摘要
[目的]我国电网将步入“电力-信息-业务”紧密互联的智能电网阶段,信息系统的网络安全和物理系统的工程安全高度耦合,将带来信息物理融合系统(CPS)的综合安全问题。[方法]综述了现有的CPS安全分析技术并总结了CPS网络安全风险评估和管理方法,介绍了电力安全防护的总体现状,梳理了CPS网络安全分析方法、风险评估框架、建模思想等,并详细分析了各个模型的优劣特性及发展前景。[结果]提出的风险分析框架可以帮助电力企业筛选、识别网络安全事件,探究安全风险事件的相关性和依赖性,探究网络安全分析的潜在方向。[结论]有助于电力企业优化资源配置,对网络安全规划人员开展电力基础设施安全风险评估、网络安全应急预案等工作有参考意义。
[Introduction]China’s power grid is now entering the new era of smart grid with the“power-information-business”interconnected stage,where the cybersecurity in the information system and the operational security in the power system are closely coupled,which,however,would cause severe security problem of the cyber-physical system(CPS).[Method]This paper surveyed on the cybersecurity issue of CPS and summarizes the corresponding risk estimation and management framework.Then the paper introduced the background and current status of cybersecurity,categorized the state-of-the-art methods,risk estimation framework,modeling insights,etc.This paper also fundamentally investigated both the advantages and disadvantages of each model and evaluated its development potentials.[Result]This study would help enterprises to screen and identify cybersecurity events and explore the correlation and dependency within the events,which may help researchers to exploit new interests.[Conclusion]This work induces investors to optimize their resources and budget allocations,which would also guide for security engineers to proceed with cyber risk estimates and to prepare contingency plans.
作者
杨至元
张仕鹏
孙浩
YANG Zhiyuan;ZHANG Shipeng;SUN Hao(China Energy Engineering Group Guangdong Electric Power Design Institute Co.,Ltd.,Guangzhou 510663,China)
出处
《南方能源建设》
2020年第3期6-22,共17页
Southern Energy Construction
基金
中国能建广东院科技项目“基于信息物理融合系统的网络安全的电力系统运行风险评估”(EV05391W)。
关键词
电力信息物理融合系统
网络安全分析
网络风险评估
电力系统信息安全
电力系统工程安全
power cyber-physical system
cyber-based contingency analysis
cyber risk estimate
power system information security
power system engineering stability
