CN106530121A - Power monitoring system security protection compliance detection method and system - Google Patents
Power monitoring system security protection compliance detection method and system Download PDFInfo
- Publication number
- CN106530121A CN106530121A CN201610931773.0A CN201610931773A CN106530121A CN 106530121 A CN106530121 A CN 106530121A CN 201610931773 A CN201610931773 A CN 201610931773A CN 106530121 A CN106530121 A CN 106530121A
- Authority
- CN
- China
- Prior art keywords
- compliance
- detection
- index
- detection object
- data acquisition
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 233
- 238000012544 monitoring process Methods 0.000 title claims abstract description 72
- 238000012360 testing method Methods 0.000 claims abstract description 94
- 238000000034 method Methods 0.000 claims abstract description 33
- 238000007689 inspection Methods 0.000 claims description 7
- 238000001914 filtration Methods 0.000 claims description 5
- 238000000151 deposition Methods 0.000 claims 1
- 235000013399 edible fruits Nutrition 0.000 claims 1
- 230000004083 survival effect Effects 0.000 claims 1
- 238000007726 management method Methods 0.000 description 46
- 238000005259 measurement Methods 0.000 description 13
- 241001124569 Lycaenidae Species 0.000 description 11
- 238000005516 engineering process Methods 0.000 description 7
- 238000012800 visualization Methods 0.000 description 6
- 238000013480 data collection Methods 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 3
- 239000012141 concentrate Substances 0.000 description 3
- 238000007619 statistical method Methods 0.000 description 3
- 238000007405 data analysis Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000013100 final test Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 238000003786 synthesis reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
Landscapes
- Business, Economics & Management (AREA)
- Health & Medical Sciences (AREA)
- Engineering & Computer Science (AREA)
- Economics (AREA)
- Public Health (AREA)
- Water Supply & Treatment (AREA)
- General Health & Medical Sciences (AREA)
- Human Resources & Organizations (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a power monitoring system security protection compliance detection method and system. The method includes the following steps that: a detection instruction book is obtained from a test management platform, wherein the test instruction book is generated by the test management platform according to a detection item, wherein the detection item is constructed by the test management platform according to a detection object and a compliance index associated with the detection object; the detection instruction book is analyzed, so that the detection object and the compliance index associated with the detection object are generated; data acquisition is carried out according to the detection object and the compliance index associated with the detection object; conformity judgment is performed on a data acquisition result and a compliance index stored in a compliance library; and a detection result is generated according to a conformity judgment result and the requirement of the compliance index stored in the compliance library. With the power monitoring system security protection compliance detection method and system of the invention adopted, the problems of low detection efficiency and low accuracy rate of conventional compliance detection can be solved, and detected objects can be continuously detected to avoid omission.
Description
Technical field
The present invention relates to power system security protection assessment technology field, more particularly to a kind of electric power monitoring system safety
Protection compliance detection method and system.
Background technology
With the development of the raising of power automation level, communication technology and network technology, power system becomes increasingly dependent on
Ensureing its safe and reliable and Effec-tive Function, the safety of electric power monitoring system is directly connected to power system to electric power monitoring system
Safety, therefore the research to electric power monitoring system information security key technology is just particularly important.
But when compliance detection is carried out to electric power monitoring system security protection, manual detection is relied primarily at present, by
In electric power monitoring system exist equipment it is many, it is safe the features such as, the detection of traditional compliance takes time and effort, and error rate is higher, inspection
Survey result distortion serious, and traditional compliance detection is carrying out, there is detection careless omission in the way of sampling.
The content of the invention
Based on this, it is necessary to detect for traditional compliance, error rate is higher, there is detection careless omission, there is provided one
Plant electric power monitoring system security protection compliance detection method and system.
To achieve these goals, the embodiment of technical solution of the present invention is:
A kind of electric power monitoring system security protection compliance detection method, comprises the following steps:
Detection guiding book is obtained from test management platform, the detection guiding book is the test management platform according to detection
Project is generated, and the detection project is that the compliance that the test management platform is associated according to detection object and with detection object refers to
Mark builds, and the detection object is determined according to the assets of electric power monitoring system, the compliance index associated with detection object
The compliance index determination stored in storehouse is advised according to closing;
The detection guiding book is carried out parsing the compliance index for generating the detection object and associating with detection object;
The compliance index associated according to the detection object and with detection object carries out data acquisition;
Data acquisition results and the conjunction are advised the compliance index stored in storehouse carries out accordance judgement;
Testing result is generated according to the requirement of the compliance index stored in accordance judged result and conjunction rule storehouse.
A kind of electric power monitoring system security protection compliance detecting system, including:
Detection guiding book acquisition module, for obtaining detection guiding book from test management platform, the detection guiding book is
The test management platform is generated according to detection project, the detection project be the test management platform according to detection object and
The compliance index that associated with detection object is built, and the detection object is determined according to the assets of electric power monitoring system, it is described with
The compliance index of detection object association is determined according to the compliance index stored in conjunction rule storehouse;
Detection guiding book parsing module, for the detection guiding book is carried out parsing generate the detection object and with inspection
Survey the compliance index of object association;
Data acquisition module, the compliance index for associating according to the detection object and with detection object carry out data
Collection;
Accordance judge module, for data acquisition results are accorded with the compliance index stored in rule storehouse of closing
Conjunction property judges;
Testing result generation module, for according to the compliance index stored in accordance judged result and conjunction rule storehouse
Requirement generate testing result.
Compared with prior art, beneficial effects of the present invention are:Electric power monitoring system security protection compliance inspection of the present invention
Method and system being surveyed, detection guiding book being obtained from test management platform first, then the detection guiding book to obtaining is parsed
The compliance index for generating corresponding detection object and associating with detection object;According to the detection object and and detection object that generate
The compliance index of association carries out data acquisition, and by data acquisition results and closes the compliance index stored in rule storehouse and accorded with
Conjunction property judges;Testing result is generated finally according to accordance judged result and the requirement for closing the compliance index stored in rule storehouse.
The present invention carries out data acquisition based on detection guiding book, with reference to accordance judgment technology, generates electric power monitoring system security protection
Compliance testing result, not only solves that traditional compliance detection efficiency is low and the not high problem of accuracy rate, and can continue
Constantly detected object is detected, it is to avoid careless omission.
Description of the drawings
Fig. 1 is electric power monitoring system security protection compliance detection method flow chart in one embodiment;
Fig. 2 is based on electric power monitoring system security protection compliance detection method in method one shown in Fig. 1 specific example
Flow chart;
Fig. 3 is the business process map of measurement and management platform in one embodiment;
Fig. 4 is the Technical Architecture figure of measurement and management platform in one embodiment;
Fig. 5 is the operation flow of Aulomatizeted Detect instrument in one embodiment;
Fig. 6 is the Technical Architecture figure of Aulomatizeted Detect instrument in one embodiment;
Fig. 7 is electric power monitoring system security protection compliance detecting system structural representation in one embodiment.
Specific embodiment
To make the objects, technical solutions and advantages of the present invention become more apparent, below in conjunction with drawings and Examples, to this
Invention is described in further detail.It should be appreciated that specific embodiment described herein is only to explain the present invention,
Protection scope of the present invention is not limited.
Electric power monitoring system security protection compliance detection method in one embodiment, as shown in figure 1, including following step
Suddenly:
Step S101:Detection guiding book is obtained from test management platform, the detection guiding book is patted for the testing tube
Platform is generated according to detection project, and the detection project is that the test management platform is associated according to detection object and with detection object
Compliance index build, the detection object is determined according to the assets of electric power monitoring system, described to associate with detection object
Compliance index is determined according to the compliance index stored in conjunction rule storehouse;
Specifically, the assets of the electric power monitoring system include main process equipment in electric power monitoring system, application system, net
Network safety equipment etc..
Here, closing rule storehouse is used to store compliance index, and the detection of electric power monitoring system security protection compliance refers to examine
Examine the conjunction rule situation during electric power monitoring system security protection.
Step S102:The detection guiding book is carried out parsing the conjunction for generating the detection object and associating with detection object
Rule property index;
Step S103:The compliance index associated according to the detection object and with detection object carries out data acquisition;
Step S104:Data acquisition results and the conjunction are advised the compliance index stored in storehouse carries out accordance judgement;
Step S105:Inspection is generated according to the requirement of the compliance index stored in accordance judged result and conjunction rule storehouse
Survey result.
It is evidenced from the above discussion that, electric power monitoring system security protection compliance detection method of the present invention solves tradition and closes rule
Property detection efficiency is low and the not high problem of accuracy rate, while continuously can detect to detected object, it is to avoid dredge
Leakage.
Additionally, in a specific example, the compliance associated according to the detection object and with detection object refers to
Mark carries out the mode of data acquisition to be included:
Oneself in the compliance index associated with detection object is determined according to the criterion of Aulomatizeted Detect index
Dynamicization Testing index, the criterion of the Aulomatizeted Detect index are determined according to compliance data acquisition protocols;
The Aulomatizeted Detect index is converted to into automatic test cases;
The automatic test cases are applied into right in detection corresponding with the automatic test cases by harvester
As upper, data acquisition is carried out.
Here, the compliance data acquisition protocols include SNMP(Simple Network Management
Protocol, Simple Network Management Protocol)、TELNET(Remote terminal protocol)、SSH(Safety shell protocol)And JDBC(Java
Data Base Connectivity, java data bases connection)Etc. compliance data acquisition protocols, the harvester includes SNMP
Harvester, TELNET/SSH harvesters and JDBC harvesters etc..
Various compliance data acquisition protocols such as comprehensive SNMP, TELNET, SSH, JDBC, it is determined that Aulomatizeted Detect index
Criterion, i.e. index can be converted to the executable order in measurand.And can be with automatization with this detailed combing
The index of automatization is converted to automatic test cases by the electric power monitoring system security protection compliance Testing index of detection.
Finally, automatic test cases are applied by SNMP harvesters, TELNET/SSH harvesters, JDBC harvesters etc. and is being detected
On object, corresponding collection result is obtained.
Additionally, in a specific example, the compliance stored in storehouse that data acquisition results and the conjunction are advised refers to
Mark carries out the mode of accordance judgement to be included:
The compliance index stored in data acquisition results and the conjunction rule storehouse is entered according to default canonical matching keyword
Row canonical is matched, and the default canonical matching keyword root advises the compliance index determination stored in storehouse according to described conjunction;
Accordance judgement is carried out to the data acquisition results according to canonical matching result.
Here, data are carried out to the index corresponding to detection object by agreements such as SNMP, TELNET/SSH and WMI to adopt
Collect, and collection result is done into canonical with the keyword in rule base and match, data acquisition results are entered according to canonical matching result
Row accordance judges.
Additionally, in a specific example, it is described according to the conjunction rule stored in accordance judged result and conjunction rule storehouse
Property index requirement generate testing result mode include:
The requirement for advising the compliance index stored in storehouse is closed respectively to each detection in accordance judged result according to described
The corresponding accordance judged result of object is scored;
Obtain the detection object generated after parsing to the detection guiding book and the conjunction associated with detection object
The weight of rule property index, is weighted summation according to the weight to the appraisal result of each detection object, generates testing result.
Specifically, the data to collecting are carried out after accordance judged result, are referred to according to detecting in each class detection object
Target requires to be scored, and in one of embodiment, code of points is as follows:1. safety problem is deducted points according to seriousness:It is non-
Often 40 points of serious problems button, 2 points of serious problems button, detain 0.1 point the problems such as middle, 0.05 point of general considerations button;2. certain test and appraisal refer to
It is marked on multiple same type test and appraisal objects and repeats safety problem, the ratio that the test and appraisal object for going wrong accounts for target sample is big
In being equal to 50%, 4 points of serious problems button detains 0.2 point the problems such as middle, 0.1 point of general considerations button.
The weight of detection object and Testing index is calculated according to analytic hierarchy process (AHP), and each class is examined according to gained weight
The individual scores for surveying object are weighted summation, generate testing result.
Additionally, in a specific example, in the compliance associated according to the detection object and with detection object
After index carries out data acquisition, the compliance index stored in storehouse that data acquisition results and the conjunction are advised is met
Property judge before, also including step:
Data acquisition results are carried out with pretreatment, the pretreatment includes referring to according to the compliance stored in the conjunction rule storehouse
Mark is filtered to data acquisition results, and carries out unification process to the data acquisition results after filtration.
Due to the complexity and multiformity of detection object, cause Data duplication that harvester collects and inconsistent, so
The data for collecting must be filtered and unification process.
In order to more fully understand said method, rule are closed in an electric power monitoring system security protection of the present invention detailed below
The application example of property detection method.
Step S201:The compliance index that measurement and management platform is associated according to detection object and with detection object builds detection
Project, the detection object is according to the determination of the assets of electric power monitoring system, the compliance index root associated with detection object
The compliance index determination stored in storehouse is advised according to closing;
Here, the assets of the electric power monitoring system include main process equipment in electric power monitoring system, application system, network
Safety equipment etc..
Step S202:The compliance that measurement and management platform is associated by the detection object in detection project and with detection object refers to
Mark is written in Excel, generates detection guiding book, and detection guiding book is imported Aulomatizeted Detect instrument;
Step S203:Detection project, the detection object of detection project association in Aulomatizeted Detect instrument reading Excel
And the compliance index associated with detection object;
Step S204:Various compliance data collection associations such as Aulomatizeted Detect instrument synthesis SNMP, TELNET, SSH, JDBC
View, it is determined that the criterion of Aulomatizeted Detect index, i.e. index can be converted to the executable order in measurand, and with
This detailed combing can with the electric power monitoring system security protection compliance Testing index of Aulomatizeted Detect, by the index of automatization
Automatic test cases are converted to, by SNMP harvesters, TELNET/SSH harvesters, JDBC harvesters etc. by automatic test
Use-case is applied on detected object, obtains corresponding collection result;
Step S205:Due to the complexity and multiformity of detection object, cause Data duplication that harvester collects and not
Unanimously, Aulomatizeted Detect instrument is filtered to the data for collecting and unification is processed;
Step S206:According to the compliance index stored in conjunction rule storehouse, Aulomatizeted Detect instrument determines that canonical matching is crucial
Data acquisition results after carrying out filtration and unification process are deposited in rule storehouse with closing by word according to the canonical matching keyword for determining
The compliance index of storage carries out canonical matching, and the match is successful to match expression, and otherwise it fails to match;
Step S207:Aulomatizeted Detect instrument advises the requirement of the compliance index stored in storehouse respectively to canonical according to conjunction
Scored with the corresponding canonical matching result of each detection object in result;
Step S208:Aulomatizeted Detect instrument is determined to detecting what guiding book was generated after parsing according to analytic hierarchy process (AHP)
The weight of detection object and the compliance index associated with detection object, according to scoring of the weight for determining to each detection object
As a result summation is weighted, testing result is generated, and testing result is imported to into measurement and management platform;
Step S209:Measurement and management platform is analyzed process to testing result, generates the detection of final Word format
Report.
The present invention creates the detection of electric power monitoring system security protection compliance detection first by measurement and management platform
Mesh, and corresponding detection guiding book is generated according to the detection project, then, detection guiding book is imported to into Aulomatizeted Detect instrument
In, Aulomatizeted Detect instrument carries out data acquisition process and generates testing result according to detection guiding book.Finally, measurement and management is put down
Testing result is carried out statistical analysiss and generates final Word format examining report by platform.The system be divided into two it is most of:Test and appraisal
Management platform and Aulomatizeted Detect instrument.Measurement and management platform is completed to index and resource unified management, Aulomatizeted Detect instrument
Specific Aulomatizeted Detect work, both are to detect guiding book as data interaction carrier.
Measurement and management platform is mainly instructed by corresponding detection is generated to INDEX MANAGEMENT, asset management and project management
Book, then the testing result after the completion of to Aulomatizeted Detect tool detection carry out data prediction, generate final Word lattice
Formula examining report, operation flow are as shown in Figure 3.
The Technical Architecture of measurement and management platform is as shown in figure 4, include:Intensive data layer, pooled applications layer and concentration show
Layer.
Intensive data layer:In electric power monitoring system security protection compliance detection process, on the one hand there is multiple format number
According to needing storage to process, such as assets information, examining report etc., another aspect statistical analysiss can produce mass data redundancy.Pass through
Data Service Bus, platform provide the database service interface for file and data base.
Pooled applications layer:Including to electric power monitoring system security protection compliance index library management, the management of flow process, project
Management, the management of assets, the module such as the management of user, the major function of each module is as follows:
User management:Mainly to user, role, control of authority management;
Project management:It is the object of compliance Aulomatizeted Detect, comprising multiple detection information systems, each information system is again
Comprising compliance testing equipment, the detection of compliance testing equipment depends on conjunction rule storehouse;
Asset management:Including to main process equipment, application system, Network Security Device etc..The assets can be added to will
In the information system of detection;
Index library management:The index that rule storehouse is closed in electric power monitoring system security protection is carried out into various dimensions division, and combing can
Automatization and can not automatization's index, and to can automatization's pointer carry out machine instruction conversion;
Workflow management:Mainly include the process such as information and analysis, detection scheme, detection process, testing result process,
Is carried out by Aulomatizeted Detect and the text of corresponding format is generated for whole electric power monitoring system security protection compliance by these processes
Shelves.
Concentrate represent layer:Measurement and management platform can provide multiple Users, from statistical analysiss information visualization, working clothing
The many aspects such as business platform visualization, careful workflow visualization meet user's represent layer demand.
The work of Aulomatizeted Detect instrument is that corresponding detection is parsed into the detection guiding book that measurement and management platform is generated
Object and index, then again to can Aulomatizeted Detect index carry out data acquisition and rule match, to can not Aulomatizeted Detect refer to
Mark carries out manual detection and matching, finally, is scored according to matching result and index request, generates final testing result,
Operation flow is as shown in Figure 5.
Aulomatizeted Detect tool technique framework is as shown in fig. 6, include:Detection object, data collection layer, data analysis layer and
Concentrate represent layer.
Detection:According to the requirement of electric power monitoring system security protection compliance detection, detection includes that network is integrally pacified
Entirely, routing safety, application system security, operating system security and database security etc. are exchanged.It is again relevant under each detection
The Testing index of connection.
Detection object:Including to the main process equipment in electric power monitoring system, application system, Network Security Device etc..It is each
Plant detection object and be respectively associated different detections.
Data collection layer:Many kinds of compliance data acquisition protocols of comprehensive SNMP, TELNET, SSH, JDBC, it is determined that can be certainly
The criterion of dynamicization Testing index, i.e. index can be converted to the executable order in measurand, and with this detailed combing
Can with the electric power monitoring system security protection compliance Testing index of Aulomatizeted Detect, by automatable index be converted to from
Dynamicization test case.Finally, automatic test is used by SNMP harvesters, TELNET/SSH harvesters, JDBC harvesters etc.
Example is applied on detected object, obtains corresponding collection result.
Data analysis layer:Including moulds such as data prediction, accordance assessment, individual scores, comprehensive grading, user managements
Block.Major function is as follows:
Data prediction:Due to the complexity and multiformity of detection object, cause Data duplication that harvester collects and
It is inconsistent, so must be filtered and unification process to the data for collecting.
Accordance is assessed:Data to collecting carry out, after pretreatment, detecting each class according to modes such as rule match
Testing index under object requires to carry out accordance judgement.
Individual scores:Accordance judged result is scored according to the requirement of Testing index in each class detection object,
Wherein code of points is as follows:1. safety problem is deducted points according to seriousness:Unusual 40 points of serious problems button, serious problems button 2
Point, 0.1 point is detained the problems such as middle, 0.05 point of general considerations button;2. certain assessment indicator repeats in multiple same types test and appraisal object
Existing safety problem, the test and appraisal object that goes wrong accounts for the ratio of target sample more than or equal to 50%, 4 points of serious problems button, in
The problems such as detain 0.2 point, 0.1 point of general considerations button.
Comprehensive grading:The weight of detection object and Testing index is calculated according to analytic hierarchy process (AHP), and according to gained weight
Summation is weighted to the individual scores of each class detection object, the score of whole detection project is calculated.
Concentrate represent layer:Aulomatizeted Detect instrument can provide multiple Users, from data collection visualization, detection process
The many aspects such as visualization, comprehensive assessment visualization meet user's represent layer demand.
Above-mentioned electric power monitoring system security protection compliance is tested, test environment:Electric power monitoring system, surveys
Examination process:The detection test of electric power monitoring system security protection compliance.
" electric power monitoring system " and association are created in the asset management of power monitoring security protection compliance detecting system
Corresponding main process equipment, Network Security Device and application system, then " power grid security protection compliance " is created in project management
" electric power monitoring system " is finally added in " power grid security protection compliance " by detection project.Pacify according to electric power monitoring system
Full protection close rule storehouse and Aulomatizeted Detect instrument " power grid security protection compliance " detection project is detected, and by detection
As a result carry out the examining report of comprehensive analysis generation " electric power monitoring system security protection compliance Aulomatizeted Detect reports .doc ".
Electric power monitoring system security protection compliance manual testing:The requirement supervised according to higher level carries out artificial customary inspection
Survey, the mode that investigation is sampled to detection object for Testing index is carried out, and carries out manual analyses finally according to testing result
Process and submit the examining report of corresponding Word format.
Electric power monitoring system security protection compliance detection method is contrasted, as shown in table 1.
1 electric power monitoring system security protection compliance detection method of table is contrasted
As can be known from the above table:Manual detection takes time and effort, and false drop rate is higher;And electric power monitoring system of the present invention is anti-safely
Shield compliance detecting system can not only reduce the consumption of the resources such as manpower, reduce false drop rate, moreover it is possible to which electric power monitoring system is carried out
Persistently detect.
It is evidenced from the above discussion that, on the basis of the present embodiment closes rule storehouse in electric power monitoring system security protection, with reference to data
Acquisition technique and Port Scanning Technology pairing rule storehouse carry out comprehensive combing, by can the part of Aulomatizeted Detect screen, design
Electric power monitoring system security protection compliance automated detection system.The system can not only be avoided produced by manual detection
Efficiency is low and the not high problem of accuracy rate, and continuously detected object can be detected, it is to avoid careless omission.To rear
Continuous optimization secure resources configuration, realizes the horizontal General Promotion of security information for power system, has great impetus with strategy meaning
Justice.
Electric power monitoring system security protection compliance detecting system in one embodiment, as shown in fig. 7, comprises:
Detection guiding book acquisition module 701, for obtaining detection guiding book, the detection guiding book from test management platform
Generated according to detection project for the test management platform, the detection project is the test management platform according to detection object
And the compliance index associated with detection object is built, the detection object is determined according to the assets of electric power monitoring system, described
The compliance index associated with detection object is determined according to the compliance index stored in conjunction rule storehouse;
Detection guiding book parsing module 702, for the detection guiding book is carried out parsing generate the detection object and
The compliance index associated with detection object;
Data acquisition module 703, the compliance index for associating according to the detection object and with detection object are carried out
Data acquisition;
Accordance judge module 704, for data acquisition results are entered with the compliance index stored in rule storehouse of closing
Row accordance judges;
Testing result generation module 705, for according to the compliance stored in accordance judged result and conjunction rule storehouse
The requirement of index generates testing result.
As shown in fig. 7, in a specific example, the data acquisition module 703 includes:
Aulomatizeted Detect index determining unit 7031, for according to the criterion of Aulomatizeted Detect index determine it is described and
Aulomatizeted Detect index in the compliance index of detection object association, the criterion of the Aulomatizeted Detect index is according to conjunction
Rule property data acquisition protocol determines;
Automatic test cases converting unit 7032, for the Aulomatizeted Detect index is converted to automatic test use
Example;
Data acquisition unit 7033, for by harvester by the automatic test cases apply with the automatization
In the corresponding detection object of test case, data acquisition is carried out.
As shown in fig. 7, in a specific example, the accordance judge module 704 includes:
Canonical matching unit 7041, for data acquisition results are closed rule storehouse with described according to default canonical matching keyword
The compliance index of middle storage carries out canonical matching, and the default canonical matching keyword root advises the conjunction stored in storehouse according to described conjunction
Rule property index determines;
Accordance judging unit 7042, sentences for carrying out accordance to the data acquisition results according to canonical matching result
It is disconnected.
As shown in fig. 7, in a specific example, the testing result generation module 705 includes:
Scoring unit 7051, for being sentenced to accordance according to the requirement for closing the compliance index stored in rule storehouse respectively
In disconnected result, the corresponding accordance judged result of each detection object is scored;
Testing result signal generating unit 7052, for obtaining to the detection for detecting that guiding book is generated after parsing
The weight of object and the compliance index associated with detection object, is entered to the appraisal result of each detection object according to the weight
Row weighted sum, generates testing result.
As shown in fig. 7, in a specific example, the electric power monitoring system security protection compliance detecting system is also wrapped
Pretreatment module 706 is included, for the conjunction associated according to the detection object and with detection object in the data acquisition module 703
After rule property index carries out data acquisition, data acquisition results are carried out with pretreatment, the pretreatment includes rule being closed according to described
The compliance index stored in storehouse is filtered to data acquisition results, and carries out unification to the data acquisition results after filtration
Process;
The accordance judge module 704 will carry out pretreated data acquisition results and close what is stored in rule storehouse with described
Compliance index carries out accordance judgement.
It is evidenced from the above discussion that, electric power monitoring system security protection compliance detecting system of the present invention solves traditional conjunction
Detection efficiency is low and the not high problem of accuracy rate for rule property, while continuously can detect to detected object, it is to avoid
Careless omission.
Each technical characteristic of embodiment described above arbitrarily can be combined, to make description succinct, not to above-mentioned reality
Apply all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited
In contradiction, the scope of this specification record is all considered to be.
Embodiment described above only expresses the several embodiments of the present invention, and its description is more concrete and detailed, but and
Therefore can not be construed as limiting the scope of the patent.It should be pointed out that for one of ordinary skill in the art comes
Say, without departing from the inventive concept of the premise, some deformations and improvement can also be made, these belong to the protection of the present invention
Scope.Therefore, the protection domain of patent of the present invention should be defined by claims.
Claims (10)
1. a kind of electric power monitoring system security protection compliance detection method, it is characterised in that comprise the following steps:
Detection guiding book is obtained from test management platform, the detection guiding book is the test management platform according to detection project
Generate, the detection project is the compliance index structure that the test management platform is associated according to detection object and with detection object
Build, the detection object according to the assets of electric power monitoring system determine, the compliance index associated with detection object according to
The compliance index stored in closing rule storehouse determines;
The detection guiding book is carried out parsing the compliance index for generating the detection object and associating with detection object;
The compliance index associated according to the detection object and with detection object carries out data acquisition;
Data acquisition results and the conjunction are advised the compliance index stored in storehouse carries out accordance judgement;
Testing result is generated according to the requirement of the compliance index stored in accordance judged result and conjunction rule storehouse.
2. electric power monitoring system security protection compliance detection method according to claim 1, it is characterised in that described
The compliance index associated according to the detection object and with detection object carries out the mode of data acquisition to be included:
Automatization in the compliance index associated with detection object according to the criterion of Aulomatizeted Detect index determines
Testing index, the criterion of the Aulomatizeted Detect index are determined according to compliance data acquisition protocols;
The Aulomatizeted Detect index is converted to into automatic test cases;
The automatic test cases are applied in detection object corresponding with the automatic test cases by harvester,
Carry out data acquisition.
3. electric power monitoring system security protection compliance detection method according to claim 1 and 2, it is characterised in that institute
State by data acquisition results and it is described close the compliance index that stores in rule storehouse and carry out the mode of accordance judgement include:
The compliance index stored in data acquisition results and the conjunction rule storehouse is just carried out according to default canonical matching keyword
Then match, the default canonical matching keyword root advises the compliance index determination stored in storehouse according to described conjunction;
Accordance judgement is carried out to the data acquisition results according to canonical matching result.
4. electric power monitoring system security protection compliance detection method according to claim 1, it is characterised in that described
The mode that testing result is generated according to the requirement of the compliance index stored in accordance judged result and conjunction rule storehouse includes:
The requirement for advising the compliance index stored in storehouse is closed respectively to each detection object in accordance judged result according to described
Corresponding accordance judged result is scored;
Obtain the detection object generated after parsing to the detection guiding book and the compliance associated with detection object
The weight of index, is weighted summation according to the weight to the appraisal result of each detection object, generates testing result.
5. electric power monitoring system security protection compliance detection method according to claim 1, it is characterised in that described
It is after the compliance index associated according to the detection object and with detection object carries out data acquisition, described that data acquisition is tied
Fruit is closed before in rule storehouse, the compliance index that stores carries out accordance judgement with described, also including step:
Data acquisition results are carried out with pretreatment, the pretreatment is included according to the compliance index pair closed and store in rule storehouse
Data acquisition results are filtered, and carry out unification process to the data acquisition results after filtration.
6. a kind of electric power monitoring system security protection compliance detecting system, it is characterised in that include:
Detection guiding book acquisition module, for obtaining detection guiding book from test management platform, the detection guiding book is described
Test management platform according to detection project generate, the detection project be the test management platform according to detection object and with inspection
The compliance index for surveying object association builds, and the detection object is determined according to the assets of electric power monitoring system, described and detection
The compliance index of object association is determined according to the compliance index stored in conjunction rule storehouse;
Detection guiding book parsing module, generates the detection object and right with detecting for parsing is carried out to the detection guiding book
As the compliance index for associating;
Data acquisition module, the compliance index for associating according to the detection object and with detection object carry out data and adopt
Collection;
Accordance judge module, for data acquisition results are carried out accordance with the compliance index stored in rule storehouse of closing
Judge;
Testing result generation module, for wanting according to the compliance index stored in accordance judged result and conjunction rule storehouse
Seek survival into testing result.
7. electric power monitoring system security protection compliance detecting system according to claim 6, it is characterised in that the number
Include according to acquisition module:
Aulomatizeted Detect index determining unit, for according to the criterion of Aulomatizeted Detect index determine described in and detection object
Aulomatizeted Detect index in the compliance index of association, the criterion of the Aulomatizeted Detect index is according to compliance data
Acquisition protocols determine;
Automatic test cases converting unit, for the Aulomatizeted Detect index is converted to automatic test cases;
Data acquisition unit, for by harvester by the automatic test cases apply with the automatic test cases
In corresponding detection object, data acquisition is carried out.
8. the electric power monitoring system security protection compliance detecting system according to claim 6 or 7, it is characterised in that institute
Stating accordance judge module includes:
Canonical matching unit, for data acquisition results are closed what is stored in rule storehouse with described according to default canonical matching keyword
Compliance index carries out canonical matching, and the default canonical matching keyword root advises the compliance index stored in storehouse according to described conjunction
It is determined that;
Accordance judging unit, for carrying out accordance judgement to the data acquisition results according to canonical matching result.
9. electric power monitoring system security protection compliance detecting system according to claim 6, it is characterised in that the inspection
Surveying result-generation module includes:
Scoring unit, for closing the requirement for advising the compliance index stored in storehouse respectively in accordance judged result according to described
The corresponding accordance judged result of each detection object is scored;
Testing result signal generating unit, for obtain the detection guiding book is parsed after the detection object that generates and with
The weight of the compliance index of detection object association, is weighted to the appraisal result of each detection object according to the weight and asks
With generation testing result.
10. electric power monitoring system security protection compliance detecting system according to claim 6, it is characterised in that also wrap
Pretreatment module is included, the compliance for associating according to the detection object and with detection object in the data acquisition module refers to
After mark carries out data acquisition, data acquisition results are carried out with pretreatment, the pretreatment includes depositing in rule storehouse according to described conjunction
The compliance index of storage is filtered to data acquisition results, and carries out unification process to the data acquisition results after filtration;
The accordance judge module will carry out pretreated data acquisition results with the compliance closed and store in rule storehouse
Index carries out accordance judgement.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610931773.0A CN106530121B (en) | 2016-10-24 | 2016-10-24 | Method and system for detecting safety protection compliance of power monitoring system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610931773.0A CN106530121B (en) | 2016-10-24 | 2016-10-24 | Method and system for detecting safety protection compliance of power monitoring system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106530121A true CN106530121A (en) | 2017-03-22 |
| CN106530121B CN106530121B (en) | 2020-03-24 |
Family
ID=58291669
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610931773.0A Active CN106530121B (en) | 2016-10-24 | 2016-10-24 | Method and system for detecting safety protection compliance of power monitoring system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106530121B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107578345A (en) * | 2017-09-08 | 2018-01-12 | 南方电网科学研究院有限责任公司 | Power system security detection method, device, storage medium and computer equipment |
| CN107944591A (en) * | 2017-05-22 | 2018-04-20 | 国家电网公司西南分部 | Repeating objects Fuzzy Test optimization algorithm based on power scheduling conventional data object |
| CN107977311A (en) * | 2017-11-15 | 2018-05-01 | 中国电力科学研究院有限公司 | A kind of automatic method and system for carrying out distribution terminal information security detection |
| CN109102407A (en) * | 2018-08-10 | 2018-12-28 | 中募网络科技(北京)股份有限公司 | A kind of Si Mu company closes rule and checks and monitoring method and system |
| CN109409910A (en) * | 2018-10-17 | 2019-03-01 | 杭州络町软件科技有限责任公司 | A kind of private is raised conjunction rule detection system, method and apparatus |
| CN111047309A (en) * | 2019-12-18 | 2020-04-21 | 北京三快在线科技有限公司 | Security compliance detection method and device, computer equipment and storage medium |
| CN111915407A (en) * | 2020-08-10 | 2020-11-10 | 政采云有限公司 | Object compliance detection method and system |
| CN113886277A (en) * | 2021-12-07 | 2022-01-04 | 云账户技术(天津)有限公司 | Method and device for detecting compliance of software defect report |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101395623A (en) * | 2006-01-11 | 2009-03-25 | 美国银行公司 | Compliance program assessment tool |
| CN104009869A (en) * | 2014-05-15 | 2014-08-27 | 华南理工大学 | Power secondary system information security level protection online compliance detection method |
| CN104506351A (en) * | 2014-12-18 | 2015-04-08 | 北京随方信息技术有限公司 | Method and system for performing online full-automatic configuration of compliance safety audit |
| CN105976120A (en) * | 2016-05-17 | 2016-09-28 | 全球能源互联网研究院 | Electric power operation monitoring data quality assessment system and method |
-
2016
- 2016-10-24 CN CN201610931773.0A patent/CN106530121B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101395623A (en) * | 2006-01-11 | 2009-03-25 | 美国银行公司 | Compliance program assessment tool |
| CN104009869A (en) * | 2014-05-15 | 2014-08-27 | 华南理工大学 | Power secondary system information security level protection online compliance detection method |
| CN104506351A (en) * | 2014-12-18 | 2015-04-08 | 北京随方信息技术有限公司 | Method and system for performing online full-automatic configuration of compliance safety audit |
| CN105976120A (en) * | 2016-05-17 | 2016-09-28 | 全球能源互联网研究院 | Electric power operation monitoring data quality assessment system and method |
Non-Patent Citations (1)
| Title |
|---|
| 胡皓: "面向等级保护的主机安全测评系统的设计与实现", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107944591A (en) * | 2017-05-22 | 2018-04-20 | 国家电网公司西南分部 | Repeating objects Fuzzy Test optimization algorithm based on power scheduling conventional data object |
| CN107578345A (en) * | 2017-09-08 | 2018-01-12 | 南方电网科学研究院有限责任公司 | Power system security detection method, device, storage medium and computer equipment |
| CN107977311A (en) * | 2017-11-15 | 2018-05-01 | 中国电力科学研究院有限公司 | A kind of automatic method and system for carrying out distribution terminal information security detection |
| CN107977311B (en) * | 2017-11-15 | 2021-10-22 | 中国电力科学研究院有限公司 | Method and system for automatically detecting information safety of power distribution terminal |
| CN109102407A (en) * | 2018-08-10 | 2018-12-28 | 中募网络科技(北京)股份有限公司 | A kind of Si Mu company closes rule and checks and monitoring method and system |
| CN109409910A (en) * | 2018-10-17 | 2019-03-01 | 杭州络町软件科技有限责任公司 | A kind of private is raised conjunction rule detection system, method and apparatus |
| CN111047309A (en) * | 2019-12-18 | 2020-04-21 | 北京三快在线科技有限公司 | Security compliance detection method and device, computer equipment and storage medium |
| CN111047309B (en) * | 2019-12-18 | 2022-03-11 | 北京三快在线科技有限公司 | Security compliance detection method and device, computer equipment and storage medium |
| CN111915407A (en) * | 2020-08-10 | 2020-11-10 | 政采云有限公司 | Object compliance detection method and system |
| CN113886277A (en) * | 2021-12-07 | 2022-01-04 | 云账户技术(天津)有限公司 | Method and device for detecting compliance of software defect report |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106530121B (en) | 2020-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106530121A (en) | Power monitoring system security protection compliance detection method and system | |
| Xue et al. | Integrating sensor ontologies with global and local alignment extractions | |
| CN104866426B (en) | Software test integrated control method and system | |
| He et al. | Learning from open-source projects: An empirical study on defect prediction | |
| Rodriguez et al. | On software engineering repositories and their open problems | |
| CN104065532B (en) | A kind of non-recorded website search method and system based on multichannel data access way | |
| CN109688091B (en) | Multi-source threat intelligence quality evaluation method and device | |
| CN102938708B (en) | Based on alarm correlation analysis system and the analytical method thereof of alarm propagation pattern | |
| CN105426980B (en) | Power distribution network health index assessment engineering application system | |
| CN109587125B (en) | Network security big data analysis method, system and related device | |
| CN106375339A (en) | Attack mode detection method based on event slide window | |
| CN103793652A (en) | Application system code safety scanning device based on static analysis | |
| CN102340485A (en) | Network security situation awareness system and method based on information correlation | |
| CN102968375B (en) | Based on the infeasible paths detection method of association rule mining | |
| CN107748782A (en) | Query statement processing method and processing device | |
| CN109857714A (en) | Journal obtaining method, device, electronic equipment and computer readable storage medium | |
| Azodi et al. | A new approach to building a multi-tier direct access knowledgebase for IDS/SIEM systems | |
| Cha et al. | Service mesh based distributed tracing system | |
| CN115277113A (en) | Power grid network intrusion event detection and identification method based on ensemble learning | |
| CN107493275A (en) | The extracted in self-adaptive and analysis method and system of heterogeneous network security log information | |
| WO2024088025A1 (en) | Automated 5gc network element management method and apparatus based on multi-dimensional data | |
| CN113098989B (en) | Dictionary generation method, domain name detection method, device, equipment and medium | |
| CN105528296B (en) | A kind of class cluster test method of object-oriented software | |
| US20090300034A1 (en) | Methods and systems for automatic conversion of a utility monitoring system layout into a storage format | |
| CN115765153A (en) | Method and system for fusion monitoring of Internet of things and online monitoring data of primary electric power equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210601 Address after: 510700 3rd, 4th and 5th floors of building J1 and 3rd floor of building J3, No.11 Kexiang Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee after: China Southern Power Grid Research Institute Co.,Ltd. Address before: 510080 water Donggang 8, Dongfeng East Road, Yuexiu District, Guangzhou, Guangdong. Patentee before: China Southern Power Grid Research Institute Co.,Ltd. Patentee before: CSG POWER GRID TECHNOLOGY RESEARCH CENTER |