CN114189363A - Distribution network encryption system and method for communication information - Google Patents

Distribution network encryption system and method for communication information Download PDF

Info

Publication number
CN114189363A
CN114189363A CN202111403102.4A CN202111403102A CN114189363A CN 114189363 A CN114189363 A CN 114189363A CN 202111403102 A CN202111403102 A CN 202111403102A CN 114189363 A CN114189363 A CN 114189363A
Authority
CN
China
Prior art keywords
distribution network
data
encryption
encryption mode
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111403102.4A
Other languages
Chinese (zh)
Other versions
CN114189363B (en
Inventor
刘智勇
陈良汉
陈昱坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Hongrui Information Technology Co Ltd
Original Assignee
Zhuhai Hongrui Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai Hongrui Information Technology Co Ltd filed Critical Zhuhai Hongrui Information Technology Co Ltd
Priority to CN202111403102.4A priority Critical patent/CN114189363B/en
Publication of CN114189363A publication Critical patent/CN114189363A/en
Application granted granted Critical
Publication of CN114189363B publication Critical patent/CN114189363B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a distribution network encryption system and a method for communication information, the distribution network encryption system comprises an encryption database, an encryption control module, a decryption control module, a collected data analysis module and an encryption mode replacement module, wherein the encryption database is used for pre-storing a plurality of encryption modes for encrypting the collected data of distribution network substations, the encryption control module encrypts the collected data by adopting the encryption mode after the distribution network substations receive the collected data to obtain the encrypted data and transmits the encrypted data to a distribution network main station, when the decryption control module receives the encrypted data of a certain distribution network substation, the distribution network substation is set as an analysis station and decrypts the encrypted data to obtain the collected data, the collected data analysis module analyzes the collected data to judge whether to add an alert identification to the analysis station or not, and when the encryption mode replacement module adds the alert identification to a certain distribution network substation, and replacing the encryption mode of the distribution network substation.

Description

Distribution network encryption system and method for communication information
Technical Field
The invention relates to the technical field of distribution network encryption, in particular to a distribution network encryption system and method for communication information.
Background
The distribution network automation is that the modern electronic technology, communication technology, computer and network technology are used to integrate the real-time information, off-line information, user information, power network structure parameters and geographic information of the distribution network to form a complete automatic management system, so as to realize the monitoring, protection, control and distribution management of the distribution system under the conditions of normal operation and accidents. The distribution network automation generally comprises a distribution network automation main station system, a distribution network automation substation system and a distribution network automation terminal. Generally, the distribution network automation terminal is used for transmitting acquired data to the distribution network automation substation system, the distribution network automation substation system transmits the data acquired by the distribution network automation terminal in the affiliated district to the distribution network automation master station system, and the distribution network automation master station system processes and processes the received data so as to provide distribution network operation monitoring and control for a dispatcher.
In the process of transmitting data to the distribution network automation master station system by the distribution network automation substation system, the data is encrypted in order to prevent the data from being intercepted and leaked secret or being tampered, but the encryption mode in the prior art is single, so that the security in the data transmission process is not high.
Disclosure of Invention
The invention aims to provide a distribution network encryption system and method for communication information, which aim to solve the problems in the background technology.
In order to solve the technical problems, the invention provides the following technical scheme: a distribution network encryption system for communication information comprises an encryption database, an encryption control module, a decryption control module, a collected data analysis module and an encryption mode replacement module, wherein the encryption database is used for pre-storing a plurality of encryption modes for encrypting the collected data of distribution network substations, the encryption control module encrypts the collected data in an encryption mode after the distribution network substations receive the collected data to obtain encrypted data and transmits the encrypted data to a distribution network main station, when the decryption control module receives the encrypted data of a certain distribution network substation, the distribution network substation is set as an analysis station and decrypts the encrypted data to obtain the collected data, the collected data analysis module analyzes the collected data to judge whether to add a warning mark to the analysis station or not, and when the encryption mode replacement module adds the warning mark to a certain distribution network substation, and replacing the encryption mode of the distribution network substation.
Further, the collected data analysis module comprises a data to be compared acquisition module, a similarity average acquisition module, a time ratio acquisition module, a vigilance index calculation module and a vigilance index comparison module, wherein the data to be compared acquisition module sets the collected data as the data to be analyzed, the last collected data of an auxiliary station of an analysis station is acquired as the data to be compared, if the distance between the regions governed by two distribution network substations is smaller than or equal to a distance threshold value, one of the distribution network substations is the auxiliary station of the other distribution network substation, the similarity average acquisition module acquires an average value Xp of similarity between a comparison group of the data to be analyzed and a comparison group of the data to be compared, wherein whether data abnormality exists in each parameter of the collected data at a certain time is judged, if the data abnormality of the parameter exists, all the parameters of the data abnormality in the collected data are extracted to obtain the comparison group of the collected data, the time ratio obtaining module obtains the interval duration hj between the time node of the analysis station which changes the encryption mode for the last time and the current time node, the time ratio Hp is hj/h0, h0 is a preset time threshold, the vigilance index calculating module calculates the vigilance index P of the data to be analyzed to be 0.5 (1-Xp) +0.5 Hp, the vigilance index comparing module compares the vigilance index of the data to be analyzed with the vigilance threshold, and when the vigilance index of the data to be analyzed is larger than the vigilance threshold, the vigilance identification is added to the analysis station.
Further, the encryption mode replacing module comprises a candidate encryption mode selecting module, a first factor obtaining module, a second factor obtaining module, a third factor obtaining module, a comprehensive factor calculating module and a sorting selecting module, wherein the candidate encryption mode selecting module is used for setting the encryption modes except the encryption mode used by the time of the data to be analyzed in the encryption database as candidate encryption modes, the first factor obtaining module is used for respectively counting the encryption modes used by the acquired data of all auxiliary stations of the analysis station at present, and then a first factor R of a certain candidate encryption mode is nt/nz, wherein nz is the total number of the auxiliary stations of the analysis station, and nt is the number of the candidate encryption modes used in the auxiliary stations of the analysis station; the second factor acquisition module respectively acquires the time interval t between the time node at which each candidate encryption mode last encrypts the acquired data of the analysis station and the current time node, and normalizes the time interval t corresponding to a certain candidate encryption mode to obtain a second factor S of the candidate encryption mode; the third factor acquisition module calculates a third factor U (ng/ns) of a certain candidate encryption mode, wherein ng is the number of times that an average value Xp of similarity between a comparison group of a distribution network substation and a comparison group of an auxiliary station of the distribution network substation is larger than or equal to an average threshold when all distribution network substations encrypt collected data in the candidate encryption mode, ns is the sum of the times that all distribution network substations encrypt the collected data in the candidate encryption mode, the comprehensive factor calculation module calculates a comprehensive factor W (0.4 (1-R) + 0.45S + 0.15U) of the certain candidate encryption mode, the sorting selection module sorts the candidate encryption modes in sequence from large to small, and selects the first candidate encryption mode as a new encryption mode of the analysis station.
Further, the distribution network encryption system further comprises an alarm transmission judgment module, when the alarm transmission judgment module monitors that the encryption mode of a certain distribution network substation is changed, the alarm identification of the distribution network substation is deleted, the state of the alarm identification of the distribution network substation is changed after monitoring, and if the alarm identification of the distribution network substation is deleted, the distribution network substation is monitored to add the alarm identification, and alarm information is transmitted.
A distribution network encryption method for communication information comprises the following steps:
an encryption database is pre-established, the encryption database is used for pre-storing a plurality of encryption modes for encrypting the data collected by the distribution network substation,
after the distribution network substation receives the collected data, the collected data is encrypted by adopting an encryption mode to obtain encrypted data, and the encrypted data is transmitted to the distribution network main station,
when the distribution network main station receives the encrypted data of a certain distribution network substation, the distribution network substation is set as an analysis station,
and decrypting the encrypted data to obtain collected data, analyzing the collected data and judging whether to add a vigilant identifier to the analysis station, wherein when the vigilant identifier is added to a certain distribution network substation, the encryption mode of the distribution network substation is changed.
Further, the analyzing the collected data to determine whether to add a vigilance flag to the distribution network substation includes:
setting the acquired data as data to be analyzed, and acquiring the latest acquired data of an auxiliary station of the analysis station as data to be compared, wherein if the distance between the areas under the jurisdiction of two distribution network substations is smaller than or equal to a distance threshold value, one of the distribution network substations is the auxiliary station of the other distribution network substation;
obtaining the average value Xp of the similarity of a comparison group of data to be analyzed and a comparison group of data to be compared, wherein, judging whether each parameter of data collected at a certain time has data abnormality, if the parameter has data abnormality, extracting all the data abnormality parameters in the collected data to obtain the comparison group of the collected data,
acquiring the interval duration hj between the time node of the analysis station which changes the encryption mode for the last time and the current time node, wherein the time ratio Hp is hj/h0, h0 is a preset time threshold,
calculating the vigilance index P of the data to be analyzed as 0.5 (1-Xp) +0.5 Hp,
and if the vigilance index of the data to be analyzed is greater than the vigilance threshold, adding a vigilance identification to the analysis station.
Further, the changing the encryption mode of the distribution network substation includes:
setting the encryption modes except the encryption mode used by the data to be analyzed in the encryption database as candidate encryption modes,
respectively counting encryption modes currently used by the acquired data of each auxiliary station of the analysis station, wherein a first factor R of a certain candidate encryption mode is nt/nz, nz is the total number of the auxiliary stations of the analysis station, and nt is the number of the candidate encryption modes used in the auxiliary stations of the analysis station;
respectively acquiring time intervals t between a time node at which each candidate encryption mode last encrypts collected data of the analysis station and a current time node, and performing normalization processing on the time interval t corresponding to a certain candidate encryption mode to obtain a second factor S of the candidate encryption mode;
calculating a third factor U of a certain candidate encryption mode as ng/ns, wherein ng is the number of times that an average value Xp of similarity of a comparison group of the distribution network substation and a comparison group of an auxiliary station of the distribution network substation is larger than or equal to an average threshold when all distribution network substations encrypt the acquired data in the candidate encryption mode, and ns is the sum of the number of times that all distribution network substations encrypt the acquired data in the candidate encryption mode;
calculating the comprehensive factor W of a certain candidate encryption mode to be 0.4 (1-R) + 0.45S + 0.15U,
and sequencing all the candidate encryption modes in a descending order, and selecting the first candidate encryption mode as a new encryption mode of the analysis station.
Further, the distribution network encryption method further includes:
when the encryption mode of a certain distribution network substation is monitored to be changed, the vigilance mark of the distribution network substation is deleted, the state change of the vigilance mark of the distribution network substation is monitored, if the vigilance mark of the distribution network substation is deleted within a preset time period, the fact that the vigilance mark is added to the distribution network substation is monitored, and alarm information is transmitted.
Compared with the prior art, the invention has the following beneficial effects: according to the invention, after the distribution network master station receives the encrypted data, the encrypted data is decrypted to obtain the collected data, then the collected data is analyzed, and whether the encryption mode of the collected data needs to be changed or not is judged, so that the safety of the distribution network substation in the data transmission process is improved; meanwhile, when the encryption mode of the acquired data is changed, the encryption mode of the acquired data by the auxiliary station of the distribution network substation is considered, so that the safety of the whole data transmission process of the distribution network substation is improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a schematic block diagram of a distribution network encryption system for communication information according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution: a distribution network encryption system for communication information comprises an encryption database, an encryption control module, a decryption control module, a collected data analysis module and an encryption mode replacement module, wherein the encryption database is used for pre-storing a plurality of encryption modes for encrypting the collected data of distribution network substations, the encryption control module encrypts the collected data in an encryption mode after the distribution network substations receive the collected data to obtain encrypted data and transmits the encrypted data to a distribution network main station, when the decryption control module receives the encrypted data of a certain distribution network substation, the distribution network substation is set as an analysis station and decrypts the encrypted data to obtain the collected data, the collected data analysis module analyzes the collected data to judge whether to add a warning mark to the analysis station or not, and when the encryption mode replacement module adds the warning mark to a certain distribution network substation, and replacing the encryption mode of the distribution network substation.
The acquired data analysis module comprises a data to be compared acquisition module, a similarity average acquisition module, a time ratio acquisition module, a caution index calculation module and a caution index comparison module, wherein the data to be compared acquisition module is used for setting the acquired data as the data to be analyzed, the latest acquired data of an auxiliary station of an analysis station is acquired as the data to be compared, if the distance between the regions belonging to two distribution network substations is smaller than or equal to a distance threshold value, one of the distribution network substations is the auxiliary station of the other distribution network substation, the similarity average acquisition module is used for acquiring the average value Xp of the similarity between a comparison group of the data to be analyzed and a comparison group of the data to be compared, judging whether each parameter of the acquired data at a certain time has data abnormality or not, if the data of the parameter is abnormal, extracting all the parameters of the data abnormality in the acquired data to obtain the comparison group of the acquired data, the time ratio obtaining module obtains the interval duration hj between the time node of the analysis station which changes the encryption mode for the last time and the current time node, the time ratio Hp is hj/h0, h0 is a preset time threshold, the vigilance index calculating module calculates the vigilance index P of the data to be analyzed to be 0.5 (1-Xp) +0.5 Hp, the vigilance index comparing module compares the vigilance index of the data to be analyzed with the vigilance threshold, and when the vigilance index of the data to be analyzed is larger than the vigilance threshold, the vigilance identification is added to the analysis station.
The encryption mode replacement module comprises a candidate encryption mode selection module, a first factor acquisition module, a second factor acquisition module, a third factor acquisition module, a comprehensive factor calculation module and a sequencing selection module, wherein the candidate encryption mode selection module is used for setting the encryption modes except the encryption mode used by the data to be analyzed in the encryption database as candidate encryption modes, the first factor acquisition module is used for respectively counting the encryption modes currently used by the acquired data of each auxiliary station of the analysis station, and then a first factor R of a certain candidate encryption mode is nt/nz, wherein nz is the total number of the auxiliary stations of the analysis station, and nt is the number of the candidate encryption modes used in the auxiliary stations of the analysis station; the second factor acquisition module respectively acquires the time interval t between the time node at which each candidate encryption mode last encrypts the acquired data of the analysis station and the current time node, and normalizes the time interval t corresponding to a certain candidate encryption mode to obtain a second factor S of the candidate encryption mode; the third factor acquisition module calculates a third factor U (ng/ns) of a certain candidate encryption mode, wherein ng is the number of times that an average value Xp of similarity between a comparison group of a distribution network substation and a comparison group of an auxiliary station of the distribution network substation is larger than or equal to an average threshold when all distribution network substations encrypt collected data in the candidate encryption mode, ns is the sum of the times that all distribution network substations encrypt the collected data in the candidate encryption mode, the comprehensive factor calculation module calculates a comprehensive factor W (0.4 (1-R) + 0.45S + 0.15U) of the certain candidate encryption mode, the sorting selection module sorts the candidate encryption modes in sequence from large to small, and selects the first candidate encryption mode as a new encryption mode of the analysis station.
The distribution network encryption system further comprises an alarm transmission judging module, when the alarm transmission judging module monitors that the encryption mode of one distribution network substation is changed, the alarm identification of the distribution network substation is deleted, the state of the alarm identification of the distribution network substation is changed after monitoring, and if the alarm identification of the distribution network substation is deleted, the distribution network substation is monitored to add the alarm identification, and alarm information is transmitted.
A distribution network encryption method for communication information comprises the following steps:
the method comprises the steps that an encryption database is established in advance, the encryption database is used for storing a plurality of encryption modes for encrypting data collected by a distribution network substation in advance, and the encryption database stores a plurality of encryption modes such as an RSA encryption algorithm, an SM2 encryption algorithm and the like;
after the distribution network substation receives the collected data, the collected data is encrypted by adopting an encryption mode to obtain encrypted data, and the encrypted data is transmitted to the distribution network main station,
when the distribution network main station receives the encrypted data of a certain distribution network substation, the distribution network substation is set as an analysis station,
and decrypting the encrypted data to obtain collected data, analyzing the collected data and judging whether to add a vigilant identifier to the analysis station, wherein when the vigilant identifier is added to a certain distribution network substation, the encryption mode of the distribution network substation is changed. When a certain distribution network substation is added with a caution identifier, the risk that the distribution network substation encrypts and transmits data through the current encryption mode is high, and the encryption mode should be replaced.
When the encryption mode of a certain distribution network substation is monitored to be changed, the vigilance mark of the distribution network substation is deleted, the state of the vigilance mark of the distribution network substation is monitored to be changed, if the vigilance mark of the distribution network substation is deleted within a preset time period, the fact that the vigilance mark is added to the distribution network substation is monitored, and alarm information is transmitted; the safety of the distribution network information is guaranteed by continuously monitoring the vigilance identification condition of the distribution network substation.
The analyzing the collected data to judge whether to add the vigilance identification to the distribution network substation comprises the following steps:
setting the acquired data as data to be analyzed, and acquiring the latest acquired data of an auxiliary station of the analysis station as data to be compared, wherein if the distance between the areas under the jurisdiction of two distribution network substations is smaller than or equal to a distance threshold value, one of the distribution network substations is the auxiliary station of the other distribution network substation; the distribution network substation in the application refers to a distribution network substation belonging to the same distribution network main station, when the locations of the areas under jurisdiction of two distribution network substations are relatively close, theoretically, the data characteristics of the parameters of the two distribution network substations are relatively close, and if the abnormal condition of the surrounding parameters is relatively larger than the abnormal condition of the parameters of the areas under jurisdiction of the distribution network substation, the abnormal condition possibly caused by interception and tampering in the transmission process of the acquired data of the areas under jurisdiction of the distribution network substation is relatively larger; the probability that the collected data of the area under the jurisdiction of a plurality of distribution network substations are tampered at one time is relatively low, so that the larger the average value of the similarity is, the smaller the probability that the collected data of the area under the jurisdiction of the distribution network substation are intercepted and tampered in the transmission process is;
obtaining the average value Xp of the similarity of a comparison group of data to be analyzed and a comparison group of data to be compared, wherein, judging whether each parameter of data collected at a certain time has data abnormality, if the parameter has data abnormality, extracting all the data abnormality parameters in the collected data to obtain the comparison group of the collected data,
acquiring the interval duration hj between the time node of the analysis station which changes the encryption mode for the last time and the current time node, wherein the time ratio Hp is hj/h0, h0 is a preset time threshold, and when a certain encryption mode is used for a longer time, one encryption mode should be changed for encryption, so that the transmission security of the acquired data is improved;
calculating the vigilance index P of the data to be analyzed as 0.5 (1-Xp) +0.5 Hp,
and if the vigilance index of the data to be analyzed is greater than the vigilance threshold, adding a vigilance identification to the analysis station.
The changing of the encryption mode of the distribution network substation comprises the following steps:
setting the encryption modes except the encryption mode used by the data to be analyzed in the encryption database as candidate encryption modes,
respectively counting encryption modes currently used by the acquired data of each auxiliary station of the analysis station, wherein a first factor R of a certain candidate encryption mode is nt/nz, nz is the total number of the auxiliary stations of the analysis station, and nt is the number of the candidate encryption modes used in the auxiliary stations of the analysis station; in the method, the encryption modes selected by the auxiliary stations are selected as the encryption modes of the analysis station, so that the consistency of the encryption modes selected by the analysis station and the auxiliary stations is reduced, and the safety performance of the whole collected data is improved;
respectively obtaining the time interval t between the time node at which each candidate encryption mode last encrypts the acquired data of the analysis station and the current time node, and performing normalization processing on the time interval t corresponding to a certain candidate encryption mode to obtain a second factor S of the candidate encryption mode, namely the second factor S of the certain candidate encryption mode is (t-Tmin)/(Tmax-Tmin), wherein Tmax is the maximum value in the time intervals corresponding to all the candidate encryption modes, and Tmin is the minimum value in the time intervals corresponding to all the candidate encryption modes;
calculating a third factor U of a certain candidate encryption mode as ng/ns, wherein ng is the number of times that an average value Xp of similarity of a comparison group of the distribution network substation and a comparison group of an auxiliary station of the distribution network substation is larger than or equal to an average threshold when all distribution network substations encrypt the acquired data in the candidate encryption mode, and ns is the sum of the number of times that all distribution network substations encrypt the acquired data in the candidate encryption mode; assuming that the average threshold is 60%, further, ng and ns in a latest preset time period may be set, where when a certain distribution network substation encrypts collected data in the candidate encryption manner, an average value Xp of a similarity between a comparison group of the distribution network substation and a comparison group of an auxiliary station of the distribution network substation is greater than or equal to 60%, the encryption is counted in ng times; when the third factor of a certain candidate encryption mode is larger, the transmission safety probability of the data acquired by encrypting the data in the encryption mode is relatively higher, and the stability of the encryption mode is higher;
calculating the comprehensive factor W of a certain candidate encryption mode to be 0.4 (1-R) + 0.45S + 0.15U,
and sequencing all the candidate encryption modes in a descending order, and selecting the first candidate encryption mode as a new encryption mode of the analysis station.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (8)

1. A distribution network encryption system for communication information is characterized by comprising an encryption database, an encryption control module, a decryption control module, a collected data analysis module and an encryption mode replacement module, wherein the encryption database is used for pre-storing a plurality of encryption modes for encrypting collected data of distribution network substations, the encryption control module encrypts the collected data in an encryption mode after the distribution network substations receive the collected data to obtain encrypted data and transmits the encrypted data to a distribution network main station, when the decryption control module receives the encrypted data of a certain distribution network substation, the distribution network substation is set as an analysis station and decrypts the encrypted data to obtain the collected data, the collected data analysis module analyzes the collected data to judge whether to add an alert identifier to the analysis station or not, and when the encryption mode replacement module adds the alert identifier to a certain distribution network substation, and replacing the encryption mode of the distribution network substation.
2. The distribution network encryption system for communication information according to claim 1, wherein: the acquired data analysis module comprises a data to be compared acquisition module, a similarity average acquisition module, a time ratio acquisition module, a caution index calculation module and a caution index comparison module, wherein the data to be compared acquisition module is used for setting the acquired data as the data to be analyzed, the latest acquired data of an auxiliary station of an analysis station is acquired as the data to be compared, if the distance between the regions belonging to two distribution network substations is smaller than or equal to a distance threshold value, one of the distribution network substations is the auxiliary station of the other distribution network substation, the similarity average acquisition module is used for acquiring the average value Xp of the similarity between a comparison group of the data to be analyzed and a comparison group of the data to be compared, judging whether each parameter of the acquired data at a certain time has data abnormality or not, if the data of the parameter is abnormal, extracting all the parameters of the data abnormality in the acquired data to obtain the comparison group of the acquired data, the time ratio obtaining module obtains the interval duration hj between the time node of the analysis station which changes the encryption mode for the last time and the current time node, the time ratio Hp is hj/h0, h0 is a preset time threshold, the vigilance index calculating module calculates the vigilance index P of the data to be analyzed to be 0.5 (1-Xp) +0.5 Hp, the vigilance index comparing module compares the vigilance index of the data to be analyzed with the vigilance threshold, and when the vigilance index of the data to be analyzed is larger than the vigilance threshold, the vigilance identification is added to the analysis station.
3. The distribution network encryption system for communication information according to claim 2, wherein: the encryption mode replacement module comprises a candidate encryption mode selection module, a first factor acquisition module, a second factor acquisition module, a third factor acquisition module, a comprehensive factor calculation module and a sequencing selection module, wherein the candidate encryption mode selection module is used for setting the encryption modes except the encryption mode used by the data to be analyzed in the encryption database as candidate encryption modes, the first factor acquisition module is used for respectively counting the encryption modes currently used by the acquired data of each auxiliary station of the analysis station, and then a first factor R of a certain candidate encryption mode is nt/nz, wherein nz is the total number of the auxiliary stations of the analysis station, and nt is the number of the candidate encryption modes used in the auxiliary stations of the analysis station; the second factor acquisition module respectively acquires the time interval t between the time node at which each candidate encryption mode last encrypts the acquired data of the analysis station and the current time node, and normalizes the time interval t corresponding to a certain candidate encryption mode to obtain a second factor S of the candidate encryption mode; the third factor acquisition module calculates a third factor U (ng/ns) of a certain candidate encryption mode, wherein ng is the number of times that an average value Xp of similarity between a comparison group of a distribution network substation and a comparison group of an auxiliary station of the distribution network substation is larger than or equal to an average threshold when all distribution network substations encrypt collected data in the candidate encryption mode, ns is the sum of the times that all distribution network substations encrypt the collected data in the candidate encryption mode, the comprehensive factor calculation module calculates a comprehensive factor W (0.4 (1-R) + 0.45S + 0.15U) of the certain candidate encryption mode, the sorting selection module sorts the candidate encryption modes in sequence from large to small, and selects the first candidate encryption mode as a new encryption mode of the analysis station.
4. The distribution network encryption system for communication information according to claim 3, wherein: the distribution network encryption system further comprises an alarm transmission judging module, when the alarm transmission judging module monitors that the encryption mode of one distribution network substation is changed, the alarm identification of the distribution network substation is deleted, the state of the alarm identification of the distribution network substation is changed after monitoring, and if the alarm identification of the distribution network substation is deleted, the distribution network substation is monitored to add the alarm identification, and alarm information is transmitted.
5. A distribution network encryption method for communication information is characterized in that: the distribution network encryption method comprises the following steps:
an encryption database is pre-established, the encryption database is used for pre-storing a plurality of encryption modes for encrypting the data collected by the distribution network substation,
after the distribution network substation receives the collected data, the collected data is encrypted by adopting an encryption mode to obtain encrypted data, and the encrypted data is transmitted to the distribution network main station,
when the distribution network main station receives the encrypted data of a certain distribution network substation, the distribution network substation is set as an analysis station,
and decrypting the encrypted data to obtain collected data, analyzing the collected data and judging whether to add a vigilant identifier to the analysis station, wherein when the vigilant identifier is added to a certain distribution network substation, the encryption mode of the distribution network substation is changed.
6. The distribution network encryption method for communication information according to claim 5, wherein: the analyzing the collected data to judge whether to add the vigilance identification to the distribution network substation comprises the following steps:
setting the acquired data as data to be analyzed, and acquiring the latest acquired data of an auxiliary station of the analysis station as data to be compared, wherein if the distance between the areas under the jurisdiction of two distribution network substations is smaller than or equal to a distance threshold value, one of the distribution network substations is the auxiliary station of the other distribution network substation;
obtaining the average value Xp of the similarity of a comparison group of data to be analyzed and a comparison group of data to be compared, wherein, judging whether each parameter of data collected at a certain time has data abnormality, if the parameter has data abnormality, extracting all the data abnormality parameters in the collected data to obtain the comparison group of the collected data,
acquiring the interval duration hj between the time node of the analysis station which changes the encryption mode for the last time and the current time node, wherein the time ratio Hp is hj/h0, h0 is a preset time threshold,
calculating the vigilance index P of the data to be analyzed as 0.5 (1-Xp) +0.5 Hp,
and if the vigilance index of the data to be analyzed is greater than the vigilance threshold, adding a vigilance identification to the analysis station.
7. The distribution network encryption method for communication information according to claim 6, wherein: the changing of the encryption mode of the distribution network substation comprises the following steps:
setting the encryption modes except the encryption mode used by the data to be analyzed in the encryption database as candidate encryption modes,
respectively counting encryption modes currently used by the acquired data of each auxiliary station of the analysis station, wherein a first factor R of a certain candidate encryption mode is nt/nz, nz is the total number of the auxiliary stations of the analysis station, and nt is the number of the candidate encryption modes used in the auxiliary stations of the analysis station;
respectively acquiring time intervals t between a time node at which each candidate encryption mode last encrypts collected data of the analysis station and a current time node, and performing normalization processing on the time interval t corresponding to a certain candidate encryption mode to obtain a second factor S of the candidate encryption mode;
calculating a third factor U of a certain candidate encryption mode as ng/ns, wherein ng is the number of times that an average value Xp of similarity of a comparison group of the distribution network substation and a comparison group of an auxiliary station of the distribution network substation is larger than or equal to an average threshold when all distribution network substations encrypt the acquired data in the candidate encryption mode, and ns is the sum of the number of times that all distribution network substations encrypt the acquired data in the candidate encryption mode;
calculating the comprehensive factor W of a certain candidate encryption mode to be 0.4 (1-R) + 0.45S + 0.15U,
and sequencing all the candidate encryption modes in a descending order, and selecting the first candidate encryption mode as a new encryption mode of the analysis station.
8. The distribution network encryption method for communication information according to claim 7, wherein: the distribution network encryption method further comprises the following steps:
when the encryption mode of a certain distribution network substation is monitored to be changed, the vigilance mark of the distribution network substation is deleted, the state change of the vigilance mark of the distribution network substation is monitored, if the vigilance mark of the distribution network substation is deleted within a preset time period, the fact that the vigilance mark is added to the distribution network substation is monitored, and alarm information is transmitted.
CN202111403102.4A 2021-11-24 2021-11-24 Distribution network encryption system and method for communication information Active CN114189363B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111403102.4A CN114189363B (en) 2021-11-24 2021-11-24 Distribution network encryption system and method for communication information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111403102.4A CN114189363B (en) 2021-11-24 2021-11-24 Distribution network encryption system and method for communication information

Publications (2)

Publication Number Publication Date
CN114189363A true CN114189363A (en) 2022-03-15
CN114189363B CN114189363B (en) 2022-07-15

Family

ID=80602500

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111403102.4A Active CN114189363B (en) 2021-11-24 2021-11-24 Distribution network encryption system and method for communication information

Country Status (1)

Country Link
CN (1) CN114189363B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114726613A (en) * 2022-04-06 2022-07-08 南方电网数字电网研究院有限公司 Microgrid and terminal data exchange encryption method and device and computer equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0304733A1 (en) * 1987-08-14 1989-03-01 Siemens Aktiengesellschaft Data-transmission method
JPH05316098A (en) * 1992-05-08 1993-11-26 Mitsubishi Electric Corp Communication system for control signal
CN1122487A (en) * 1994-11-04 1996-05-15 天宇光电技术开发有限公司 Wireless alarming network system
CN106789015A (en) * 2016-12-22 2017-05-31 贵州电网有限责任公司电力科学研究院 A kind of intelligent distribution network communication security system
CN107659405A (en) * 2017-11-01 2018-02-02 南京国电南自电网自动化有限公司 The encrypting and decrypting method that data communicate between a kind of transformer station boss station

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0304733A1 (en) * 1987-08-14 1989-03-01 Siemens Aktiengesellschaft Data-transmission method
JPH05316098A (en) * 1992-05-08 1993-11-26 Mitsubishi Electric Corp Communication system for control signal
CN1122487A (en) * 1994-11-04 1996-05-15 天宇光电技术开发有限公司 Wireless alarming network system
CN106789015A (en) * 2016-12-22 2017-05-31 贵州电网有限责任公司电力科学研究院 A kind of intelligent distribution network communication security system
CN107659405A (en) * 2017-11-01 2018-02-02 南京国电南自电网自动化有限公司 The encrypting and decrypting method that data communicate between a kind of transformer station boss station

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114726613A (en) * 2022-04-06 2022-07-08 南方电网数字电网研究院有限公司 Microgrid and terminal data exchange encryption method and device and computer equipment
CN114726613B (en) * 2022-04-06 2024-03-15 南方电网数字电网研究院股份有限公司 Micro-grid and terminal data communication encryption method and device and computer equipment

Also Published As

Publication number Publication date
CN114189363B (en) 2022-07-15

Similar Documents

Publication Publication Date Title
CN108566436B (en) Distributed power equipment information acquisition system and method based on block chain
CN114189363B (en) Distribution network encryption system and method for communication information
CN110134709B (en) Power grid data query method and device
CN114828057B (en) Communication base station distribution network monitoring system and method based on GIS
CN113507691A (en) Information pushing system and method based on power distribution network cross-region service
CN110912915B (en) Communication safety early warning system based on data acquisition
CN109753009A (en) A kind of level monitoring online data management system
CN113824592A (en) Quantum network management system
CN108769069A (en) A kind of encryption method for becoming distribution intelligence control system
CN115765151A (en) Safe operation and maintenance management method and system for secondary power transformation equipment
CN106411559A (en) Low voltage transformer area anti-electricity-stealing diagnosis system
CN113315778B (en) Double-encryption information security transmission method applied to hidden danger positioning
CN112087301A (en) Gas meter safety certification system based on state cryptographic algorithm
CN113890008A (en) Power distribution network event intelligent processing method based on robot process automation
CN113515786A (en) Method and device for detecting whether device fingerprints collide or not by combining wind control system
CN110213049B (en) Secret key updating system for interaction of vehicle-mounted equipment
CN115395661B (en) New energy remote centralized control center communication system constructed based on power private network
CN112969154B (en) 5G communication method for electric power distribution safety control
CN117240466A (en) Power distribution network communication security authentication method and system
CN113489144B (en) Power grid safety monitoring system
CN117914002B (en) Monitoring system, method and medium for centralized management of distributed energy storage system
CN117939461A (en) Power distribution network communication safety transmission method based on 5G slice network
CN117350889B (en) Transmission line edge calculation and thing allies oneself with proxy device
CN117857022A (en) Safety communication method and system of power distribution scene monitoring equipment
CN113852199B (en) Multi-dimensional power distribution automation inspection system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant