CN111901200B - Power control protection industrial control protocol security test method and system - Google Patents
Power control protection industrial control protocol security test method and system Download PDFInfo
- Publication number
- CN111901200B CN111901200B CN202010747153.8A CN202010747153A CN111901200B CN 111901200 B CN111901200 B CN 111901200B CN 202010747153 A CN202010747153 A CN 202010747153A CN 111901200 B CN111901200 B CN 111901200B
- Authority
- CN
- China
- Prior art keywords
- message
- protection
- test
- protection device
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Abstract
A power control protection industrial control protocol safety test method and system, the system simulates typical fault of power system, and tests correctness of protection action, action delay, and correctness of information uploading to monitoring system; in the environment, a message generation and playback technology is used for simulating and generating a plurality of clients and a plurality of servers to realize the pressure test of the communication node; generating various random fields and message playback strategies according to a set rule base, simulating fuzzy attack of a protocol, and testing the safety of an industrial control protocol; judging the communication state and the logic correctness of an application layer through a structural body of a reply message of the analysis device, and testing the robustness of the power control protection industrial control protocol; under the working conditions of network pressure and fuzzy attack, the correctness of the protection function, the stability of the performance and the reliability of communication of the device are comprehensively checked. The message playback technology in the method and the system is irrelevant to the specific protocol implementation, and the technical universality is high.
Description
Technical Field
The invention relates to the technical field of power system relay protection, in particular to a power control protection industrial control protocol safety test method and system.
Background
The intelligent degree of an electric power system is higher and higher, unattended transformer stations are more and more constructed, the dependence on a network is stronger and stronger, the safety of an industrial control protocol of the electric power system is tested, and the problem that how to verify the influence on a control protection product is urgently needed to be solved.
Along with primary equipment intellectualization, the thing networking is in electric power system's wide application, and the equipment variety of access is more and more, and the industrial control agreement that uses is more and more abundant. The access mode of the equipment is diversified, and the wireless access mode puts higher requirements on industrial control safety.
The safety test of the industrial control protocol of the current transformer substation has the following problems:
the support degree of the test equipment of mainstream communication test equipment manufacturers at home and abroad to the Internet protocol is higher; the types of protocols supported by the industrial control protocol support maturity of the power system are few, and the number of test cases is few. The types of the industrial control protocols of the domestic transformer substation are more, and the application conditions of non-standard versions are more common.
Professional communication test equipment supports a playback function and cannot meet the requirement of safety test, most of testers can only directly send out loaded messages in a byte stream mode, and TCP/IP connection cannot be established; the professional industrial control safety tester can establish TCP connection during playback, but does not support generation of various random fields according to a set rule base during playback, and fuzzy attack testing is completed.
Aiming at IEC61850 and other industrial control protocols with high standardization degrees and wide application, domestic and foreign manufacturers provide professional detection tools and mainly aim at protocol consistency test. For negative tests of the protocol, security tests such as fuzzy attacks involve less.
In the prior art, a flow replay-based industrial control protocol fuzzy test method is based on real protocol flow data of an industrial control equipment operating environment, a corresponding protocol parser is constructed according to a configuration file format and an industrial control protocol message definition format, an equipment protocol state message is extracted, a user-specified industrial control protocol field is fuzzified, and finally, message application layer data is extracted and packaged and replayed to perform industrial control protocol fuzzy test. The method is suitable for the vulnerability mining test work of the existing industrial control protocol.
The existing scheme is based on the real protocol flow of the industrial control equipment operating environment, has a good function of carrying out fuzzy test on the industrial control protocol field, but lacks the functions of simulating multiple clients and multiple servers, and also does not support the communication pressure test function at a high communication speed.
The existing scheme is applied to a power system industrial control network security test model, lacks of a control protection test environment, and does not provide a scheme how the control protection test environment and the network security test environment are fused and constructed.
The control flow of the prior scheme in message playback is relatively simple, only the connection state is judged, the content logic correctness of the reply message structure body is not judged, and more complex application conditions cannot be simulated.
The existing scheme has single judgment condition on equipment survival confirmation. The power control protection system is often controlled by multiple layers of protocol stacks such as TCPIP and 61850, only ICMP is judged, only the state of the bottom layer protocol stack can be judged, and the industrial control protocol vulnerability excavation depth is insufficient.
Disclosure of Invention
The invention aims to provide a safety test method and a safety test system for an industrial control protocol of power control protection, which are used for testing the correctness of the protection function, the stability of the performance and the reliability of communication of a relay protection device.
In order to achieve the above object, a first aspect of the present invention provides a power control protection industrial control protocol security testing method, including the following steps:
applying fault analog quantity to the protection device by using a relay protection tester, and testing the reliability, correctness and delay time of the action of the protection device;
acquiring a communication message between master station equipment and a protection device, acquiring a message to be played back in a mode of tracking a communication message stream, and analyzing all structural bodies in the message;
modifying and editing each structural body according to the set rule base to generate a corresponding test case script;
and loading the test case script by using a message playback module, and carrying out corresponding network pressure test and fuzzy attack test.
Further, the step of performing modification editing operation on each structure body according to the set rule base to generate a corresponding test case script includes:
modifying the IP address and/or the MAC address of the message, or generating a random field in each structure body; and storing and exporting the modified test case as an xml file, and generating a corresponding test case script.
Further, the network pressure test comprises:
the message playback module establishes TCP connection with the tested protection device, simulates multiple clients and multiple servers by playing back the application layer message with the modified IP address and MAC address, and performs communication network pressure simulation test.
Further, the fuzzy attack test comprises:
and the message playback module plays back the communication message with the random field in the structural body, and performs a fuzzy attack test on the power control protection industrial control protocol.
Further, when the content of the structure body in the message is abnormal or the communication state is abnormal, the wave recording function is triggered, and the message playback module records and stores the communication message records of a period of time before and after the abnormal state.
Further, the method also comprises the following steps:
during the playback of the message, simulating the fault voltage and current by using a relay protection tester, monitoring the change condition of the protection action outlet of the protection device, comparing with the delay time of the action of the protection device in claim 1, and testing the correctness of the protection action and whether the delay time is influenced;
and/or monitoring whether the delay time of the transmission on the protection device is increased or not and whether the communication message between the protection device and the master station device has a frame loss phenomenon or not through the master station device;
and/or observing the communication state of the protection device and the master station equipment by monitoring the message replied by the protection device.
The second aspect of the present invention provides a power control protection industrial control protocol security test system, including: the system comprises a relay protection device, main station equipment, a switch and a relay protection tester;
the master station equipment communicates with the relay protection device through the switch; the relay protection tester applies fault analog quantity to the protection device and tests the reliability, correctness and delay time of the action of the protection device;
further comprising:
a message capturing module: the device is used for acquiring a communication message between the master station equipment and the protection device and acquiring a message to be played back in a mode of tracking a communication message flow;
a message analysis module: used for analyzing all structural bodies in the message;
a test case generation module: modifying and editing each structural body according to the set rule base to generate a corresponding test case script;
a message playback module: and loading the test case script, and performing corresponding network pressure test and fuzzy attack test.
Furthermore, the test case generation module modifies the IP address and/or the MAC address of the packet or generates a random field in each structure, stores and exports the modified test case as an xml file, and generates a corresponding test case script.
Further, the message playback module establishes TCP connection with the tested protection device, simulates multiple clients and multiple servers by playing back application layer messages with modified IP addresses and MAC addresses, and performs communication network pressure simulation test; and/or the message playback module plays back the communication message with the random field in the structural body to perform the fuzzy attack test of the power control protection industrial control protocol.
Further, the message playback module further includes a recording unit: and when the content of the structure body in the message is abnormal or the communication state is abnormal, the wave recording function is triggered, and the wave recording unit records and stores the communication message records of a period of time before and after the abnormal state.
In summary, the invention provides a safety test method and a system for an industrial control protocol of power control protection, which can simulate typical faults of a power system and test the correctness of protection actions, action delay and the correctness of information uploading to a monitoring system; in the environment, a message generation and playback technology is used for simulating and generating a plurality of clients and a plurality of servers to realize the pressure test of the communication node; generating various random fields and message playback strategies according to a set rule base, simulating fuzzy attack of a protocol, and testing the safety of an industrial control protocol; judging the communication state and the logic correctness of an application layer through a structural body of a reply message of the analysis device, and testing the robustness of the power control protection industrial control protocol; under the working conditions of network pressure and fuzzy attack, the correctness of the protection function of the device, the stability of the performance and the reliability of communication are comprehensively checked. The message playback technology is irrelevant to the specific protocol implementation, and the technical universality is strong.
The invention has the beneficial effects that:
1. the invention provides a scheme for fusion construction of a substation control protection test environment and a network security test environment. Aiming at the industrial control network environment of the transformer substation, typical faults of a power system are simulated, and the correctness of a protection function, the stability of performance and the reliability of communication are comprehensively checked under the working conditions of network pressure and fuzzy attack.
2. And acquiring the message to be played back by tracking the message flow of the communication between the substation protection device and the master station equipment. And then analyzing each structural body in the message, directly modifying the corresponding structural body through a graphical interface, and generating a corresponding fuzzy test script file according to the set rule base, wherein the test case generation operation is simple.
3. The TCP connection is established with the protection device to be tested through the message playback module, the application layer message with the modified IP address and the modified MAC address is played back, multiple clients and multiple servers are simulated, the test message is played back at a high communication rate, and the pressure simulation test of the communication node of the protection device of the transformer substation is realized.
4. And in the message playback process, recording and analyzing the interactive message, and judging the communication state of the device according to the reply condition of the device message and the analyzed content of each structural body in the reply message.
5. And in the message playback process, the comprehensive judgment device replies message contents and performs a corresponding message playback strategy in a targeted manner according to the communication connection state.
6. The device triggers the wave recording function when the content of the structure body in the reply message is abnormal or the communication state is abnormal, and the message playback module records and stores the message records of a period of time before and after the abnormal state, thereby being convenient for troubleshooting the abnormal reason.
7. The message playback technology is irrelevant to a specific protocol implementation module, and the universality of the tool is improved.
Drawings
FIG. 1 is a flow chart of a power control protection industrial control protocol security testing method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of parsing a message structure according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating generation of corresponding test case scripts in accordance with an embodiment of the present invention;
fig. 4 and 5 are schematic diagrams of a triggered recording function of an embodiment of the present invention;
fig. 6 is a block diagram of a power control protection industrial control protocol security test system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings in conjunction with the following detailed description. It should be understood that the description is intended to be exemplary only, and is not intended to limit the scope of the present invention. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present invention.
The invention is further described below with reference to the accompanying drawings.
As shown in fig. 1, a first aspect of the present invention provides a method for testing safety of an industrial control protocol for power control protection, where a relay protection device establishes a normal communication connection with a master station device, and forms a system for testing safety of an industrial control protocol for relay protection of a substation with a switch, a relay protection tester, and a message playback tool, where the method includes the following steps:
and S100, applying a fault analog quantity to the protection device by using a relay protection tester, and testing the reliability, the correctness and the delay time of the action of the protection device. The master station device monitors the correctness of the information sent by the protection device.
Step S200, communication messages between the master station equipment and the protection device are obtained, messages to be played back are obtained in a mode of tracking communication message flows, and all structural bodies in the messages are analyzed. Specifically, as shown in fig. 2, a message playback tool is connected to a switch of a relay protection test system of a transformer substation, a communication message between a master station device and a protection device is acquired by setting a mirror image port, a message to be played back is acquired by tracking a communication message stream, and all structural bodies in the message are analyzed.
And step S300, modifying and editing each structural body according to the set rule base to generate a corresponding test case script. Specifically, as shown in fig. 3, the modification editing operation is directly performed on each structure body through a graphical interface according to a set rule base. The IP address and MAC address of the message may be modified or random fields may be generated in each structure. And storing and exporting the modified test case as an xml file, and generating a corresponding test case script.
And S400, loading a test case script by using a message playback module, and carrying out corresponding network pressure test and fuzzy attack test. Specifically, the corresponding communication message is obtained by tracking the communication message flow between the protection device and the master station device. Simulating the simulation environment of multiple servers and multiple clients by modifying the source IP address, the source MAC address, the destination IP address and the destination MAC address according to the communication message traced to the relay protection device and the master station equipment, playing back the message to be tested at a high communication rate, and performing communication pressure simulation test on the corresponding communication node. In the method, each structural body in the message can be analyzed through the message analysis unit, then the corresponding structural body is directly modified through the graphical interface, and various random fields are generated according to a preset rule base to complete the fuzzy attack test case. And the message playback tool loads the fuzzy attack test case to perform the fuzzy attack test.
Further, as shown in fig. 4 and 5, when the content of the structure body in the message is abnormal or the communication state is abnormal, the wave recording function is triggered, and the message playback module records and saves the communication message record of a period of time before and after the abnormal state.
Further, the method also comprises the following steps: and the message playback tool plays back the message according to the content of each structural body field in the reply message of the receiving device and the corresponding strategy. In the message playback process, according to the set playback rule, the comprehensive judgment device replies the message content and the communication connection state to perform the corresponding message playback strategy in a targeted manner.
In the message playback process, a relay protection tester is used for simulating fault voltage and current, monitoring the change condition of a protection action outlet of a protection device, comparing the change condition with the action delay time of the protection device, and testing whether the correctness of the protection action and the delay time are influenced;
and/or monitoring whether the delay time of the transmission on the protection device is increased or not and whether the communication message between the protection device and the master station device has a frame loss phenomenon or not through the master station device;
and/or observing the communication state of the protection device and the master station equipment by monitoring the message replied by the protection device. And judging the communication connection state and the communication logic correctness of the protection device and the master station equipment through analyzing the message replied by the device.
The system simulates the system fault of the transformer substation by applying fault analog quantity, and tests the correctness and reliability of the protection action of the relay protection device. And testing the correctness and reliability of the protective action of the relay protection device and the robustness of the communication protocol between the protection device and the main station equipment under the influence of the communication network pressure and the protocol fuzzy attack environment respectively. And comparing the test result with the correctness and reliability of the protective action of the relay protection device under the common working condition and the action delay time, and analyzing the specific influence of the communication network pressure and the protocol fuzzy attack on the operation of the protection device.
A second aspect of the present invention provides a power control protection industrial control protocol security testing system, as shown in fig. 6, including: the system comprises a relay protection device, main station equipment, a switch and a relay protection tester;
the master station equipment communicates with the relay protection device through the switch; the relay protection tester applies fault analog quantity to the protection device and tests the reliability, correctness and delay time of the action of the protection device;
still include the message playback tool, wherein include:
a message capturing module: the device is used for acquiring a communication message between the master station equipment and the protection device and acquiring a message to be played back in a mode of tracking a communication message flow;
a message analysis module: used for analyzing all structural bodies in the message;
a test case generation module: modifying and editing each structural body according to the set rule base to generate a corresponding test case script;
a message playback module: and loading the test case script, and carrying out corresponding network pressure test and fuzzy attack test.
Furthermore, the test case generation module modifies the IP address and/or the MAC address of the packet or generates a random field in each structure, stores and exports the modified test case as an xml file, and generates a corresponding test case script.
Further, the message playback module establishes TCP connection with the tested protection device, simulates multiple clients and multiple servers by playing back application layer messages with modified IP addresses and MAC addresses, and performs communication network pressure simulation test; and/or the message playback module plays back the communication message with the random field in the structural body to perform the fuzzy attack test of the power control protection industrial control protocol.
Further, the message playback module further includes a recording unit: and when the content of the structure body in the message is abnormal or the communication state is abnormal, triggering a wave recording function, and recording and storing the communication message record in a period of time before and after the abnormal state by a wave recording unit.
In summary, the invention provides a safety test method and system for an industrial control protocol of power control protection, which can simulate typical faults of a power system and test the correctness of protection actions, action delay and the correctness of information uploading to a monitoring system; in the environment, a message generation and playback technology is used for simulating and generating a plurality of clients and a plurality of servers to realize the pressure test of the communication node; generating various random fields and message playback strategies according to a set rule base, simulating fuzzy attack of a protocol, and testing the safety of an industrial control protocol; judging the communication state and the logic correctness of an application layer through a structural body of a reply message of the analysis device, and testing the robustness of the power control protection industrial control protocol; under the working conditions of network pressure and fuzzy attack, the correctness of the protection function, the stability of the performance and the reliability of communication of the device are comprehensively checked. The message playback technology is irrelevant to the specific protocol implementation, and the technical universality is strong.
The invention has the beneficial effects that:
1. the invention provides a scheme for fusion construction of a substation control protection test environment and a network security test environment. Aiming at the industrial control network environment of the transformer substation, typical faults of a power system are simulated, and the correctness of a protection function, the stability of performance and the reliability of communication are comprehensively checked under the working conditions of network pressure and fuzzy attack.
2. And acquiring the message to be played back by tracking the message flow of the communication between the substation protection device and the master station equipment. And then analyzing each structural body in the message, directly modifying the corresponding structural body through a graphical interface, and generating a corresponding fuzzy test script file according to the set rule base, wherein the test case generation operation is simple.
3. The TCP connection is established with the protection device to be tested through the message playback module, the application layer message with the modified IP address and the modified MAC address is played back, multiple clients and multiple servers are simulated, the test message is played back at a high communication rate, and the pressure simulation test of the communication node of the protection device of the transformer substation is realized.
4. And in the message playback process, recording and analyzing the interactive message, and judging the communication state of the device according to the reply condition of the device message and the analyzed content of each structural body in the reply message.
5. In the message playback process, the comprehensive judgment device replies the message content and the communication connection state to perform a corresponding message playback strategy in a targeted manner.
6. The device triggers the wave recording function when the content of the structure body in the reply message is abnormal or the communication state is abnormal, and the message playback module records and stores the message records of a period of time before and after the abnormal state, thereby being convenient for troubleshooting the abnormal reason.
7. The message playback technology is irrelevant to a specific protocol implementation module, and the universality of the tool is improved.
It is to be understood that the above-described embodiments of the present invention are merely illustrative of or explaining the principles of the invention and are not to be construed as limiting the invention. Therefore, any modification, equivalent replacement, improvement and the like made without departing from the spirit and scope of the present invention should be included in the protection scope of the present invention. Further, it is intended that the appended claims cover all such variations and modifications as fall within the scope and boundaries of the appended claims or the equivalents of such scope and boundaries.
Claims (8)
1. A safety test method for an industrial control protocol of power control protection is characterized by comprising the following steps:
applying fault analog quantity to the protection device by using a relay protection tester, and testing the reliability, correctness and delay time of the action of the protection device;
acquiring a communication message between master station equipment and a protection device, acquiring a message to be played back in a mode of tracking a communication message stream, and analyzing all structural bodies in the message;
modifying and editing each structural body according to the set rule base to generate a corresponding test case script;
loading a test case script by using a message playback module, and carrying out corresponding network pressure test and fuzzy attack test;
the network stress test comprises the following steps:
the message playback module establishes TCP connection with the tested protection device, and simulates multiple clients and multiple servers to perform communication network pressure simulation test by playing back application layer messages with modified IP addresses and MAC addresses.
2. The safety test method for the power control protection industrial control protocol according to claim 1, wherein the step of performing modification editing operation on each structural body according to the set rule base to generate a corresponding test case script comprises:
modifying the IP address and/or the MAC address of the message, or generating a random field in each structure body; and storing and exporting the modified test case as an xml file, and generating a corresponding test case script.
3. The power control protection industrial control protocol security testing method according to claim 1, wherein the fuzzy attack test comprises:
and the message playback module plays back the communication message with the random field in the structure body to perform the fuzzy attack test of the power control protection industrial control protocol.
4. The safety test method for the power control protection industrial control protocol according to any one of claims 1 to 3, characterized in that when the content of the structure body in the message is abnormal or the communication state is abnormal, the wave recording function is triggered, and the message playback module records and saves the communication message record of a period of time before and after the abnormal state.
5. The power control protection industrial control protocol safety test method according to any one of claims 1 to 3, characterized by further comprising:
during the playback of the message, simulating the fault voltage and current by using a relay protection tester, monitoring the change condition of the protection action outlet of the protection device, comparing with the delay time of the action of the protection device in claim 1, and testing the correctness of the protection action and whether the delay time is influenced;
and/or monitoring whether the delay time of the transmission on the protection device is increased or not and whether the communication message between the protection device and the master station device has a frame loss phenomenon or not through the master station device;
and/or observing the communication state of the protection device and the master station equipment by monitoring the message replied by the protection device.
6. The utility model provides a power control protection industry control agreement safety test system which characterized in that includes: the system comprises a relay protection device, main station equipment, a switch and a relay protection tester;
the master station equipment communicates with the relay protection device through the switch; the relay protection tester applies fault analog quantity to the protection device and tests the reliability, correctness and delay time of the action of the protection device;
further comprising:
a message capturing module: the device is used for acquiring a communication message between the master station equipment and the protection device and acquiring a message to be played back in a mode of tracking a communication message flow;
a message analysis module: used for analyzing all structural bodies in the message;
a test case generation module: modifying and editing each structural body according to the set rule base to generate a corresponding test case script;
a message playback module: loading a test case script, and carrying out corresponding network pressure test and fuzzy attack test;
the message playback module establishes TCP connection with a tested protection device, simulates multiple clients and multiple servers by playing back application layer messages with modified IP addresses and MAC addresses, and performs communication network pressure simulation test; and/or the message playback module plays back the communication message with the random field in the structural body to perform the fuzzy attack test of the power control protection industrial control protocol.
7. The power control protection industrial control protocol security test system according to claim 6, wherein the test case generation module modifies an IP address and/or an MAC address of a packet or generates a random field in each structure, stores and exports a modified test case as an xml file, and generates a corresponding test case script.
8. The power control protection industrial control protocol security testing system according to any one of claims 6 to 7, wherein the message playback module further comprises a wave recording unit: and when the content of the structure body in the message is abnormal or the communication state is abnormal, triggering a wave recording function, and recording and storing the communication message record in a period of time before and after the abnormal state by a wave recording unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010747153.8A CN111901200B (en) | 2020-07-29 | 2020-07-29 | Power control protection industrial control protocol security test method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010747153.8A CN111901200B (en) | 2020-07-29 | 2020-07-29 | Power control protection industrial control protocol security test method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111901200A CN111901200A (en) | 2020-11-06 |
| CN111901200B true CN111901200B (en) | 2022-05-27 |
Family
ID=73182511
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010747153.8A Active CN111901200B (en) | 2020-07-29 | 2020-07-29 | Power control protection industrial control protocol security test method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111901200B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112634604B (en) * | 2020-11-16 | 2022-07-01 | 中国电力科学研究院有限公司 | Attack testing method and system for electricity consumption information acquisition system |
| CN112953896A (en) * | 2021-01-26 | 2021-06-11 | 杭州迪普科技股份有限公司 | Playback method and device of log message |
| CN113055374B (en) * | 2021-03-10 | 2022-07-08 | 湖南大学 | Detection method and system for IEC104 power protocol security test |
| CN115174245A (en) * | 2022-07-15 | 2022-10-11 | 湖北天融信网络安全技术有限公司 | Test method and system based on DoIP protocol detection |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302535A (en) * | 2016-09-30 | 2017-01-04 | 中国南方电网有限责任公司电网技术研究中心 | The attack emulation mode of power system, device and attack emulator |
| CN110232012A (en) * | 2018-03-06 | 2019-09-13 | 国家计算机网络与信息安全管理中心 | A kind of fuzz testing language protocol test script and testing engine based on xml |
| CN110505111A (en) * | 2019-07-09 | 2019-11-26 | 杭州电子科技大学 | The industry control agreement fuzz testing method reset based on flow |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8719930B2 (en) * | 2010-10-12 | 2014-05-06 | Sonus Networks, Inc. | Real-time network attack detection and mitigation infrastructure |
-
2020
- 2020-07-29 CN CN202010747153.8A patent/CN111901200B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302535A (en) * | 2016-09-30 | 2017-01-04 | 中国南方电网有限责任公司电网技术研究中心 | The attack emulation mode of power system, device and attack emulator |
| CN110232012A (en) * | 2018-03-06 | 2019-09-13 | 国家计算机网络与信息安全管理中心 | A kind of fuzz testing language protocol test script and testing engine based on xml |
| CN110505111A (en) * | 2019-07-09 | 2019-11-26 | 杭州电子科技大学 | The industry control agreement fuzz testing method reset based on flow |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111901200A (en) | 2020-11-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111901200B (en) | Power control protection industrial control protocol security test method and system | |
| US9461871B2 (en) | Client suitability test apparatus and method for a substation automating system | |
| EP1850142B2 (en) | System level testing for substation automation systems | |
| CN101262472B (en) | A multi-function protocol parser and its realization method | |
| CN106953749B (en) | Intelligent substation process level network real-time monitoring method | |
| CN113507436B (en) | Power grid embedded terminal fuzzy test method aiming at GOOSE protocol | |
| CN107094091B (en) | A kind of intelligent substation station level network configuration method of calibration and system | |
| CN110989547A (en) | Detection method and system for intelligent substation one-key sequence control system | |
| CN108508296B (en) | Bidirectional ring network-based in-place element protection test method and system | |
| Elbez et al. | A cost-efficient software testbed for cyber-physical security in iec 61850-based substations | |
| CN113542029A (en) | Service stability testing method, system and tool of network equipment | |
| CN113067738A (en) | Network topology visualization function equipment compatibility testing method and system | |
| CN111130927B (en) | Method for automatically realizing service test of network layer communication terminal equipment | |
| CN111683044A (en) | Method and device for automatically detecting forward isolation device strategy | |
| CN103036316A (en) | IEC61850-based IED equipment intelligent detecting method | |
| CN117254964A (en) | Power grid intelligent terminal protocol vulnerability detection method based on high-order attribute grammar | |
| CN107733743B (en) | Method and system for realizing automatic test of Ethernet bus data | |
| CN107342904B (en) | Data simulation method and device for testing substation control layer equipment of transformer substation | |
| CN115333985A (en) | CMS client protocol testing method, system, equipment and storage medium | |
| CN106204326B (en) | Power distribution terminal IED equipment detection method for power distribution system | |
| CN112468336B (en) | Network quality monitoring and early warning method, device, terminal and storage medium | |
| Lee et al. | Construction of the Interoperability Test-bed for IEC 61850 based Digital Substation | |
| CN218630002U (en) | Network attack test system for relay protection device | |
| CN110620689A (en) | Simulation method and system of IEC61850 server | |
| CN105093154B (en) | Data transmission method and device for the test of on-Line Monitor Device quality simulation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |