WO2014173173A1 - Automatic system for supervising and examining security of smart grid - Google Patents

Automatic system for supervising and examining security of smart grid Download PDF

Info

Publication number
WO2014173173A1
WO2014173173A1 PCT/CN2014/000255 CN2014000255W WO2014173173A1 WO 2014173173 A1 WO2014173173 A1 WO 2014173173A1 CN 2014000255 W CN2014000255 W CN 2014000255W WO 2014173173 A1 WO2014173173 A1 WO 2014173173A1
Authority
WO
WIPO (PCT)
Prior art keywords
supervision
smart grid
inspection
security
task
Prior art date
Application number
PCT/CN2014/000255
Other languages
French (fr)
Chinese (zh)
Inventor
曹波
杨杉
Original Assignee
湖北省电力公司信息通信分公司
国家电网公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 湖北省电力公司信息通信分公司, 国家电网公司 filed Critical 湖北省电力公司信息通信分公司
Publication of WO2014173173A1 publication Critical patent/WO2014173173A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/06Energy or water supply

Definitions

  • the invention relates to the field of smart grid security monitoring technology, in particular to a smart grid security supervision automation system.
  • security configuration is also an aspect that can be exploited by hackers and requires security hardening.
  • the smart grid Compared with the general grid, the smart grid has wider openness and system complexity, and can interact with the outside world, which means it is more vulnerable to external intrusion.
  • new equipment and new technologies in the fields of wireless communication continue to emerge, and are gradually applied to the construction of power communication networks, making smart grids have complex access environments, flexible and diverse access methods, and a large number of intelligent access.
  • Features such as terminals, which will increase the security risks of smart grids.
  • it is necessary to strengthen and implement the safety requirements of the State Grid Corporation for smart grid equipment from all stages of equipment life testing, project acceptance and operation and maintenance, and to establish safety inspectors meeting relevant safety requirements. Library.
  • the object of the present invention is to develop an automated system for the safety supervision of smart grid equipment in the power industry.
  • the smart grid security supervision and automation system of the invention comprises:
  • Smart Grid Supervisor Used to store inspection templates for different types of smart grid equipment
  • Supervisor Template Editor Used to edit the default supervision template in the inspection library to generate a new inspection template for a certain type of smart grid equipment
  • Supervise task editor Define and issue inspection tasks, explicitly use a default or edit generated inspection template to perform security inspection on a range of smart grid devices;
  • Supervise task actuators The included inspection template is interpreted and implemented for safety supervision;
  • the security supervision task generated by the security supervision task editor for a smart grid device is sent to the security supervision task interpretation actuator installed on the smart grid device, and the smart grid device security supervisor is The execution result of the inspection task is submitted to the safety supervision result analyzer for analysis of the inspection result; the inspection result display: The safety supervision result report of the selected smart grid equipment is generated based on the result of the inspection result analyzer.
  • the scalable smart grid inspection library is configured to store an inspection template for different types of smart grid devices, and the supervision template is composed of one or more security inspection items. Involving account passwords, rights assignment, security auditing, remote access control, kernel security, file system security, performance security, etc., for each security supervision item, the method of automatic supervision, the judgment result judgment standard and the supervision item are also defined. Information such as weight points, data sources and standards for the supervision template are from the national grid company's safety requirements and standards for various smart grid equipment.
  • the supervision template in the smart grid inspection library can be supervised by the template boundary controller and supervisor.
  • the supervising task executor completes the smart grid equipment safety supervision work, according to the smart grid
  • the security supervision automation protocol encapsulates the inspection result information in an XML file, and sends it to the inspection task result display module through the SSL encryption communication interface, and the inspection task display module monitors the task result.
  • the smart grid security inspection automation system of the invention has the advantages of: quickly and accurately defining a security supervision template for various known smart grid devices, and an inspection template for a new smart grid device to be introduced in the future
  • Customizing the security supervision template according to this standard protocol greatly improves the security inspector scope of the smart grid equipment and the flexibility of the new smart grid equipment security supervision template formulation, and quickly delivers the security supervision task to the designated smart grid.
  • Figure 1 is a schematic diagram of the structure of the smart grid security supervision library.
  • Figure 2 is a schematic diagram of the data flow of the safety supervision automation system.
  • Figure 3 is a schematic diagram of the smart grid security supervision automation protocol.
  • the smart grid inspection library is used to store inspection templates for different types of smart grid equipment.
  • the supervision template includes the system's predefined default supervision template. Different inspection templates are based on the national grid for the smart grid. Relevant safety requirements, including one or more safety oversight items.
  • the custom security supervision template for a certain type of smart grid equipment generated by editing and modifying with the predefined default supervision template is also stored in the smart grid security supervision database.
  • the predefined default safety oversight templates in the Smart Grid Safety Oversight Library are based on the National Grid's relevant safety specifications for a certain type of Smart Grid equipment.
  • the inspection template editor is used to edit the default supervision template of the smart grid security supervision library, select the default supervision template predefined for a smart grid device in the smart grid security inspection library, and the default supervision
  • the inspection items in the template are edited to generate a custom security inspection template for the smart grid equipment of this type, and the custom security supervision template is stored in the smart grid security inspection library.
  • the safety supervision task interpretation actuator is deployed on the smart grid device, receiving the security supervision task in the XML file format issued by the inspection task editor, and interpreting the security supervision task in the XML format and Execution, supervision task interpretation of the actuator is mainly through reading the smart grid device configuration file, or executing system instructions on the smart grid device to complete the security supervision task.
  • the inspection result analyzer based on the above-mentioned safety supervision task interpretation actuator, generates a corresponding safety level for a smart grid equipment safety inspection result, and gives a safety repair suggestion.
  • the results of the inspection show that the safety supervision results report of the selected smart grid equipment is generated based on the results of the above-mentioned safety supervision result analyzer.
  • the security supervision automation system uses SSL to ensure the integrity, confidentiality and consistency of the communication data.
  • the communication interface needs to be responsible for the initialization of the communication port, the initialization of the SSL process, and various abnormalities in the communication process.
  • Figure 2 shows the security inspection automation system data flow
  • the Security Oversight Template Editor invokes a predefined default security audit template from the Smart Grid Security Supervisory Library to modify and generate a custom security audit template for a certain type of smart grid device.
  • Customized security supervision template The most task information is imported into the supervision task editor. At the same time, the inspection task end time is defined in the supervision task editor, the target smart grid equipment information is supervised, and the inspection task passes the score information. . 3 The audit task editor assembles the above information into an XML file according to the smart grid security supervision automation protocol disclosed in the present invention, and sends it to the communication interface.
  • the communication interface and the target smart grid device establish an SSL secure channel and send the XML task file to the target smart grid device.
  • the audit task explained by the target smart grid explains that the executor performs security audits according to the security audit tasks defined in the task XML file.
  • the smart grid device communication interface sends the security supervision result information to the security supervision automation system through the SSL secure channel.
  • the communication interface submits the safety supervision result information to the supervision result analyzer, generates a corresponding safety level according to the safety supervision result of the smart grid device, and gives a safety repair suggestion.
  • the safety supervision report generator generates a safety supervision result report of the selected smart grid device based on the result of the above-mentioned safety supervision result analyzer.
  • FIG. 3 shows a schematic diagram of a smart grid security supervision automation protocol disclosed in the present invention: a smart grid security supervision library realized by this standard protocol can realize fast and accurate definition for various known smart grid devices.
  • the security supervision template, the supervision template for the new smart grid equipment that needs to be introduced in the future can also be customized according to this standard protocol.
  • the security supervision task can be quickly delivered to the designated smart grid equipment to collect distributed smart grid equipment configuration information through a structured data format.
  • the overall structure consists of four parts: version information, smart grid equipment type, safety supervision project, safety supervision method, and the following:
  • the version information identifier is used to describe the version information of the security supervision template, including: version ID, revision number.
  • the smart grid device type contains the standard naming information of the smart grid device hardware and software. This information can be used to determine the security supervision method and corresponding security solutions, including: device type, manufacturer, device model, software version, for different types of intelligence.
  • Grid equipment can be associated with one or more security oversight items.
  • Security supervision item 0 involving account password, authority allocation, security audit, remote access control, kernel security, file system security, performance security, etc., including: security supervision project number, security supervision project name, security standard value, security Supervise project weights, descriptions, and security fixes.
  • security inspection method For a safety inspection project, one or more safety inspection methods may be required to complete the relationship between these safety inspection methods.
  • the safety supervision method is a set of instructions for conducting safety supervision, for example, setting the password complexity of the smart grid equipment, including: safety supervision item number, implementation method, supervision information acquisition path, and judgment standard.
  • Description and safety fix information includes descriptions of safety oversight items, mapping of national grid related safety regulations, and corresponding safety fixes.
  • the association between the safety inspection method and the safety inspection item is based on the safety supervision item number.
  • the implementation method in the security supervision method may be a method of reading system configuration information or a method of executing related system instructions.
  • the supervisor information acquisition path contains the path information of the system configuration information file to be read, or the path information of a certain system instruction.
  • the judgment standard in the safety supervision method is to compare the obtained inspection result information with the safety standard value in the safety supervision item, and the comparison method may be equal to, greater than, less than or included.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Economics (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Marketing (AREA)
  • Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Tourism & Hospitality (AREA)
  • Human Resources & Organizations (AREA)
  • General Business, Economics & Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Quality & Reliability (AREA)
  • Operations Research (AREA)
  • Public Health (AREA)
  • Water Supply & Treatment (AREA)
  • General Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Testing And Monitoring For Control Systems (AREA)
  • Storage Device Security (AREA)

Abstract

An automatic system for supervising and examining the security of a smart grid, comprising: a smart grid supervising and examining base, a supervising and examining template editor, a supervising and examining task editor, a supervising and examining task executor, a supervising and examining result analyzer, a communication interface, and a supervising and examining result display. The system has the following advantages: being capable of rapidly and accurately defining security supervising and examining templates for various known smart grid equipment, wherein for a supervising and examining template of a new smart grid equipment which needs to be introduced in future, a security supervising and examining template may also be customized according to the standard protocol, such that a security supervising and examining range of the smart grid equipment and flexibility of customizing the security supervising and examining template of the new smart grid equipment are greatly enhanced, and thus rapidly issuing a security supervising and examining task to a specified smart grid equipment, so as to realize that distributed configuration information about the smart grid equipment is collected through a structured data format.

Description

智能电网安全督查自动化系统  Smart grid security supervision automation system
技术领域 Technical field
本发明涉及智能电网安全监测技术领域, 具体地说是一种智能电网安全督査 自动化系统。  The invention relates to the field of smart grid security monitoring technology, in particular to a smart grid security supervision automation system.
背景技术 Background technique
智能电网齊及后, 随着业务的发展, 安全问题会越来越被重视, 除了这些设 备自身的漏洞外, 安全配置也是会被黑客利用的一个方面, 需要进行安全加固。  After the smart grid is integrated, security issues will become more and more important as the business develops. In addition to the loopholes of these devices, security configuration is also an aspect that can be exploited by hackers and requires security hardening.
智能电网和一般电网相比, 具有更广阔的开放性和系统复杂性, 可以实现和 外界的互动, 也就意味着更容易受到外来侵扰。 同时, 无线通信等领域的新设备、 新技术不断涌现, 并逐步广泛应用到电力通信网络的建设中, 使得智能电网具有 复杂的接入环境、 灵活多样的接入方式、 数量庞大的智能接入终端等特征, 这将 加大智能电网的安全风险。 例如, W前许多正在部署的、 用以支持智能电网项 的技术——智能电表、 传感器等, 都会加大电网受攻击的风险。 为保证智能电网 系统的安全, 必须从设备入网测试、 工程验收和运行维护等设备全生命周期各个 阶段加强和落实国家电网公司对智能电网设备相关安全要求, 同时需要设立满足 相关安全要求的安全督察库。  Compared with the general grid, the smart grid has wider openness and system complexity, and can interact with the outside world, which means it is more vulnerable to external intrusion. At the same time, new equipment and new technologies in the fields of wireless communication continue to emerge, and are gradually applied to the construction of power communication networks, making smart grids have complex access environments, flexible and diverse access methods, and a large number of intelligent access. Features such as terminals, which will increase the security risks of smart grids. For example, many of the technologies deployed in front of W to support smart grid items—smart meters, sensors, etc.—will increase the risk of attack on the grid. In order to ensure the safety of the smart grid system, it is necessary to strengthen and implement the safety requirements of the State Grid Corporation for smart grid equipment from all stages of equipment life testing, project acceptance and operation and maintenance, and to establish safety inspectors meeting relevant safety requirements. Library.
安全督查库中需要制定各种智能电网设备安全检查点、 操作指南和操作标 准。安全督査库的制定为智能电网设备标准化的安全操作提供了框架和标准。 也 为运维人员提供了检査默认风险的标杆, 但是面对智能电网系统中种类繁杂、 数 量众多的设备和软件, 如何快速、 有效的检查设备, 乂如何集中收集督査的结果, 以及制作督查报告, 并且最终识别那些与督查库规范不符合的项 t!, 以达到整改 合规的要求, 这些都是运维人员面临的新的难题。 目前国内还没有能够支持各种智能电网设备的通用安全督查工具, 无法有效 对其系统脆弱性进行检杳, 也无法 [^动化的实现电网公司相关安全规范的合规性 检査, 导致智能电网设备容易遭受口令破解、 非法连接、 非法植入恶意软件等攻 击, 可能引发电力系统中一些功能的丧失, 以及敏感数据的非法篡改。 Various safety grid equipment safety checkpoints, operating guidelines and operating standards need to be developed in the safety audit library. The development of a safety audit library provides a framework and standard for the safe operation of smart grid equipment standardization. It also provides operators with the benchmark for checking the default risk, but in the face of the complicated and numerous equipment and software in the smart grid system, how to quickly and effectively check the equipment, how to collect the results of the inspection, and the production Inspect the report, and finally identify those items that do not meet the inspection library specifications to meet the requirements of rectification and compliance. These are new challenges faced by operation and maintenance personnel. At present, there is no universal safety supervision tool that can support various smart grid devices in China, and it is impossible to effectively check the vulnerability of the system, nor can it implement the compliance check of the relevant safety regulations of the grid company. Smart grid devices are vulnerable to attacks such as password cracking, illegal connections, and illegally implanted malware, which may cause loss of some functions in the power system and illegal tampering of sensitive data.
发明内容 Summary of the invention
本发明的目的研究一种针对电力行业智能电网设备进行安全督査的自动化系 统。  SUMMARY OF THE INVENTION The object of the present invention is to develop an automated system for the safety supervision of smart grid equipment in the power industry.
本发明智能电网安全督査自动化系统, 包括:  The smart grid security supervision and automation system of the invention comprises:
智能电网督库: 用于存放针对不同类型智能电网设备的督査模板;  Smart Grid Supervisor: Used to store inspection templates for different types of smart grid equipment;
督查模板编辑器: 用于对督査库中的默认督査模板进行编辑, 以生成针对某 一类智能电网设备新的督查模板;  Supervisor Template Editor: Used to edit the default supervision template in the inspection library to generate a new inspection template for a certain type of smart grid equipment;
督查任务编辑器: 定义并下发督查任务, 明确使用某一默认或编辑生成的督 査模板, 对某一范围的智能电网设备进行安全督査工作; 督查任务执行器: 对任务中所包含的督査模板进行解释执行, 以进行安全督 査工作;  Supervise task editor: Define and issue inspection tasks, explicitly use a default or edit generated inspection template to perform security inspection on a range of smart grid devices; Supervise task actuators: The included inspection template is interpreted and implemented for safety supervision;
督杳结果分析器: 基于督査任务解释执行器对某一智能电网设备安全督查结 果来生成相应的安全级别, 并给出安全修复建议;  Supervisor Result Analyzer: Based on the audit task, the actuator is used to generate a corresponding safety level for a smart grid equipment safety inspection result, and a safety repair proposal is given;
通讯接口: 将安全督査任务编辑器所生成的针对某一智能电网设备的安全督 查任务下发给该智能电网设备上安装的安全督査任务解释执行器, 并将该智能电 网设备安全督査任务的执行结果提交给安全督杳结果分析器进行督査结果分析; 督査结果展示: 基于督査结果分析器的结果来生成所选智能电网设备的安全 督查结果报告。  Communication interface: The security supervision task generated by the security supervision task editor for a smart grid device is sent to the security supervision task interpretation actuator installed on the smart grid device, and the smart grid device security supervisor is The execution result of the inspection task is submitted to the safety supervision result analyzer for analysis of the inspection result; the inspection result display: The safety supervision result report of the selected smart grid equipment is generated based on the result of the inspection result analyzer.
信息进行归并和统一呈现。 所述的可扩展的智能电网督查库, 用于存放针对 不同类型智能电网设备的督査模板,督査模板是由一个或多个安全督查项目组成, 涉及账号口令、 权限分配、 安全审计、 远程访问控制、 内核安全、 文件系统安全、 性能安全等,针对每个安全督杳项 还定义了自动化督査的方法、督査结果判断标 准和督查项权重分值等信息,督査模板的数据来源和制定标准来自国家电网公司 对各种智能电网设备的安全要求和标准,智能电网督査库中的督查模板可被督査 模板边界器和督査任务编辑器调用; 督査模板编辑器, 调用智能电网督査库中的 默认督查模板, 并对其进行编辑, 以生成针对某一类智能电网设备新的督査模板, 或是在原有督查模板的基础上针对新增加的智能电网设备定义督査模板; 督查任 务编辑器, 针对某一类智能电网设备, 调用智能电网督查库中的默认督査模板和 自定义督査模板, 定义安全督査任务, 在安全督査任务中还包括任务执行时间以 及考核分数等信息; 督査任务定义工作完成后, 系统将按照本发明中公布的智能 电网安全督査自动化协议, 将督査任务相关信息以 XML文件的形式, 通过 SSL加 密通讯接口下发给安装在智能电网设备上的任务解释执行器, 由督査任务执行器 对) (ML任务文件进行解析, 并对包含其中的督査模板进行解释执行。 督查任务执 行器在完成智能电网设备安全督査工作后, 按照智能电网安全督查自动化协议, 将督査结果信息封装在 XML文件中, 通过 SSL加密通讯接口发送给督查任务结果 展示模块, 由督査任务展示模块对督査任务结果 Information is merged and presented in a unified manner. The scalable smart grid inspection library is configured to store an inspection template for different types of smart grid devices, and the supervision template is composed of one or more security inspection items. Involving account passwords, rights assignment, security auditing, remote access control, kernel security, file system security, performance security, etc., for each security supervision item, the method of automatic supervision, the judgment result judgment standard and the supervision item are also defined. Information such as weight points, data sources and standards for the supervision template are from the national grid company's safety requirements and standards for various smart grid equipment. The supervision template in the smart grid inspection library can be supervised by the template boundary controller and supervisor. Check the task editor call; supervise the template editor, call the default supervision template in the smart grid supervision library, and edit it to generate a new inspection template for a certain type of smart grid equipment, or Based on the supervision template, the supervision template is defined for the newly added smart grid equipment; the task editor is inspected, and the default supervision template and the custom supervision template in the smart grid inspection library are invoked for a certain type of smart grid equipment. , define the safety supervision task, and include information such as task execution time and assessment score in the safety supervision task; After the completion of the definition work, the system will send the relevant information of the inspection task to the task installed on the smart grid device through the SSL encrypted communication interface in the form of an XML file according to the smart grid security supervision automation protocol disclosed in the present invention. Explain the executor, which is performed by the procedural task executor) (the ML task file is parsed, and the supervision template containing the executor is interpreted and executed. The supervising task executor completes the smart grid equipment safety supervision work, according to the smart grid The security supervision automation protocol encapsulates the inspection result information in an XML file, and sends it to the inspection task result display module through the SSL encryption communication interface, and the inspection task display module monitors the task result.
本发明智能电网安全督査自动化系统, 其优点是: 能实现快速、 准确的定义 针对各种已知智能电网设备的安全督査模板, 对于未来需要引入的新智能电网设 备的督査模板也可以按照此标准协议进行安全督査模板的定制, 大大提高了智能 电网设备的安全督察范围和新智能电网设备安全督查模板制定的灵活性, 快速的 将安全督査任务下发到指定的智能电网设备, 以实现通过结构化的数据格式收集 分散的智能电网设备配置信息。  The smart grid security inspection automation system of the invention has the advantages of: quickly and accurately defining a security supervision template for various known smart grid devices, and an inspection template for a new smart grid device to be introduced in the future Customizing the security supervision template according to this standard protocol greatly improves the security inspector scope of the smart grid equipment and the flexibility of the new smart grid equipment security supervision template formulation, and quickly delivers the security supervision task to the designated smart grid. Equipment to enable the collection of distributed smart grid device configuration information through a structured data format.
附图说明 DRAWINGS
图 1为智能电网安全督查库结构示意图。  Figure 1 is a schematic diagram of the structure of the smart grid security supervision library.
图 2为安全督査自动化系统数据流示意图。 图 3为智能电网安全督查自动化协议示意图。 Figure 2 is a schematic diagram of the data flow of the safety supervision automation system. Figure 3 is a schematic diagram of the smart grid security supervision automation protocol.
具体实施方式 detailed description
如图 1所示, 智能电网督查库, 用于存放针对不同类型智能电网设备的督查 模板, 督杳模板包括系统预定义的默认督査模板, 不同的督査模板按照国家电网 针对智能电网相关安全要求, 包括一个或多个安全督査项目。 同时利用预定义的 默认督査模板进行编辑和修改后生成的针对某一类智能电网设备的自定义安全督 査模板也存放在智能电网安全督杳库中。 智能电网安全督查库中的预定义默认安 全督杳模板以国家电网针对某一类型智能电网设备的相关安全规范为基础进行制 定。 每个预定义安全督査模板中包含一个或多个针对某-一类型智能电网设备的安 全督查项目, 包括账号口令类安全督查项目、 权限控制类安全督查项目、 安全审 计类安全督査项目、远程访问控制类安全督査项 1=1、 文件系统类安全督查项目等。  As shown in Figure 1, the smart grid inspection library is used to store inspection templates for different types of smart grid equipment. The supervision template includes the system's predefined default supervision template. Different inspection templates are based on the national grid for the smart grid. Relevant safety requirements, including one or more safety oversight items. At the same time, the custom security supervision template for a certain type of smart grid equipment generated by editing and modifying with the predefined default supervision template is also stored in the smart grid security supervision database. The predefined default safety oversight templates in the Smart Grid Safety Oversight Library are based on the National Grid's relevant safety specifications for a certain type of Smart Grid equipment. Each predefined security supervision template contains one or more security inspection items for a certain type of smart grid equipment, including account password security inspection items, authority control security inspection items, and security audit security supervisors. Check items, remote access control safety inspection items 1 = 1, file system security inspection items, etc.
督査模板编辑器, 用于对智能电网安全督查库屮的默认督査模板进行编辑, 选择智能电网安全督查库中针对某一智能电网设备预定义的默认督査模板, 对默 认督査模板中的督査项目进行编辑, 以生成针对该类智能电网设备的自定义安全 督査模板, 自定义安全督査模板存放在智能电网安全督査库中。  The inspection template editor is used to edit the default supervision template of the smart grid security supervision library, select the default supervision template predefined for a smart grid device in the smart grid security inspection library, and the default supervision The inspection items in the template are edited to generate a custom security inspection template for the smart grid equipment of this type, and the custom security supervision template is stored in the smart grid security inspection library.
督査任务编辑器, 从智能电网安全督查库中选择针对某一个或多个智能电网 设备的预定义默认安全督査模板或自定义安全督査模板, 对所选定的一个或多个 智能电网设备, 定义并下发安全督査任务。 定义督査任务时需要确定督查任务执 行结束时间以及督査结果通过分值。 在完成安全督査任务的定义后, 安全督査任 务编辑器会按照安全督査任务定义时所选择的安全督査模板信总、 目标督査智能 电网设备信息、 安全督査任务结束时间、 安全督査任务通过分值等信息, 依据本 发明中公布的一种智能电网安全督查自动化协议, 将上述信息组装成 XML文件格 式的任务文件。 Supervise the task editor to select a predefined default security inspector template or custom security inspector template for one or more smart grid devices from the Smart Grid Security Supervisory Library for one or more selected intelligence Grid equipment, define and issue security audit tasks. When defining the inspection task, it is necessary to determine the execution end time of the inspection task and the score of the inspection result. After completing the definition of the safety supervision task, the safety supervision task editor will select the safety supervision template letter selected according to the safety supervision task definition, the target supervision smart grid equipment information, the safety supervision task end time, safety The inspection task assembles the above information into an XML file grid according to a smart grid security supervision automation protocol disclosed in the present invention by means of score and other information. Task file.
督查任务解释执行器, 安全督査任务解释执行器部署在智能电网设备上, 接 收督査任务编辑器下发的 XML文件格式的安全督查任务, 对 XML格式的安全督查 任务进行解释并执行, 督査任务解释执行器主要是通过读取智能电网设备配置文 件, 或是在该智能电网设备上执行系统指令等方式来完成安全督査任务。  Supervising the task interpretation actuator, the safety supervision task interpretation actuator is deployed on the smart grid device, receiving the security supervision task in the XML file format issued by the inspection task editor, and interpreting the security supervision task in the XML format and Execution, supervision task interpretation of the actuator is mainly through reading the smart grid device configuration file, or executing system instructions on the smart grid device to complete the security supervision task.
督查结果分析器, 基于上述安全督查任务解释执行器对某一智能电网设备安 全督查结果来生成相应的安全级别, 并给出安全修复建议。  The inspection result analyzer, based on the above-mentioned safety supervision task interpretation actuator, generates a corresponding safety level for a smart grid equipment safety inspection result, and gives a safety repair suggestion.
督査结果展示, 基于上述安全督査结果分析器的结果来生成所选智能电网设 备的安全督査结果报告。  The results of the inspection show that the safety supervision results report of the selected smart grid equipment is generated based on the results of the above-mentioned safety supervision result analyzer.
通讯接口, 用于将安全督查任务编辑器所生成的针对某一智能电网设备的安 全督查任务下发给该智能电网设备上安装的安全督查任务解释执行器, 并将该智 能电网设备安全督查任务的执行结果提交给安全督查结果分析器进行督查结果分 析。 本发明中安全督査自动化系统使用 SSL的方式确保通讯数据的完整性、 保密 性和一致性, 通讯接口需要负责通讯端口的初始化、 SSL 过程的初始化、 以及处 理通信过程中的各种异常。  a communication interface, configured to send a security supervision task generated by the security supervision task editor for a smart grid device to a security supervision task interpretation actuator installed on the smart grid device, and the smart grid device is installed The results of the safety supervision task are submitted to the safety inspection result analyzer for analysis of the inspection results. In the present invention, the security supervision automation system uses SSL to ensure the integrity, confidentiality and consistency of the communication data. The communication interface needs to be responsible for the initialization of the communication port, the initialization of the SSL process, and various abnormalities in the communication process.
图 2示出安全督査自动化系统数据流:  Figure 2 shows the security inspection automation system data flow:
①安全督査模板编辑器从智能电网安全督査库中调用预定义的默认安全督査 模板, 修改并生成针对某一类智能电网设备的自定义安全督査模板。  1 The Security Oversight Template Editor invokes a predefined default security audit template from the Smart Grid Security Supervisory Library to modify and generate a custom security audit template for a certain type of smart grid device.
②自定义的安全督査模板最为任务信息导入到督査任务编辑器, 同时在督査 任务编辑器中定义好督査任务结束时间、 督査目标智能电网设备信息以及督査任 务通过分值信息。 ③督查任务编辑器将以上信息按照本发明中公布的智能电网安全督査自动化 协议, 组装成 XML文件后, 发送给通讯接口。 2 Customized security supervision template The most task information is imported into the supervision task editor. At the same time, the inspection task end time is defined in the supervision task editor, the target smart grid equipment information is supervised, and the inspection task passes the score information. . 3 The audit task editor assembles the above information into an XML file according to the smart grid security supervision automation protocol disclosed in the present invention, and sends it to the communication interface.
④通讯接口和目标智能电网设备建立 SSL安全通道, 并将 XML任务文件发送 给目标智能电网设备。  4 The communication interface and the target smart grid device establish an SSL secure channel and send the XML task file to the target smart grid device.
⑤目标智能电网上部署的督査任务解释执行器按照任务 XML文件中定义的安 全督査任务进行安全督査。  5 The audit task explained by the target smart grid explains that the executor performs security audits according to the security audit tasks defined in the task XML file.
⑥督查任务解释执行器将安全督査结果信息返回给智能电网设备上的通讯接 6 Supervisory task interpretation actuator returns the safety supervision result information to the communication connection on the smart grid device
Pl。 Pl.
⑦智能电网设备通讯接口将安全督査结果信息通过 SSL安全通道发送给安全 督査自动化系统。  7 The smart grid device communication interface sends the security supervision result information to the security supervision automation system through the SSL secure channel.
⑧通讯接口将安全督査结果信息提交给督査结果分析器, 根据该智能电网设 备安全督査结果来生成相应的安全级别, 并给出安全修复建议。  8 The communication interface submits the safety supervision result information to the supervision result analyzer, generates a corresponding safety level according to the safety supervision result of the smart grid device, and gives a safety repair suggestion.
⑨安全督查报告生成器根据上述安全督査结果分析器的结果来生成所选智能 电网设备的安全督查结果报告。  9 The safety supervision report generator generates a safety supervision result report of the selected smart grid device based on the result of the above-mentioned safety supervision result analyzer.
图 3示出了本发明中公开了一种智能电网安全督査自动化协议示意图: 通过以此标准协议实现的智能电网安全督査库, 能实现快速、 准确的定义针 对各种已知智能电网设备的安全督査模板, 对于未来需要引入的新智能电网设备 的督査模板也可以按照此标准协议进行安全督査模板的定制。 同时以此标准协议 为基础, 能快速的将安全督査任务下发到指定的智能电网设备, 以实现通过结构 化的数据格式收集分散的智能电网设备配置信息。 其总体结构包括四部分组成: 版本信息、 智能电网设备类型、 安全督査项目、 安全督査方法, 其屮: 版本信息标识用来描述安全督查模板的版本信息, 包括: 版本 ID、 修订号。 智能电网设备类型包含智能电网设备硬件、 软件的标准命名信息, 通过该信 息可以确定安全督査方法和相应的安全解决方案, 包括: 设备类型、 厂家、 设备 型号、 软件版本, 针对不同类型的智能电网设备可以关联一个或多个安全督査项 目。 FIG. 3 shows a schematic diagram of a smart grid security supervision automation protocol disclosed in the present invention: a smart grid security supervision library realized by this standard protocol can realize fast and accurate definition for various known smart grid devices. The security supervision template, the supervision template for the new smart grid equipment that needs to be introduced in the future can also be customized according to this standard protocol. At the same time, based on this standard protocol, the security supervision task can be quickly delivered to the designated smart grid equipment to collect distributed smart grid equipment configuration information through a structured data format. The overall structure consists of four parts: version information, smart grid equipment type, safety supervision project, safety supervision method, and the following: The version information identifier is used to describe the version information of the security supervision template, including: version ID, revision number. The smart grid device type contains the standard naming information of the smart grid device hardware and software. This information can be used to determine the security supervision method and corresponding security solutions, including: device type, manufacturer, device model, software version, for different types of intelligence. Grid equipment can be associated with one or more security oversight items.
安全督查项 0, 涉及账号口令、 权限分配、 安全审计、 远程访问控制、 内核 安全、 文件系统安全、 性能安全等, 包括: 安全督査项目编号、 安全督査项目名 称、 安全标准值、 安全督查项目权重、 描述及安全修复信息。 针对 个安全督査 项目, 可能需要一种或是多种安全督查方法来完成, 这些安全督査方法之间可以 使与的关系也可以是或的关系。  Security supervision item 0, involving account password, authority allocation, security audit, remote access control, kernel security, file system security, performance security, etc., including: security supervision project number, security supervision project name, security standard value, security Supervise project weights, descriptions, and security fixes. For a safety inspection project, one or more safety inspection methods may be required to complete the relationship between these safety inspection methods.
安全督査方法是一套用于进行安全督査的指令, 例如对智能电网设备的口令 复杂度的设置, 包括: 安全督查项目编号、 实现方法、 督査信息获取路径、 判断 标准。  The safety supervision method is a set of instructions for conducting safety supervision, for example, setting the password complexity of the smart grid equipment, including: safety supervision item number, implementation method, supervision information acquisition path, and judgment standard.
描述及安全修复信息包括对安全督査项目的描述信息、 国家电网相关安全规 范的映射以及相应的安全修复方案。 安全督査方法和安全督查项 之间的关联是 依据安全督查项目编号实现的。 安全督査方法中的实现方法可以是通过读取系统 配置信息的方法或是通过执行相关系统指令的方法。 督査信息获取路径中包含有 需要读取的系统配置信息文件的路径信息, 或是执行某个系统指令的路径信息。 安全督査方法中的判断标准是将获取到的督査结果信息与安全督查项目中的安全 标准值进行比对, 比对方式可以是等于、 大于、 小于或是包含等。  Description and safety fix information includes descriptions of safety oversight items, mapping of national grid related safety regulations, and corresponding safety fixes. The association between the safety inspection method and the safety inspection item is based on the safety supervision item number. The implementation method in the security supervision method may be a method of reading system configuration information or a method of executing related system instructions. The supervisor information acquisition path contains the path information of the system configuration information file to be read, or the path information of a certain system instruction. The judgment standard in the safety supervision method is to compare the obtained inspection result information with the safety standard value in the safety supervision item, and the comparison method may be equal to, greater than, less than or included.

Claims

权 利 要 求 书 Claim
1.一种智能电网安全督査自动化系统, 其特征在于: 包括: 智能电网督库 , 督査模板编辑器,督査任务编辑器,督査任务执行器,通讯接口,督査结果展示; 所 述的可扩展的智能电网督査库,用于存放针对不同类型智能电网设备的督査模板, 督査模板是由一个或多个安全督査项目组成, 涉及账号口令、 权限分配、 安全审 计、 远程访问控制、 内核安全、 文件系统安全、 性能安全等; 针对每个安全督査 项目还定义了自动化督査的方法、 督查结果判断标准和督査项权重分值等信息, 督査模板的数据来源和制定标准来自国家电网公司对各种智能电网设备的安全要 求和标准,智能电网督査库中的督查模板可被督査模板边界器和督査任务编辑器 调用; 督査模板编辑器, 调用智能电网督査库中的默认督査模板, 并对其进行编 辑, 以生成针对某一类智能电网设备新的督査模板, 或是在原有督査模板的基础 上针对新增加的智能电网设备定义督査模板; 督査任务编辑器, 针对某- -类智能 电网设备, 调用智能电网督查库中的默认督査模板和自定义督査模板, 定义安全 督査任务, 在安全督查任务中还包括任务执行时间以及考核分数等信息; 督査任 务定义工作完成后, 系统将按照本发明中公布的智能电网安全督査自动化协议, 将督査任务相关信息以 XML文件的形式, 通过 SSL加密通讯接口下发给安装在智 能电网设备上的任务解释执行器, 由督查任务执行器对 XML任务文件进行解析, 并对包含其中的督査模板进行解释执行; 督查任务执行器在完成智能电网设备安 全督査工作后, 按照智能电网安全督査自动化协议, 将督查结果信息封装在 XML 文件中, 通过 SSL加密通讯接口发送给督查任务结果展示模块, 由督査任务展示 模块对督査任务结果信息进行归并和统一呈现。 1. A smart grid security supervision automation system, comprising: a smart grid supervision library, an inspection template editor, an inspection task editor, an inspection task actuator, a communication interface, and an inspection result display; The scalable smart grid inspection library is used to store inspection templates for different types of smart grid equipment. The inspection template is composed of one or more security inspection items, involving account passwords, authority assignments, security audits, Remote access control, kernel security, file system security, performance security, etc.; for each security inspection project, the information of the automated supervision method, the supervision result judgment standard and the supervision item weight score are also defined, and the template is supervised. Data sources and standards are derived from the safety requirements and standards of the State Grid Corporation for various smart grid equipment. The supervision template in the Smart Grid Supervisory Library can be called by the Supervisory Template Boundary and the Supervisory Task Editor; Supervisory Template Editing , call the default supervision template in the smart grid supervision library, and edit it to generate a certain kind of intelligence A new supervision template for the grid equipment, or an inspection supervision template for the newly added smart grid equipment based on the original inspection template; an inspection task editor for invoking the smart grid inspection for a certain type of smart grid equipment The default supervision template and custom supervision template in the library, define the security supervision task, and also include the task execution time and the assessment score in the security supervision task; after the supervision task definition work is completed, the system will follow the invention. The smart grid security supervision automation protocol announced in the paper, the information about the inspection task is sent to the task interpretation actuator installed on the smart grid device through the SSL encrypted communication interface in the form of an XML file, and the supervision task actuator is The XML task file is parsed, and the supervision template included therein is interpreted and executed. After the completion of the smart grid equipment security supervision work, the supervision task actuator encapsulates the inspection result information according to the smart grid security supervision automation protocol. The XML file is sent to the inspection task result display module through the SSL encrypted communication interface. The supervision task display module merges and presents the information of the inspection task results.
2.如权利要求 1智能电网安全督査自动化系统, 其特征在于: 所述畋智能电 网督査库: 用于存放针对不同类型智能电网设备的督査模板。 2. The smart grid security supervision and control system according to claim 1, wherein: the smart grid inspection library is configured to store an inspection template for different types of smart grid devices.
3.如权利要求 1智能电网安全督査 动化系统, 其特征在于: 督查模板编辑 器: 用于对督査库中的默认督查模板进行编辑, 以生成针对某一类智能电网设备 新的督査模板。  3. The smart grid security supervision and control system according to claim 1, wherein: the inspection template editor is configured to edit a default supervision template in the inspection library to generate a new type of smart grid device for a certain type. Supervision template.
4.如权利要求 1智能电网安全督査自动化系统, 其特征在于: 督查任务编辑 器: 定义并下发督查任务, 明确使用某一默认或编辑生成的督査模板, 对某一范 围的智能电网设备进行安全督査工作。  4. The smart grid security inspection automation system of claim 1, wherein: the task editor is defined: an inspection task is defined and issued, and a certain default or edit generated inspection template is explicitly used for a certain range. Smart grid equipment for safety supervision.
5.如权利要求 1智能电网安全督査自动化系统, 其特征在于: 督查任务执行 器: 对任务中所包含的督查模板进行解释执行, 以进行安全督査工作。  5. The intelligent power grid security supervision and control system according to claim 1, wherein: the task executive is: an interpretation and execution of the supervision template included in the task for security supervision.
6.如权利要求 1智能电网安全督査自动化系统, 其特征在于: 督査结果分析 器: 基于督査任务解释执行器对某一智能电网设备安全督查结果来生成相应的安 全级别, 并给出安全修复建议。  6. The smart grid security supervision automation system according to claim 1, wherein: the inspection result analyzer: based on the inspection task interpretation actuator, generates a corresponding security level for a smart grid equipment safety inspection result, and gives A security fix is recommended.
7.如权利要求 1智能电网安全督査自动化系统, 其特征在于: 通讯接口: 将 安全督查任务编辑器所生成的针对某一智能电网设备的安全督査任务下发给该智 能电网设备上安装的安全督查任务解释执行器, 并将该智能电网设备安全督査任 务的执行结果提交给安全督査结果分析器进行督査结果分析。  7. The smart grid security inspection automation system according to claim 1, wherein: the communication interface: the security supervision task generated by the security supervision task editor for a smart grid device is sent to the smart grid device. The installed safety supervision task interprets the actuator, and submits the execution result of the smart grid equipment safety inspection task to the safety inspection result analyzer for inspection result analysis.
8.如权利要求 1智能电网安全督査自动化系统,其特征在于:督査结果展示: 基于督査结果分析器的结果来生成所选智能电网设备的安全督査结果报告。  8. The smart grid security inspection automation system of claim 1 wherein: the inspection result display: generating a safety supervision result report of the selected smart grid device based on the result of the inspection result analyzer.
PCT/CN2014/000255 2013-04-24 2014-03-12 Automatic system for supervising and examining security of smart grid WO2014173173A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310144401XA CN103268569A (en) 2013-04-24 2013-04-24 Smart grid security supervising and examining automatic system
CN2013101144401.X 2013-04-24

Publications (1)

Publication Number Publication Date
WO2014173173A1 true WO2014173173A1 (en) 2014-10-30

Family

ID=49012196

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/000255 WO2014173173A1 (en) 2013-04-24 2014-03-12 Automatic system for supervising and examining security of smart grid

Country Status (2)

Country Link
CN (1) CN103268569A (en)
WO (1) WO2014173173A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110533338A (en) * 2019-09-03 2019-12-03 杭州安恒信息技术股份有限公司 Public security system network security field surveillance inspection method and device
CN110763929A (en) * 2019-08-08 2020-02-07 浙江大学 Intelligent monitoring and early warning system and method for convertor station equipment

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103268569A (en) * 2013-04-24 2013-08-28 湖北省电力公司信息通信分公司 Smart grid security supervising and examining automatic system
CN103905270A (en) * 2014-03-11 2014-07-02 国网湖北省电力公司信息通信公司 Smart grid android system safety base line automatic checking system and method
CN104281918A (en) * 2014-09-26 2015-01-14 国家电网公司 Safety self-evaluation system and method for PDA equipment of power transmission and transformation condition monitoring system
CN105306471A (en) * 2015-11-03 2016-02-03 国家电网公司 System and method for management and control of access control policy of security domain boundary equipment of smart grid
CN106228308A (en) * 2016-07-28 2016-12-14 国网江苏省电力公司扬州供电公司 A kind of managing and control system for supervising network operation and management-control method
CN107358359A (en) * 2017-07-14 2017-11-17 安徽荣旭信息科技有限公司 A kind of power plant safety assessment system
CN108805431A (en) * 2018-05-30 2018-11-13 国网江苏省电力有限公司南通供电分公司 A kind of design method of task intelligently pushing for power grid augmented reality field operation
CN111611204B (en) * 2020-04-30 2024-03-01 中国舰船研究设计中心 Distributed task progress data acquisition and analysis method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100110933A1 (en) * 2008-10-30 2010-05-06 Hewlett-Packard Development Company, L.P. Change Management of Model of Service
CN101795018A (en) * 2009-12-31 2010-08-04 华北电力大学 Visualization-based support system of electric network intelligent scheduling technique
CN103049826A (en) * 2013-01-06 2013-04-17 中国南方电网有限责任公司超高压输电公司检修试验中心 Power grid running maintenance automatic system
CN103268569A (en) * 2013-04-24 2013-08-28 湖北省电力公司信息通信分公司 Smart grid security supervising and examining automatic system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8631161B2 (en) * 2008-09-30 2014-01-14 Andrei B. Lavrov Computer program product, system and method for field management and mobile inspection
CN102457414B (en) * 2011-12-23 2014-01-01 广东电网公司电力科学研究院 Network security automatic assessment method and system adopting same used in classified security protection assessment
CN102624557A (en) * 2012-03-09 2012-08-01 浪潮通信信息系统有限公司 Method for automatic check, configuration and backup for client-side equipment configuration

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100110933A1 (en) * 2008-10-30 2010-05-06 Hewlett-Packard Development Company, L.P. Change Management of Model of Service
CN101795018A (en) * 2009-12-31 2010-08-04 华北电力大学 Visualization-based support system of electric network intelligent scheduling technique
CN103049826A (en) * 2013-01-06 2013-04-17 中国南方电网有限责任公司超高压输电公司检修试验中心 Power grid running maintenance automatic system
CN103268569A (en) * 2013-04-24 2013-08-28 湖北省电力公司信息通信分公司 Smart grid security supervising and examining automatic system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110763929A (en) * 2019-08-08 2020-02-07 浙江大学 Intelligent monitoring and early warning system and method for convertor station equipment
CN110533338A (en) * 2019-09-03 2019-12-03 杭州安恒信息技术股份有限公司 Public security system network security field surveillance inspection method and device

Also Published As

Publication number Publication date
CN103268569A (en) 2013-08-28

Similar Documents

Publication Publication Date Title
WO2014173173A1 (en) Automatic system for supervising and examining security of smart grid
CN102810143B (en) Safety detecting system and method based on mobile phone application program of Android platform
Wang et al. A simulation environment for SCADA security analysis and assessment
US10540502B1 (en) Software assurance for heterogeneous distributed computing systems
CN106054822B (en) Planning and engineering method, software tool and simulation tool
CN105320854B (en) By signing, balance prevents automation component from being distorted by program
Langer et al. From old to new: Assessing cybersecurity risks for an evolving smart grid
CN103718119B (en) Automatically the method and apparatus for executable security function being created to equipment
Bugeja et al. IoTSM: an end-to-end security model for IoT ecosystems
CN103905270A (en) Smart grid android system safety base line automatic checking system and method
CN104281918A (en) Safety self-evaluation system and method for PDA equipment of power transmission and transformation condition monitoring system
Thomas et al. Learning from vulnerabilities-categorising, understanding and detecting weaknesses in industrial control systems
WO2021038527A1 (en) Systems and methods for enhancing data provenance by logging kernel-level events
JP2014238830A (en) System and method for application development and deployment
JP2015026129A (en) Process controller and system; and soundness determination method
CN103530209A (en) Automated testing method for code keyboard
Weippl et al. Security in cyber-physical production systems: A roadmap to improving IT-security in the production system lifecycle
Dietz et al. Employing digital twins for security-by-design system testing
CN106920022B (en) Safety vulnerability assessment method, system and equipment for cigarette industrial control system
JP2020166521A (en) Controller system
Gilliam et al. Addressing software security and mitigations in the life cycle
US20180129793A1 (en) Precompile and encrypt industrial intellectual property
Livshitz et al. Industrial Systems Security Assessments study
Buczkowski et al. Optimal Security Hardening over a Probabilistic Attack Graph: A Case Study of an Industrial Control System using CySecTool
Buczkowski et al. Optimal security hardening over a probabilistic attack graph

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14788732

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 14788732

Country of ref document: EP

Kind code of ref document: A1