electric power networks, distribution and current consuming apparatus, realizes the targets such as energy-conservation, reduction of discharging.How ensureing data in electric power networks safety and the privacy in transmitting procedure, is the basis of intelligent grid stable operation.At present, intelligent grid mainly adopts various symmetries to ensure the safety of communicating by letter with asymmetric encryption techniques, but, only utilize conventional encryption technology to be difficult to ensure the safe and reliable of communication process, the hidden trouble of its existence is mainly:
(1) being widely used of intelligent grid, causes third party can obtain intelligent grid terminal installation, and the symmetric cryptosystem that analysing terminal device uses reduces the difficulty that cracks to ciphertext;
(2) intelligent grid communication node enormous amount, operational environment complexity, stability to encryption technology and complexity, and the cost of equipment and energy consumption have strict demand, asymmetric encryption techniques complexity is higher, hardware cost and energy consumption are relatively high, are not suitable for extensive intelligent grid and dispose.
In prior art, also do not have a kind of effective method can be from addressing the above problem in essence.Therefore,, from the requirement of intelligent grid actual motion, need to find a kind of encryption method with higher fail safe and lower complexity.
Summary of the invention:
Main purpose of the present invention is to provide a kind of intelligent grid dynamic data encryption method based on state estimation.Telemetry terminal system is divided into observation data reported data and retains data, utilizes and retains data generation dynamic key, and reported data is encrypted, and generating ciphertext sends to control centre; The reservation data of telemetry terminal system are calculated by control centre based on method for estimating state, generate dynamic key, and the ciphertext that telemetry terminal system is sent is decrypted, and deciphering obtains the reported data of telemetry terminal system.
Object of the present invention is achieved through the following technical solutions:
Intelligent grid dynamic data encryption method based on state estimation, comprises the steps:
1), the T1 moment, telemetry terminal system utilizes measurement module to measure this node power state, and metric data is divided into and retains data and reported data;
2), telemetry terminal system is according to retaining data and the dynamic key in the dynamic key production telemetry terminal system T1 moment in T0 moment;
3), telemetry terminal system utilizes the dynamic key in T0 moment to be encrypted reported data, generate enciphered data and send to control centre;
4), control centre's enciphered data of utilizing control centre's dynamic key in the T0 moment of corresponding each telemetry terminal system respectively each telemetry terminal system to be sent is decrypted, and obtains the reported data of each telemetry terminal system;
5), control centre is based on method for estimating state, report computing with encrypted data to go out it to retain data, generate control centre's dynamic key in the T1 moment of corresponding each telemetry terminal system according to each telemetry terminal system;
Wherein the T0 moment is the collection moment of a upper measurement module in T1 moment.
The present invention further improves and is: described step 2) in the generation step of telemetry terminal system dynamic key be: telemetry terminal system carries out fault-tolerant processing and obtains the reservation data after fault-tolerant processing retaining data; Then the reservation data after fault-tolerant processing are carried out to HASH computing and generate more new key of T1 moment; Then from the dynamic key storehouse of telemetry terminal system, obtain the dynamic key of the telemetry terminal system in T0 moment, with the T1 moment more new key carry out XOR, generate the dynamic key of T1 moment telemetry terminal system.
The present invention further improves and is: fault-tolerance processing method rounds up or round for amplifying after rounding, amplify under backward; HASH computing is MD4, MD5 or SHA-1.
The present invention further improves and is: described step 5) in control centre based on method for estimating state, go out its reservation data according to the computing with encrypted data that reports of each telemetry terminal system, the step that generates control centre's dynamic key in the T1 moment of corresponding each telemetry terminal system is: according to the reported data of each telemetry terminal system, utilize least-squares algorithm to carry out state estimation, the estimation of the each telemetry terminal system calculating retains data, utilize step 2) in identical fault-tolerance processing method and HASH algorithm, generate control centre's dynamic key of corresponding each telemetry terminal system.
The present invention further improves and is: in step 3), telemetry terminal system utilizes the dynamic key in T0 moment, adopts symmetric encryption method to be encrypted reported data; Described symmetric encryption method is XOR, DES or RC4.
The present invention further improves and is: in step 4), control centre utilizes control centre's dynamic key in the T0 moment of corresponding each telemetry terminal system, adopt the enciphered data respectively each telemetry terminal system being sent with symmetric encryption method identical in step 3) to be decrypted, obtain the reported data of each telemetry terminal system.
The present invention further improves and is: step 1) in reported data and retain data according to control centre's Location of requirement, and meet two conditions: the reported data on (1) this node can not direct derivation goes out all reservation data of this node, (2) control centre utilizes state estimation algorithm, can derive the reservation data of all nodes according to the reported data of all nodes.
The present invention further improves and is: step 1) in metric data comprise voltage magnitude and phase angle, active power and reactive power; Described reported data is active power and reactive power, and described reservation data are voltage magnitude and phase angle.
With respect to prior art, the present invention has following beneficial effect:
(1) under the condition of effectively avoiding communicating pair key distribution, realize key synchronous dynamic generate, strengthen the secure communication between telemetry terminal system and control centre: the present invention is according to the physical constraint relation between each telemetry terminal system electric power data in intelligent grid, utilize method for estimating state to realize the calculating that telemetry terminal system is retained to data, the key generating of synchronizeing with the both sides of control centre by telemetry terminal system is realized the encryption and decryption to communication data.Because whole communication process does not relate to the distribution of key, third party cannot directly obtain by monitoring; Simultaneously, due to communicating pair new key more dynamically, third party is difficult to obtain enough cipher-text information key is cracked.
(2) algorithm complex is low, be conducive to reduce energy consumption and extensive use: encryption technology of the present invention obtains key at telemetry terminal system to the amplification of Partial Observation data acquisition and rounding operation, adopt simple HASH algorithm and XOR to be encrypted reported data, algorithm implementation complexity low and be easy to realize, can reduce the requirement to computing capability and resource, can reduce calculating energy consumption, also can save hardware cost, be applicable to the intelligent grid running environment of communicating by letter on a large scale.
Brief description of the drawings:
Fig. 1 is the intelligent grid dynamic data encryption method block diagram based on state estimation;
Fig. 2 is the intelligent grid telemetry terminal system dynamic data encryption method flow chart based on state estimation;
Fig. 3 is the intelligent grid control centre dynamic data decryption method flow chart based on state estimation.
Embodiment:
Fig. 1 is the intelligent grid dynamic data encryption method block diagram based on state estimation, has shown the basic framework of dynamic encryption and decryption process when telemetry terminal system sends measurement data to control centre in intelligent grid communication network.
Fig. 2 is intelligent grid dynamic data encryption method based on the state estimation flow chart at telemetry terminal system.This figure describes the present invention in detail at telemetry terminal system, utilizes the reservation data of telemetry terminal system transducer real-time monitored to generate dynamic key, the process that reported data is encrypted.In Fig. 2, suppose that telemetry terminal system i is at T0, T1, T2 ... in the moment, it is observed D
i(0), D
i(1), D
i(2) ..., and suppose the current T1 of being, what said process can be concrete states following steps as:
Step 100: the transducer of telemetry terminal system i is measured and storing measurement data D this node power state (comprising voltage magnitude and phase angle, active power, reactive power)
i(1);
Step 101: data buffer storage is by the data D storing
i(1) be divided into reported data SD
iand retain data RD (1)
i(1), reported data is according to control centre's Location of requirement, and meet all reservation data that reported data on these nodes of two conditions (1) (remote terminal) can not direct derivation goes out this node, (2) control centre can utilize state estimation algorithm, derive the reservation data of all nodes according to the reported data of all nodes (remote terminal), in this example, reported data is active power and reactive power, and retaining data is voltage magnitude and phase angle;
Step 102: telemetry terminal system is to retaining data RD
i(1) carry out data fault-tolerant process as amplified under backward round, round up, round etc., obtain the reservation data RD after fault-tolerant processing
i* (1);
Step 103: to the reservation data RD after fault-tolerant processing
i* (1) carries out HASH computing generation more new key HASH (RD of T1 moment
i* (1)), the HASH algorithm that wherein can select has MD4, MD5, SHA-1 etc., obtains the dynamic key EK of the telemetry terminal system i in T0 moment from dynamic cipher key store
i(0), with the T1 moment more new key carry out XOR, generate the dynamic key of telemetry terminal system i in T1 moment
if the T0 moment is initial time, its dynamic key is unified initial setting up, uses full 0 sequence in this example, if the T0 moment is not initial time, its dynamic key is that follow procedures 100-103 generates;
Step 104: by the telemetry terminal system i dynamic key EK in T1 moment
i(1) be kept at the dynamic key storehouse of telemetry terminal system i;
Step 105: utilize the telemetry terminal system dynamic key EK that the T0 moment generates
i(0), adopt symmetric encryption method to reported data SD
i(1) be encrypted, generate enciphered data ESD
i(1) symmetric encipherment algorithm that, wherein can select has XOR, DES, RC4 etc.;
Step 106: by the enciphered data ESD after encrypting
i(1) be uploaded to control centre.
Fig. 3 is intelligent grid dynamic data encryption method based on the state estimation flow chart in control centre.This figure describes the present invention in detail in control centre, utilizes method for estimating state to calculate telemetry terminal system and retains data, and generate dynamically the process that telemetry terminal system reported data is decrypted.With Fig. 2 in like manner, at moment T1, the enciphered data ESD that control centre uploads for N telemetry terminal system
1(1), ESD
2(1) ..., ESD
n(1) realize the method for dynamically deciphering and can specifically be expressed as following steps:
Step 200: control centre receives the enciphered data ESD that telemetry terminal system is uploaded
1(1), ESD
2(1) ..., ESD
n(1);
Step 201: the enciphered data that the T1 moment is uploaded, utilize the T0 moment control centre dynamic key of preserving in the dynamic key storehouse of control centre, employing symmetric encryption method is decrypted, generate the reported data of each telemetry terminal system, the symmetric encipherment algorithm that wherein can select has XOR, DES, RC4 etc.; With the reported data ESD of telemetry terminal system i
i(1) be example, control centre's dynamic key is DK
i(0), decrypted result SD
i(1);
Step 202: according to the reported data of each telemetry terminal system, utilize least square method to carry out state estimation, the estimation of calculating each telemetry terminal system retains data RD
e 1(1), RD
e 2(1) ..., RD
e n(1);
Step 203: deposit the reported data of each telemetry terminal system and estimation reservation data in data center;
Step 204: to the estimation of each telemetry terminal system retain data carry out data fault-tolerant process as amplified under backward round, round up, round etc., the estimation generating after fault-tolerant processing retains data RD
e 1* (1), RD
e 2* (1) ..., RD
e n* (1); With the reservation data RD of telemetry terminal system i
i(1) be example, it is RD that control centre's estimation after treatment retains data
e i* (1), with telemetry terminal system i reservation data after treatment RD
i* (1) equates, i.e. RD
i* (1)=RD
e i* (1); The fault-tolerance processing method that the fault-tolerance processing method adopting in this step adopts with step 102 is identical;
Step 205: estimation after treatment is retained to data and carry out HASH computing generation more new key of T1 moment, the HASH algorithm that wherein can select has MD4, MD5, SHA-1 etc., from the dynamic key storehouse of control centre, obtain control centre's dynamic key in T0 moment, with the T1 moment more new key carry out XOR, generate control centre's dynamic key in T1 moment; Taking telemetry terminal system i as example, the T1 moment more new key be HASH (RD
e i* (1), with the dynamic key DK of T0 moment control centre
i(0) XOR, generates T1 moment control centre dynamic key
the HASH operation method that the HASH operation method adopting in this step adopts with step 103 is identical;
Step 206: the dynamic key storehouse that T1 moment control centre dynamic key is deposited in to control centre.
Thus, completed the dynamic data ciphering process that once has the data of all telemetry terminal system transducers generations to transmit to control centre.