CN113010862A - Situation awareness architecture deployment method for power plant industrial control system - Google Patents
Situation awareness architecture deployment method for power plant industrial control system Download PDFInfo
- Publication number
- CN113010862A CN113010862A CN202110394221.1A CN202110394221A CN113010862A CN 113010862 A CN113010862 A CN 113010862A CN 202110394221 A CN202110394221 A CN 202110394221A CN 113010862 A CN113010862 A CN 113010862A
- Authority
- CN
- China
- Prior art keywords
- module
- power
- data
- security
- situation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 238000012545 processing Methods 0.000 claims abstract description 49
- 230000005540 biological transmission Effects 0.000 claims abstract description 14
- 238000010248 power generation Methods 0.000 claims abstract description 14
- 238000011156 evaluation Methods 0.000 claims abstract description 8
- 238000012544 monitoring process Methods 0.000 claims description 11
- 230000008447 perception Effects 0.000 claims description 11
- 230000004044 response Effects 0.000 claims description 11
- 230000006399 behavior Effects 0.000 claims description 9
- 230000007123 defense Effects 0.000 claims description 9
- 230000000694 effects Effects 0.000 claims description 9
- 230000002411 adverse Effects 0.000 claims description 8
- 238000011084 recovery Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 claims description 6
- 238000004458 analytical method Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 claims description 5
- 238000007405 data analysis Methods 0.000 claims description 4
- 238000007418 data mining Methods 0.000 claims description 4
- 238000001514 detection method Methods 0.000 claims description 4
- 230000006866 deterioration Effects 0.000 claims description 4
- 238000009792 diffusion process Methods 0.000 claims description 4
- 230000009545 invasion Effects 0.000 claims description 4
- 238000002955 isolation Methods 0.000 claims description 4
- 230000009466 transformation Effects 0.000 claims description 4
- 230000036541 health Effects 0.000 claims description 3
- 238000007619 statistical method Methods 0.000 claims description 3
- 206010001488 Aggression Diseases 0.000 claims description 2
- 230000016571 aggressive behavior Effects 0.000 claims description 2
- 208000012761 aggressive behavior Diseases 0.000 claims description 2
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 4
- 238000013480 data collection Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000005611 electricity Effects 0.000 description 3
- 239000000446 fuel Substances 0.000 description 2
- 239000007789 gas Substances 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- VNWKTOKETHGBQD-UHFFFAOYSA-N methane Chemical compound C VNWKTOKETHGBQD-UHFFFAOYSA-N 0.000 description 2
- 229910052770 Uranium Inorganic materials 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 239000003245 coal Substances 0.000 description 1
- 230000004992 fission Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000003345 natural gas Substances 0.000 description 1
- 239000003758 nuclear fuel Substances 0.000 description 1
- 239000003208 petroleum Substances 0.000 description 1
- 239000000047 product Substances 0.000 description 1
- JFALSRSLKYAFGM-UHFFFAOYSA-N uranium(0) Chemical compound [U] JFALSRSLKYAFGM-UHFFFAOYSA-N 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/50—Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Business, Economics & Management (AREA)
- Economics (AREA)
- Public Health (AREA)
- Water Supply & Treatment (AREA)
- Human Resources & Organizations (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- Computing Systems (AREA)
- Databases & Information Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a situation awareness architecture deployment method for a power plant industrial control system, which comprises the steps of acquiring power operation data through a data acquisition module deployed at a power generation end of a power plant, sending the acquired power operation data to a data transmission module, transmitting the power operation data acquired by the data acquisition module by the data transmission module, transmitting the power operation data to a data processing module, calling a situation assessment service container corresponding to an optimal data processing service container by the situation assessment module, performing situation assessment on the power data processed by the optimal data processing service container to obtain a power situation assessment result, calling a result processing service container corresponding to the optimal data processing service container by the result processing module, processing the power situation assessment result, and performing safety protection on power operation by a safety protection module; according to the invention, the data acquisition module is used for acquiring the power operation data, and the situation evaluation module is used for evaluating the power situation, so that the safety is high.
Description
Technical Field
The invention relates to the technical field of power plants, in particular to a situation awareness architecture deployment method for an industrial control system of a power plant.
Background
A power plant refers to a power plant that converts some form of raw energy into electrical energy for use in stationary facilities or for transportation, such as a thermal, hydraulic, steam, diesel, or nuclear power plant. Thermal power generation is power generation using thermal energy obtained by burning fuel (coal, petroleum and products thereof, natural gas, and the like). The generator set of thermal power generation has two main forms, namely a steam turbine generator set which is called as a steam turbine generator set and drives a steam turbine to rotate by utilizing high-temperature and high-pressure steam generated by a boiler; the fuel enters the gas turbine to directly convert the heat energy into mechanical energy to drive the generator to generate electricity, and the generator is called a gas turbine generator set. A thermal power plant is generally a power plant mainly including a turbo generator set. The hydroelectric power generation is that river water or lake water and river water at high positions) are guided to the downstream by diversion to form fall to push a water turbine to rotate so as to drive a generator to generate power. Power plants that generate electricity with hydro-turbo sets are known as hydroelectric power plants. In the nuclear power generation, heat energy released by slow fission of nuclear fuel (such as uranium) in a nuclear reactor is used for generating steam (replacing a boiler in a thermal power plant) to drive a steam turbine and then drive a generator to rotate for power generation. Power plants that are dominated by nuclear power generation are referred to as nuclear power plants. The wind power is used to blow large blades built on the tower top to rotate to drive a generator to generate electricity, which is called wind power generation, and a power generation field consisting of a plurality of wind power generators, a dozen of wind power generators and even dozens of wind power generators is called a wind power generation field.
In the prior art, in the operation process of a power plant, more systems such as a power grid asset management system, a scheduling system, a mass platform system, an online monitoring system and a meteorological or icing monitoring system are formed aiming at a power grid equipment state monitoring and generation management technology, although the systems can play a certain management and help role in the power operation of the power plant, the overall protection effect of the power plant is general, and the systems are difficult to timely process when the power plant has problems.
Based on the situation awareness architecture deployment method, the situation awareness architecture deployment method for the power plant industrial control system is designed to solve the problems.
Disclosure of Invention
The invention aims to provide a situation awareness architecture deployment method for a power plant industrial control system, which comprises the steps of collecting power operation data through a data collection module, transmitting the collected data through a data transmission module, processing the data through a data processing module, evaluating power situation through a situation evaluation module, processing a power situation evaluation result through a result processing module, carrying out safety protection on a power system through a safety protection module, and displaying the power operation situation through a result display module.
In order to achieve the purpose, the invention provides the following technical scheme: a situation awareness architecture deployment method for a power plant industrial control system is provided, and comprises the following steps:
the data acquisition module acquires power operation data through the data acquisition module deployed at the power generation end of the power plant and sends the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the electric power operation data according to the operation condition of each data processing service container and storing the obtained electric power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, performing situation assessment on the electric power data processed by the optimal data processing service container to obtain an electric power situation assessment result, and storing the electric power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the electric power situation evaluation result and storing the processing result;
the safety protection module comprises a hierarchical protection module, an event perception module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
and the result display module is used for carrying out statistical analysis on the data indexes and situation assessment to comprehensively display the actual running condition, the equipment health level and the operation condition of the power running.
Preferably, the data acquisition module acquires transformation power, transmission power, transformer operating power and grid equipment operating power of electric power operation.
Preferably, the hierarchical protection module determines a protection target of the electric power information system, protects according to a level by combining the degree of the protection target, and simultaneously performs all-around and multi-level security protection on sensitive information of the whole life cycle of the electric power information system by applying network isolation, human invasion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
Preferably, the event perception module finds the full threat and attack behavior existing in the information system in time through the information network security monitoring platform, effectively identifies security holes, security risks and the like in the system, realizes real-time and dynamic perception of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
Preferably, the early warning scheduling module performs comprehensive calculation on attributes such as occurrence time, event number and occurrence frequency of the security events through application of big data analysis and data mining technology, predicts diffusion range and duration of the security events through a security risk monitoring and early warning platform, checks existing security holes in time, performs security early warning through a network malicious behavior analysis model, and dynamically adjusts a security protection strategy in real time.
Preferably, the emergency response module starts an emergency plan at the first time according to the information network security incident with early warning, takes reasonable security emergency countermeasures, timely processes and eliminates adverse effects of the security incident, and simultaneously traces the source and obtains evidence of the security incident, traces and positions the security incident, and effectively avoids further deterioration of the incident.
Preferably, the disaster recovery module recovers the system and the power service at the first time when the power information system encounters a network attack, thereby minimizing adverse effects caused by security events.
Preferably, the attack and defense countermeasure module disables or hinders network attack behavior of an attacker through safety protection equipment and attack and defense means, so that the safety emergency handling capacity and the protection level of the information network of the power enterprise are continuously improved, and the attack and defense countermeasure module not only has effective combination of active and passive means, but also has timely reverse countermeasure.
Compared with the prior art, the invention has the beneficial effects that:
1. the electric power operation data are collected through the data collection module, the collected data are transmitted through the data transmission module, the data are processed through the data processing module, the electric power situation is evaluated through the situation evaluation module, the electric power situation evaluation result is processed through the result processing module, the electric power system is subjected to safety protection through the safety protection module, and the electric power operation condition is displayed through the result display module, so that the electric power operation data collection device is very convenient to use.
2. According to the invention, the data acquisition module acquires the transformation power, transmission power, transformer operating power and power grid equipment operating power of electric power operation, so that comprehensive acquisition of electric power data in the power plant is realized, the subsequent analysis and display of the electric power data are facilitated, and the stability of the electric power operation in the power plant is ensured.
3. The invention determines the protection target of the electric power information system through the grading protection module, protects according to the grade by combining the degree of the protection target, and simultaneously realizes the comprehensive and multilevel safety protection of the sensitive information of the whole life cycle of the electric power information system by applying the network safety protection technology of network isolation, human invasion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
4. In the invention, the event perception module is used for timely discovering the full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifying security holes, security risks and the like in the system, realizing real-time and dynamic perception of network security events and providing early warning information for preventing and controlling the occurrence of the security risks.
5. According to the invention, the attributes of occurrence time, event quantity, occurrence frequency and the like of the security events are comprehensively calculated through the application of a big data analysis and data mining technology by the early warning scheduling module, the diffusion range and duration of the security events are predicted through the security risk monitoring and early warning platform, existing security holes are checked in time, security early warning is carried out through a network malicious behavior analysis model, and a security protection strategy is dynamically scheduled in real time.
6. According to the invention, an emergency response module starts an emergency plan at the first time according to the information network security event with early warning, reasonable security emergency countermeasures are taken, the adverse effect of the security event is timely processed and eliminated, and meanwhile, the security event is traced to the source and is proved, and tracking and positioning are carried out, so that the further deterioration of the event is effectively avoided; when the power information system encounters network attack, the disaster recovery module is used for recovering the system and the power service at the first time, so that adverse effects caused by safety events are reduced to the maximum extent.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic flow diagram of the process of the present invention;
FIG. 2 is a block diagram of a situation awareness architecture according to the present invention;
fig. 3 is a schematic diagram of a safety protection module according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-3, the invention provides a technical solution of a situation awareness architecture deployment method for a power plant industrial control system: the situational awareness architecture comprises:
the data acquisition module acquires power operation data through the data acquisition module deployed at the power generation end of the power plant and sends the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the electric power operation data according to the operation condition of each data processing service container and storing the obtained electric power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, performing situation assessment on the electric power data processed by the optimal data processing service container to obtain an electric power situation assessment result, and storing the electric power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the electric power situation evaluation result and storing the processing result;
the safety protection module comprises a hierarchical protection module, an event perception module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
and the result display module is used for carrying out statistical analysis on the data indexes and situation assessment to comprehensively display the actual running condition, the equipment health level and the operation condition of the power running.
The data acquisition module acquires the transformation power, the transmission power, the transformer operating power and the power grid equipment operating power of electric power operation.
The hierarchical protection module determines a protection target of the electric power information system, protects according to the level by combining the degree of the protection target, and simultaneously performs all-around and multi-level safety protection on sensitive information of the whole life cycle of the electric power information system by applying network isolation, human invasion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
The event perception module discovers full threats and aggressive behaviors existing in an information system in time through an information network security monitoring platform, effectively identifies security holes, security risks and the like in the system, realizes real-time and dynamic perception of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
The early warning scheduling module comprehensively calculates attributes such as occurrence time, event quantity and occurrence frequency of the security events through application of big data analysis and data mining technology, predicts diffusion range and duration of the security events through a security risk monitoring and early warning platform, timely checks existing security holes, performs security early warning through a network malicious behavior analysis model, and dynamically adjusts safety protection strategies in real time.
The emergency response module starts an emergency plan at the first time according to the information network security incident with early warning, reasonable security emergency countermeasures are taken, adverse effects of the security incident are timely processed and eliminated, meanwhile, the security incident is traced to the source and is proved, and tracking and positioning are carried out, so that further deterioration of the incident is effectively avoided.
When the power information system encounters network attack, the disaster recovery module recovers the system and the power service at the first time, so that adverse effects caused by security events are reduced to the maximum extent.
The attack and defense countermeasure module enables network attack behaviors of attackers to be invalid or blocked through safety protection equipment and attack and defense means, so that the safety emergency handling capacity and the protection level of the information network of the power enterprise are continuously improved, and the attack and defense countermeasure module not only has effective combination of active and passive means, but also has timely reverse countermeasures.
In the description herein, references to the description of "one embodiment," "an example," "a specific example" or the like are intended to mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise embodiments disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention. The invention is limited only by the claims and their full scope and equivalents.
Claims (8)
1. A situation awareness architecture deployment method for a power plant industrial control system is characterized by comprising the following steps: the situational awareness architecture comprises:
the data acquisition module acquires power operation data through the data acquisition module deployed at the power generation end of the power plant and sends the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the electric power operation data according to the operation condition of each data processing service container and storing the obtained electric power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, performing situation assessment on the electric power data processed by the optimal data processing service container to obtain an electric power situation assessment result, and storing the electric power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the electric power situation evaluation result and storing the processing result;
the safety protection module comprises a hierarchical protection module, an event perception module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
and the result display module is used for carrying out statistical analysis on the data indexes and situation assessment to comprehensively display the actual running condition, the equipment health level and the operation condition of the power running.
2. The situation awareness architecture deployment method for the power plant industrial control system according to claim 1, characterized in that: the data acquisition module acquires the transformation power, the transmission power, the transformer operating power and the power grid equipment operating power of electric power operation.
3. The situation awareness architecture deployment method for the power plant industrial control system according to claim 1, characterized in that: the hierarchical protection module determines a protection target of the electric power information system, protects according to the level by combining the degree of the protection target, and simultaneously performs comprehensive and multilevel security protection on sensitive information of the whole life cycle of the electric power information system by applying network isolation, human invasion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
4. The situation awareness architecture deployment method for the power plant industrial control system according to claim 1, characterized in that: the event perception module discovers full threats and aggressive behaviors existing in an information system in time through an information network security monitoring platform, effectively identifies security holes, security risks and the like in the system, realizes real-time and dynamic perception of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
5. The situation awareness architecture deployment method for the power plant industrial control system according to claim 1, characterized in that: the early warning scheduling module comprehensively calculates attributes such as occurrence time, event quantity and occurrence frequency of the security events through application of big data analysis and data mining technology, predicts diffusion range and duration of the security events through a security risk monitoring early warning platform, timely checks existing security holes, performs security early warning through a network malicious behavior analysis model, and dynamically adjusts safety protection countermeasures in real time.
6. The situation awareness architecture deployment method for the power plant industrial control system according to claim 1, characterized in that: the emergency response module starts an emergency plan at the first time according to the information network security incident with early warning, takes reasonable security emergency countermeasures, timely processes and eliminates adverse effects of the security incident, simultaneously traces the source of the security incident to obtain evidence, traces and positions the security incident to effectively avoid further deterioration of the incident.
7. The situation awareness architecture deployment method for the power plant industrial control system according to claim 1, characterized in that: when the power information system encounters network attack, the disaster recovery module recovers the system and the power service at the first time, so that adverse effects caused by security events are reduced to the maximum extent.
8. The situation awareness architecture deployment method for the power plant industrial control system according to claim 1, characterized in that: the attack and defense countermeasure module enables network attack behaviors of attackers to be invalid or blocked through safety protection equipment and attack and defense means, so that the safety emergency handling capacity and the protection level of the information network of the power enterprise are continuously improved, and the attack and defense countermeasure module not only has effective combination of active and passive means, but also has timely reverse countermeasures.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110394221.1A CN113010862B (en) | 2021-04-13 | 2021-04-13 | Situation awareness architecture deployment method for industrial control system of power plant |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110394221.1A CN113010862B (en) | 2021-04-13 | 2021-04-13 | Situation awareness architecture deployment method for industrial control system of power plant |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113010862A true CN113010862A (en) | 2021-06-22 |
| CN113010862B CN113010862B (en) | 2024-03-29 |
Family
ID=76388795
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110394221.1A Active CN113010862B (en) | 2021-04-13 | 2021-04-13 | Situation awareness architecture deployment method for industrial control system of power plant |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113010862B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016034140A1 (en) * | 2014-09-04 | 2016-03-10 | 国家电网公司 | Gis map-based dynamic status plotting system and method |
| CN109088750A (en) * | 2018-07-23 | 2018-12-25 | 下代互联网重大应用技术(北京)工程研究中心有限公司 | Network Situation Awareness System design and dispositions method based on container |
-
2021
- 2021-04-13 CN CN202110394221.1A patent/CN113010862B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016034140A1 (en) * | 2014-09-04 | 2016-03-10 | 国家电网公司 | Gis map-based dynamic status plotting system and method |
| CN109088750A (en) * | 2018-07-23 | 2018-12-25 | 下代互联网重大应用技术(北京)工程研究中心有限公司 | Network Situation Awareness System design and dispositions method based on container |
Non-Patent Citations (2)
| Title |
|---|
| 张大松;姜洪朝;吴云峰;: "火电工控系统网络安全防护方案设计", 信息技术与网络安全, no. 03 * |
| 许晓燕;: "基于改进博弈模型的网络安全态势评估平台设计", 现代电子技术, no. 12 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113010862B (en) | 2024-03-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2014343231B2 (en) | Cyber defense | |
| CN101763106B (en) | Operation optimum management control system and method of thermal generator set | |
| AU2014343231A1 (en) | Cyber defense | |
| CN105678040B (en) | Power SCADA system virus analysis test envelope | |
| Tao et al. | A survey of network security situation awareness in power monitoring system | |
| CN117149498B (en) | Power plant fault diagnosis method and system | |
| AL-Jumaili et al. | Analytical survey on the security framework of cyber-physical systems for smart power system networks | |
| CN113010862B (en) | Situation awareness architecture deployment method for industrial control system of power plant | |
| Diaba et al. | Cyber security in power systems using meta-heuristic and deep learning algorithms | |
| Datta et al. | Cyber Threat Analysis Framework for the Wind Energy Based Power System | |
| CN117474250A (en) | New energy multifunctional integrated intelligent application system | |
| Alotibi et al. | Physics-informed cyber-attack detection in wind farms | |
| CN116092256A (en) | Fire detection alarm system, method and device for wind power plant | |
| Lai et al. | An active security defense strategy for wind farm based on automated decision | |
| Rele et al. | Enhancing Safety and Security in Renewable Energy Systems within Smart Cities | |
| ElKhodary et al. | Kobry El-Kobbah, Cairo, Egypt | |
| ElKhodary et al. | Analysis of Nuclear Safety Measures Associated with Nuclear Power Plants Programs | |
| Tian et al. | A cybersecurity risk assessment method and its application for instrumentation and control systems in nuclear power plants | |
| Civlez et al. | Security Applications for Reliable Energy Management in a Microgrid | |
| Lin et al. | Review of Power System Resilience Concept, Assessment, and Enhancement Measures | |
| Hetyei et al. | Review of Wind Turbine Failures, Highlighting Fire Accidents | |
| Li et al. | On the recent research advancements of cyber security of nuclear power plants | |
| CN115047783B (en) | Nuclear power control system safety test environment simulation device and attack safety protection system | |
| CN208749489U (en) | A kind of comprehensive O&M security system of wind power plant | |
| Bi et al. | Frequency Vulnerability Analysis of Power Systems Considering UAV Striking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Country or region after: China Address after: Room 409, Unit 2, Building 15, Yard 16, Yingcai North 3rd Street, Future Science City, Changping District, Beijing 102211 Applicant after: China Datang Group Science and Technology Research Institute Co.,Ltd. Address before: 102211 urban oasis 309, 237 Dingsi Road, future science and Technology City, Changping District, Beijing Applicant before: China Datang Corporation Science and Technology General Research Institute Ltd. Country or region before: China |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |