CN117332339A - Centralized operation and maintenance auditing system of intelligent power grid dispatching system - Google Patents
Centralized operation and maintenance auditing system of intelligent power grid dispatching system Download PDFInfo
- Publication number
- CN117332339A CN117332339A CN202311260066.XA CN202311260066A CN117332339A CN 117332339 A CN117332339 A CN 117332339A CN 202311260066 A CN202311260066 A CN 202311260066A CN 117332339 A CN117332339 A CN 117332339A
- Authority
- CN
- China
- Prior art keywords
- log
- data
- audit
- module
- power grid
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012423 maintenance Methods 0.000 title claims abstract description 15
- 238000012550 audit Methods 0.000 claims abstract description 41
- 230000004044 response Effects 0.000 claims abstract description 35
- 230000002159 abnormal effect Effects 0.000 claims abstract description 21
- 238000007726 management method Methods 0.000 claims abstract description 20
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 16
- 238000010801 machine learning Methods 0.000 claims abstract description 16
- 238000013474 audit trail Methods 0.000 claims abstract description 8
- 230000015556 catabolic process Effects 0.000 claims abstract description 5
- 238000006731 degradation reaction Methods 0.000 claims abstract description 5
- 238000012795 verification Methods 0.000 claims abstract description 5
- 230000006870 function Effects 0.000 claims description 18
- 238000000034 method Methods 0.000 claims description 18
- 238000003860 storage Methods 0.000 claims description 17
- 239000013598 vector Substances 0.000 claims description 15
- 238000004364 calculation method Methods 0.000 claims description 13
- 238000012544 monitoring process Methods 0.000 claims description 13
- 238000007405 data analysis Methods 0.000 claims description 10
- 238000009826 distribution Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 7
- 239000012141 concentrate Substances 0.000 claims 1
- 239000000284 extract Substances 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 description 14
- 238000012986 modification Methods 0.000 description 12
- 230000004048 modification Effects 0.000 description 12
- 238000012549 training Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 230000000694 effects Effects 0.000 description 7
- 230000008859 change Effects 0.000 description 6
- 238000012360 testing method Methods 0.000 description 6
- 238000004458 analytical method Methods 0.000 description 5
- 238000003066 decision tree Methods 0.000 description 4
- 238000001514 detection method Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 3
- 230000005856 abnormality Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 2
- 238000013475 authorization Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 238000005520 cutting process Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 238000003745 diagnosis Methods 0.000 description 2
- 238000009792 diffusion process Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 238000004806 packaging method and process Methods 0.000 description 2
- 238000010248 power generation Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/243—Classification techniques relating to the number of classes
- G06F18/24323—Tree-organised classifiers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/35—Clustering; Classification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/205—Parsing
- G06F40/216—Parsing using statistical methods
-
- H—ELECTRICITY
- H02—GENERATION; CONVERSION OR DISTRIBUTION OF ELECTRIC POWER
- H02J—CIRCUIT ARRANGEMENTS OR SYSTEMS FOR SUPPLYING OR DISTRIBUTING ELECTRIC POWER; SYSTEMS FOR STORING ELECTRIC ENERGY
- H02J13/00—Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the network; Circuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network
- H02J13/00002—Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the network; Circuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network characterised by monitoring
Abstract
The invention relates to a centralized operation and maintenance audit system of a smart grid dispatching system, which relates to the technical field of grid dispatching, wherein the operations of an administrator, the operations of a user and the automatic operations of a system recorded in the smart grid dispatching system are extracted by a machine learning algorithm, log data are transmitted to a cloud platform and stored by using a TCP/IP protocol, user roles of the administrator, the operator and an auditor are defined, account safety of the user is protected by using two-factor identity verification, fine-grain authority management, password safety measures and audit trails, response time, resource utilization rate and data exchange conditions of the audit log are analyzed, reasons of system bottlenecks and performance degradation are identified, the operations and events in the smart grid dispatching system are monitored in real time, abnormal faults in a power grid are detected by using the machine learning algorithm, and the abnormal conditions are discovered and processed in time.
Description
Technical Field
The invention relates to the technical field of power grid dispatching, in particular to a centralized operation and maintenance auditing system of a smart power grid dispatching system.
Background
Conventional power grids consist of large-scale central power plants and long-distance transmission lines, which lead to high energy losses and low power transmission efficiency in the energy transmission process. Furthermore, due to the instability of the grid load, it is necessary to maintain the backup power generation capacity, which leads to waste of power generation and transmission resources.
The technology level is continuously developed, the automation technology is also continuously updated, and the intelligent scheduling system of the power grid is also applied to the power system and achieves a certain effect. Compared with the traditional power grid system, the intelligent dispatching system of the power grid is not isolated, is a real-time dynamic system, can effectively analyze and regulate the power grid, and can analyze and process faults more accurately and timely when a power station breaks down, so that the intelligent dispatching system of the power grid is quicker and more convenient, and can know the running condition of the power grid more comprehensively.
Disclosure of Invention
In order to overcome the defects in the prior art, the embodiment of the invention provides a centralized operation and maintenance auditing system of a smart grid dispatching system, which is used for transferring partial load to other areas by increasing the output voltage of a transformer so as to realize load balance and electric energy distribution, so as to solve the problems in the background art.
In order to achieve the above purpose, the invention provides a centralized operation and maintenance audit system of a smart grid dispatching system, which specifically comprises a log record management module, an audit log storage module, an access control authority module, a data analysis module and an exception handling module;
and the log record management module is used for: recording and constructing operations in a smart grid dispatching system, classifying and managing the operations, and extracting characteristics of an operation log through a machine learning algorithm;
audit log storage module: collecting and transmitting log data by using a log collector, storing an audit log in a cloud platform, and periodically executing data backup operation by using the scheduling function of an ETL tool;
access control rights module: the account security of the user is protected by using double-factor identity authentication, fine grain authority management, password security measures and audit trails;
and a data analysis module: analyzing response time, resource utilization rate and data exchange condition of audit logs in the intelligent power grid dispatching system to identify system bottlenecks and reasons for performance degradation;
an exception handling module: by monitoring operation and events in the intelligent power grid dispatching system in real time, abnormal faults in the power grid are detected by using a machine learning algorithm, and abnormal conditions are found in time and processed.
In a preferred embodiment, the log record management module specifically includes the following:
s1, log record requirement: the operation of an administrator, the operation of a user and the automatic operation record of the system in the intelligent power grid dispatching system are designed into a log format, wherein the log format comprises a time stamp, an operation type, an operator identity, an operation object and an operation result field, so that the subsequent classification and management are convenient;
s2, log classification: classifying the logs according to the operation types, identifying the administrator log, the user operation log and the system operation log by using labels,
step 1, tag coding: converting the label into a numerical representation form which can be processed by a machine learning algorithm by using a single-hot coding method, creating three binary vectors which respectively represent an administrator log, a user operation log and a system operation log, wherein the vectors of the administrator log are [1, 0], the vectors of the user operation log are [0,1,0], and the vectors of the system operation log are [0, 1];
step 2, dividing a training set and a testing set: dividing the marked data set into a training set and a testing set, wherein the training set is used for training and parameter tuning of the model, and the testing set is used for evaluating the performance of the model;
step 3, extracting text features: a vocabulary is constructed containing the unique words that appear in all the text, denoted as V, where |v| represents the size of the vocabulary, and for each text sample i, the frequency of occurrence of each word in the text is calculated as follows:
wherein TF (i, t) represents word frequency, t represents a word in vocabulary V, m represents the number of occurrences of word t in text i, and n represents the total number of words in text i;
a text sample is expressed as a vector consisting of word frequencies, wherein each dimension corresponds to a word in a vocabulary V, a vector expression with a length of |V| is obtained for each text sample i, characteristics of the text sample are expressed, an IDF (inverse document frequency) is used for expressing rareness of the word t in the whole text set, TF and IDF are comprehensively considered, and a characteristic vector called TF-IDF is calculated, wherein a specific calculation formula is as follows:
TF-IDF(i,t)=TF(i,t)×IDF(t)
where IDF represents the inverse document frequency, |D| represents the total number of text in the text set, and s represents the number of text in the text set that contains word t.
In a preferred embodiment, the audit log storage module uses a TCP/IP protocol to transmit log data to a cloud platform, and specifically includes the following contents:
s1, data transmission: transmitting the log data to a cloud platform by using a TCP/IP protocol, configuring a receiving end on the cloud platform, acquiring an IP address and a port number of the receiving end, receiving the log data from a source end, and establishing TCP connection, wherein the method comprises the following specific steps of:
step 1, creating a socket: creating a Socket object at a source end for sending log data, and managing TCP connection by using the Socket;
step 2, establishing connection: creating a TCP connection with the cloud platform, and connecting to a receiving end address and a port of the cloud platform by using a socket object;
step 3, data transmission: packaging the log data into a message, and transmitting the packaged log data from a source end to a cloud platform through TCP connection by using a transmitting function of a socket object;
and 4, closing connection: after the data transmission is completed, the socket resource is released and the TCP connection is closed by calling a closing function of the socket object;
s2, audit log storage: in the intelligent power grid dispatching system, a log collector is used for collecting and transmitting log data, captured key operation and event audit logs are sent to a cloud platform for storage, and data backup operation is executed regularly through the dispatching function of an ETL tool, so that data loss is avoided, and the safety and reliability of the data are ensured.
In a preferred embodiment, the access control authority module ensures that only users with corresponding authorities can access relevant resources by defining the roles of the users of the administrator, the operator and the auditor, and specifically comprises the following contents:
s1, identity verification: introducing two-factor authentication, requiring a user to provide two different authentication factors of a password and a short message authentication code, enabling the user to receive a short message containing the authentication code after inputting the password, inputting the authentication code into a login page for authentication, and enabling the user to successfully log in only after the password and the short message authentication code pass, thereby improving the security of an account;
s2, fine granularity authority management: according to the authority requirements of each user role, distributing fine-grained functions and data authorities, associating the authorities with resources, distributing authorities for creating user accounts and distributing roles in a system for each user, ensuring that only users with corresponding authorities can access related resources, and avoiding excessive authorization;
s3, password security measures: forcing the user to use a strong password, periodically requiring to change the password, starting password locking and session timeout security measures, and protecting the account security of the user, wherein the specific steps are as follows:
step 1, password locking: by setting the number of three continuous error attempts, when a user continuously inputs an error password, an un-unlocked successful system locks an account of the user for 30 minutes, and in a locked state, continuous login attempt is forbidden, so that a malicious user is prevented from cracking the account by trying a plurality of passwords, and the security of the account is increased;
step 2, session timeout: the user does not have activity in a period of time, the system can automatically log out the user and terminate the session thereof, so that unauthorized access by other people through the logged-in user session is prevented;
s4, audit trail: recording access and operation activities of personal data, including inquiry, browsing, modification and deletion operations of the data, generating detailed audit logs, tracing modification and access history of the personal data, gradually recording each modification and access activity from an initial creation state, timely finding out falsified misuse condition of the data, checking by a manager according to the audit logs, ensuring that the data use meets the requirements of privacy protection policies and related regulations, timely identifying unauthorized data access, abnormal inquiry behaviors and abnormal data modification conditions by monitoring and analyzing the audit logs, and taking corresponding measures for repairing and preventing.
In a preferred embodiment, the data analysis module analyzes response time, resource utilization rate and data exchange condition of the audit log in the smart grid dispatching system to help an administrator find potential security threats and performance problems, and specifically comprises the following steps:
s1, response time analysis: the method comprises the following specific steps of determining a part of suspected bottlenecks by analyzing system request and response time data recorded in an audit log and utilizing the trend of average response time:
step 1, comparing time periods: grouping response time in an audit log according to time periods, comparing average response time of different time periods, and observing whether the response time has obvious change, wherein when the average response time of a certain time period is obviously higher than that of other time periods, a suspected bottleneck exists in the time period, and the specific calculation formula is as follows:
wherein,the average response time is represented, T represents the total response time, and N represents the number of requests.
Step 2, analyzing a trend graph: taking time as an X axis and response time as a Y axis, drawing time sequence data of the response time into a line graph, observing the change trend of the response time, wherein the response time shows a growing trend, and the system has a suspected bottleneck;
s2, analyzing the resource utilization rate: the utilization condition of memory resources is provided by analyzing the audit log, the memory quantity used by the current system and the total memory capacity of the system are calculated, and whether the resource bottleneck exists is determined, wherein the specific calculation formula is as follows:
wherein C represents the memory utilization, C 1 Indicating that the memory has been used, C 2 Representing the total memory;
s3, data exchange analysis: according to the number of data packets which are provided by the audit log and fail to reach the destination in the transmission process and the total number of the data packets transmitted in the same time period, the data packet loss rate is calculated, potential performance bottlenecks are identified, and the specific calculation formula is as follows:
where S represents the packet loss rate, N represents the number of packets lost, and N represents the total number of packets transmitted.
In a preferred embodiment, the exception handling module specifically includes the following:
s1, data acquisition: various parameters of the power grid, including current, voltage, frequency and power, are monitored in real time through sensors and monitoring equipment in the smart power grid, data are transmitted to an SCADA monitoring system, and the state and the running condition of the power grid are monitored in real time;
s2, abnormality detection: detecting abnormal faults in a power grid by using a machine learning algorithm, predicting the possibility of equipment faults, taking measures in advance for maintenance, constructing a decision tree model according to current, voltage, frequency and power data acquired by a sensor, realizing automatic detection and diagnosis of faults, and carrying out data division by selecting the optimal characteristics until a preset stop condition is reached, wherein the method specifically comprises the following steps of:
step 1, selecting a root node: selecting one from all the features as a root node;
step 2, data division: dividing the data set according to different values of the root node characteristics to generate child nodes, wherein each child node corresponds to one value of the root node characteristics, and the data set of each child node becomes smaller after division;
step 3, recursively constructing subtrees: repeating the step 1 and the step 2 for each sub-node, selecting the optimal characteristics for dividing, generating the sub-nodes until the stopping condition is met and the maximum depth is reached;
step 4, stopping condition treatment: when the stopping condition is met, the decision tree construction is finished, leaf nodes are generated, the leaf nodes represent classification results, and whether faults occur or not is judged;
s3, exception handling: when an abnormal condition is detected, the system triggers an alarm, and sends an alarm message, a short message and an email to a power grid dispatcher to take corresponding measures, including fast switching a power grid operation mode, isolating a problem area, adjusting load distribution and reducing the influence of faults on the power grid operation, and the method specifically comprises the following steps:
step 1, operation mode switching: switching different power supplies by using an interface of a power grid dispatching system, changing the running state of a generator set, and adjusting the connection mode of a power transmission line to switch the running mode of the power grid;
step 2, region isolation: cutting off corresponding equipment, lines and areas through a power grid dispatching system, isolating faults and preventing further diffusion;
step 3, load distribution adjustment: through the function of real-time monitoring and load control provided by the power grid dispatching system, partial load is transferred to other areas by increasing the output voltage of the transformer according to the current actual situation, and the loads of equipment in different areas are adjusted, so that load balance and electric energy distribution are realized, and the specific calculation formula is as follows:
wherein V is 1 Representing the original output voltage, V 2 Representing the new output voltage, Δv represents the increased voltage value.
The beneficial effects of the invention are as follows: the method comprises the steps of carrying out feature extraction on operation logs through a machine learning algorithm by using operations of an administrator, user and automatic operation of a system recorded in a smart grid dispatching system, transmitting log data to a cloud platform and storing the log data by using a TCP/IP protocol, protecting account safety of the user by defining user roles of the administrator, the operator and an auditor, carrying out analysis on response time, resource utilization rate and data exchange condition of the audit log by using two-factor identity verification, fine-grained authority management, password safety measures and audit trail, identifying reasons of system bottlenecks and performance degradation, monitoring operation and events in the smart grid dispatching system in real time, detecting abnormal faults in a power grid by using the machine learning algorithm, and timely finding and processing the abnormal conditions.
Drawings
Fig. 1 is a block diagram of the structure of the present invention.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.
In the description of the present application, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more of the described features. In the description of the present application, the meaning of "a plurality" is two or more, unless explicitly defined otherwise.
In the description of the present application, the term "for example" is used to mean "serving as an example, instance, or illustration. Any embodiment described herein as "for example" is not necessarily to be construed as preferred or advantageous over other embodiments. The following description is presented to enable any person skilled in the art to make and use the invention. In the following description, details are set forth for purposes of explanation. It will be apparent to one of ordinary skill in the art that the present invention may be practiced without these specific details. In other instances, well-known structures and processes have not been described in detail so as not to obscure the description of the invention with unnecessary detail. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
Example 1
The embodiment provides a centralized operation and maintenance auditing system of a smart grid dispatching system as shown in fig. 1, which specifically comprises the following steps: the system comprises a log record management module, an audit log storage module, an access control authority module, a data analysis module and an exception handling module;
and the log record management module is used for: recording and constructing operations in a smart grid dispatching system, classifying and managing the operations, and extracting characteristics of an operation log through a machine learning algorithm;
audit log storage module: collecting and transmitting log data by using a log collector, storing an audit log in a cloud platform, and periodically executing data backup operation by using the scheduling function of an ETL tool;
access control rights module: the account security of the user is protected by using double-factor identity authentication, fine grain authority management, password security measures and audit trails;
and a data analysis module: analyzing response time, resource utilization rate and data exchange condition of audit logs in the intelligent power grid dispatching system to identify system bottlenecks and reasons for performance degradation;
an exception handling module: by monitoring operation and events in the intelligent power grid dispatching system in real time, abnormal faults in the power grid are detected by using a machine learning algorithm, and abnormal conditions are found in time and processed.
In this embodiment, a log record management module is specifically described, where the log record management module specifically includes the following contents:
s1, log record requirement: the operation of an administrator, the operation of a user and the automatic operation record of the system in the intelligent power grid dispatching system are designed into a log format, wherein the log format comprises a time stamp, an operation type, an operator identity, an operation object and an operation result field, so that the subsequent classification and management are convenient;
s2, log classification: classifying the logs according to the operation types, identifying the administrator log, the user operation log and the system operation log by using labels,
step 1, tag coding: converting the label into a numerical representation form which can be processed by a machine learning algorithm by using a single-hot coding method, creating three binary vectors which respectively represent an administrator log, a user operation log and a system operation log, wherein the vectors of the administrator log are [1, 0], the vectors of the user operation log are [0,1,0], and the vectors of the system operation log are [0, 1];
step 2, dividing a training set and a testing set: dividing the marked data set into a training set and a testing set, wherein the training set is used for training and parameter tuning of the model, and the testing set is used for evaluating the performance of the model;
step 3, extracting text features: a vocabulary is constructed containing the unique words that appear in all the text, denoted as V, where |v| represents the size of the vocabulary, and for each text sample i, the frequency of occurrence of each word in the text is calculated as follows:
wherein TF (i, t) represents word frequency, t represents a word in vocabulary V, m represents the number of occurrences of word t in text i, and n represents the total number of words in text i;
a text sample is expressed as a vector consisting of word frequencies, wherein each dimension corresponds to a word in a vocabulary V, a vector expression with a length of |V| is obtained for each text sample i, characteristics of the text sample are expressed, an IDF (inverse document frequency) is used for expressing rareness of the word t in the whole text set, TF and IDF are comprehensively considered, and a characteristic vector called TF-IDF is calculated, wherein a specific calculation formula is as follows:
TF-IDF(i,t)=TF(i,t)×IDF(t)
where IDF represents the inverse document frequency, |D| represents the total number of text in the text set, and s represents the number of text in the text set that contains word t.
In this embodiment, an audit log storage module is specifically described, where the audit log storage module uses a TCP/IP protocol to transmit log data to a cloud platform, and specifically includes the following contents:
s1, data transmission: transmitting the log data to a cloud platform by using a TCP/IP protocol, configuring a receiving end on the cloud platform, acquiring an IP address and a port number of the receiving end, receiving the log data from a source end, and establishing TCP connection, wherein the method comprises the following specific steps of:
step 1, creating a socket: creating a Socket object at a source end for sending log data, and managing TCP connection by using the Socket;
step 2, establishing connection: creating a TCP connection with the cloud platform, and connecting to a receiving end address and a port of the cloud platform by using a socket object;
step 3, data transmission: packaging the log data into a message, and transmitting the packaged log data from a source end to a cloud platform through TCP connection by using a transmitting function of a socket object;
and 4, closing connection: after the data transmission is completed, the socket resource is released and the TCP connection is closed by calling a closing function of the socket object;
s2, audit log storage: in the intelligent power grid dispatching system, a log collector is used for collecting and transmitting log data, captured key operation and event audit logs are sent to a cloud platform for storage, and data backup operation is executed regularly through the dispatching function of an ETL tool, so that data loss is avoided, and the safety and reliability of the data are ensured.
In this embodiment, an access control permission module is specifically described, where the access control permission module ensures that only a user with corresponding permission can access related resources by defining user roles of an administrator, an operator and an auditor, and specifically includes the following contents:
s1, identity verification: introducing two-factor authentication, requiring a user to provide two different authentication factors of a password and a short message authentication code, enabling the user to receive a short message containing the authentication code after inputting the password, inputting the authentication code into a login page for authentication, and enabling the user to successfully log in only after the password and the short message authentication code pass, thereby improving the security of an account;
s2, fine granularity authority management: according to the authority requirements of each user role, distributing fine-grained functions and data authorities, associating the authorities with resources, distributing authorities for creating user accounts and distributing roles in a system for each user, ensuring that only users with corresponding authorities can access related resources, and avoiding excessive authorization;
s3, password security measures: forcing the user to use a strong password, periodically requiring to change the password, starting password locking and session timeout security measures, and protecting the account security of the user, wherein the specific steps are as follows:
step 1, password locking: by setting the number of three continuous error attempts, when a user continuously inputs an error password, an un-unlocked successful system locks an account of the user for 30 minutes, and in a locked state, continuous login attempt is forbidden, so that a malicious user is prevented from cracking the account by trying a plurality of passwords, and the security of the account is increased;
step 2, session timeout: the user does not have activity in a period of time, the system can automatically log out the user and terminate the session thereof, so that unauthorized access by other people through the logged-in user session is prevented;
s4, audit trail: recording access and operation activities of personal data, including inquiry, browsing, modification and deletion operations of the data, generating detailed audit logs, tracing modification and access history of the personal data, gradually recording each modification and access activity from an initial creation state, timely finding out falsified misuse condition of the data, checking by a manager according to the audit logs, ensuring that the data use meets the requirements of privacy protection policies and related regulations, timely identifying unauthorized data access, abnormal inquiry behaviors and abnormal data modification conditions by monitoring and analyzing the audit logs, and taking corresponding measures for repairing and preventing.
In this embodiment, a specific description is provided of a data analysis module, where the data analysis module analyzes response time, resource utilization rate and data exchange condition of an audit log in a smart grid scheduling system to help an administrator find potential security threats and performance problems, and specifically includes the following contents:
s1, response time analysis: the method comprises the following specific steps of determining a part of suspected bottlenecks by analyzing system request and response time data recorded in an audit log and utilizing the trend of average response time:
step 1, comparing time periods: grouping response time in an audit log according to time periods, comparing average response time of different time periods, and observing whether the response time has obvious change, wherein when the average response time of a certain time period is obviously higher than that of other time periods, a suspected bottleneck exists in the time period, and the specific calculation formula is as follows:
wherein,the average response time is represented, T represents the total response time, and N represents the number of requests.
Step 2, analyzing a trend graph: taking time as an X axis and response time as a Y axis, drawing time sequence data of the response time into a line graph, observing the change trend of the response time, wherein the response time shows a growing trend, and the system has a suspected bottleneck;
s2, analyzing the resource utilization rate: the utilization condition of memory resources is provided by analyzing the audit log, the memory quantity used by the current system and the total memory capacity of the system are calculated, and whether the resource bottleneck exists is determined, wherein the specific calculation formula is as follows:
wherein the method comprises the steps ofC represents the memory utilization, C 1 Indicating that the memory has been used, C 2 Representing the total memory;
s3, data exchange analysis: according to the number of data packets which are provided by the audit log and fail to reach the destination in the transmission process and the total number of the data packets transmitted in the same time period, the data packet loss rate is calculated, potential performance bottlenecks are identified, and the specific calculation formula is as follows:
where S represents the packet loss rate, N represents the number of packets lost, and N represents the total number of packets transmitted.
In this embodiment, an exception handling module is specifically described, where the exception handling module specifically includes the following:
s1, data acquisition: various parameters of the power grid, including current, voltage, frequency and power, are monitored in real time through sensors and monitoring equipment in the smart power grid, data are transmitted to an SCADA monitoring system, and the state and the running condition of the power grid are monitored in real time;
s2, abnormality detection: detecting abnormal faults in a power grid by using a machine learning algorithm, predicting the possibility of equipment faults, taking measures in advance for maintenance, constructing a decision tree model according to current, voltage, frequency and power data acquired by a sensor, realizing automatic detection and diagnosis of faults, and carrying out data division by selecting the optimal characteristics until a preset stop condition is reached, wherein the method specifically comprises the following steps of:
step 1, selecting a root node: selecting one from all the features as a root node;
step 2, data division: dividing the data set according to different values of the root node characteristics to generate child nodes, wherein each child node corresponds to one value of the root node characteristics, and the data set of each child node becomes smaller after division;
step 3, recursively constructing subtrees: repeating the step 1 and the step 2 for each sub-node, selecting the optimal characteristics for dividing, generating the sub-nodes until the stopping condition is met and the maximum depth is reached;
step 4, stopping condition treatment: when the stopping condition is met, the decision tree construction is finished, leaf nodes are generated, the leaf nodes represent classification results, and whether faults occur or not is judged;
s3, exception handling: when an abnormal condition is detected, the system triggers an alarm, and sends an alarm message, a short message and an email to a power grid dispatcher to take corresponding measures, including fast switching a power grid operation mode, isolating a problem area, adjusting load distribution and reducing the influence of faults on the power grid operation, and the method specifically comprises the following steps:
step 1, operation mode switching: switching different power supplies by using an interface of a power grid dispatching system, changing the running state of a generator set, and adjusting the connection mode of a power transmission line to switch the running mode of the power grid;
step 2, region isolation: cutting off corresponding equipment, lines and areas through a power grid dispatching system, isolating faults and preventing further diffusion;
step 3, load distribution adjustment: through the function of real-time monitoring and load control provided by the power grid dispatching system, partial load is transferred to other areas by increasing the output voltage of the transformer according to the current actual situation, and the loads of equipment in different areas are adjusted, so that load balance and electric energy distribution are realized, and the specific calculation formula is as follows:
wherein V is 1 Representing the original output voltage, V 2 Representing the new output voltage, Δv represents the increased voltage value.
In the foregoing embodiments, the descriptions of the embodiments are focused on, and for those portions of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (7)
1. The utility model provides a smart power grids dispatch system concentrates fortune dimension audit system which characterized in that: the method specifically comprises the following steps: the system comprises a log record management module, an audit log storage module, an access control authority module, a data analysis module and an exception handling module;
and the log record management module is used for: recording and constructing operations in a smart grid dispatching system, classifying and managing the operations, and extracting characteristics of an operation log through a machine learning algorithm;
audit log storage module: collecting and transmitting log data by using a log collector, and storing an audit log in a cloud platform;
access control rights module: the account security of the user is protected by using double-factor identity authentication, fine grain authority management, password security measures and audit trails;
and a data analysis module: analyzing response time, resource utilization rate and data exchange condition of audit logs in the intelligent power grid dispatching system to identify system bottlenecks and reasons for performance degradation;
an exception handling module: by monitoring operation and events in the intelligent power grid dispatching system in real time, abnormal faults in the power grid are detected by using a machine learning algorithm, and abnormal conditions are found in time and processed.
2. The smart grid scheduling system centralized operation and maintenance auditing system according to claim 1, wherein: the log record management module records the operations of an administrator, the operations of a user and the automatic operations of the system in the intelligent power grid dispatching system, classifies and manages the operation records, extracts the characteristics of the operation log through a machine learning algorithm, comprehensively considers TF and IDF, and calculates a characteristic vector called TF-IDF, wherein the specific calculation formula is as follows:
TF-IDF(i,t)=TF(i,t)×IDF(t)
where IDF represents the inverse document frequency, |D| represents the total number of text in the text set, and s represents the number of text in the text set that contains word t.
3. The smart grid scheduling system centralized operation and maintenance auditing system according to claim 1, wherein: the audit log storage module transmits log data to the cloud platform by using a TCP/IP protocol, and periodically executes data backup operation by using the scheduling function of the ETL tool so as to avoid data loss.
4. The smart grid scheduling system centralized operation and maintenance auditing system according to claim 1, wherein: the access control authority module uses double-factor identity verification, fine grain authority management, password security measures and audit trails by defining the user roles of an administrator, an operator and an auditor, protects the account security of the user, and ensures that only the user with corresponding authority can access related resources.
5. The smart grid scheduling system centralized operation and maintenance auditing system according to claim 1, wherein: the data analysis module helps an administrator find potential security threats and performance problems, and a specific calculation formula is as follows:
wherein,the average response time is represented, T represents the total response time, and N represents the number of requests.
6. The smart grid scheduling system centralized operation and maintenance auditing system according to claim 1, wherein: the abnormal processing module is used for detecting abnormal faults in the power grid by using a machine learning algorithm through the functions of real-time monitoring and load control provided by a power grid dispatching system through load distribution adjustment, and timely finding and processing abnormal conditions.
7. The smart grid scheduling system centralized operation and maintenance auditing system according to claim 6, wherein: according to the current practical situation, the load distribution adjustment transfers partial load to other areas by increasing the output voltage of the transformer, adjusts the load of equipment in different areas, realizes load balance and electric energy distribution, and has the following specific calculation formula:
wherein V is 1 Representing the original output voltage, V 2 Representing the new output voltage, Δv represents the increased voltage value.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311260066.XA CN117332339A (en) | 2023-09-26 | 2023-09-26 | Centralized operation and maintenance auditing system of intelligent power grid dispatching system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311260066.XA CN117332339A (en) | 2023-09-26 | 2023-09-26 | Centralized operation and maintenance auditing system of intelligent power grid dispatching system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117332339A true CN117332339A (en) | 2024-01-02 |
Family
ID=89278367
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311260066.XA Pending CN117332339A (en) | 2023-09-26 | 2023-09-26 | Centralized operation and maintenance auditing system of intelligent power grid dispatching system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117332339A (en) |
-
2023
- 2023-09-26 CN CN202311260066.XA patent/CN117332339A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Choi et al. | Ontology-based security context reasoning for power IoT-cloud security service | |
Rakas et al. | A review of research work on network-based scada intrusion detection systems | |
CN111404914A (en) | Ubiquitous power Internet of things terminal safety protection method under specific attack scene | |
CN107463839A (en) | A kind of system and method for managing application program | |
CN111935189B (en) | Industrial control terminal strategy control system and industrial control terminal strategy control method | |
CN111046415A (en) | Intelligent grading early warning system and method for confidential files | |
Wang et al. | A centralized HIDS framework for private cloud | |
Skopik et al. | synERGY: Cross-correlation of operational and contextual data to timely detect and mitigate attacks to cyber-physical systems | |
CN106326736A (en) | Data processing method and system | |
CN111339050B (en) | Centralized security audit method and system based on big data platform | |
CN113506096B (en) | Inter-system interface method based on industrial internet identification analysis system | |
CN112291266B (en) | Data processing method, device, server and storage medium | |
CN112910728A (en) | Data security monitoring method and device | |
CN112214772A (en) | Privilege certificate centralized management and control and service system | |
Gong et al. | Multi-agent intrusion detection system using feature selection approach | |
CN117332339A (en) | Centralized operation and maintenance auditing system of intelligent power grid dispatching system | |
CN107465688B (en) | Method for identifying network application permission of state monitoring and evaluating system | |
CN111221802A (en) | Digital asset risk management and control system and method based on big data | |
CN113132379A (en) | Intelligent security system of warehousing system | |
CN115080291A (en) | Container abnormal behavior processing method and device | |
Sabri et al. | Hybrid of rough set theory and artificial immune recognition system as a solution to decrease false alarm rate in intrusion detection system | |
Aldossary et al. | Securing SCADA systems against cyber-attacks using artificial intelligence | |
CN114372595A (en) | Automatic power grid dispatching control operation state inspection system and method | |
Wang et al. | The Design and Implementation of Attack Path Extraction Model in Power Cyber Physical System. | |
Andryukhin et al. | Industrial network anomaly behavior detection via exponential smoothing model |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |