CN113010862B - Situation awareness architecture deployment method for industrial control system of power plant - Google Patents
Situation awareness architecture deployment method for industrial control system of power plant Download PDFInfo
- Publication number
- CN113010862B CN113010862B CN202110394221.1A CN202110394221A CN113010862B CN 113010862 B CN113010862 B CN 113010862B CN 202110394221 A CN202110394221 A CN 202110394221A CN 113010862 B CN113010862 B CN 113010862B
- Authority
- CN
- China
- Prior art keywords
- power
- module
- data
- security
- deployment method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000012545 processing Methods 0.000 claims abstract description 48
- 230000005540 biological transmission Effects 0.000 claims abstract description 14
- 238000010248 power generation Methods 0.000 claims abstract description 11
- 230000006399 behavior Effects 0.000 claims description 11
- 238000012544 monitoring process Methods 0.000 claims description 11
- 230000004044 response Effects 0.000 claims description 11
- 238000005516 engineering process Methods 0.000 claims description 10
- 230000007123 defense Effects 0.000 claims description 9
- 230000000694 effects Effects 0.000 claims description 9
- 230000002411 adverse Effects 0.000 claims description 8
- 238000011084 recovery Methods 0.000 claims description 7
- 238000004458 analytical method Methods 0.000 claims description 5
- 238000007405 data analysis Methods 0.000 claims description 4
- 238000007418 data mining Methods 0.000 claims description 4
- 238000001514 detection method Methods 0.000 claims description 4
- 230000006866 deterioration Effects 0.000 claims description 4
- 238000009792 diffusion process Methods 0.000 claims description 4
- 238000002955 isolation Methods 0.000 claims description 4
- 230000008569 process Effects 0.000 claims description 4
- 230000036541 health Effects 0.000 claims description 3
- 238000007619 statistical method Methods 0.000 claims description 3
- 230000005611 electricity Effects 0.000 description 5
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 239000000446 fuel Substances 0.000 description 2
- 239000007789 gas Substances 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- VNWKTOKETHGBQD-UHFFFAOYSA-N methane Chemical compound C VNWKTOKETHGBQD-UHFFFAOYSA-N 0.000 description 2
- 229910052770 Uranium Inorganic materials 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000003245 coal Substances 0.000 description 1
- 230000004992 fission Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000003345 natural gas Substances 0.000 description 1
- 239000003758 nuclear fuel Substances 0.000 description 1
- 239000003208 petroleum Substances 0.000 description 1
- 239000000047 product Substances 0.000 description 1
- JFALSRSLKYAFGM-UHFFFAOYSA-N uranium(0) Chemical compound [U] JFALSRSLKYAFGM-UHFFFAOYSA-N 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/50—Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Business, Economics & Management (AREA)
- Economics (AREA)
- Public Health (AREA)
- Water Supply & Treatment (AREA)
- Human Resources & Organizations (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- Computing Systems (AREA)
- Databases & Information Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a situation awareness architecture deployment method for a power plant industrial control system, which comprises the steps that electric power operation data are acquired through a data acquisition module deployed at a power generation end of a power plant, the acquired electric power operation data are sent to a data transmission module, the data transmission module acquires the electric power operation data to transmit the electric power operation data to a data processing module, a situation assessment module calls a situation assessment service container corresponding to an optimal data processing service container, situation assessment is carried out on the electric power data processed by the optimal data processing service container, an electric power situation assessment result is obtained, a result processing module calls a result processing service container corresponding to the optimal data processing service container, the electric power situation assessment result is processed, and a safety protection module carries out safety protection on the electric power operation; according to the invention, the data acquisition module is used for acquiring the power operation data, and the situation assessment module is used for assessing the power situation, so that the safety is high.
Description
Technical Field
The invention relates to the technical field of power plants, in particular to a situation awareness architecture deployment method for a power plant industrial control system.
Background
A power plant refers to a power plant that converts some form of primary energy into electrical energy for stationary or transportation electricity, such as a thermal, hydraulic, steam, diesel or nuclear power plant, etc. Thermal power generation is to generate electricity by using thermal energy obtained by burning fuel (coal, petroleum, products thereof, natural gas, etc.). The generator set for thermal power generation has two main forms, namely a steam turbine generator set is called by utilizing a steam turbine which is driven by high-temperature and high-pressure steam generated by a boiler to rotate to drive a generator to generate power; the fuel enters the gas turbine to directly convert heat energy into mechanical energy to drive the generator to generate electricity, and the generator is called a gas turbine generator set. Thermal power plants are generally referred to as power plants that are primarily turbo-generator sets. The hydroelectric generation is to guide river water or lake water at high positions to the downstream to form a fall through diversion so as to push the water turbine to rotate to drive the generator to generate power. A power plant that generates electricity with a hydro-generator set is called a hydroelectric power plant. The nuclear power generation is to utilize the heat energy released by the slow fission of nuclear fuel (such as uranium) in the nuclear reactor to generate steam (instead of a boiler in a thermal power plant) to drive a steam turbine and then drive a generator to rotate for power generation. A power plant that mainly generates nuclear power is called a nuclear power plant. The large-scale paddle built on the tower top is blown by wind power to rotate so as to drive the generator to generate electricity, which is called wind power generation, and a power generation site consisting of a plurality of wind power generators, tens of wind power generators and even tens of wind power generators is called a wind power generation field.
In the prior art, in the running process of a power plant, a plurality of systems such as a power grid asset management system, a dispatching system, a mass platform system, an on-line monitoring system and a meteorological or icing monitoring system are formed aiming at the power grid equipment state monitoring and generation management technology, and the whole protection effect of the power plant is common although the electric power running of the power plant can be managed to a certain extent, so that the problem of the power plant is difficult to treat in time.
Based on the situation awareness architecture deployment method, the situation awareness architecture deployment method for the power plant industrial control system is designed to solve the above-mentioned problems.
Disclosure of Invention
The invention aims to provide a situation awareness architecture deployment method for a power plant industrial control system, which is characterized in that power operation data are acquired through a data acquisition module, the acquired data are transmitted through a data transmission module, the data are processed through a data processing module, the power situation is evaluated through a situation evaluation module, the power situation evaluation result is processed through a result processing module, the safety protection is carried out on a power system through a safety protection module, and the power operation situation is displayed through a result display module, so that the use is very convenient, and the problems in the background technology are solved.
In order to achieve the above purpose, the present invention provides the following technical solutions: a situation awareness architecture deployment method facing a power plant industrial control system, wherein the situation awareness architecture comprises the following steps:
the data acquisition module is used for acquiring power operation data through the data acquisition module deployed at the power generation end of the power plant and sending the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the power operation data according to the operation condition of each data processing service container and storing the acquired power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, carrying out situation assessment on the power data processed by the optimal data processing service container to obtain a power situation assessment result, and storing the power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the power situation assessment result and storing the processing result;
the safety protection module comprises six links, namely a grading protection module, an event sensing module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
the result display module is used for comprehensively displaying the actual running condition, the equipment health level and the operation condition of the electric power running by carrying out statistical analysis on the data indexes and the situation assessment.
Preferably, the data acquisition module comprises acquisition of electric power operation power, transmission power, transformer operation power and grid equipment operation power.
Preferably, the hierarchical protection module determines a protection target of the electric power information system, protects the electric power information system according to the level by combining the degree of the protection target, and simultaneously carries out full-aspect and multi-level security protection on sensitive information of the whole life cycle of the electric power information system by applying network security protection technologies of network isolation, human intrusion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
Preferably, the event sensing module timely discovers full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifies security vulnerabilities, security risks and the like in the system, realizes real-time and dynamic sensing of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
Preferably, the early warning scheduling module comprehensively calculates the occurrence time, the number of events, the occurrence frequency and other attributes of the security events through the application of big data analysis and data mining technology, predicts the diffusion range and the duration of the security events through the security risk monitoring early warning platform, timely checks the existing security holes, carries out security early warning through the network malicious behavior analysis model, and dynamically adjusts the security protection countermeasures in real time.
Preferably, the emergency response module starts an emergency plan at the first time according to the information network security event with early warning, adopts reasonable security emergency countermeasures, timely processes and eliminates adverse effects of the security event, and simultaneously, performs tracing and evidence obtaining on the security event, and performs tracing and positioning to effectively avoid further deterioration of the event.
Preferably, the disaster recovery module recovers the system and the power service at the first time when the power information system encounters a network attack, thereby minimizing adverse effects caused by a security event.
Preferably, the attack and defense countermeasure module disables or is blocked by the network attack behavior of an attacker through safety protection equipment and attack and defense means, so that the network safety emergency handling capacity and the protection level of the power enterprise are continuously improved, and the attack and defense countermeasure module not only has active and passive means for effective combination, but also has the function of timely countering in reverse direction.
Compared with the prior art, the invention has the beneficial effects that:
1. according to the invention, the data acquisition module is used for acquiring the power operation data, the data transmission module is used for transmitting the acquired data, the data processing module is used for processing the data, the situation assessment module is used for assessing the power situation, the result processing module is used for processing the power situation assessment result, the safety protection module is used for carrying out safety protection on the power system, and the result display module is used for displaying the power operation situation, so that the use is very convenient.
2. According to the invention, the data acquisition module is used for acquiring the power transmission power, the transformer operation power and the power grid equipment operation power of the power operation, so that the comprehensive acquisition of the power data in the power plant is realized, the subsequent analysis and display of the power data are facilitated, and the stability of the power operation in the power plant is ensured.
3. According to the invention, the protection target of the electric power information system is determined through the hierarchical protection module, the protection is carried out according to the level by combining the degree of the protection target, and meanwhile, the full-aspect and multi-level security protection is carried out on the sensitive information of the full life cycle of the electric power information system through the network security protection technology of network isolation, human intrusion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
4. In the invention, the event sensing module timely discovers full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifies security vulnerabilities, security risks and the like in the system, realizes real-time and dynamic sensing of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
5. According to the invention, through the application of big data analysis and data mining technology by the early warning scheduling module, the occurrence time, the number of events, the occurrence frequency and other attributes of the security events are comprehensively calculated, the diffusion range and the duration of the security events are predicted by the security risk monitoring early warning platform, the existing security holes are timely checked, the security early warning is carried out by the network malicious behavior analysis model, and the security protection countermeasures are dynamically adjusted in real time.
6. According to the invention, an emergency response module starts an emergency plan at the first time according to the information network security event with early warning, reasonable security emergency countermeasures are taken, adverse effects of the security event are timely processed and eliminated, and meanwhile, the security event is traced and evidence obtained, and tracing and positioning are carried out, so that further deterioration of the event is effectively avoided; when the power information system encounters network attack, the disaster recovery module recovers the system and the power service at the first time, so that adverse effects caused by a security event are reduced to the greatest extent.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic flow chart of the method of the present invention;
FIG. 2 is a schematic diagram of a situation awareness architecture module according to the present invention;
fig. 3 is a schematic diagram of a safety protection module according to the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1-3, the present invention provides a situation awareness architecture deployment method for a power plant industrial control system, which comprises the following steps: the situation awareness architecture includes:
the data acquisition module is used for acquiring power operation data through the data acquisition module deployed at the power generation end of the power plant and sending the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the power operation data according to the operation condition of each data processing service container and storing the acquired power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, carrying out situation assessment on the power data processed by the optimal data processing service container to obtain a power situation assessment result, and storing the power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the power situation assessment result and storing the processing result;
the safety protection module comprises six links, namely a grading protection module, an event sensing module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
the result display module is used for comprehensively displaying the actual running condition, the equipment health level and the operation condition of the electric power running by carrying out statistical analysis on the data indexes and the situation assessment.
The data acquisition module comprises acquisition of power transmission power, transformer operation power and power grid equipment operation power.
The hierarchical protection module determines a protection target of the electric power information system, protects the electric power information system according to the level by combining the degree of the protection target, and simultaneously realizes full-aspect and multi-level security protection on sensitive information of the whole life cycle of the electric power information system by applying network security protection technologies of network isolation, human intrusion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
The event sensing module timely discovers full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifies security vulnerabilities, security risks and the like in the system, realizes real-time and dynamic sensing of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
The early warning scheduling module comprehensively calculates the occurrence time, the number of events, the occurrence frequency and other attributes of the security events through the application of big data analysis and data mining technology, predicts the diffusion range and the duration of the security events through the security risk monitoring early warning platform, timely checks the existing security holes, carries out security early warning through the network malicious behavior analysis model, and dynamically adjusts the security protection countermeasures in real time.
The emergency response module starts an emergency plan at the first time according to the information network security event with early warning, adopts reasonable security emergency countermeasures, timely processes and eliminates adverse effects of the security event, and meanwhile, performs tracing and evidence obtaining on the security event, and performs tracing and positioning to effectively avoid further deterioration of the event.
When the power information system encounters network attack, the disaster recovery module recovers the system and the power service at the first time, so that adverse effects caused by a security event are reduced to the greatest extent.
The attack and defense countermeasure module enables network attack behaviors of attackers to be invalid or blocked through safety protection equipment and attack and defense means, so that the network safety emergency disposal capacity and the protection level of the power enterprise information are continuously improved, and the attack and defense countermeasure module not only has active and passive means to be effectively combined, but also has the function of timely countering in a reverse direction.
In the description of the present specification, the descriptions of the terms "one embodiment," "example," "specific example," and the like, mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The preferred embodiments of the invention disclosed above are intended only to assist in the explanation of the invention. The preferred embodiments are not exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best understand and utilize the invention. The invention is limited only by the claims and the full scope and equivalents thereof.
Claims (8)
1. A situation awareness architecture deployment method for a power plant industrial control system is characterized by comprising the following steps of: the situation awareness architecture includes:
the data acquisition module is used for acquiring power operation data through the data acquisition module deployed at the power generation end of the power plant and sending the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the power operation data according to the operation condition of each data processing service container and storing the acquired power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, carrying out situation assessment on the power data processed by the optimal data processing service container to obtain a power situation assessment result, and storing the power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the power situation assessment result and storing the processing result;
the safety protection module comprises six links, namely a grading protection module, an event sensing module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
the result display module is used for comprehensively displaying the actual running condition, the equipment health level and the operation condition of the electric power running by carrying out statistical analysis on the data indexes and the situation assessment.
2. The situation awareness architecture deployment method for a power plant industrial control system according to claim 1, wherein the deployment method is characterized by comprising the following steps: the data acquisition module comprises acquisition of power transmission power, transformer operation power and power grid equipment operation power.
3. The situation awareness architecture deployment method for a power plant industrial control system according to claim 1, wherein the deployment method is characterized by comprising the following steps: the hierarchical protection module determines a protection target of the electric power information system, protects the electric power information system according to the level by combining the degree of the protection target, and simultaneously realizes full-aspect and multi-level security protection on sensitive information of the whole life cycle of the electric power information system by applying network security protection technologies of network isolation, human intrusion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
4. The situation awareness architecture deployment method for a power plant industrial control system according to claim 1, wherein the deployment method is characterized by comprising the following steps: the event sensing module timely discovers full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifies security vulnerabilities, security risks and the like in the system, realizes real-time and dynamic sensing of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
5. The situation awareness architecture deployment method for a power plant industrial control system according to claim 1, wherein the deployment method is characterized by comprising the following steps: the early warning scheduling module comprehensively calculates the occurrence time, the number of events, the occurrence frequency and other attributes of the security events through the application of big data analysis and data mining technology, predicts the diffusion range and the duration of the security events through the security risk monitoring early warning platform, timely checks the existing security holes, carries out security early warning through the network malicious behavior analysis model, and dynamically adjusts the security protection countermeasures in real time.
6. The situation awareness architecture deployment method for a power plant industrial control system according to claim 1, wherein the deployment method is characterized by comprising the following steps: the emergency response module starts an emergency plan according to the information network security event with early warning, adopts reasonable security emergency countermeasures, timely processes and eliminates adverse effects of the security event, and simultaneously, performs tracing and evidence obtaining on the security event and performs tracing and positioning to effectively avoid further deterioration of the event.
7. The situation awareness architecture deployment method for a power plant industrial control system according to claim 1, wherein the deployment method is characterized by comprising the following steps: the disaster recovery module recovers the system and the power service at the first time when the power information system encounters a network attack, thereby minimizing adverse effects caused by a security event.
8. The situation awareness architecture deployment method for a power plant industrial control system according to claim 1, wherein the deployment method is characterized by comprising the following steps: the attack and defense countermeasure module enables network attack behaviors of attackers to be invalid or blocked through safety protection equipment and attack and defense means, so that the emergency handling capacity and the protection level of the information network safety of the power enterprise are continuously improved, and the attack and defense countermeasure module not only has active and passive means to be effectively combined, but also has the function of timely countering in time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110394221.1A CN113010862B (en) | 2021-04-13 | 2021-04-13 | Situation awareness architecture deployment method for industrial control system of power plant |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110394221.1A CN113010862B (en) | 2021-04-13 | 2021-04-13 | Situation awareness architecture deployment method for industrial control system of power plant |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113010862A CN113010862A (en) | 2021-06-22 |
| CN113010862B true CN113010862B (en) | 2024-03-29 |
Family
ID=76388795
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110394221.1A Active CN113010862B (en) | 2021-04-13 | 2021-04-13 | Situation awareness architecture deployment method for industrial control system of power plant |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113010862B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016034140A1 (en) * | 2014-09-04 | 2016-03-10 | 国家电网公司 | Gis map-based dynamic status plotting system and method |
| CN109088750A (en) * | 2018-07-23 | 2018-12-25 | 下代互联网重大应用技术(北京)工程研究中心有限公司 | Network Situation Awareness System design and dispositions method based on container |
-
2021
- 2021-04-13 CN CN202110394221.1A patent/CN113010862B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016034140A1 (en) * | 2014-09-04 | 2016-03-10 | 国家电网公司 | Gis map-based dynamic status plotting system and method |
| CN109088750A (en) * | 2018-07-23 | 2018-12-25 | 下代互联网重大应用技术(北京)工程研究中心有限公司 | Network Situation Awareness System design and dispositions method based on container |
Non-Patent Citations (2)
| Title |
|---|
| 基于改进博弈模型的网络安全态势评估平台设计;许晓燕;;现代电子技术(12);全文 * |
| 火电工控系统网络安全防护方案设计;张大松;姜洪朝;吴云峰;;信息技术与网络安全(03);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113010862A (en) | 2021-06-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Krebs | Cyber incident blamed for nuclear power plant shutdown | |
| Zhang | Distributed network security framework of energy internet based on internet of things | |
| Zhang et al. | A robust cybersecurity solution platform architecture for digital instrumentation and control systems in nuclear power facilities | |
| Yang et al. | Attack and defence methods in cyber‐physical power system | |
| Masood | Assessment of cyber security challenges in nuclear power plants security incidents, threats, and initiatives | |
| Tao et al. | A survey of network security situation awareness in power monitoring system | |
| CN113010862B (en) | Situation awareness architecture deployment method for industrial control system of power plant | |
| CN117149498B (en) | Power plant fault diagnosis method and system | |
| AL-Jumaili et al. | Analytical survey on the security framework of cyber-physical systems for smart power system networks | |
| Fursov et al. | Smart Grid and wind generators: an overview of cyber threats and vulnerabilities of power supply networks | |
| Wu et al. | Fast screening severe cyber attacks via transient energy-based impact analysis | |
| CN116092256A (en) | Fire detection alarm system, method and device for wind power plant | |
| Lai et al. | An active security defense strategy for wind farm based on automated decision | |
| Ruan et al. | Applying Large Language Models to Power Systems: Potential Security Threats | |
| Ibrahim et al. | Attack graph modeling for nuclear power plant | |
| Protić | Critical infrastructures: Threats, vulnerabilities and protection | |
| Poursmaeil et al. | Robust defense strategy against cyber physical attacks in networked microgrids | |
| Rele et al. | Enhancing Safety and Security in Renewable Energy Systems within Smart Cities | |
| Tian et al. | A cybersecurity risk assessment method and its application for instrumentation and control systems in nuclear power plants | |
| Li et al. | On the recent research advancements of cyber security of nuclear power plants | |
| ElKhodary et al. | Kobry El-Kobbah, Cairo, Egypt | |
| ElKhodary et al. | Analysis of Nuclear Safety Measures Associated with Nuclear Power Plants Programs | |
| Hirasaki et al. | MHPS-TOMONI®: Sophisticated Power Plant Operation through Digital Solutions | |
| Hetyei et al. | Review of Wind Turbine Failures, Highlighting Fire Accidents | |
| CN115047783B (en) | Nuclear power control system safety test environment simulation device and attack safety protection system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Country or region after: China Address after: Room 409, Unit 2, Building 15, Yard 16, Yingcai North 3rd Street, Future Science City, Changping District, Beijing 102211 Applicant after: China Datang Group Science and Technology Research Institute Co.,Ltd. Address before: 102211 urban oasis 309, 237 Dingsi Road, future science and Technology City, Changping District, Beijing Applicant before: China Datang Corporation Science and Technology General Research Institute Ltd. Country or region before: China |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |