CN109598123A - A kind of electrical power distribution automatization system Prevention-Security platform and method - Google Patents

A kind of electrical power distribution automatization system Prevention-Security platform and method Download PDF

Info

Publication number
CN109598123A
CN109598123A CN201811474577.0A CN201811474577A CN109598123A CN 109598123 A CN109598123 A CN 109598123A CN 201811474577 A CN201811474577 A CN 201811474577A CN 109598123 A CN109598123 A CN 109598123A
Authority
CN
China
Prior art keywords
data
power distribution
electrical power
virtual
distribution automatization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811474577.0A
Other languages
Chinese (zh)
Other versions
CN109598123B (en
Inventor
郭骞
于鹏飞
俞庚申
任志刚
文艳
张世栋
石聪聪
高鹏
范杰
仇慎健
冯谷
齐敬
李为
高先周
杨如侠
黄秀丽
章锐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Electric Power Research Institute of State Grid Shandong Electric Power Co Ltd
Global Energy Interconnection Research Institute
Original Assignee
State Grid Corp of China SGCC
Electric Power Research Institute of State Grid Shandong Electric Power Co Ltd
Global Energy Interconnection Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Electric Power Research Institute of State Grid Shandong Electric Power Co Ltd, Global Energy Interconnection Research Institute filed Critical State Grid Corp of China SGCC
Priority to CN201811474577.0A priority Critical patent/CN109598123B/en
Publication of CN109598123A publication Critical patent/CN109598123A/en
Application granted granted Critical
Publication of CN109598123B publication Critical patent/CN109598123B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Power Sources (AREA)

Abstract

A kind of electrical power distribution automatization system Prevention-Security platform and method, platform include: specification distributor, virtual execution environment, normal operation situation, run on the first electrical power distribution automatization system in virtual execution environment, run on the second electrical power distribution automatization system, electrical power distribution automatization system terminal and the real-time data base in normal operation situation.By building can handoff-security function power distribution automation secure accessing environment and terminal access protocol is analyzed, prevent possible critical attacks behavior, execute Prevention-Security mechanism, solve the problems, such as the secure accessing of distribution power automation terminal.

Description

A kind of electrical power distribution automatization system Prevention-Security platform and method
Technical field
The invention belongs to electric power safety fields, and in particular to a kind of electrical power distribution automatization system Prevention-Security platform and method.
Background technique
Smart grid by for we be unfolded a width safe and reliable, energy conservation and environmental protection, high-efficiency and economic, good service the following power grid Fine blueprint.It is interactive in informationization that strong smart grid is included, digitlization, automation, interactive four big feature Profound connotation and the reform of ideas change the mode of thinking of traditional power grid significantly, so that in information between power supply, power grid and user Be closely connected on energy and Many to Alternately.Especially in conjunction with multinomial technologies such as intelligent electric meter, flexible load control, V2G, Under the conditions of Power Market Construction is gradually deepening, the interaction of smart grid will enhancing electric network security, improve energy resource structure, Promote energy conservation and environmental protection, improve power equipment utilization rate etc. plays irreplaceable role.
For reply smart grid bring Information Security Risk and challenge, realize smart grid Information Security Risk it is controllable, It can control, control, National Development and Reform Committee has issued " electric power monitoring system security protection regulation " (14 commands in 2014), clearly production control The security protection that the area Zhi great smart electric grid system follows strictly " security partitioning, network-specific, lateral isolation, longitudinal certification " is former Then, and the terminal of electrical power distribution automatization system is wirelessly accessed and proposes requirement, it is desirable that setting secure accessing area carries out Supplement protection.
However, above safeguard procedures, there is no for the protective capacities attacked using specification.From 2016, From the point of view of the event that Ukraine in 2017 has a power failure on a large scale, for the attack of electrical power distribution automatization system, more important is attacking using specification Hit behavior, how from from protocol analysis security breaches, and carrying out defence using suitable mode is Current Distribution Automation system The key problem of terminal.
Summary of the invention
In view of the deficiencies of the prior art, the present invention provides a kind of electrical power distribution automatization system Prevention-Security platforms, comprising: rule About distributor, virtual execution environment, normal operation situation, run on the first electrical power distribution automatization system in virtual execution environment, Run on the second electrical power distribution automatization system, electrical power distribution automatization system terminal and the real-time data base in normal operation situation;It is described Normal operation situation refers to the non-virtual running environment except virtual execution environment;The specification distributor, for receiving, analyzing The incoming network data with forwarding electrical power distribution automatization system terminal;The virtual execution environment, for providing virtual opetrating system With virtual real-time data base running environment, when the first electrical power distribution automatization system run in virtual execution environment to operating system or When real-time data base sends data, is first judged and handled by virtual execution environment, then to operating system or real time data Library executes operation;
Wherein, first electrical power distribution automatization system and second electrical power distribution automatization system are matching for two sets of same configurations Electric automation system, the specification distributor connection electrical power distribution automatization system terminal and the first and second electrical power distribution automatization systems, The virtual execution environment provides virtual running environment for the first electrical power distribution automatization system, and the first electrical power distribution automatization system passes through Database interface accesses virtual real time data lab environment;The specification distributor and virtual execution environment operate in operating system it On, data interaction is carried out with electrical power distribution automatization system terminal and real-time data base.
And applied to the electrical power distribution automatization system safety defense method on the platform, comprising:
Step 1: electrical power distribution automatization system terminal accesses electrical power distribution automatization system Prevention-Security platform, and network data is sent Give specification distributor;
Step 2: specification distributor receives the network number from the electrical power distribution automatization system terminal by data-interface According to, and the network data is transmitted to by task manager by data-interface and is analyzed;
Step 3: whether the task status where the task manager judges the network data is end state, if It is that end state thens follow the steps 12, it is no to then follow the steps 4;The task status is that the electrical power distribution automatization system is matched to described The specification action lists that electric automation system terminal is initiated, the specification action lists are generated by electrical power distribution automatization system, work as institute The specification action lists that the everything in specification action lists executes end or electrical power distribution automatization system has issued update are stated, Then it is judged as that task status terminates;
Step 4: the data-interface extracts the conventions data in the network data, and the conventions data is turned Protocol analyzer is issued to be analyzed and determined;
Step 5: the protocol analyzer judges whether the conventions data is specified specification, if it is specified specification, then Execute step 6;If not specified specification, 9 are thened follow the steps.
Step 6: network data is distributed the distribution in virtual execution environment and normal operation situation by data distributor respectively Automated system;
Step 7: the virtual execution environment receives the network data, transfers to first in the virtual execution environment Electrical power distribution automatization system executes, and tracks the system letter that first electrical power distribution automatization system is initiated to virtual opetrating system environment Number calls and to the database command that virtual real time data lab environment is initiated, the virtual execution environment is only in response to the net Network data are created, update or are deleted to the first task of write-in or the deletion of the operating system and to the data of real-time data base The second task removed, the virtual opetrating system will be written or deletion movement is implemented in provisional configuration file, described virtual real-time The database command that database environment is newly-built by data, updates or deletes is implemented in volatile data base, the virtual execution environment Having executed for task is reported to normal operation situation.
Step 8: the normal operation situation receives the network data and virtual execution environment about task execution It reports, transfers to the second electrical power distribution automatization system in the normal operation situation to execute the network data, according to described the System function that two electrical power distribution automatization systems are initiated to the conventional operating systems environment calls and to conventional real-time data base The database command that environment is initiated, carries out the execution of third task, and the third task is in the task of the network data place In addition to remaining task of the first and second tasks, i.e., in addition to the write-in or deletion to operating system and to the number of real-time data base According to movement that is newly-built, updating or delete;Process terminates;
Step 9: network data is only distributed to the first distribution in the virtual execution environment certainly by the data distributor Dynamicization system, the virtual execution environment receive network data, transfer to the first power distribution automation system in virtual execution environment System executes, and tracks the system letter that the first electrical power distribution automatization system in virtual execution environment is initiated to virtual opetrating system environment Number calls, and the database command initiated to virtual real time data lab environment;
Step 10: the virtual opetrating system environment in virtual execution environment judges whether there is the system function of write-in or deletion It calls, while the virtual real time data lab environment in virtual execution environment judges whether there is the number that data are newly-built, update or delete According to library command, when any of the above judging result is "Yes", 12 are thened follow the steps;When judging result is all "No", then execute Step 11;
Step 11: the system function calling of the first electrical power distribution automatization system is given to virtual opetrating system by virtual execution environment It executes, database command is given to virtual real-time data base and is executed, process terminates.
Step 12: virtual execution environment executes reset operation, empties the number in provisional configuration file and volatile data base According to process terminates.
The beneficial effect comprise that firstly, by the access for terminal, electrical power distribution automatization system can dynamically be cut Prevention-Security is changed, the mode of multi-mode operation environment is set, the Prevention-Security for solving the access of electrical power distribution automatization system terminal is asked Topic;Secondly, data transmission and distribution mechanisms of the invention, do not influence the operation of existing electrical power distribution automatization system not only, and mention High data-handling efficiency;Again, the specification that can analyze the access of electrical power distribution automatization system terminal, classifies to specification, moves The electrical power distribution automatization system in electrical power distribution automatization system and virtual execution environment that state switching conventions data is transmitted to, prevents to behaviour Make system and unsafe write-in of real-time data base, deleting act, greatly improves the safety of electrical power distribution automatization system;Most Afterwards, to the filtering of abnormal data and processing, the task execution mode of multi-mode operation environment and switching at runtime does not hinder only effectively The only attack that external network is initiated to electrical power distribution automatization system, and can prevent terminal from effectively improving to the attack of system The safety and reliability of electrical power distribution automatization system.
Detailed description of the invention
The basic framework of platform Fig. 1 proposed by the invention.
The basic procedure of method Fig. 2 proposed by the invention.
Specific embodiment
For a better understanding of the present invention, with reference to the description of the embodiment of the accompanying drawings, method of the invention is carried out Further instruction.
In order to fully understand the present invention, numerous details are referred in the following detailed description.But art technology Personnel are it should be understood that the present invention may not need these details and realize.In embodiment, it is not described in detail well known side Method, process, component, in order to avoid unnecessarily make embodiment cumbersome.
A kind of electrical power distribution automatization system Prevention-Security platform shown in Figure 1, of the invention, comprising: specification distributor, void Quasi- running environment, normal operation situation run on the first electrical power distribution automatization system in virtual execution environment, run on conventional fortune The second electrical power distribution automatization system, electrical power distribution automatization system terminal and real-time data base in row environment;The normal operation situation Refer to the non-virtual running environment except virtual execution environment;The specification distributor, for receiving, analyzing and forwarding distribution certainly The incoming network data of dynamicization system terminal;The virtual execution environment, for providing virtual opetrating system and virtual number in real time According to library running environment, when the first electrical power distribution automatization system run in virtual execution environment is sent out to operating system or real-time data base When sending data, is first judged and handled by virtual execution environment, operation then is executed to operating system or real-time data base;
Wherein, first electrical power distribution automatization system and second electrical power distribution automatization system are matching for two sets of same configurations Electric automation system, the specification distributor connection electrical power distribution automatization system terminal and the first and second electrical power distribution automatization systems, The virtual execution environment provides virtual running environment for the first electrical power distribution automatization system, and the first electrical power distribution automatization system passes through Database interface accesses virtual real time data lab environment;The specification distributor and virtual execution environment operate in operating system it On, data interaction is carried out with electrical power distribution automatization system terminal and real-time data base.
Preferably, wherein the specification dispensing utensil is for data-interface, task manager, protocol analyzer, data distribution Device is constituted;
The data-interface connect with electrical power distribution automatization system terminal, task manager, protocol analyzer respectively, provides The forwarding capability of data;
The task manager, is connected with data-interface, is responsible for the management of task, at the end of task, closes data and connects Mouthful;
The protocol analyzer is connected with data-interface, data distributor, is responsible for the analytical judgment of specification;
The data distributor is connected with protocol analyzer, the first and second electrical power distribution automatization systems respectively, when being judged as When specified conventions data, network data is distributed to the first and second electrical power distribution automatization systems respectively;When analysis is non-designated rule About data when, the first electrical power distribution automatization system for being only distributed in virtual execution environment.
Preferably, wherein the virtual execution environment includes provisional configuration file, virtual opetrating system environment, virtual Real time data lab environment, data-interface, volatile data base;
The provisional configuration file, is connected with virtual opetrating system environment, as virtual opetrating system environment write-in, delete Except the execution object of function call;
The virtual opetrating system environment, write-in that adapter tube electrical power distribution automatization system is initiated to operating system, delete be System function call will be written, deletion movement is implemented in provisional configuration file rather than conventional operating systems file;
The volatile data base is connected with virtual real time data lab environment, the data as virtual real time data lab environment The execution object of newly-built, update, deletion database command;
The virtual real time data lab environment, data that adapter tube electrical power distribution automatization system is initiated to real-time data base are newly-built, These database commands are implemented in volatile data base and unconventional real-time data base by the database command for updating, deleting.
The data-interface provides data base call function for the first electrical power distribution automatization system.
Preferably, wherein the platform further includes exception processing module, for carrying out to the network data under abnormal conditions Safe handling.
A kind of electrical power distribution automatization system safety defense method shown in Figure 2, of the invention, is applied in distribution of the invention On automated system Prevention-Security platform, method includes:
Step 1: electrical power distribution automatization system terminal accesses electrical power distribution automatization system Prevention-Security platform, and network data is sent Give specification distributor;
Step 2: specification distributor receives the network number from the electrical power distribution automatization system terminal by data-interface According to, and the network data is transmitted to by task manager by data-interface and is analyzed;
Step 3: whether the task status where the task manager judges the network data is end state, if It is that end state thens follow the steps 12, it is no to then follow the steps 4;The task status is that the electrical power distribution automatization system is matched to described The specification action lists that electric automation system terminal is initiated, the specification action lists are generated by electrical power distribution automatization system, work as institute The specification action lists that the everything in specification action lists executes end or electrical power distribution automatization system has issued update are stated, Then it is judged as that task status terminates;
Step 4: the data-interface extracts the conventions data in the network data, and the conventions data is turned Protocol analyzer is issued to be analyzed and determined;
Step 5: the protocol analyzer judges whether the conventions data is specified specification, if it is specified specification, then Execute step 6;If not specified specification, 9 are thened follow the steps.
Step 6: network data is distributed the distribution in virtual execution environment and normal operation situation by data distributor respectively Automated system;
Step 7: the virtual execution environment receives the network data, transfers to first in the virtual execution environment Electrical power distribution automatization system executes, and tracks the system letter that first electrical power distribution automatization system is initiated to virtual opetrating system environment Number calls and to the database command that virtual real time data lab environment is initiated, the virtual execution environment is only in response to the net Network data are created, update or are deleted to the first task of write-in or the deletion of the operating system and to the data of real-time data base The second task removed, the virtual opetrating system will be written or deletion movement is implemented in provisional configuration file, described virtual real-time The database command that database environment is newly-built by data, updates or deletes is implemented in volatile data base, the virtual execution environment Having executed for task is reported to normal operation situation.
Step 8: the normal operation situation receives the network data and virtual execution environment about task execution It reports, transfers to the second electrical power distribution automatization system in the normal operation situation to execute the network data, according to described the System function that two electrical power distribution automatization systems are initiated to the conventional operating systems environment calls and to conventional real-time data base The database command that environment is initiated, carries out the execution of third task, and the third task is in the task of the network data place In addition to remaining task of the first and second tasks, i.e., in addition to the write-in or deletion to operating system and to the number of real-time data base According to movement that is newly-built, updating or delete;Process terminates;
Step 9: network data is only distributed to the first distribution in the virtual execution environment certainly by the data distributor Dynamicization system, the virtual execution environment receive network data, transfer to the first power distribution automation system in virtual execution environment System executes, and tracks the system letter that the first electrical power distribution automatization system in virtual execution environment is initiated to virtual opetrating system environment Number calls, and the database command initiated to virtual real time data lab environment;
Step 10: the virtual opetrating system environment in virtual execution environment judges whether there is the system function of write-in or deletion It calls, while the virtual real time data lab environment in virtual execution environment judges whether there is the number that data are newly-built, update or delete According to library command, when any of the above judging result is "Yes", 12 are thened follow the steps;When judging result is all "No", then execute Step 11;
Step 11: the system function calling of the first electrical power distribution automatization system is given to virtual opetrating system by virtual execution environment It executes, database command is given to virtual real-time data base and is executed, process terminates.
Step 12: virtual execution environment executes reset operation, empties the number in provisional configuration file and volatile data base According to process terminates.
Preferably, wherein before step 2 further include:
Crucial monitoring point is arranged in step 1-1 in distribution network system, and monitoring electrical power distribution automatization system terminal, which is sent to, matches The network traffic data of electric automation system Prevention-Security platform specifically includes statistics and is sent to distribution in preset duration certainly The network traffic data of dynamicization system Prevention-Security platform;
Step 1-2 determines whether network traffic data to be sent is abnormal, if statistical data is shown within a preset time The data traffic for being sent to electrical power distribution automatization system Prevention-Security platform is more than preset threshold, it is determined that network traffic data is different Often;
Step 1-3, when network traffic data exception, extraction is sent to electrical power distribution automatization system Prevention-Security platform Network data is sent to exception processing module and carries out safe handling to network data;
Whether step 1-4, the safe handling for judging that exception processing module carries out network data succeed, if it is successful, will Network data that treated is sent to specification distributor, continues to execute step 2;If it fails, then abandoning network data and executing Step 12.
Compared with prior art, the present invention its remarkable advantage are as follows: firstly, by the access for being directed to terminal, power distribution automation System can be arranged the mode of multi-mode operation environment, be solved electrical power distribution automatization system terminal and connect with switching at runtime Prevention-Security The Prevention-Security problem entered;Secondly, data transmission and distribution mechanisms of the invention, do not influence existing electrical power distribution automatization system not only Operation, and improve data-handling efficiency;Again, the specification that the access of electrical power distribution automatization system terminal can be analyzed, to rule About classify, the power distribution automation in electrical power distribution automatization system and virtual execution environment that switching at runtime conventions data is transmitted to System prevents to greatly improve power distribution automation system to operating system and unsafe write-in of real-time data base, deleting act The safety of system;Finally, the task execution mode of filtering and processing to abnormal data, multi-mode operation environment and switching at runtime, The attack for only effectively external network not being prevented to initiate to electrical power distribution automatization system, and can prevent terminal from attacking to system It hits, effectively improves the safety and reliability of electrical power distribution automatization system.
Here the preferred embodiment of the present invention is only illustrated, but its meaning is not intended to limit the scope of the invention, applicability and is matched It sets.On the contrary, detailed explanation of the embodiments can be implemented by those skilled in the art.It will be understood that without departing from appended power In the case of the spirit and scope of the invention that sharp claim determines, changes and modifications may be made to details.

Claims (6)

1. a kind of electrical power distribution automatization system Prevention-Security platform characterized by comprising specification distributor, virtual execution environment, Normal operation situation runs on the first electrical power distribution automatization system in virtual execution environment, runs in normal operation situation Second electrical power distribution automatization system, electrical power distribution automatization system terminal and real-time data base;The normal operation situation refers to virtual fortune Non-virtual running environment except row environment;The specification distributor, for receiving, analyzing and forward electrical power distribution automatization system whole The incoming network data in end;The virtual execution environment, for providing virtual opetrating system and virtual real-time data base operation ring Border, when the first electrical power distribution automatization system run in virtual execution environment sends data to operating system or real-time data base, First judged and handled by virtual execution environment, operation then is executed to operating system or real-time data base;
Wherein, the distribution that first electrical power distribution automatization system and second electrical power distribution automatization system similarly configure for two sets are certainly Dynamicization system, the specification distributor connection electrical power distribution automatization system terminal and the first and second electrical power distribution automatization systems, it is described Virtual execution environment provides virtual running environment for the first electrical power distribution automatization system, and the first electrical power distribution automatization system passes through data Bank interface accesses virtual real time data lab environment;The specification distributor and virtual execution environment operate on operating system, Data interaction is carried out with electrical power distribution automatization system terminal and real-time data base.
2. electrical power distribution automatization system Prevention-Security platform as described in claim 1, wherein
The specification dispensing utensil is constituted for data-interface, task manager, protocol analyzer, data distributor;
The data-interface connect with electrical power distribution automatization system terminal, task manager, protocol analyzer respectively, provides data Forwarding capability;
The task manager, is connected with data-interface, is responsible for the management of task, at the end of task, closes data-interface;
The protocol analyzer is connected with data-interface, data distributor, is responsible for the analytical judgment of specification;
The data distributor is connected with protocol analyzer, the first and second electrical power distribution automatization systems respectively, specified when being judged as When conventions data, network data is distributed to the first and second electrical power distribution automatization systems respectively;When analysis is non-designated specification number According to when, the first electrical power distribution automatization system for being only distributed in virtual execution environment.
3. electrical power distribution automatization system Prevention-Security platform as described in claim 1, wherein
The virtual execution environment includes provisional configuration file, virtual opetrating system environment, virtual real time data lab environment, number According to interface, volatile data base;
The provisional configuration file, is connected with virtual opetrating system environment, write-in, deletion letter as virtual opetrating system environment The execution object that number calls;
The virtual opetrating system environment, the system letter of write-in, deletion that adapter tube electrical power distribution automatization system is initiated to operating system Number calls, and write-in, deletion movement are implemented in provisional configuration file rather than conventional operating systems file;
The volatile data base is connected with virtual real time data lab environment, the data as virtual real time data lab environment are newly-built, The execution object for the database command update, deleted;
The virtual real time data lab environment, data that adapter tube electrical power distribution automatization system is initiated to real-time data base are newly-built, update, These database commands are implemented in volatile data base and unconventional real-time data base by the database command of deletion.
The data-interface provides data base call function for the first electrical power distribution automatization system.
4. electrical power distribution automatization system Prevention-Security platform as described in claim 1, wherein the platform further includes abnormality processing Module, for carrying out safe handling to the network data under abnormal conditions.
5. a kind of electrical power distribution automatization system safety defense method, applies the electrical power distribution automatization system in one of such as claim 1-4 On Prevention-Security platform characterized by comprising
Step 1: electrical power distribution automatization system terminal accesses electrical power distribution automatization system Prevention-Security platform, and network data is sent to rule About distributor;
Step 2: specification distributor receives the network data from the electrical power distribution automatization system terminal by data-interface, and The network data task manager is transmitted to by data-interface to analyze;
Step 3: whether the task status where the task manager judges the network data is end state, if it is knot Pencil state thens follow the steps 12, no to then follow the steps 4;The task status be the electrical power distribution automatization system to the distribution from The specification action lists that dynamicization system terminal is initiated, the specification action lists are generated by electrical power distribution automatization system, when the rule Everything about in action lists executes end or electrical power distribution automatization system has issued the specification action lists of update, then sentences Breaking terminates for task status;
Step 4: the data-interface extracts the conventions data in the network data, and the conventions data is transmitted to Protocol analyzer is analyzed and determined;
Step 5: the protocol analyzer judges whether the conventions data is that specified specification is then executed if it is specified specification Step 6;If not specified specification, 9 are thened follow the steps.
Step 6: the distribution that data distributor distributes network data in virtual execution environment and normal operation situation respectively is automatic Change system;
Step 7: the virtual execution environment receives the network data, transfers to the first distribution in the virtual execution environment Automated system executes, and tracks the system function tune that first electrical power distribution automatization system is initiated to virtual opetrating system environment The database command initiated with and to virtual real time data lab environment, the virtual execution environment is only in response to the network number What the first task according to write-in or deletion to the operating system and the data to real-time data base were created, and updated or are deleted Second task, the virtual opetrating system will be written or deletion movement is implemented in provisional configuration file, the virtual real time data The database command that lab environment is newly-built by data, updates or deletes is implemented in volatile data base, and the virtual execution environment will The task of execution is reported to normal operation situation.
Step 8: the normal operation situation receives the report of the network data and virtual execution environment about task execution, The second electrical power distribution automatization system in the normal operation situation is transferred to execute the network data, according to second distribution The system function that automated system is initiated to the conventional operating systems environment is called and is sent out to conventional real time data lab environment The database command risen, carries out the execution of third task, the third task be where the network data in task in addition to the One and second task remaining task, i.e., in addition to the write-in or deletion to operating system and to the data of real-time data base it is newly-built, The movement for updating or deleting;Process terminates;
Step 9: network data is only distributed to the first power distribution automation in the virtual execution environment by the data distributor System, the virtual execution environment receive network data, and the first electrical power distribution automatization system in virtual execution environment is transferred to hold Row, and track the system function tune that the first electrical power distribution automatization system in virtual execution environment is initiated to virtual opetrating system environment With, and the database command initiated to virtual real time data lab environment;
Step 10: the virtual opetrating system environment in virtual execution environment judges whether there is the system function tune of write-in or deletion With, while the virtual real time data lab environment in virtual execution environment judges whether there is the data that data are newly-built, update or delete Library command, when any of the above judging result be "Yes", then follow the steps 12;When judging result is all "No", then step is executed Rapid 11;
Step 11: the system function calling of the first electrical power distribution automatization system is given to virtual opetrating system and held by virtual execution environment Database command is given to virtual real-time data base and executed by row, and process terminates.
Step 12: virtual execution environment executes reset operation, empties the data in provisional configuration file and volatile data base, mistake Journey terminates.
6. electrical power distribution automatization system safety defense method as claimed in claim 5, wherein before step 2 further include:
Step 1-1, is arranged crucial monitoring point in distribution network system, and monitoring electrical power distribution automatization system terminal is sent to distribution certainly The network traffic data of dynamicization system Prevention-Security platform specifically includes statistics and is sent to power distribution automation in preset duration The network traffic data of system Prevention-Security platform;
Step 1-2 determines whether network traffic data to be sent abnormal, if statistical data show it is pending within a preset time The data traffic for giving electrical power distribution automatization system Prevention-Security platform is more than preset threshold, it is determined that network traffic data is abnormal;
Step 1-3 extracts the network for being sent to electrical power distribution automatization system Prevention-Security platform when network traffic data exception Data are sent to exception processing module and carry out safe handling to network data;
Whether step 1-4, the safe handling for judging that exception processing module carries out network data succeed, if it is successful, will processing Network data afterwards is sent to specification distributor, continues to execute step 2;If it fails, then abandoning network data and executing step 12。
CN201811474577.0A 2018-12-04 2018-12-04 Security defense platform and method for power distribution automation system Active CN109598123B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811474577.0A CN109598123B (en) 2018-12-04 2018-12-04 Security defense platform and method for power distribution automation system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811474577.0A CN109598123B (en) 2018-12-04 2018-12-04 Security defense platform and method for power distribution automation system

Publications (2)

Publication Number Publication Date
CN109598123A true CN109598123A (en) 2019-04-09
CN109598123B CN109598123B (en) 2023-01-24

Family

ID=65960954

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811474577.0A Active CN109598123B (en) 2018-12-04 2018-12-04 Security defense platform and method for power distribution automation system

Country Status (1)

Country Link
CN (1) CN109598123B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114710405A (en) * 2021-12-24 2022-07-05 河南信大网御科技有限公司 Method and system for designing internal network of mimicry system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873318A (en) * 2010-06-08 2010-10-27 国网电力科学研究院 Application and data security method aiming at application system on application basis supporting platform
CN106850551A (en) * 2016-12-12 2017-06-13 长春理工大学 Network security risk evaluation and Autonomous Defense system
CN108632214A (en) * 2017-03-20 2018-10-09 中兴通讯股份有限公司 A kind of method and device for realizing mobile target defence

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101873318A (en) * 2010-06-08 2010-10-27 国网电力科学研究院 Application and data security method aiming at application system on application basis supporting platform
CN106850551A (en) * 2016-12-12 2017-06-13 长春理工大学 Network security risk evaluation and Autonomous Defense system
CN108632214A (en) * 2017-03-20 2018-10-09 中兴通讯股份有限公司 A kind of method and device for realizing mobile target defence

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114710405A (en) * 2021-12-24 2022-07-05 河南信大网御科技有限公司 Method and system for designing internal network of mimicry system
CN114710405B (en) * 2021-12-24 2023-11-17 河南信大网御科技有限公司 Method and system for designing internal network of mimicry system

Also Published As

Publication number Publication date
CN109598123B (en) 2023-01-24

Similar Documents

Publication Publication Date Title
CN107241224B (en) Network risk monitoring method and system for transformer substation
CN110308969A (en) Failure drilling method, device, equipment and computer storage medium
CN106202444A (en) Method for realizing database operation and maintenance monitoring
CN109462621A (en) Network safety protective method, device and electronic equipment
CN105867347B (en) Cross-space cascading fault detection method based on machine learning technology
CN107508913A (en) ATS systems and processing method based on cloud computing
CN111431754A (en) Fault analysis method and system for power distribution and utilization communication network
CN109598123A (en) A kind of electrical power distribution automatization system Prevention-Security platform and method
CN105488396A (en) Intelligent power grid service security gateway system based on data stream correlation analysis technology
CN104158294B (en) One kind scheduling anti-misoperation control method
Normatov et al. Development of models for describing the processing of environmental information in security problems of controlling a protection system based on Petri nets
CN113965497A (en) Server abnormity identification method and device, computer equipment and readable storage medium
CN111262815A (en) Virtual host management system
CN109784617A (en) A kind of smart grid total management system
CN107592234A (en) Method, system and the computer-readable recording medium of service link fault location
CN112422348A (en) Power information data acquisition communication system and method
CN112350858A (en) Cloud intelligent home data security management system
CN102801777B (en) Method for realizing telnet of shell for vxWorks system
CN206440989U (en) A kind of intelligent building plateform system
CN101286986A (en) Active defense method, device and system
CN114760151A (en) Method and device for acquiring authority of upper computer through PLC
CN113971288A (en) Big data technology-based smart campus security management and control platform
Zhang et al. Key Technologies of Communication Security Detection between Heterogeneous Systems Based on Communication Gateway
Zou et al. Research on Information Security Protection System of Industrial Control System
CN202584231U (en) Highway toll collection network system having safety protection function

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant