JIN Tao,JIN Nai-zheng,ZHAO Fang

DOI: https://doi.org/10.3969/j.issn.1001-9529.2005.10.021

2005-01-01

Abstract:The main function of Grid Relay Protection and Fault Information System is to transit the abnormal information acquired by protection equipment and the filters of the substations to the dispatching center during the grid fault period for the dispatching staff to make a decision.The system concerns not only the related divisions on the dispatching center side,it also communicates the bay level IED in substations,therefore its security design can not be neglected.Analyzing the essential requirements of the overall security protection framework of the secondary system of the power system,it is recommended that the dispatching center side adopt the professional security isolation equipment,and the substation side adopt front-end security isolation structure of embedded system.The user security management was established at the same time.Practice shows that the design basically meets the security requirements of users for the Grid Relay Protection and Fault Information System.

Weifeng Luo,Huiqin Wang,Gangfeng Yan,Lifu Ding

DOI: https://doi.org/10.1109/icpes51309.2020.9349657

2020-01-01

Abstract:With the continuous development of power monitoring technology and the refinement of user data services and power enterprise security services, new requirements have been placed on the business management and data management of power enterprises. In order to reduce the incidence of smart grid failures and provide better services to users, a smart grid business monitoring and data analysis service platform is necessary. This article analyzes in detail the background, goals, and ideas of current business monitoring based on business logic consistency and data analysis based on data fusion, and introduces the implementation scheme of a smart grid service platform, including architecture design and construction content. The platform mentioned in this article can be extended and applied to various power businesses in the power industry, providing a theoretical basis and implementation method for realizing smart grid security monitoring and data analysis from the business level.

Jie Jiang,TieMing Chen,Bo Chen,Limin Jin,Deren Chen

2008-01-01

Abstract:In order to solve the security problems introduced by the dynamic characteristics of grid services in authentication and authorization, a security services access platform based on Grid Security Infrastructure is proposed, which can provide the security grid services including the single sign-on and unified authentication and dynamic authorization. In this platform, a self-signed proxy certificate technique and improved context-constrains role based access control mechanism are deployed. The application in Country Emergency Response Grid Service System shows that the proposed platform can satisfy the need of security for grid services access through the grid portal.

Kehe Wu,Rui Cheng,Wenchao Cui,Wei Li

DOI: https://doi.org/10.1016/j.aej.2020.09.008

IF: 6.626

2021-02-01

Alexandria Engineering Journal

Abstract:With the increasing openness of smart grids, a large quantity of power terminals will be widely applied in systems of smart grids by various access modes (wired, wireless, satellite). In order to ensure the integrity and confidentiality of the data and the security of the communications between power terminals and the smart grid intranet, a lightweight security authentication and key agreement scheme is proposed in this article. The scheme provides mutual authentication based on the SM2 algorithm and key agreement which can prevent various attacks. Furthermore experimental evaluation and comparative analysis is conducted to indicate that the proposed scheme can resist many types of attacks with lower amounts of total computational resources and lower communications bandwidth. The analysis shows that the proposed scheme is suitable for smart grid.

engineering, multidisciplinary

黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

Hua Wang,Gangfeng Yan

DOI: https://doi.org/10.1109/wcica.2012.6359132

2012-01-01

Intelligent Control and Automation

Abstract:Substation is an important part of power system and its operation status exerts great effect on the safety of power system. Comprehensive monitoring management platform for substation (CMMP) is a digital monitoring platform which has uniform interfaces; flexible expansibility and hierarchical network control ability, and it is custom-designed for safe operation of substation. CMMP consists of direct current real-time monitoring subsystem, intrusion detection and hierarchical video monitoring subsystem, temperature and humidity and fire monitoring subsystem based on WSNs. CMMP adopt composite structure of C/S and B/S which would be convenient for computer and other mobile end to query monitoring information. Owing to the perfect private network of power system, CMMP can monitor both local and cross-domain substations. In addition, CMMP can classify and manage all kinds of alarm information from substation and realize distribution monitoring centralized management.

Zhining Lv,Ziheng Hu,Gangfeng Yan,Baifeng Ning,Ningxuan Guo,Yinan Wang

DOI: https://doi.org/10.1145/3377713.3377751

2019-01-01

Abstract:In order to reduce the failure rate of smart grid and effectively improve the security protection capability of power terminals, this paper proposes a power terminal security monitoring method based on business logic consistency. The method can effectively correlate "timing label", "equipment status characteristics" and "business process", and can achieve security monitoring and abnormality detection for common attacks of power terminals from the business level. Based on this method, a monitoring platform for metering service is further built, and simulation experiments are conducted on the platform. The results show that the proposed method and platform can effectively monitor the operation status of power terminals that participating in the metering service. Besides, the method improves the monitoring efficiency and fault identification rate of safety hazards. The research in this paper can be extended to various power business in the power industry. It provides a theoretical basis and implementation method for preventing penetration and safety monitoring of power terminals from the business level.

Xueru Chu,Congying Wu,Tiecheng Li

DOI: https://doi.org/10.1109/ceect59667.2023.10420623

2023-01-01

Abstract:Currently, intelligent devices and monitoring data from substations have been integrated into the smart grid, forming an interconnected, digital operation and maintenance platform. The smart grid substation operation protection comparison platform, hosted on cloud servers, faces threats to the information security of the smart grid, thereby affecting the data privacy and operation safety of the substations. Therefore, this paper analyzes the current security requirements of the smart grid and common solutions, combined with the operation safety requirements of the smart grid substation. By using basic cryptographic techniques, it addresses network and information security threats in the smart grid, ensuring the operation safety of the substation. This paper restricts the login permissions of the smart grid substation operation protection platform; uses the RSA asymmetric encryption algorithm to encrypt the plaintext of the historical operation information stored on the server side; uses the AES advanced encryption algorithm and RSA algorithm to encrypt the communication process between the client and server side; encrypts the blueprint itself; and verifies the integrity of the blueprint connection relationship comparison file. This achieves the operation safety of the smart grid substation.

CAI Bin,WU Su-nong,WANG Shi-ming,WU Wen-chuan,ZHANG Bo-ming,ZHANG Chang-lin,ZHOU Dong-liang

DOI: https://doi.org/10.3321/j.issn:1000-3673.2007.02.007

2007-01-01

Abstract:To meet the requirement of changing off-line power grid security and stability analysis into on-line analysis, after the comprehensive research of on-line assessment of such subproblems as static state security, voltage security and transient security as well as examination of protective relaying settings, a set of complete on-line comprehensive security forewarning and coordinated anticipatory control system based on energy management system (EMS) and the data platform of dispatcher training system (DTS) is established. In addition, a security evaluation system for on-line security and stability analysis as well as forewarning is proposed, thus the operation states of power grid are divided in the viewpoint of comprehensive security and forewarning. The proposed system not only offers a good platform for changing dispatchers’ off-line analysis into on-line analysis as well as changing the former experience based dispatching mode into intelligent dispatching mode, but also provides auxiliary tools. The proposed system is applied in Jiangxi power grid.

Wang Ning,Wu Yanli,Liu Guangxing,Yao Ruizhe,Zhang Longfei

DOI: https://doi.org/10.1088/1755-1315/464/1/012006

2020-03-01

IOP Conference Series: Earth and Environmental Science

Abstract:Abstract The intelligent distribution network is an important hub for connecting power generation and users, and the security of its information is closely related to the stable operation of the power grid. In order to solve the contradiction between the security and real-time of information in intelligent distribution network according to Supplementary Provisions for Safety Protection of Medium and Low Voltage Distribution Network Automation System, an information security model of intelligent distribution network is proposed, after deeply studying AES encryption algorithm and SHA-256 authentication algorithm, using OPNET as simulation software for smart distribution network information to carryout transmission delay curve. FPGA is used as information security processing platform. We obtain the total delay, analyze the integrity and availability. The experiment proves that the intelligent distribution network information security processing solution satisfies the three elements of CIA information security, and has good confidentiality, integrity and availability.

Yifei Wan,Qi Huang,Yin Wu,Songling Li

DOI: https://doi.org/10.3233/jifs-237849

2024-02-07

Journal of Intelligent & Fuzzy Systems

Abstract:By designing a digital power grid multi-source data security collaborative management platform, the system configuration problem of the OMS system and the power grid management platform for the main distribution network of the power grid is solved. A design method for the digital power grid multi-source data security collaborative management platform based on discrete particle swarm optimization algorithm is proposed. Based on the design concept of SOA, realize the overall design framework of the platform according to the design method of multi-layer technical system in the business presentation layer, business process and composition layer, service layer, component layer and resource layer, realize the basic layer design of the system management platform through the basic application platform design scheme of XML configuration, implement the query, processing and output representation of the grid's multivariate data using B/S architecture protocol, and use the Spring Framework The platform software architecture is implemented using J2EE technology and multi module component design scheme. The discrete particle swarm optimization algorithm is used for the fusion and scheduling of multi-source data in the digital power grid. The interface design and functional construction of the power grid management platform are implemented in the OMS system of the power grid main distribution network, and the logical model of the transformation project is constructed to achieve platform optimization and construction. Tests have shown that the designed digital power grid multi-source data security collaborative management platform has good human-machine interaction, strong data fusion scheduling ability, reduced resource and subsystem coupling, and supports the flexibility of physical deployment and maintenance.

Hongna Song,Zhentao Liu,Teng Wang,Ling Zhao,Haonan Guo,Shuanggen Liu

DOI: https://doi.org/10.3390/math12091314

IF: 2.4

2024-04-26

Mathematics

Abstract:With the rapid increase in smart grid users and the increasing cost of user data transmission, proposing an encryption method that does not increase the construction cost while increasing the user ceiling has become the focus of many scholars. At the same time, the increase in users will also lead to more security problems, and it is also necessary to solve the privacy protection for users during information transmission. In order to solve the above problems, this paper proposes an aggregated ring encryption scheme based on the SM2 algorithm with special features, referred to as SM2-CLARSC, based on the certificateless ring signcryption mechanism and combining with the aggregate signcryption. SM2-CLARSC is designed to satisfy the basic needs of the smart grid, and it can be resistant to replay attacks, forward security and backward security, etc. It has better security and higher efficiency than existing solutions. Comparing SM2-CLARSC with existing typical solutions through simulation, the result proves that this solution has more comprehensive functions, higher security, and significant computational efficiency improvement.

mathematics

HUANG Tianen,GUO Qinglai,SUN Hongbin,ZHAO Naiyan,WANG Bin,GUO Wenxin

DOI: https://doi.org/10.7500/AEPS20180614002

2019-01-01

Abstract:With the integration of large-scale renewable energy and the implementation of demand response, the power system operation scenarios have become increasingly complicated and variable, leading to new requirements and challenges in power system security operation.Therefore, based on artificial intelligences, a hybrid model and data driven platform for power system security feature selection and knowledge discovery is established in the Guangdong Power Grid in China, to keep power system in secure, stable and economic conditions.Firstly, the definitions of power system security feature and knowledge are put forward, the concepts for the hybrid model and data driven platform are described, and the methods for reducing error are analyzed.Secondly, parallel techniques for the platform are discussed.Thirdly, the software and hardware architecture of the platform is designed.Finally, the application results in the Guangdong Power Grid are demonstrated, which show that: (1) from the perspective of rule-making, the platform transfers the pattern that conservative operation rules should be made by expert offline to the pattern that specific operation rules can be discovered by artificial intelligences online; (2) from the perspective of rule-application, the platform transfers the pattern that operation rules used online should be determined by operators artificially to the pattern that the operation rules can be determined by artificial intelligences automatically.

Shaohua Li,Kaiping Xue

DOI: https://doi.org/10.48550/arXiv.1810.01651

2018-10-03

Abstract:Smart grid adopts two-way communication and rich functionalities to gain a positive impact on the sustainability and efficiency of power usage, but on the other hand, also poses serious challenges to customers' privacy. Existing solutions in smart grid usually use cryptographic tools, such as homomorphic encryption, to protect individual privacy, which, however, can only support limited and simple functionalities. Moreover, the resource-constrained smart meters need to perform heavy asymmetric cryptography in these solutions, which is not applied to smart grid. In this paper, we present a practical and secure SGX-enabled smart grid system, named SecGrid. Our system leverage trusted hardware SGX to ensure that grid utilities can efficiently execute rich functionalities on customers' private data, while guaranteeing their privacy. With the designed security protocols, the SecGrid only require the smart meters to perform AES encryption. Security analysis shows that SecGrid can thwart various attacks from malicious adversaries. Experimental results show that SecGrid is much faster than the existing privacy-preserving schemes in smart grid.

Cryptography and Security

Tiantian Cai,Lin Fan,Siliang Suo,Hao Yao,Ganyang Jian,W. Xi

DOI: https://doi.org/10.1109/ITNEC.2019.8729305

2019-03-15

Abstract:The target of security protection of the power distribution automation system (the distribution system for short) is to ensure the security of communication between the distribution terminal (terminal for short) and the distribution master station (master system for short). The encryption and authentication gateway (VPN gateway for short) for distribution system enhances the network layer communication security between the terminal and the VPN gateway. The distribution application layer encryption authentication device (master cipher machine for short) ensures the confidentiality and integrity of data transmission in application layer, and realizes the identity authentication between the master station and the terminal. All these measures are used to prevent malicious damage and attack to the master system by forging terminal identity, replay attack and other illegal operations, in order to prevent the resulting distribution network system accidents. Based on the security protection scheme of the power distribution automation system, this paper carries out the development of multi-chip encapsulation, develops IPSec Protocols software within the security chip, and realizes dual encryption and authentication function in IP layer and application layer supporting the national cryptographic algorithm.

Engineering,Computer Science

Jing Zhou,Qian Wu,Jin Li,Jiaxin Li

DOI: https://doi.org/10.1007/978-3-031-06791-4_39

2022-01-01

Abstract:The power Internet of Things is the evolution direction of the power industry. While improving the convenience of power grid operations, it also brings emerging network security risks to traditional industries. The national secret algorithm can integrate the characteristics of the power Internet of things for deployment and application, and improve the industry security of the power Internet of things. Based on the characteristics of the power Internet of Things architecture, the security analysis of the interconnection of power grids is carried out, combined with the calculation points of the national secret algorithm, the business application scenarios of the national secret algorithm in the power industry are discussed, and a kind of electricity information encryption is proposed for the communication requirements of the power terminal and the grid platform. In the transmission scheme, SM2 is applied to the encrypted communication between the power terminal and the power grid platform server to solve the security issues such as identity authentication and encrypted transmission, and to improve the security efficiency of the power Internet of Things.

Tian-en Huang,Qinglai Guo,Hongbin Sun

DOI: https://doi.org/10.1109/tsg.2016.2571442

IF: 10.275

2017-05-01

IEEE Transactions on Smart Grid

Abstract:Power systems are generating masses of data, including measurement and simulation data. To operate and control power systems more effectively, this paper establishes a distributed platform to store, read, and compute massive amounts of data. Our distributed computing platform can support online simulation based power system security knowledge discovery through big data analysis. First, a framework for a distributed computing platform is designed. Then, distributed algorithms are developed, including a distributed massive sampling simulation method and a distributed feature selection method. Next, the software platform and hardware platform for the distributed computing platform are established. Finally, the platform is applied to the Guangdong Province Power System in China to evaluate its accuracy and efficiency. The simulation results show that the distributed computing platform can improve computing efficiency and perform better than a centralized platform.

engineering, electrical & electronic

Chengzhi Jiang,Chuanfeng Huang,Qiwei Huang,Jian Shi

DOI: https://doi.org/10.3390/sym13091718

2021-09-16

Symmetry

Abstract:The multi-source data collected by the power Internet of Things (IoT) provide the data foundation for the power big data analysis. Due to the limited computational capability and large amount of data collection terminals in power IoT, the traditional security mechanism has to be adapted to such an environment. In order to ensure the security of multi-source data in the power monitoring networks, a security system for multi-source big data in power monitoring networks based on the adaptive combined public key algorithm and an identity-based public key authentication protocol is proposed. Based on elliptic curve cryptography and combined public key authentication, the mapping value of user identification information is used to combine the information in a public and private key factor matrix to obtain the corresponding user key pair. The adaptive key fragment and combination method are designed so that the keys are generated while the status of terminals and key generation service is sensed. An identification-based public key authentication protocol is proposed for the power monitoring system where the authentication process is described step by step. Experiments are established to validate the efficiency and effectiveness of the proposed system. The results show that the proposed model demonstrates satisfying performance in key update rate, key generation quantity, data authentication time, and data security. Finally, the proposed model is experimentally implemented in a substation power IoT environment where the application architecture and security mechanism are described. The security evaluation of the experimental implementation shows that the proposed model can resist a series of attacks such as counterfeiting terminal, data eavesdropping, and tampering.

Yanjie Zhang,Qiqi Shu,Yubo Wang,Yin Gao,Lei Zhang,Yan Li

DOI: https://doi.org/10.1109/EI2.2018.8582358

2018-01-01

Abstract:With the increasing mutual interaction between smart grid and users, intelligent acquisition terminals and mobile operation terminals are widely used and accessed. The types of data transmitted in the network are more complex, and the requirements for information security protection are higher. Currently, the general security protocols for power systems do not meet the new requirements. This paper studies ISO/IEC 9798 series of standards, combines key agreement, entity authentication and hybrid algorithm technology, designs a secure channel protocol for high-security data transmission, and analyzes its complexity and time performance. Finally, it is completed based on security chip. Data transmission test shows that it has the characteristics of high security and flexible protocol, and can effectively meet the security and real-time requirements of data communication.

Huanhuan Ma,Chenyu Wang,Guosheng Xu,Qiang Cao,Guoai Xu,Li Duan

DOI: https://doi.org/10.1109/jsyst.2023.3289492

IF: 4.802

2023-01-01

IEEE Systems Journal

Abstract:Smart grid (SG) achieves more convenient and efficient power transmission through the rapid development of the information and communication technology. In addition to the transmission of electrical energy, the SG system also involves privacy and control information of service providers, which is closely related to people's livelihood. However, at present, the data in the SG system are transmitted in the form of plaintext, which does not have complete protection measures for entity privacy and communication data security. Focusing on preserving entity privacy and data security, this article proposes an anonymous secure authentication protocol (ASAP-SG) for the SG environment. Based on elliptic curve cryptography and physical unclonable function, ASAP-SG can realize authentication and key agreement between smart meters and service providers. The security of ASAP-SG has been verified with proverif tool and proven strictly under the real-or-random model. Furthermore, heuristic analysis manifests that ASAP-SG can successfully resist known security attacks. Finally, a fully comparison with the other five most advanced schemes reveals that ASAP-SG consumes the optimal computation cost on both smart meters and service providers and reduces the communication overhead by 33.3%–45.8%, on the basis of satisfying ten security objectives. These features make ASAP-SG more suitable for resource-constrained SG environment.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science