CN113240381A

CN113240381A - Micro-grid power auditing system

Info

Publication number: CN113240381A
Application number: CN202110399464.4A
Authority: CN
Inventors: 伍江瑶; 李成鸿; 杨秋勇; 裴求根; 苏华权; 陈军; 黄小强
Original assignee: Guangdong Power Grid Co Ltd; Southern Power Grid Digital Grid Research Institute Co Ltd
Current assignee: Guangdong Power Grid Co Ltd; Southern Power Grid Digital Grid Research Institute Co Ltd
Priority date: 2021-04-14
Filing date: 2021-04-14
Publication date: 2021-08-10
Anticipated expiration: 2041-04-14
Also published as: CN113240381B

Abstract

The application relates to a micro-grid power auditing system. The system comprises a micro-grid, a local edge server and a neighbor edge server; the micro-grid is used for collecting power logs and uploading the power logs to a local edge server; the local edge server is used for determining processing resources required by power auditing according to the received power logs, judging whether the processing resources are matched with the computing resources of the local edge server or not, if the processing resources are not matched with the computing resources, dividing the power logs into local auditing logs and remote auditing logs, performing anomaly detection on the local auditing logs, and sending the remote auditing logs to a neighbor edge server; and the neighbor edge server is used for carrying out anomaly detection on the received remote audit log and returning a detection result to the local edge server. By adopting the system, when the computing capacity of the local edge server is limited, part of audit tasks can be unloaded to the neighbor edge server, and the problem of insufficient processing resources of the local edge server is effectively solved.

Description

Micro-grid power auditing system

Technical Field

The application relates to the technical field of smart power grids, in particular to a micro-grid power auditing system, method, computer equipment and storage medium.

Background

With the development of energy internet, distributed energy such as solar energy, wind energy, energy storage batteries and the like has the advantages of less pollution products, high energy conversion rate, high operation reliability, small equipment scale, convenience and flexibility in installation and the like, and is matched with the direction of developing low-carbon energy in various countries in the world, so that the distributed energy gradually becomes an important source of power generation, and therefore, a micro-grid system appears. Advanced information technology, control technology and electric power technology are fused in the micro-grid, reliable electric power supply is provided, various requirements of users are met, and meanwhile maximization of energy benefit, economic benefit and environmental benefit can be guaranteed. Meanwhile, the micro-grid can provide functions of grid support, energy efficiency improvement, energy conservation, consumption reduction and the like in a conventional grid, and is an indispensable important component in the construction of a smart grid.

The microgrid adopts a distributed working mode, and the traditional power auditing process adopts a centralized processing mode, so that certain difficulty is brought to the power auditing of the microgrid. Firstly, a large number of users exist inside the microgrid, a large amount of power utilization information is generated, the efficiency of the centralized power auditing method is low, and the situation of insufficient processing resources is easy to occur; secondly, centralized power auditing can cause information leakage of a large number of users when suffering from attacks, so that a safety problem exists; finally, centralized power auditing has the problems of easy tampering, lack of independence and fairness, incapability of tracing and the like.

Therefore, the existing microgrid power auditing technology has the problem of insufficient processing resources.

Disclosure of Invention

In view of the above, there is a need to provide a microgrid power auditing system, method, computer device and storage medium capable of solving the problem of processing resource shortage.

A microgrid power auditing system comprises a microgrid, a local edge server and a neighbor edge server; the local edge server is connected with the micro-grid, and the neighbor edge server is connected with the local edge server;

the micro-grid is used for collecting the power log and uploading the power log to the local edge server;

the local edge server is used for determining processing resources required by power auditing according to the received power logs and judging whether the processing resources are matched with the computing resources of the local edge server or not;

the local edge server is further configured to divide the power log into a local audit log and a remote audit log if the processing resource is not matched with the computing resource, perform anomaly detection on the local audit log, and send the remote audit log to the neighbor edge server;

and the neighbor edge server is used for carrying out anomaly detection on the received remote audit log and returning a detection result to the local edge server.

In one embodiment, the local edge server is further configured to perform feature extraction on the local audit log to obtain a local feature vector, and perform anomaly detection on the local feature vector by using a random forest method to obtain a first anomaly log.

In one embodiment, the local edge server is further configured to perform feature extraction on the remote audit log to obtain a remote feature vector, perform homomorphic encryption on the remote feature vector to obtain an encrypted feature vector, and send the encrypted feature vector to the neighbor edge server;

the neighbor edge server is also used for classifying the received encrypted feature vectors by a random forest method to obtain a decision sequence, and returning the decision sequence to the local edge server;

the local edge server is further configured to decrypt the received decision sequence to obtain a decision result, and obtain a second abnormal log according to the decision result.

In one embodiment, the local edge server is further configured to perform feature extraction on the local audit log and the remote audit log by a one-hot method.

In one embodiment, the local edge server is further configured to obtain K power log samples, where the K power log samples have M features, select M features from the M features, where M < < M, select 1 feature from the M features as a node splitting feature, establish a decision tree according to the node splitting feature, and generate the random forest according to a plurality of the decision trees.

In one embodiment, the microgrid is further configured to clean the power log to obtain a cleaned log, perform structural processing on the cleaned log to obtain a structured log, encrypt the structured log to obtain an encrypted log, and upload the encrypted log to the local edge server;

and the local edge server is also used for determining processing resources required by power auditing according to the received encryption logs.

In one embodiment, the microgrid is further configured to encrypt key information in the structured log to obtain the encrypted log; the key information comprises user identification and user addresses of the microgrid users.

In one embodiment, the microgrid power auditing system further comprises a blockchain, wherein nodes of the blockchain comprise the local edge server and the neighbor edge server; the micro-grid is further used for sending the power log, the cleaned log and the structured log to the local edge server;

the local edge server is further configured to perform uplink storage on the block chain for the received power log, the cleaned log and the structured log;

the local edge server is further configured to perform uplink crediting on the blockchain on the encrypted log, the first exception log, and the second exception log;

the neighbor edge server is further configured to perform uplink crediting on the blockchain for the encrypted feature vector.

In one embodiment, the local edge server is further configured to send a cooperative computing request to the neighbor edge server when the processing resource does not match the computing resource, and perform uplink storage on the blockchain for the cooperative computing request.

In one embodiment, the microgrid is further configured to send registration information to the local edge server;

the local edge server is further configured to register the microgrid on the block chain according to the received registration information.

A microgrid power auditing method, the method comprising:

receiving a power log collected by a micro-grid;

determining processing resources required by power auditing according to the power log;

judging whether the processing resources are matched with the computing resources of the local edge server;

if the processing resources are not matched with the computing resources, dividing the power logs into local audit logs and allopatric audit logs;

and carrying out anomaly detection on the local audit log, sending the remote audit log to the neighbor edge server so that the neighbor edge server can carry out anomaly detection on the received remote audit log and return a detection result to the local edge server.

A computer device comprising a memory and a processor, the memory storing a computer program, the processor implementing the following steps when executing the computer program:

receiving a power log collected by a micro-grid;

A computer-readable storage medium, on which a computer program is stored which, when executed by a processor, carries out the steps of:

receiving a power log collected by a micro-grid;

The micro-grid power auditing system, the method, the computer equipment and the storage medium collect the power logs through the micro-grid and upload the power logs to the local edge server, the local edge server determines the processing resources required by power auditing according to the power logs and judges whether the processing resources are matched with the computing resources of the local edge server or not, whether enough computing resources exist in the local edge server to process the auditing tasks of the micro-grid power logs can be quickly detected, if the processing resources are not matched with the computing resources, the local edge server divides the power logs into the local auditing logs and the remote auditing logs, performs anomaly detection on the local auditing logs and sends the remote auditing logs to the neighbor edge server, the neighbor edge server performs anomaly detection on the remote auditing logs and returns the detection result, when the computing capacity of the local edge server is limited, and partial audit tasks are unloaded to the neighbor edge server and processed by the neighbor edge server, so that the problem of insufficient processing resources of the local edge server is effectively solved.

Drawings

FIG. 1 is a block diagram of a microgrid power auditing system in an embodiment;

FIG. 2 is a block diagram of a microgrid power auditing system in another embodiment;

FIG. 3 is a schematic diagram of a microgrid power audit flow under an embodiment;

FIG. 4 is a timing diagram of a microgrid power audit in one embodiment;

FIG. 5 is a timing diagram of the interaction of the microgrid with an edge server in one embodiment;

FIG. 6 is a timing diagram for chain credentialing on microgrid power audit data in one embodiment;

FIG. 7 is a schematic flow diagram of a microgrid power auditing method in one embodiment;

FIG. 8 is a diagram illustrating an internal structure of a computer device according to an embodiment.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.

In one embodiment, as shown in fig. 1, a microgrid power auditing system 100 is provided and may include a microgrid 110, a local edge server 120, and a neighbor edge server 130.

The local edge server is connected with the micro-grid, and the neighbor edge server is connected with the local edge server.

The micro-grid can be a small power generation and distribution system composed of distributed power supplies, energy storage devices, energy conversion devices, loads, monitoring and protection devices and the like.

The local edge server and the neighbor edge server may be servers capable of implementing edge computation, and may be implemented by independent servers or a server cluster formed by a plurality of servers.

The microgrid 110 is used for collecting power logs and uploading the power logs to the local edge server 120;

the local edge server 120 is configured to determine, according to the received power log, processing resources required for power auditing, and determine whether the processing resources are matched with computing resources of the local edge server 120;

the local edge server 120 is further configured to, if the processing resources are not matched with the computing resources, divide the power log into a local audit log and a remote audit log, perform anomaly detection on the local audit log, and send the remote audit log to the neighbor edge server 130;

and the neighbor edge server 130 is configured to perform anomaly detection on the received remote audit log, and return a detection result to the local edge server.

The local audit log may be a log audited by the local edge server. The remote audit log can be a log audited by a neighbor edge server.

In specific implementation, the microgrid can acquire the power logs inside the microgrid through a log acquisition module, clean the acquired power logs, convert semi-structured log data into structured log data, encrypt key information (such as user identification and user address of a microgrid user) in the structured log data, and upload the encrypted structured power logs to a local edge server.

The local edge server can determine processing resources required by power auditing according to the encrypted structured power log, compares the processing resources required by the power auditing with computing resources on the local edge server, judges that the processing resources are not matched if the computing resources are less than the processing resources, and the local edge server does not have enough computing power to complete a task of performing power auditing on the power log, otherwise judges that the processing resources are matched if the computing resources are greater than or equal to the processing resources, and the local edge server has enough computing power to complete the task of performing power auditing.

If the local edge server has enough computing capacity, all log abnormality detection tasks of the power audit can be processed on the local edge server, the structured power log is subjected to feature extraction through a one-hot method, and the extracted features are subjected to abnormality detection through a random forest algorithm to obtain an abnormal log.

Otherwise, if the local edge server is limited in capability and does not have enough computing capability, all log anomaly detection tasks can be divided into two parts, one part is processed in the local edge server, and the other part is transmitted to a neighbor edge server for processing, so that load balancing is realized, and meanwhile, the power logs can be divided into local audit logs and remote audit logs. The local audit logs can be left on a local edge server for processing, feature extraction is carried out through a one-hot method, and anomaly detection is carried out on the extracted features through a random forest algorithm to obtain anomaly logs; for the remote audit logs, firstly, feature extraction is carried out on a local edge server through a one-hot method, then, extracted features are encrypted through a homomorphic encryption method and transmitted to a neighbor edge server, the neighbor edge server can classify the encrypted features through a random forest method to obtain a decision sequence, the decision sequence is returned to the local edge server, and the local edge server decrypts the decision sequence to obtain abnormal logs.

FIG. 2 provides a block diagram of a microgrid power auditing system. According to fig. 2, a microgrid power auditing system may include a microgrid system, an edge server, and a blockchain.

The micro-grid system can comprise a log cleaning module, a log collecting module, a user management module, an audit tracing module and an encryption module.

The log collection module collects user logs inside the microgrid, the logs comprise power utilization logs, power selling logs, power purchasing logs and the like, the collected logs are uploaded to the edge server to be processed, and the logs are analyzed and processed.

The user management module manages the user, including user registration, user login, user authority management and the like. The user can complete registration and login according to own information, and different user permissions are set for different users.

The log cleaning module is used for preprocessing the power log, the original power log is semi-structured data, and the semi-structured data is inconvenient to store and calculate, so that the semi-structured original power log data is converted into structured power log event data through the log cleaning module.

The encryption module provides an encryption function during uploading of the power log, and encrypts key data in the log during uploading of the power log, such as user ID, user address and other key data in the log, so that the privacy of a user is protected.

The audit tracing module provides a tracing function in the power log auditing process, and links the data of the intermediate process in the power log auditing process, so that the power auditing process has a traceable operation.

The edge server may include a log collection module, a log detection module, an edge coordination module, a homomorphic encryption module, and a blockchain platform. The edge server is a server with certain computing resources and is close to the user side, so that convenience is provided for the user. First, the edge server serves as a blockchain node, and a blockchain platform is deployed. And transparent and safe management of the interior of the microgrid is realized through a block chain platform. Secondly, the power log auditing method based on machine learning (such as a random forest method) requires a large amount of computing power, while the computing power of ordinary equipment is limited and is not enough to complete the analysis and processing of the logs, and the edge server can provide computing power for analyzing and processing the logs on the edge server.

The log collection module collects various logs related to the power generated in the microgrid as a data set for power log auditing.

The log detection module analyzes and detects the collected logs, detects the abnormality of the power logs by adopting power log analysis based on machine learning, judges the abnormality of power consumption or transaction of users, feeds back the abnormality to the microgrid and links the information of the microgrid.

The edge coordination module provides an edge coordination function, provides computing resources for an edge server with insufficient computing capacity, namely, a part of computing tasks are unloaded to a neighbor edge server, and the neighbor edge server processes the computing tasks, so that the purpose of load balancing is achieved.

The homomorphic encryption module provides a homomorphic encryption function, and when edge collaborative calculation is carried out, all neighbor edge servers cannot be guaranteed to be credible, so that the homomorphic encryption module is adopted, data can only be locally decrypted by an encryption party after homomorphic encryption, and therefore the neighbor servers are in an unknown state to the data and only take charge of power log audit, whether the power log is abnormal or not is not judged, and the power log is judged on the local edge server if the power log is abnormal.

The block chain platform can be deployed on an edge server and provides a supporting function for power log auditing, and the supporting function comprises log training intermediate data uplink, log key data uplink, abnormal log data uplink and the like. The block chain can be a alliance chain, the alliance chain has the advantage that the processing speed is higher than that of a public chain, and because the number and the identity of the nodes are well defined, a relatively loose consensus mechanism can be used, so that the processing speed of data is greatly improved compared with that of the public chain.

FIG. 3 provides a schematic flow diagram of microgrid power audit. According to fig. 3, the microgrid power auditing process may include the steps of:

step S310, the micro-grid collects the power logs in the micro-grid through a log collection module;

step S320, the microgrid cleans the power log through the log cleaning module, converts the semi-structured log data into structured log data, and encrypts key information of the structured log data.

And step S330, uploading the encrypted structured log data to a local edge server, and judging whether the local edge server has enough computing capacity to finish the training process and the detection process. If the local edge server has limited capacity and does not have enough capacity, the whole log abnormity detection task is divided into two parts, one part is processed in the local edge server, and the other part is transmitted to a neighbor edge server for processing, so that load balancing is realized.

Step S340, when the local edge server has enough capacity, the local server performs feature extraction on the structured power log event through a one-hot method, finally performs anomaly detection on the power log through a random forest algorithm, and then judges the anomalous power log.

And step S350, aiming at the problem that the computing capability of the local edge server is not enough, dividing the log detection task into two subtasks. One of the subtasks remains in the local edge server force process, and the log anomaly detection is completed in step S340. For the other subtask, extracting the characteristics locally through a one-hot algorithm, then carrying out gain encryption on the classification characteristics and the information by adopting a homomorphic encryption method, transmitting the encryption characteristics and the information to a neighbor server, classifying the power logs by the neighbor server based on the encryption characteristics and the encryption data to obtain a sequencing result, returning the sequencing result to the local server, decrypting by the local server and carrying out abnormal judgment on the power logs.

And step S360, after the local server detects the abnormal log, the local server alarms the result to the microgrid, so that the microgrid processes the abnormal electricity utilization users, and meanwhile, chain storage is carried out on the abnormal log information. If the result is not trusted or the processing process needs to be traced inside the microgrid, the whole auditing process can be traced through the auditing tracing module.

FIG. 4 provides a timing diagram for microgrid power auditing. According to fig. 4, for a local server with insufficient processing capability of an edge server, a neighbor server may be used to perform cooperative processing to detect a power log, and during the cooperative processing, a homomorphic encryption may be used to protect log data. It should be noted that the neighbor edge server is also a blockchain node, serving another microgrid. The specific steps may include:

and step S410, performing feature extraction on the power log to form a feature vector, wherein the feature extraction can adopt a one-hot method.

In step S420, the feature vector and the information gain are encrypted, that is, the feature encryption may be performed by using a homomorphic encryption method. In the homomorphic encryption process, the original plaintext data of the power log is not directly encrypted, because if an encryption algorithm (for example, a Paillier encryption algorithm) is directly adopted for the power log, characteristic deviation can be caused, and the accuracy of the classification result of the encrypted ciphertext is influenced.

And step S430, the local edge server sends the encryption result to the neighbor edge server, the neighbor edge server performs collaborative calculation, and the operations such as comparison, sequencing and the like are performed on the encrypted ciphertext. Meanwhile, the local server uploads the request and the intermediate data of the collaborative computing process to the block chain, so that the credibility of the edge collaborative computing is ensured, and if the follow-up error dispute occurs, the source tracing of the edge collaborative computing can be quickly carried out.

Step S440, the neighbor server processes the power logs, and sorts and classifies the data by using a random forest algorithm.

And step S450, the neighbor edge server returns the sequenced sequence to the local edge server, and the local edge server decrypts the sequenced sequence to obtain the sequence. And then, performing node traversal by using the original power log data set to obtain a classification result. In the process, homomorphic encryption can ensure that a neighbor edge server cannot acquire any information of the power log plaintext data set, and meanwhile, the local edge server cannot acquire useful information for the operation of the neighbor edge server.

Step S460, after the whole coordination process is completed, the blockchain rewards the neighbor edge servers.

The micro-grid power auditing system acquires the power logs through the micro-grid and uploads the power logs to the local edge server, the local edge server determines processing resources required by power auditing according to the power logs and judges whether the processing resources are matched with the computing resources of the local edge server or not, whether enough computing resources exist in the local edge server to process auditing tasks of the power logs of the micro-grid can be detected quickly, if the processing resources are not matched with the computing resources, the local edge server divides the power logs into the local auditing logs and remote auditing logs, performs anomaly detection on the local auditing logs and sends the remote auditing logs to a neighbor edge server, the neighbor edge server performs anomaly detection on the remote auditing logs and returns detection results, and partial auditing tasks can be unloaded to the neighbor edge server when the computing capacity of the local edge server is limited, the neighbor edge server processes the data, and the problem that the local edge server is insufficient in processing resources is effectively solved.

Moreover, by collecting power logs generated in the processes of power consumption, power purchase, power sale and the like of the users, analyzing the power logs, performing power audit by machine learning based on random forests, and judging abnormal power logs, the audit efficiency can be improved, and the power consumption of large-scale users inside the microgrid can be audited.

Further, the key information is encrypted by using an encryption algorithm, and in the whole power log auditing process, the key information is the encrypted information, so that the protection of the privacy of a user can be realized, and the problem of privacy disclosure possibly caused in the transmission process is solved.

Furthermore, by adopting the edge server as the node of the blockchain P2P and the training place of the model, the method can provide computing resources and improve the training speed in addition to the interaction with the blockchain. For the problems of large micro-grid scale, huge power log quantity and insufficient computing power possibly caused by limited computing power of the edge server, load balance is realized through edge cooperative computing, homomorphic encryption is adopted in the edge cooperative computing process, the situation that a neighbor edge server cannot acquire any information of a power log plaintext data set is guaranteed, meanwhile, a local edge server cannot acquire useful information for the operation of the neighbor edge server, and the micro-grid power audit can have high privacy protection.

In addition, by utilizing the characteristics of block chain transparence and non-tampering, through combining a block chain technology, Hash operation is carried out on intermediate data generated in each step in the log auditing process to obtain a Hash (Hash) value, a timestamp uplink is attached to the generated Hash value to form a power log auditing tracing chain, and tracing of the power auditing process can be realized by checking the Hash value and the timestamp on the block chain.

In an embodiment, the local edge server is further configured to perform feature extraction on the local audit log to obtain a local feature vector, and perform anomaly detection on the local feature vector by using a random forest method to obtain a first anomaly log.

In specific implementation, if the capacity of the local edge server is limited and the local edge server does not have enough computing capacity, all log anomaly detection tasks can be divided into two parts, one part is processed in the local edge server, and the other part is transmitted to a neighbor edge server for processing, so that load balancing is realized, and meanwhile, the power logs can be divided into local audit logs and remote audit logs. The local audit logs can be left on a local edge server for processing, feature extraction is carried out through a one-hot method to obtain local feature vectors, and anomaly detection is carried out on the local feature vectors through a random forest algorithm to obtain first anomaly logs.

In this embodiment, the local edge server performs feature extraction on the local audit log to obtain a local feature vector, performs anomaly detection on the local feature vector by using a random forest method to obtain a first anomaly log, and can perform power audit on the local edge server to detect the anomaly log.

In one embodiment, the local edge server is further configured to perform feature extraction on the remote audit log to obtain a remote feature vector, perform homomorphic encryption on the remote feature vector to obtain an encrypted feature vector, and send the encrypted feature vector to the neighbor edge server; the neighbor edge server is also used for classifying the received encrypted feature vectors by a random forest method to obtain a decision sequence, and returning the decision sequence to the local edge server; the local edge server is further configured to decrypt the received decision sequence to obtain a decision result, and obtain a second abnormal log according to the decision result.

In specific implementation, if the capacity of the local edge server is limited and the local edge server does not have enough computing capacity, all log anomaly detection tasks can be divided into two parts, one part is processed in the local edge server, and the other part is transmitted to a neighbor edge server for processing, so that load balancing is realized, and meanwhile, the power logs can be divided into local audit logs and remote audit logs. For the remote audit logs, firstly, feature extraction can be carried out on a local edge server through a one-hot method to obtain remote feature vectors, then, a homomorphic encryption method is adopted to encrypt the remote feature vectors to obtain encrypted feature vectors, the encrypted feature vectors are transmitted to a neighbor edge server, the neighbor edge server can classify the encrypted feature vectors through a random forest method to obtain a decision sequence of a random forest and return the decision sequence to the local edge server, the local edge server decrypts the decision sequence, and a second abnormal log is obtained according to a decrypted decision result.

In the embodiment, the local edge server extracts the features of the remote audit logs to obtain remote feature vectors, homomorphic encryption is performed on the remote feature vectors to obtain encrypted feature vectors, the encrypted feature vectors are sent to the neighbor edge server, the neighbor edge server classifies the received encrypted feature vectors by a random forest method to obtain a decision sequence, the decision sequence is returned to the local edge server, the local edge server decrypts the received decision sequence to obtain a decision result, and a second abnormal log is obtained according to the decision result.

In an embodiment, the local edge server is further configured to perform feature extraction on the local audit log and the remote audit log by a one-hot method.

The one-hot method may be a method that uses an N-bit status register to encode N states, where each state has only one bit active at any time.

In specific implementation, when the local edge server has insufficient computing resources, the power log can be divided into a local audit log and a remote audit log. The local audit logs can be left on a local edge server for processing, feature extraction is carried out through a one-hot method, and anomaly detection is carried out on the extracted features through a random forest algorithm to obtain anomaly logs; for the remote audit logs, firstly, feature extraction is carried out on a local edge server through a one-hot method, then, extracted features are encrypted through a homomorphic encryption method and transmitted to a neighbor edge server, the neighbor edge server can classify the encrypted features through a random forest method to obtain a decision sequence, the decision sequence is returned to the local edge server, and the local edge server decrypts the decision sequence to obtain abnormal logs.

In the embodiment, the local edge server performs feature extraction on the local audit log and the remote audit log by a single-hot method, so that the features of the power log can be conveniently and quickly extracted, and the efficiency of power audit is improved.

In an embodiment, the local edge server is further configured to obtain K power log samples, where the K power log samples have M features, select M features from the M features, where M < < M, select 1 feature from the M features as a node splitting feature, establish a decision tree according to the node splitting feature, and generate a random forest according to a plurality of decision trees.

In specific implementation, a random forest can be adopted to perform anomaly detection on the power log, and the method specifically comprises the following steps:

(1) for the power log sample with the sample capacity of K, the power log sample is extracted for K times, 1 power log sample is extracted each time, and finally K samples are formed.

(2) When the power log samples have M features, randomly selecting M features from the M features to meet a condition M < < M, then selecting 1 feature from the M features by adopting information gain as a split feature of the node, and establishing a decision tree for the selected samples by using the features.

(3) And (3) splitting each node in the decision tree forming process according to the step (2) until the node can not be split any more. If the next attribute selected by the node is the attribute that was used just when its parent node split, then the node has reached the leaf node and does not have to continue splitting.

(4) And (4) establishing a plurality of decision trees according to the steps (1) to (3), and generating a random forest according to the decision trees.

(5) After a random forest is generated, for a new power log, through the decision of each tree, the final voting classification result can be determined, and whether the power log is abnormal or not is judged according to the classification result, wherein the voting can adopt the principle that minority obeys majority.

It should be noted that one decision sequence can only determine the classification of one decision tree, and the random forest is composed of a plurality of decision trees, so that a plurality of decision sequences are required to generate the random forest.

In the embodiment, the local edge server selects M characteristics from the M characteristics by acquiring the K power log samples, selects 1 characteristic from the M characteristics as a node splitting characteristic, establishes the decision tree according to the node splitting characteristic, and generates the random forest according to the decision trees, so that the advantages that the random forest is not easy to over-fit and the mutual influence among different characteristics can be judged can be utilized, and the reliability of log anomaly detection in power audit is improved. Moreover, the random forest method is simple to implement, and the efficiency of power audit can be further improved.

In an embodiment, the microgrid is further configured to clean the power log to obtain a cleaned log, perform structured processing on the cleaned log to obtain a structured log, encrypt the structured log to obtain an encrypted log, and upload the encrypted log to a local edge server; the local edge server is further configured to determine, according to the received encrypted log, a processing resource required for power auditing.

In the specific implementation, after the micro-grid collects the power logs, the power logs can be cleaned through the log cleaning module to obtain cleaned logs, the cleaned logs are semi-structured data and can be subjected to structured processing to obtain structured logs, key information (such as user identification and user address of a micro-grid user) in the structured logs is encrypted to obtain encrypted logs, the micro-grid can upload the encrypted logs to a local edge server, and the local edge server performs power audit according to the encrypted logs.

In the embodiment, the micro-grid obtains the washed logs by washing the power logs, redundant information and unnecessary information in the power logs can be removed, the power audit efficiency is improved, the washed logs are subjected to structured processing to obtain the structured logs, the convenience of storing and processing the power logs can be improved, the structured logs are encrypted to obtain the encrypted logs, the encrypted logs are uploaded to the local edge server, the local edge server determines processing resources required by the power audit according to the received encrypted logs, the safety of the power logs in the transmission process can be guaranteed, and privacy protection of users is achieved.

In one embodiment, as shown in fig. 5, a timing diagram of the interaction between the microgrid and the edge server is provided, which specifically includes the following steps:

step S510, the microgrid acquires an electric power log generated by a user inside the microgrid through a log acquisition module, and the acquired log includes but is not limited to a user electricity consumption log, an electric power transaction log, and the like.

Step S520, register or log in to the block chain platform deployed on the edge server, and if no registered microgrid needs to be registered, the microgrid after logging in can use the block chain service.

In step S530, the power log is cleaned by the log cleaning module, so that the power log cleaning is performed inside the microgrid to ensure the security of log data, the cleaned log data is changed into structured data, and the security of the log in the transmission process can be ensured by encrypting the key information. And log cleaning is carried out on the original power log, and redundant information and unnecessary information are removed. The original power log is semi-structured data, and the semi-structured data cannot be analyzed and processed well, so that the original power log of the semi-structure needs to be converted into a structured power log event, and storage and training are convenient.

In step S540, through the structured power event log obtained in step S530, the microgrid encrypts key information in the structured power log through an encryption module, such as a user ID, a user address, and the like, so as to ensure personal privacy security of a user during uploading of the log.

And step S550, uploading the encrypted structured power logs to an edge server by the microgrid, collecting the power logs by the edge server through a log collection module, detecting the logs by a local edge server, judging the logs to be abnormal, and giving an alarm to the microgrid if the logs are abnormal.

In practical applications, the edge servers can be divided into a local edge server and a neighbor edge server, where the local edge server is represented as an edge server directly connected to the microgrid, and the neighbor edge server is an edge server adjacent to the local server by one hop. By dividing the edge server into the local edge server and the neighbor edge server, when the computing capacity of the local server is weak and the scale of the microgrid user is large, the computing task can be divided into a part to be cooperatively processed for the neighbor edge server.

The power log processing process of the local edge server may include the following steps:

step 1, performing feature extraction on the power log event. The extraction of the log features is the basis of log anomaly detection, and the features can be extracted by adopting a one-hot algorithm to form a feature vector. The one-hot algorithm uses an N-bit status register to encode N states, each having its own independent register bit and only one of which is active at any time.

And 2, carrying out abnormity detection on the power log, specifically, carrying out abnormity detection on the power log by adopting a random forest algorithm, wherein the random forest algorithm has the advantages of difficulty in overfitting, simplicity in implementation and capability of judging the mutual influence among different characteristics, and the reliability of abnormity detection of the power log can be improved. Firstly, dividing the whole power log data set by adopting a pareto rule, namely a two-eight law, taking a set with a large data volume in a division result as a training set, and taking a set with a small data volume as a test set. Then, a random forest is constructed, and after the random forest is constructed, a final prediction result is determined for a new sample through voting, and the method specifically comprises the following steps:

(4) And (4) establishing a large number of decision trees according to the steps (1) to (3) so as to form a random forest.

(5) After the random forest is generated, for new data, through decision of each tree, finally voting to determine which type of new data is classified, so that whether the power log is abnormal or not is judged, and voting can adopt a principle that a minority obeys majority.

In an embodiment, the microgrid is further configured to encrypt key information in the structured log to obtain an encrypted log; the key information comprises user identification and user addresses of the microgrid users.

In specific implementation, after the micro-grid converts the semi-structured power log into the structured power log, key information (for example, a user identifier and a user address of a user) in the structured log may be encrypted, and the encrypted structured power log is uploaded to the local edge server.

In this embodiment, the micro-grid encrypts the key information in the structured log to obtain an encrypted log, so that the security of the power log in the transmission process can be ensured, and the privacy protection of the user is realized.

In one embodiment, the microgrid power auditing system further comprises a block chain, wherein nodes of the block chain comprise a local edge server and a neighbor edge server; the micro-grid is also used for sending the power logs, the cleaned logs and the structured logs to a local edge server; the local edge server is further configured to perform uplink storage on the block chain for the received power logs, the cleaned logs and the structured logs; the local edge server is further configured to perform uplink storage on the block chain for the encrypted log, the first abnormal log, and the second abnormal log; the neighbor edge server is further configured to perform uplink crediting on the blockchain for the encrypted feature vector.

In a specific implementation, the local edge server and the neighbor edge server may be block chain nodes, at least one local edge server and at least one neighbor edge server may form a block chain, and the local edge server and the neighbor edge server may chain various data generated in the microgrid power audit process on the block chain for storage. Specifically, the micro-grid can transmit the collected power logs, and cleaned logs and structured logs generated in the preprocessing process to a local edge server, and the power logs, the cleaned logs and the structured logs are subjected to uplink storage on a block chain through the local edge server; the local edge server can carry out uplink certificate storing on the block chain by the received encrypted log and the first abnormal log and the second abnormal log obtained by abnormal detection; the neighbor edge server may perform uplink crediting on the blockchain with the received encrypted feature vector.

FIG. 6 provides a timing diagram of chain storage of microgrid power audit data, according to FIG. 6, a power audit traceability chain is formed by performing Hash operation on intermediate data in a power audit process and attaching a timestamp chain to an obtained Hash value, and the microgrid can trace the source and track the power audit process through the power audit traceability chain. The process may specifically comprise the steps of:

step S610, carrying out Hash operation on the original power log to obtain a Hash _1 value, and attaching a timestamp to the Hash _1 value to ensure that the original data can be traced.

And S620, after the micro-grid cleans the power log, performing Hash operation on the cleaned log to obtain a Hash _2 value, and attaching a timestamp uplink to the Hash _2 value to ensure that the log cleaning process can be traced.

Step S630, after the micro-grid logs are uploaded to the local edge server, the local server performs feature extraction and anomaly detection, performs Hash operation on the anomaly logs to obtain a Hash _3 value, attaches a timestamp to the Hash _3 value, and ensures that the anomaly logs can be traced.

And step S640, when the neighbor edge server is required to perform collaborative calculation, performing Hash operation on the power log after the characteristic encryption to obtain a Hash _4 value, and attaching the Hash _4 value to a timestamp uplink to ensure traceability of an edge collaborative process.

And S650, after the neighbor edge server returns the processing result to the local edge server, the local edge server decrypts the processing result to obtain a sequence, node traversal is performed by using the original power log data set to obtain a classification result, an abnormal log is judged, Hash operation is performed on the abnormal log to obtain a Hash _5 value, a timestamp is attached to the Hash _5 value, and the abnormal log after edge collaborative calculation can be traced.

In this embodiment, the power log, the cleaned log and the structured log are sent to the local edge server through the microgrid, the local edge server performs chaining and evidence saving on the received power log, the cleaned log and the structured log on the block chain, performs chaining and evidence saving on the encrypted log, the first abnormal log and the second abnormal log on the block chain, the neighbor edge server performs chaining and evidence saving on the encrypted feature vector on the block chain, and can perform evidence saving on various data in the power audit process of the microgrid on the block chain, so that data cannot be tampered, and the power audit can be traced to the source.

In an embodiment, the local edge server is further configured to send a cooperative computing request to a neighboring edge server when the processing resource does not match the computing resource, and perform uplink storage on the blockchain for the cooperative computing request.

In the specific implementation, when the processing resource is not matched with the computing resource, it indicates that the local edge server is limited in capacity and does not have enough computing capacity, the local edge server may send a cooperative computing request to the neighboring edge server, and when the neighboring edge server receives the cooperative computing request, the neighboring edge server may detect whether the neighboring edge server has enough computing resources to meet the computing requirement of the local edge server, and if the neighboring edge server has enough computing resources, the neighboring edge server may feed back information allowing cooperative computing to the local edge server, otherwise, if the neighboring edge server does not have enough computing resources, the neighboring edge server may feed back information not allowing cooperative computing to the local edge server. The local edge server may also perform uplink crediting of the co-computation request on the blockchain. Further, the local edge server may also perform uplink crediting on the blockchain with the server identities participating in the collaborative computation.

In this embodiment, when the processing resource is not matched with the computing resource, the local edge server sends the cooperative computing request to the neighboring edge server, and performs uplink chain storage on the block chain for the cooperative computing request, so that the credibility of the cooperative computing can be ensured, and the tracing to the edge cooperative computing process is facilitated when a subsequent dispute occurs.

In one embodiment, the microgrid is further configured to send registration information to a local edge server; the local edge server is further configured to register the microgrid on the block chain according to the received registration information.

In the specific implementation, the microgrid can send registration information to a local edge server, the registration information can include the name, account number, serial number and address of the microgrid, the local edge server can detect whether the same registration information exists on a block chain after receiving the registration information, if the same registration information does not exist, the microgrid can be registered, otherwise, if the same registration information exists, a login interface can be returned to the microgrid, the microgrid logs in by inputting the account number name and the password, and the microgrid after logging in can use the block chain service.

In this embodiment, registration information is sent to the local edge server through the microgrid, and the local edge server registers the microgrid on the block chain according to the received registration information, so that the microgrid participating in power audit can be managed uniformly, legal users are guaranteed, and the security of the power audit is guaranteed.

In one embodiment, as shown in fig. 7, a microgrid power auditing method is provided, which is described by taking the method as an example applied to the local edge server in fig. 1, and includes the following steps:

step S710, receiving a power log collected by the micro-grid;

step S720, determining processing resources required by power auditing according to the power log;

step 730, judging whether the processing resource is matched with the computing resource of the local edge server;

step S740, if the processing resource is not matched with the computing resource, dividing the power log into a local audit log and a remote audit log;

and S750, performing anomaly detection on the local audit log, sending the remote audit log to the neighbor edge server so that the neighbor edge server performs anomaly detection on the received remote audit log, and returning a detection result to the local edge server.

Since the processing procedure of the local edge server has been described in detail in the foregoing embodiment, it is not described herein again.

The micro-grid power auditing method comprises the steps of receiving a power log collected by a micro-grid, determining processing resources required by power auditing according to the power log, judging whether the processing resources are matched with the computing resources of a local edge server or not, quickly detecting whether enough computing resources exist in the local edge server to process an auditing task of the micro-grid power log, if the processing resources are not matched with the computing resources, dividing the power log into the local auditing log and a remote auditing log, carrying out abnormity detection on the local auditing log, sending the remote auditing log to a neighbor edge server for the neighbor edge server to carry out abnormity detection on the received remote auditing log, returning a detection result to the local edge server, unloading part of the auditing task to the neighbor edge server when the computing capacity of the local edge server is limited, the neighbor edge server processes the data, and the problem that the local edge server is insufficient in processing resources is effectively solved.

It should be understood that, although the steps in the flowcharts of fig. 3 and 7 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 3 and 7 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least some of the other steps.

In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 8. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer equipment is used for storing the micro-grid power audit data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a microgrid power auditing method.

Those skilled in the art will appreciate that the architecture shown in fig. 8 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.

In one embodiment, a computer apparatus is provided, comprising a memory and a processor, the memory storing a computer program that, when executed by the processor, causes the processor to perform the steps of a microgrid power auditing method as described above. Here, the steps of a microgrid power auditing method may be steps in a microgrid power auditing method of the above embodiments.

In one embodiment, a computer readable storage medium is provided, storing a computer program that, when executed by a processor, causes the processor to perform the steps of a microgrid power auditing method described above. Here, the steps of a microgrid power auditing method may be steps in a microgrid power auditing method of the above embodiments.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.

The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.

The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims

1. A micro-grid power auditing system is characterized by comprising a micro-grid, a local edge server and a neighbor edge server; the local edge server is connected with the micro-grid, and the neighbor edge server is connected with the local edge server;

2. The system of claim 1, wherein the local edge server is further configured to perform feature extraction on the local audit log to obtain a local feature vector, and perform anomaly detection on the local feature vector by using a random forest method to obtain a first anomaly log.

3. The system of claim 2, wherein the local edge server is further configured to perform feature extraction on the remote audit log to obtain a remote feature vector, perform homomorphic encryption on the remote feature vector to obtain an encrypted feature vector, and send the encrypted feature vector to the neighbor edge server;

4. The system of claim 3, wherein the local edge server is further configured to perform feature extraction on the local audit log and the offsite audit log by a one-hot method.

5. The system of claim 3, wherein the local edge server is further configured to obtain K power log samples, the K power log samples having M features, select M features from the M features, M < < M, select 1 feature from the M features as a node splitting feature, build a decision tree based on the node splitting feature, and generate the random forest based on a plurality of the decision trees.

6. The system of claim 3, wherein the microgrid is further configured to clean the power logs to obtain cleaned logs, perform structured processing on the cleaned logs to obtain structured logs, encrypt the structured logs to obtain encrypted logs, and upload the encrypted logs to the local edge server;

7. The system of claim 6, wherein the microgrid is further configured to encrypt key information in the structured log to obtain the encrypted log; the key information comprises user identification and user addresses of the microgrid users.

8. The system of claim 6, wherein the microgrid power auditing system further comprises a blockchain, nodes of the blockchain comprising the local edge server and the neighbor edge server; the micro-grid is further used for sending the power log, the cleaned log and the structured log to the local edge server;

9. The system of claim 8, wherein the local edge server is further configured to send a cooperative computing request to the neighbor edge server and to perform uplink crediting on the blockchain when the processing resource does not match the computing resource.

10. The system of claim 8, wherein the microgrid is further configured to send registration information to the local edge server;