CN107332864A - Electric substation automation system orientation contract network attack guarding method based on global synchronous clock differential management - Google Patents
Electric substation automation system orientation contract network attack guarding method based on global synchronous clock differential management Download PDFInfo
- Publication number
- CN107332864A CN107332864A CN201710753327.XA CN201710753327A CN107332864A CN 107332864 A CN107332864 A CN 107332864A CN 201710753327 A CN201710753327 A CN 201710753327A CN 107332864 A CN107332864 A CN 107332864A
- Authority
- CN
- China
- Prior art keywords
- time
- transformer station
- global
- synchronous clock
- clock
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04J—MULTIPLEX COMMUNICATION
- H04J3/00—Time-division multiplex systems
- H04J3/02—Details
- H04J3/06—Synchronising arrangements
- H04J3/0635—Clock or time synchronisation in a network
- H04J3/0638—Clock or time synchronisation among nodes; Internode synchronisation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Remote Monitoring And Control Of Power-Distribution Networks (AREA)
Abstract
A kind of electric substation automation system orientation contract network attack guarding method based on global synchronous clock differential management, after the Malware intrusion electric substation automation system of directional attack transformer station, file can be described by transformer station and obtains the problem of controlling circuit breaker trip after the accurate control information of each breaker of transformer station, the global synchronous clock of each transformer station is subjected to differential management, specifically synchronised clock time regulating module is set up in the global synchronous clock receiving module of each transformer station, so that the global synchronization time of the global synchronous clock of each transformer station differs after being adjusted through the time, lock in time in the station of each transformer station is changed by time service in station again, so as to avoid the Malware for invading multiple transformer stations from being cooperateed with by global synchronous clock, it is synchronous to initiate the large-scale blackout that tripping operation attack causes multiple transformer stations to have a power failure simultaneously, to ensure the operation safety of power network under extreme conditions, the information security active defense capability of electric substation automation system can be significantly improved.
Description
Technical field
The present invention relates to a kind of protecting information safety method of electric substation automation system, and in particular to one kind is based on the whole world
The electric substation automation system orientation contract network attack guarding method of synchronised clock differential management.
Background technology
As the critical infrastructure of modern society, power system is the high pay-off target of network attack.In power train
During the digitlization of system and web development, power system is developing progressively to be made up of information system and the fusion of physics power network
Hybrid system.Wherein, the production scheduling of power network and protection control are highly dependent on information system, and occurring information security events can
The consequence that can trigger significantly rises.Network army is set up one after another and specializes in the network attack in the fields such as electric power with preventing in countries in the world
Defend research.
Currently, power system information security study lays particular emphasis on Border Protection, to Malware invade after behavior pattern with
Means of defence research is relatively limited.Emerging shake net is viral (Stuxnet) within 2010, it is possible to use zero day of computer system
Leak escapes Viral diagnosis, and propagates the physically-isolated specific important goal of attack by flash disk.Using similar shake net virus
Mode, the Malware intrusion power system made by the attacker in a organized way with deep power system background knowledge is controlled in real time
There is realistic possibility in area processed.
Electric power enterprise is ensures the information security of production control zone, by itself and other power information systems in networked physics layer
Isolation is realized, the remote of authenticated encryption is carried out by special dispatch data net such as between control centre and power plant, transformer station
Cheng Tongxin, sets isolation fire wall, and set on production control great Qu borders between same power plant, the different places of safety of transformer station
Intruding detection system;Dial-up access to equipment manufacturer uses encryption, certification and access control measure, then to disliking in place of safety
The attacks such as meaning code are protected by updating the modes such as virus base, wooden horse storehouse, intrusion detection storehouse offline.
All in all, power information security protection is mainly for network and network power generation control system, and emphasis is strong
Change Border Protection, to improve internal security protective capacities.Traditionally, physical isolation is considered as the day that network attack is difficult to go beyond
Right barrier, the information system being had higher requirements including power system, to security is all as criteria construction core network.
But, the shake net virus occurred for 2010 has overturned this understanding.First, the virus propagates machine by the flash disk of strengthening design
System, can bypass secure border and attacks physically-isolated industrial control system;Secondly, because antivirus software is only capable of killing known viruse,
Can not killing as shake net virus utilize multiple zero-day vulnerabilities Malware;Finally, because shake net virus has accurate destruction
Target and there is a profound understanding to goal systems, it will not without restraint be propagated as street virus, wooden horse, can also accurately be changed and be attacked
Hit the control parameter of target, implement destruction, this behavior pattern has notable difference with general Malware and virus, existing
Passive type intruding detection system is difficult accurate catches.Therefore, the Malware lack of targeted of virus currently is netted to similar shake
Mean of defense.
The electric substation automation system of power system is directly related to the monitoring and control of transformer station, is valuable attack
Target.To ensure the information security of electric substation automation system, China's electric power enterprise is placed on most crucial production control peace
Complete Ith area, realizes in networked physics layer between other places of safety and isolates.In electric substation automation system and dispatch automated system
Between the telecommunication of authenticated encryption is carried out by special dispatch data net, and invasion is set on production control great Qu borders
Detecting system;Dial-up access to equipment manufacturer uses encryption, certification and access control measure, then to malice generation in place of safety
The attacks such as code are protected by updating the modes such as virus base, wooden horse storehouse, intrusion detection storehouse offline.
Because electric substation automation system has been configured with more perfect protecting information safety means, general Malware is difficult
To invade.Further, since electric substation automation system structure function is complicated, even if the attacker without industry background knowledge invades
Enter transformer station, also destruction can only be implemented by modes such as Denial of Service attack or formatting systems, only result in transformer station and lose
Station level protects monitoring capacity, without directly resulting in the accidents such as line tripping.Attacker in a organized way with deep domain knowledge,
Directional attack Malware can be customized for electric substation automation system, implement Precise strike.
There is the attacker in a organized way of deep understanding to electric substation automation system, equally can be using similar shake net virus
Mechanism of transmission, through system or equipment producer maintenance upgrade channel, bypasses security protection border intrusion production control place of safety to change
Power station automation system initiates targeted attacks.Because electric substation automation system sets for the protection control of compatible multiple producers
Standby, record has the details of each protection control device in transformer station describes file.For attacker in a organized way, it can root
The structured message for describing file according to transformer station stores stipulations, from transformer station file is described in search each breaker in transformer station
The control information such as control port, the communication protocol further according to electric substation automation system sends tripping operation control command, lures into all
Circuit breaker trip.
Vast region is crossed in power system, often has multiple relay protections to send alarm within moment in short-term when breaking down
With trip command and there are multiple circuit breaker trips, the correct process accident of management and running personnel, analysis and judge complicated for convenience
Electric network fault, and the evolution of accident post analysis accident, in breaker tripping or malfunction when differentiate attribution of liability, modern electric
System is typically each equipped with sequence of events record system (SOE, Sequence Of Events), can occur remote signalling in power equipment
During displacement such as switch changed position, corresponding remote measurement value (such as corresponding three when recording displacement time, displacement reason, switch trip
Phase current, active power etc.), form SOE records and supply ex-post analysis.Make control centre in order and different substation event occurs first
Order is, it is necessary to using unified clock at accurate pair in control centre and transformer station afterwards.In early days, control centre and transformer station it
Between by dispatching host machine server by telecontrol channel to each transformer station RTU carry out broadcast pair when.As the whole world such as the Big Dipper, GPS is fixed
Popularization and application and scheduling and the transformer substation system automaticity of position system are improved, and the sequence of events record of power system has developed
As when control centre and each transformer station are global synchronous clock pair, internally carry out time service again by way of replaced.
Power system is ensures safety reliability service, it is determined that requiring that system can be checked by N-1 during the method for operation, to keep away
Exempting from discrete component random failure causes the stabilization of power grids to destroy.Although single transformer station is out of service, can cause certain user and
Load loss, but not necessarily threaten power grid security.Because entering row clock using global synchronous clock system in transformer station
Sync identification, the side in a organized way for having power system background knowledge can be cooperateed with according to the global synchronous clock in station, about
The fixed time initiates tripping operation attack and causes multiple transformer stations decompression full cut-off simultaneously simultaneously, to maximize attack execution, causes
Large area blackout.
The content of the invention
The technical problems to be solved by the invention are:For it is above-mentioned in the prior art, the directional attack propagated by flash disk
After electric substation automation system of the Malware intrusion with strong Border Protection ability, inside multiple electric substation automation systems
The information security issue for initiating tripping operation attack is cooperateed with to be based on global synchronous clock differentiation there is provided one kind according to global synchronous clock
The electric substation automation system orientation contract network attack guarding method of management, this method invades each transformer station by destroying
The synchronous synergetic failure mechanism of Malware, it is to avoid Malware concerted attack causes multiple transformer stations while big caused by full cut-off
Area power outage.
In order to solve the above-mentioned technical problem, the technical solution adopted in the present invention is:One kind is poor based on global synchronous clock
The electric substation automation system orientation contract network attack guarding method of alienation management, this method is in the whole world of existing transformer station
Being set up in synchronised clock receiving module can adjust to the synchronised clock time that the global synchronous clock of transformer station carries out time adjustment
Module, the input and output end of the synchronised clock time regulating module respectively with global synchronous clock signal receiving module and same
Step clock output time service module is connected, and synchronised clock time regulating module receives global synchronous clock signal receiving module and transmitted
The global synchronization time after time adjustment is carried out to the global synchronous clock of transformer station, make the whole world of each transformer station after adjustment
The global synchronization time of synchronised clock is different, and the global synchronization time after adjustment is sent to synchronised clock output time service
Module, is entered to each equipment in each transformer station respectively with the global synchronization time after being adjusted by time service in station by each transformer station
Global synchronization time phase after lock in time and the transformer station adjust in the station of each equipment in row time service, Shi Ge transformer stations
Together.
The above-mentioned synchronised clock time regulating module referred to carries out time adjustment to the global synchronous clock of each transformer station
Finger is postponed one by one using synchronised clock time regulating module to the global synchronization time of the global synchronous clock of each transformer station
Or accelerate the given time (such as given identical number of days, hour, minute and number of seconds).Such as:Assuming that having 5 transformer stations, to this 5
The lock in time of the global synchronous clock of transformer station carries out the adjustment of the incremental quickening 1 day of time one by one, those transformer stations it is complete
The real time of ball synchronised clock is 0 o'clock sharp of on May 10th, 2017, then no matter putting in order for 5 transformer stations, only needs adjustment
The time that the global synchronous clock of the 1st transformer station afterwards is shown is 0 o'clock sharp of on May 11st, 2017, the 2nd power transformation after adjustment
The time that the global synchronous clock stood is shown is 0 o'clock sharp of on May 12nd, 2017, and the rest may be inferred, last power transformation being adjusted
The time that the global synchronous clock stood is shown is 0 o'clock sharp of on May 15th, 2017.If the decreasing delay adjustment of 1 day, then after adjusting
The date that the global synchronous clock of 1st transformer station is shown from 0 o'clock sharp of on May 10th, 2017 is changed into 0 o'clock sharp of on May 9th, 2017,
The date that the global synchronous clock of the 2nd transformer station after adjustment is shown is 0 o'clock sharp of on May 8th, 2017, and the rest may be inferred.
The present invention sets up synchronised clock time regulating module in the global synchronous clock receiving module of existing transformer station, leads to
The adjustment that synchronised clock time regulating module carries out the time to the global synchronization time received is crossed, then through time service in station, so that
So that lock in time is different in the station of each transformer station.In this way, the directional attack malice of intrusion electric substation automation system
Even if software can describe substation breakers control information where file is obtained according to transformer station, determined and reached according to local clock
Subscription time and when being simultaneously emitted by circuit breaker trip signal to attack, because the clock of each transformer station is asynchronous, there is difference the time,
Indivedual transformer station's full cut-off decompressions can only be caused without causing large-area power-cuts thing caused by multiple transformer substation synchronous full cut-off decompressions
Therefore.
The inventive method using destroy the multiple transformer station's Malwares of intrusion without communication coordinated synchronization mechanism as target, not by
Malware invasion mode and the approach of directional attack transformer station influence, and are avoided that directional attack Malware passes through global synchronization
The concerted attack that clock is initiated, effective management and control directional attack electric substation automation system malware attacks execution is ensured
The operation safety of power network under extreme conditions, significantly improves the information security active defense capability of electric substation automation system.
Brief description of the drawings
Fig. 1 is the module diagram that global synchronous clock is received and adjusted.
Fig. 2 is the global synchronous clock adjustment schematic diagram of transformer station of the embodiment of the present invention.
Embodiment
The present invention is a kind of electric substation automation system orientation contract network based on global synchronous clock differential management
Attack guarding method, to destroy intrusion electric substation automation system directional attack Malware concerted attack mechanism as target,
Synchronised clock time regulating module is added in the global synchronous clock receiving module of existing transformer station, so as to pass through synchronised clock
Time regulating module carries out the adjustment of preset time to the global synchronous clock of each transformer station, and causes each power transformation through time service in station
Stand with lock in time in different stations.Directional attack Malware is invaded after each transformer station in the prior art, because can not be pre-
Know how to communicate with invading the directional attack Malware of other transformer stations and obtain concerted attack effect, can be according to synchronous in station
Time synchronizes, while tripping operation attack is initiated the breaker in station, so as to reach that multiple transformer station's no-voltage of entire station full cut-ofves are touched
Send out the purpose of large area blackout.After the present invention staggers the global synchronization time adjustment of each transformer station's global synchronous clock,
The scattered Malware for invading each transformer station judges whether to reach predetermined association according to the global synchronous clock of place transformer station
Same attack time, initiates tripping operation attack when meeting condition, due to the artificial adjustment of global synchronization time warp that each transformer station receives,
Lock in time diverges to and differed mutually in standing, and is not in the field of the directional attack Malware concerted attack of multiple transformer stations
Scape, so as to significantly reduce the destructiveness of directional attack electric substation automation system Malware.
The orientation contract network attack of the electric substation automation system based on global synchronous clock differential management of the present invention
Means of defence, is global synchronous clock receiving module (including the global synchronous clock in the global synchronous clock of existing transformer station
Signal receiving module and synchronised clock output time service module) on the basis of the improvement that carries out.With reference to referring to Fig. 1, be in it is existing become
Time adjustment can be carried out to global synchronous clock by being set up in the global synchronous clock receiving module of the global synchronous clock in power station
Synchronised clock time regulating module, input and the global synchronous clock signal receiving module of the synchronised clock adjusting module connect
Connect, output end is connected with synchronised clock output time service module.Each transformer station passes through global synchronous clock signal receiving module respectively
The global synchronization time that satellite is transmitted is received, and the global synchronization time is sent to synchronised clock time regulating module, this is same
Step clock time adjusting module receives and carries out the adjustment of time to the global synchronization time of transformer station after the global synchronization time, makes
The global synchronization time of the global synchronous clock of each transformer station after adjustment is different;The synchronised clock time regulating module
The global synchronization time after adjustment is sent to synchronised clock again and exports time service module, time service module pair is exported by the synchronised clock
Equipment in transformer station carries out each equipment (such as protection device, measure and control device, failure record in interior time service of standing, Shi Ge transformer stations
Wave device etc.) station in lock in time and the transformer station adjust after the global synchronization time it is identical.
Preferably, the above-mentioned synchronised clock time regulating module referred to carries out the time to the global synchronous clock of each transformer station
Adjustment refer to enter the global synchronization time of the global synchronous clock of transformer station one by one using synchronised clock time regulating module
Row decreasing delay is incrementally accelerated preset time.
The global synchronization time adjusting method of the present invention can also be only applied to important transformer station, and only important transformer station is entered
The adjustment of row global synchronization time, can equally reach the large-scale blackout risk for avoiding transformer station from being caused by tripping operation attack.
Embodiment 1
Assuming that Fig. 2 power network Zhong You10Zuo transformer stations, stand in global synchronous clock (in transformer station) do not adjust, i.e., it is each
Lock in time is identical in the station of transformer station, then when 10 transformer stations are by the invasion of directional attack Malware, it will same
Time initiates tripping operation attack, causes all line trippings in 10 transformer stations, causes large-scale blackout., will be each by this method
The global synchronous clock of transformer station incrementally accelerates advanced 1 day of adjustment one by one, and the whole world of the global synchronous clock of Ze Ge transformer stations is same
The step time accordingly changes, the date number of days that the global synchronous clock of transformer station 1 is shown up advanced 1 day (such as by 2017 5
The moon is changed on May 11st, 2017 on the 10th), and the date of the global synchronization time of the global synchronous clock of remaining each transformer station changes
See Fig. 2.Because the date of the global synchronization time of the global synchronous clock of each transformer station differs, cause after time service in station
Each transformer station station in lock in time differ, no matter how the side of invasion selects the predetermined attack trip time, all only has
One transformer station initiates tripping operation attack, and tripping operation attack coverage, which is significantly less than, is not added with protection.
Claims (2)
1. a kind of electric substation automation system orientation contract network attack protection side based on global synchronous clock differential management
Method, it is characterised in that this method is that set up in the global synchronous clock receiving module of existing transformer station can be to the complete of transformer station
Ball synchronised clock carry out time adjustment synchronised clock time regulating module, the input of the synchronised clock time regulating module and
Output end is connected with global synchronous clock signal receiving module and synchronised clock output time service module respectively, the synchronised clock time
When adjusting module receives the global synchronization to transformer station after the global synchronization time that global synchronous clock signal receiving module is transmitted
Clock carries out time adjustment, makes the global synchronization time of the global synchronous clock of each transformer station after adjustment different, and will
The global synchronization time after adjustment sends to synchronised clock and exports time service module, to be adjusted by time service in station by each transformer station
The global synchronization time afterwards carries out the station of each equipment in time service, Shi Ge transformer stations to each equipment in each transformer station respectively
The global synchronization time after interior lock in time and the transformer station adjust is identical.
2. the electric substation automation system based on global synchronous clock differential management orients collaborative network as claimed in claim 1
Network attack guarding method, it is characterised in that the synchronised clock time regulating module is entered to the global synchronous clock of each transformer station
The adjustment of row time refers to the global synchronous clock of each transformer station one by one successively decrease prolonging using synchronised clock time regulating module
Accelerate the identical time late or incrementally.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710753327.XA CN107332864B (en) | 2017-08-29 | 2017-08-29 | Substation automation system directional collaborative network attack protection method based on global synchronous clock differentiation management |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710753327.XA CN107332864B (en) | 2017-08-29 | 2017-08-29 | Substation automation system directional collaborative network attack protection method based on global synchronous clock differentiation management |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107332864A true CN107332864A (en) | 2017-11-07 |
| CN107332864B CN107332864B (en) | 2020-01-03 |
Family
ID=60203949
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710753327.XA Active CN107332864B (en) | 2017-08-29 | 2017-08-29 | Substation automation system directional collaborative network attack protection method based on global synchronous clock differentiation management |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107332864B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109474364A (en) * | 2018-12-17 | 2019-03-15 | 国家电网有限公司 | The network timing synchronization systems being mutually isolated |
| CN110602710A (en) * | 2019-09-27 | 2019-12-20 | 长沙理工大学 | Non-communication time synchronization/disturbance synchronization cooperative attack logic bomb detection method based on system clock acceleration |
| CN110618331A (en) * | 2019-09-27 | 2019-12-27 | 长沙理工大学 | Network attack detection method based on relay protection and time collaborative refusal of safety automatic device |
| CN115343999A (en) * | 2022-10-18 | 2022-11-15 | 国网湖北省电力有限公司电力科学研究院 | Time synchronization system and method of intelligent substation based on time sensitive network |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202694021U (en) * | 2012-04-27 | 2013-01-23 | 山西省电力公司大同供电分公司 | Substation time synchronizing system |
| CN103888236A (en) * | 2014-03-24 | 2014-06-25 | 许继电气股份有限公司 | Clock synchronization monitoring method applicable to intelligent substation |
| WO2015065502A1 (en) * | 2013-11-04 | 2015-05-07 | Ramirez Alberto | Blocker of geomagnetically induced currents (gic) |
-
2017
- 2017-08-29 CN CN201710753327.XA patent/CN107332864B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202694021U (en) * | 2012-04-27 | 2013-01-23 | 山西省电力公司大同供电分公司 | Substation time synchronizing system |
| WO2015065502A1 (en) * | 2013-11-04 | 2015-05-07 | Ramirez Alberto | Blocker of geomagnetically induced currents (gic) |
| CN103888236A (en) * | 2014-03-24 | 2014-06-25 | 许继电气股份有限公司 | Clock synchronization monitoring method applicable to intelligent substation |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109474364A (en) * | 2018-12-17 | 2019-03-15 | 国家电网有限公司 | The network timing synchronization systems being mutually isolated |
| CN109474364B (en) * | 2018-12-17 | 2020-10-09 | 国家电网有限公司 | Mutually isolated network time synchronization system |
| CN110602710A (en) * | 2019-09-27 | 2019-12-20 | 长沙理工大学 | Non-communication time synchronization/disturbance synchronization cooperative attack logic bomb detection method based on system clock acceleration |
| CN110618331A (en) * | 2019-09-27 | 2019-12-27 | 长沙理工大学 | Network attack detection method based on relay protection and time collaborative refusal of safety automatic device |
| CN110618331B (en) * | 2019-09-27 | 2021-09-10 | 长沙理工大学 | Network attack detection method based on relay protection and time collaborative refusal of safety automatic device |
| CN110602710B (en) * | 2019-09-27 | 2023-04-07 | 长沙理工大学 | Non-communication time synchronization/disturbance synchronization cooperative attack logic bomb detection method based on system clock acceleration |
| CN115343999A (en) * | 2022-10-18 | 2022-11-15 | 国网湖北省电力有限公司电力科学研究院 | Time synchronization system and method of intelligent substation based on time sensitive network |
| CN115343999B (en) * | 2022-10-18 | 2022-12-27 | 国网湖北省电力有限公司电力科学研究院 | Time synchronization system and method of intelligent substation based on time sensitive network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107332864B (en) | 2020-01-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hong et al. | Cyber attack resilient distance protection and circuit breaker control for digital substations | |
| US9130945B2 (en) | Detection and response to unauthorized access to a communication device | |
| Liu et al. | Intruders in the grid | |
| CN107332864A (en) | Electric substation automation system orientation contract network attack guarding method based on global synchronous clock differential management | |
| Zeller | Myth or reality—Does the aurora vulnerability pose a risk to my generator? | |
| Parvania et al. | Hybrid control network intrusion detection systems for automated power distribution systems | |
| US10079486B2 (en) | Securing against malicious control of circuit breakers in electrical substations | |
| US9755896B2 (en) | Collaborative defense of energy distribution protection and control devices | |
| Hussain et al. | Vulnerabilities and countermeasures in electrical substations | |
| CN103168458A (en) | Method for managing keys in a manipulation-proof manner | |
| MX2015006700A (en) | Preventing out-of-synchronism reclosing between power systems. | |
| Vahidi et al. | Security of wide-area monitoring, protection, and control (WAMPAC) systems of the smart grid: A survey on challenges and opportunities | |
| CN107634949A (en) | Electric power networks framework Prevention-Security module and its physical node, network defense method | |
| Elbez et al. | A new classification of attacks against the cyber-physical security of smart grids | |
| Yang et al. | Attack and defence methods in cyber‐physical power system | |
| Mashima et al. | Securing substations through command authentication using on-the-fly simulation of power system dynamics | |
| US11108737B2 (en) | Secure electric power delivery system protection during cyber threats | |
| CN102752289A (en) | Master station for power utilization information collecting system | |
| Dazahra et al. | A defense-in-depth cybersecurity for smart substations | |
| Rajkumar et al. | Cyber attacks on power grids: Causes and propagation of cascading failures | |
| Xiang et al. | Coordinated attacks against power grids: Load redistribution attack coordinating with generator and line attacks | |
| Zeller | Common questions and answers addressing the aurora vulnerability | |
| Bompard et al. | Cyber vulnerability in power systems operation and control | |
| KR20170127849A (en) | Method for securiting control system using whitelist and system for the same | |
| Gutierrez-Rojas et al. | Operational issues on adaptive protection of microgrids due to cyber attacks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |