CN112615808B - Method, device and medium for representing white list of process layer messages of intelligent substation - Google Patents
Method, device and medium for representing white list of process layer messages of intelligent substation Download PDFInfo
- Publication number
- CN112615808B CN112615808B CN202011162271.9A CN202011162271A CN112615808B CN 112615808 B CN112615808 B CN 112615808B CN 202011162271 A CN202011162271 A CN 202011162271A CN 112615808 B CN112615808 B CN 112615808B
- Authority
- CN
- China
- Prior art keywords
- data set
- virtual terminal
- name
- data
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Abstract
The invention discloses a method for representing a white list of process layer messages of an intelligent substation, which comprises the following steps: step S1: analyzing the substation configuration description file, and finally obtaining a data set with the data set name matched with the datSet attribute; step S2: analyzing a sending data set DataSet to obtain an address of a publishing/sending virtual terminal; step S3: analyzing the received data set to obtain the address of the subscription/reception virtual terminal; step S4: and determining a unique legal message transmission path and related attributes according to the address of the sending virtual terminal and the address of the receiving virtual terminal, and thus obtaining a character string identification mode of the message transmission path. The invention also provides a device for representing the white list of the process layer messages of the intelligent substation and the electronic equipment.
Description
Technical Field
The invention belongs to the technical field of intelligent substation information safety protection, and particularly relates to a process layer message white list representation method based on an intelligent Substation Configuration Description (SCD) file.
Background
Nowadays, smart grids develop towards Physical information Power Systems (CPPS), the relationship between information Systems and Physical Systems becomes tighter and tighter, and the influence of information Systems on Physical Systems becomes larger and larger. The network attack risk is highlighted day by day correspondingly; an attacker can achieve the purpose of damaging a physical system by attacking an information system, and the harm of the attacker cannot be compared and discussed with the traditional information security attack.
Industrial Control Systems (ICS) specify strict message sequences for production processes. Therefore, the concept of sequence attacks is proposed in the art. Sequence attacks can be divided into two categories: order-based sequence attacks and timing-based sequence attacks. The former is to send and execute normal messages and commands in an illegal order; and the latter sends and operates messages and commands in illegal time. Once the sequence attack is suffered, the logic of the production flow is disordered, and great harm is caused to equipment, products and even personnel.
The intelligent substation is an important component of the intelligent power grid, and plays an irreplaceable role in real-time data detection and fault state defense. Therefore, attack detection of the intelligent substation has important significance for security of the intelligent power grid, and once the intelligent substation receives network attacks such as sequence attacks, various losses including economy caused by the attack detection are difficult to estimate. Meanwhile, the IEC-61850 standard widely used by the intelligent substation at present is an open standard which is extremely fragile in the aspects of information security and network protection, and mainly specifies communication protocols in three formats, namely GOOSE, SMV and MMS. Although the three protocols can effectively carry out communication in the intelligent substation, the three protocols do not consider the safety, are in a non-protection state and cannot prevent attacks such as information interception, replay and the like.
Meanwhile, attacks aiming at information security are continuously developed, and the attacks have the characteristics of diversification, persistence and customization. Therefore, the network and information security protection technology for the intelligent substation becomes very important.
Disclosure of Invention
The invention aims to provide a method for representing a white list of messages of a process layer of an intelligent substation, and effectively prevents network attack.
In order to solve the technical problems, the invention adopts the following technical scheme: the method for representing the white list of the process layer messages of the intelligent substation comprises the following steps:
step S1: analyzing the substation configuration description file, matching data set parameter configuration datSet attributes serving as matching sources according to current logic equipment, and finally obtaining a data set with a data set name matched with the datSet attributes;
step S2: analyzing a data set DataSet to be sent, matching a data instance corresponding to the data set DataSet in an SCD file, and calculating to obtain an address of a publishing/sending virtual terminal according to the data instance;
step S3: analyzing the received data set, matching a data instance corresponding to the received data set in the SCD file, and calculating to obtain an address of a subscription/reception virtual terminal according to the data instance;
step S4: and determining a unique legal message transmission path and related attributes according to the address of the sending virtual terminal and the address of the receiving virtual terminal, and thus obtaining a character string identification mode of the message transmission path.
Preferably, the method for analyzing the substation configuration description file in step S1 includes: the full configuration of the SMV/GOOSE message comprises three parts: the method comprises the steps of controlling block parameter configuration, message transmission parameter configuration and data set parameter configuration, and finding SMV or GSE message configuration information matched with a current controlling block by comparing the name attribute and the access point name attribute of the IED with the ldInst attribute and the control block apName attribute of an LD instance.
Preferably, the method for analyzing the transmission data set DataSet in step S2 includes: according to the first 6 parameters of the FCDA, a data attribute reference name InAddr inside the IED is formed, and the format of the data attribute reference name InAddr is as follows: the unadddr ═ ldInst/prefix + lnClass + lninst. doname. daname, the data instance corresponding to it is matched in the SCD file by means of the FCDA internal data reference name unaddr.
Preferably, the intelligent terminal names iedName, the logical device ldInst, the logical node LN prefix name prefix, the logical node definition name lnClass, the logical node suffix name lnInst, the data object name doName and the data value name daName of the publishing/sending virtual terminal and the subscribing/receiving virtual terminal are obtained from the data instance, the virtual terminal address is defined as cAddr iedName + ldInst/prefix + lnClass + lnInst $ doName $ daName, and the address of the publishing/sending virtual terminal is obtained according to the definition.
Preferably, a formula is used in step S4
Obtaining a value
Wherein caddriIs a transmitting virtual terminal, caddrjIf it is a receiving virtual terminal, a unique legitimate message transmission path and associated attributes can be determined.
The invention also provides a device for representing the white list of the process layer messages of the intelligent substation, which comprises the following steps:
a data set name and datSet attribute matching module: analyzing the substation configuration description file, matching the datSet attribute serving as a matching source according to the current logic equipment, and finally obtaining a data set with the data set name matched with the datSet attribute;
a publishing/sending virtual terminal address obtaining module: analyzing the sending data set, matching a data instance corresponding to the sending data set in the SCD file, and calculating to obtain an address of a publishing/sending virtual terminal according to the data instance;
a subscription/reception virtual terminal address obtaining module: analyzing the received data set, matching a data instance corresponding to the received data set in the SCD file, and calculating to obtain an address of a subscription/reception virtual terminal according to the data instance;
a message transmission path character string identification mode obtaining module: and determining a unique legal message transmission path and related attributes according to the address of the sending virtual terminal and the address of the receiving virtual terminal, and thus obtaining a character string identification mode of the message transmission path.
The invention also provides electronic equipment which comprises a memory, a processor and a computer program which is stored in the memory and can run on the processor, wherein the processor realizes the representation method of the white list of the intelligent substation process layer messages when executing the computer program.
The invention also provides a medium, wherein the medium stores a computer program, and the computer program can realize the representation method of the white list of the process layer messages of the intelligent substation when being executed by a processor.
The technical scheme adopted by the invention has the following beneficial effects: the detection based on the white list has better interception accuracy and defense effect compared with the black list, the SCD file is analyzed, the key field in the SCD file is obtained, the white list of the message sequence is established, and then the sequence attack can be detected and effectively prevented.
The following detailed description of the present invention will be provided in conjunction with the accompanying drawings.
Drawings
The invention is further described with reference to the accompanying drawings and the detailed description below:
fig. 1 is a flow chart of a method for representing a white list of process layer messages of an intelligent substation.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the invention, its application, or uses. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The intelligent substation realizes the digitization of the merging unit and the intelligent terminal information in the process layer, and realizes the sharing of the related digital information on the network platform. In addition, different from the traditional transformer substation, the intelligent transformer substation converts the hard terminal of the secondary circuit in the traditional transformer substation into a logical virtual terminal, and the connection relationship of the secondary circuit depends on the association relationship of the virtual terminal. The publish/subscribe relationship between the virtual terminals not only reflects the communication relationship between the IEDs, but also indicates the logical relationship of message transmission between the virtual terminals. An intelligent substation has its own configuration description file, i.e. an intelligent Substation Configuration Description (SCD) file, with respect to a general industrial control system. The SCD file records information including the virtual terminal message transmission relationship and path in detail.
Example one
As shown in fig. 1, the method for representing the white list of the process layer messages of the intelligent substation includes the following steps:
step S1: analyzing the substation configuration description file, and according to the complete configuration of the SMV/GOOSE message, the method comprises three parts:
control block parameter configuration (GSEControl/SampledValueControl), message transmission parameter configuration (SMV/GSE), and data set parameter configuration (DataSet). The SMV or GSE message configuration information matched with the current control block can be found by comparing the name attribute and the access point name attribute of the IED with the ldInst attribute and the control block apName attribute of the LD instance. And after the current logic device is determined, matching by taking the datSet attribute as a matching source, wherein the data set with the data set name matched with the datSet attribute is the data set corresponding to the current control block.
After the incidence relation among the control block parameters, the message transmission parameters and the data set configuration is cleared, a virtual terminal connection relation can be uniquely obtained according to the sending data set and the receiving data set which correspond to each other one by one.
Step S2: the sending data set DataSet is composed of a plurality of data attribute FCDA tags with function constraints, and a data attribute reference name inAddr inside the IED is composed according to the first 6 parameters of the FCDA, and the format of the data attribute reference name inAddr is as follows:
inddr ═ ldInst/prefix + lnClass + lninst.doname.daname.daname, which is a relevant attribute and address that can define a logical virtual terminal, has uniqueness. The data reference name inAddr in the FCDA can be matched with the corresponding data instance in the SCD file, so that the mapping relation from the model to the reference instance and then to the physical address is established through the configuration information of the FCDA.
Then, the intelligent terminal names (iedname), the logical devices ld (ldinst), the logical node LN prefix names (prefix), the logical node definition names (lnClass), the logical node suffix names (lnInst), the data object names (doName), and the data value names (daName) of the publishing/sending virtual terminals and the subscribing/receiving virtual terminals are obtained from the examples.
Defining the virtual terminal address as:
cAddr=iedName+ldInst/prefix+lnClass+lnInst$doName$daName
the address of the issuing/transmitting virtual terminal can be obtained by definition.
Step S3: the received data set is composed of several external reference child nodes ExtRef, which describe the set of external data references received by the logic device LDevice, and the connection relationship of the internal data and the external references. The address of the subscribing/receiving virtual terminal is obtained by the same method as the above-described step S2.
Step S4: order to
It is possible to determine oneThe only legal message transmission path has strict sequence, wherein the former item is a sending virtual terminal, and the latter item is a receiving virtual terminal. Then
Can determine a unique legal message transmission path and related attributes, thereby obtaining the character string identification mode of the message transmission path, and
sensitive to the direction of message transmission. And due to
With strict sequence, is composed of
The represented white list of the substation process layer can detect the message sequence.
The detection based on the white list has better interception accuracy and defense effect compared with the black list, the SCD file is analyzed, the key field in the SCD file is obtained, the white list of the message sequence is established, and then the sequence attack can be detected and effectively prevented.
Example two
The device for representing the white list of the process layer messages of the intelligent substation comprises the following steps:
a data set name and datSet attribute matching module: analyzing the substation configuration description file, matching the datSet attribute serving as a matching source according to the current logic equipment, and finally obtaining a data set with the data set name matched with the datSet attribute;
a publishing/sending virtual terminal address obtaining module: analyzing the sending data set, matching a data instance corresponding to the sending data set in the SCD file, and calculating to obtain an address of a publishing/sending virtual terminal according to the data instance;
a subscription/reception virtual terminal address obtaining module: analyzing the received data set, matching a data instance corresponding to the received data set in the SCD file, and calculating to obtain an address of a subscription/reception virtual terminal according to the data instance;
a message transmission path character string identification mode obtaining module: and determining a unique legal message transmission path and related attributes according to the address of the sending virtual terminal and the address of the receiving virtual terminal, and thus obtaining a character string identification mode of the message transmission path.
EXAMPLE III
An electronic device includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and the processor executes the computer program to implement the method for representing a white list of process layer messages of an intelligent substation according to the first embodiment.
The electronic devices in the embodiments of the present invention may include, but are not limited to, mobile terminals such as mobile phones, notebook computers, PDAs (personal digital assistants), PADs (tablet computers), and the like, and fixed terminals such as desktop computers and the like.
The electronic device may include a processing means (e.g., a central processing unit) that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) or a program loaded from a storage means into a Random Access Memory (RAM). In the RAM, various programs and data necessary for the operation of the electronic apparatus are also stored. The processing device, the ROM, and the RAM are connected to each other by a bus. An input/output (I/O) interface is also connected to the bus.
Generally, the following systems may be connected to the I/O interface: input devices including, for example, touch screens, touch pads, keyboards, mice, etc.; output devices including, for example, Liquid Crystal Displays (LCDs), speakers, vibrators, and the like; storage devices including, for example, magnetic tape, hard disk, etc.; and a communication device. The communication means may allow the electronic device to communicate wirelessly or by wire with other devices to exchange data.
A computer program, carried on a computer readable medium, comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means, or installed from a storage means, or installed from a ROM. The computer program, when executed by a processing device, performs the above-described functions defined in the methods of the embodiments of the present disclosure.
It should be noted that the computer readable medium in the present disclosure can be a computer readable signal medium or a computer readable medium or any combination of the two. A computer readable medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor device, system, or apparatus, or any combination of the foregoing. More specific examples of the computer readable medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution apparatus, system, or device. In contrast, in the present disclosure, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution apparatus, system, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: acquiring at least two internet protocol addresses; sending a node evaluation request comprising the at least two internet protocol addresses to node evaluation equipment, wherein the node evaluation equipment selects the internet protocol addresses from the at least two internet protocol addresses and returns the internet protocol addresses; receiving an internet protocol address returned by the node evaluation equipment; wherein the obtained internet protocol address indicates an edge node in the content distribution network.
Alternatively, the computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving a node evaluation request comprising at least two internet protocol addresses; selecting an internet protocol address from the at least two internet protocol addresses; returning the selected internet protocol address; wherein the received internet protocol address indicates an edge node in the content distribution network.
Computer program code for carrying out operations for aspects of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that the invention is not limited thereto, and may be embodied in other forms without departing from the spirit or essential characteristics thereof. Any modification which does not depart from the functional and structural principles of the present invention is intended to be included within the scope of the claims.
Claims (6)
1. The method for representing the white list of the process layer messages of the intelligent substation is characterized by comprising the following steps of:
step S1: analyzing the substation configuration description file, matching data set parameter configuration datSet attributes serving as matching sources according to current logic equipment, and finally obtaining a data set with a data set name matched with the datSet attributes;
step S2: analyzing a data set DataSet to be sent, matching a data instance corresponding to the data set DataSet in an SCD file, and calculating to obtain an address of a publishing/sending virtual terminal according to the data instance;
step S3: analyzing the received data set, matching a data instance corresponding to the received data set in the SCD file, and calculating to obtain an address of a subscription/reception virtual terminal according to the data instance;
step S4: determining a unique legal message transmission path and related attributes according to the address of the sending virtual terminal and the address of the receiving virtual terminal, and obtaining a character string identification mode of the message transmission path;
the method for analyzing the substation configuration description file in the step S1 includes: the full configuration of the SMV/GOOSE message comprises three parts: the method comprises the steps of controlling block parameter configuration, message transmission parameter configuration and data set parameter configuration, and finding SMV or GSE message configuration information matched with a current controlling block by comparing the name attribute and the access point name attribute of the IED with the ldInst attribute and the control block apName attribute of an LD instance.
2. The method for representing the white list of the process layer messages of the intelligent substation according to claim 1, characterized in that: the method for analyzing the data set DataSet in step S2 includes: according to the first 6 parameters of the FCDA, a data attribute reference name InAddr inside the IED is formed, and the format of the data attribute reference name InAddr is as follows: the unadddr ═ ldInst/prefix + lnClass + lninst. doname. daname, the data instance corresponding to it is matched in the SCD file by means of the FCDA internal data reference name unaddr.
3. The method for representing the white list of the process layer messages of the intelligent substation according to claim 1, characterized in that: the method comprises the steps of obtaining intelligent terminal names iedName, logic device ldInst, logic node LN prefix name prefix, logic node definition name lnClass, logic node suffix name lnInst, data object name and data value name of a publishing/receiving virtual terminal from a data example, defining the address of the virtual terminal as cAddr ═ iedName + ldInst/prefix + lnClass + lnInst $ DonaME $ Name, and obtaining the address of the publishing/sending virtual terminal according to the definition.
4. The method for representing the white list of the process layer messages of the intelligent substation according to claim 1, characterized in that: formula used in step S4
Obtaining a value
Wherein caddriIs a transmitting virtual terminal, caddrjIf it is a receiving virtual terminal, a unique legitimate message transmission path and associated attributes can be determined.
5. An electronic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that: the processor, when executing the computer program, implements the method for representing a white list of process layer messages of an intelligent substation according to any one of claims 1 to 4.
6. A medium storing a computer program, wherein the computer program, when executed by a processor, is capable of implementing the method for representing a white list of process layer messages of an intelligent substation according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011162271.9A CN112615808B (en) | 2020-10-27 | 2020-10-27 | Method, device and medium for representing white list of process layer messages of intelligent substation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011162271.9A CN112615808B (en) | 2020-10-27 | 2020-10-27 | Method, device and medium for representing white list of process layer messages of intelligent substation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112615808A CN112615808A (en) | 2021-04-06 |
| CN112615808B true CN112615808B (en) | 2022-01-25 |
Family
ID=75225674
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011162271.9A Active CN112615808B (en) | 2020-10-27 | 2020-10-27 | Method, device and medium for representing white list of process layer messages of intelligent substation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112615808B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113672779B (en) * | 2021-08-11 | 2023-07-14 | 国网浙江省电力有限公司绍兴供电公司 | Character string matching method, equipment and medium for transformer substation message sequence detection |
| CN114338096B (en) * | 2021-12-10 | 2023-11-17 | 南京南瑞继保电气有限公司 | Configuration method of process layer isolation device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015139473A1 (en) * | 2014-03-18 | 2015-09-24 | 国家电网公司 | Method for managing and controlling system configuration document in intelligent substation |
| CN106199323A (en) * | 2016-07-27 | 2016-12-07 | 国网河北省电力公司电力科学研究院 | A kind of virtual terminals of intelligent substation connects correctness method of discrimination |
| CN106411562A (en) * | 2016-06-17 | 2017-02-15 | 全球能源互联网研究院 | Electric power information network safety linkage defense method and system |
| CN109617923A (en) * | 2019-01-25 | 2019-04-12 | 南京国电南自电网自动化有限公司 | A kind of transformer station process layer network packet filtering retransmission unit |
| CN110011966A (en) * | 2019-02-28 | 2019-07-12 | 国网浙江省电力有限公司绍兴供电公司 | A kind of transformer station process layer network Traffic anomaly detection method |
| CN110213077A (en) * | 2019-04-18 | 2019-09-06 | 国家电网有限公司 | A kind of method, apparatus and system of determining electric power monitoring system security incident |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106294989B (en) * | 2016-08-09 | 2019-05-21 | 武汉凯默电气有限公司 | A kind of intelligent substation relay protection secondary actual situation circuit visual presentation method |
| CN106410972A (en) * | 2016-11-18 | 2017-02-15 | 国网上海市电力公司 | GOOSE-link-mapping-mechanism-based on-line monitoring system and method |
| CN108234237A (en) * | 2017-12-18 | 2018-06-29 | 国网技术学院 | A kind of empty circuit health examination method and system acquired in real time based on interchanger |
| CN107995050A (en) * | 2017-12-29 | 2018-05-04 | 国网安徽省电力有限公司 | Secondary system of intelligent substation process layer communication failure diagnostic system and method |
| CN109639529B (en) * | 2018-12-21 | 2022-05-24 | 国网四川省电力公司电力科学研究院 | Diagnostic method for abnormal remote control command of intelligent substation |
| CN110751570A (en) * | 2019-09-16 | 2020-02-04 | 中国电力科学研究院有限公司 | Power service message attack identification method and system based on service logic |
-
2020
- 2020-10-27 CN CN202011162271.9A patent/CN112615808B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015139473A1 (en) * | 2014-03-18 | 2015-09-24 | 国家电网公司 | Method for managing and controlling system configuration document in intelligent substation |
| CN106411562A (en) * | 2016-06-17 | 2017-02-15 | 全球能源互联网研究院 | Electric power information network safety linkage defense method and system |
| CN106199323A (en) * | 2016-07-27 | 2016-12-07 | 国网河北省电力公司电力科学研究院 | A kind of virtual terminals of intelligent substation connects correctness method of discrimination |
| CN109617923A (en) * | 2019-01-25 | 2019-04-12 | 南京国电南自电网自动化有限公司 | A kind of transformer station process layer network packet filtering retransmission unit |
| CN110011966A (en) * | 2019-02-28 | 2019-07-12 | 国网浙江省电力有限公司绍兴供电公司 | A kind of transformer station process layer network Traffic anomaly detection method |
| CN110213077A (en) * | 2019-04-18 | 2019-09-06 | 国家电网有限公司 | A kind of method, apparatus and system of determining electric power monitoring system security incident |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112615808A (en) | 2021-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10547618B2 (en) | Method and apparatus for setting access privilege, server and storage medium | |
| JP4729262B2 (en) | Location awareness architecture and systems | |
| CN112615808B (en) | Method, device and medium for representing white list of process layer messages of intelligent substation | |
| CN109299348A (en) | A kind of data query method, apparatus, electronic equipment and storage medium | |
| US11411871B2 (en) | Augmenting functionality in distributed systems with payload headers | |
| US11170124B2 (en) | Computer-based methods and systems for managing private data of users | |
| CN112351031A (en) | Generation method and device of attack behavior portrait, electronic equipment and storage medium | |
| CN110222775A (en) | Image processing method, device, electronic equipment and computer readable storage medium | |
| CN111259282B (en) | URL (Uniform resource locator) duplication removing method, device, electronic equipment and computer readable storage medium | |
| CN107911450B (en) | Safe data circulation method and system | |
| CN110333955A (en) | A kind of method and apparatus managing message informing in application | |
| CN113268260A (en) | Routing method and device for web front end | |
| CN107396364A (en) | A kind of method and apparatus for being used to carry out user equipment wireless connection pre-authorization | |
| Rencelj Ling et al. | Generating threat models and attack graphs based on the IEC 61850 system configuration description language | |
| CN115329381A (en) | Sensitive data-based analysis and early warning method and device, computer equipment and medium | |
| CN111008865A (en) | Coupon synchronous display method and device, server and storage medium | |
| US10868880B2 (en) | Control system with persistent and transient data stores for registration, production and status data for networked devices | |
| CN110222524A (en) | The authorization check method, apparatus and terminal device of uniform resource locator request | |
| CN109284452A (en) | The online methods of exhibiting of electronic protocol, device, electronic equipment, storage medium | |
| US20220321598A1 (en) | Method of processing security information, device and storage medium | |
| WO2022247226A1 (en) | Applet monitoring method and device | |
| CN116028917A (en) | Authority detection method and device, storage medium and electronic equipment | |
| CN116112296A (en) | Intelligent video conference data protection management method, system and storage medium thereof | |
| CN110348725A (en) | Risk policy method of adjustment, device and electronic equipment based on regional society environmental information | |
| CN109491687A (en) | A kind of hot update method, device, terminal and the readable medium of application software |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |