Power Industrial Control System Research Articles

ExtHT: A hybrid tracing method for cyber-attacks in power industrial control systems

Tracing the sources of cyber-attacks in Power Industrial Control Systems (PICS) can help the defense systems to block the attacks, and support the decision of the grid control policies. However, there has been no work on the cyber-attack source traceback for PICS, and the methods for the Internet are not suitable for PICS in terms of fineness, real-time performance, and supporting communication protocols. Therefore, a method for tracing cyber-attacks in PICS is proposed. First, the communication network architecture of PICS and the cyber security threats to PICS are analyzed. Then, an extended hybrid tracing method (ExtHT) based on packet marking and packet logging is proposed. This method involves all the devices working at the data link layer and upper layers to achieve more fine-grained attack tracing. At the same time, taking the costs of attack tracing into consideration, a coarse-grained tracing mode is presented to improve the tracing speed. In addition, a log database optimization scheme is provided to reduce storage costs. To facilitate the application of this method in practice, a cyber-attack source tracing system and its deployment architecture are designed for PICS. Further, the applicability and limitations of ExtHT are analyzed, theory ratiocinations are given to justify our ExtHT, and the performance of our ExtHT is compared with that of existing mainstream methods. Finally, two cyber-attack scenarios against PICS are constructed and the feasibility of ExtHT is verified on them.

Optimization of the Random Forest Hyperparameters for Power Industrial Control Systems Intrusion Detection Using an Improved Grid Search Algorithm

The intrusion detection method of power industrial control systems is a crucial aspect of assuring power security. However, traditional intrusion detection methods have two drawbacks: first, they are mainly used for defending information systems and lack the ability to detect attacks against power industrial control systems; and second, although machine learning-based intrusion detection methods perform well with the default hyperparameters, optimizing the hyperparameters can significantly improve its performance. In response to these limitations, a random forest (RF)-based intrusion detection model for power industrial control systems is proposed. Simultaneously, this paper proposes an improved grid search algorithm (IGSA) for optimizing the hyperparameters of the RF intrusion detection model to improve its efficiency and effectiveness. The proposed IGSA boosts the speed of calculation from O(nm) to O(n × m). The suggested model is evaluated based on the public power industrial control system dataset after hyperparameter optimization. The experiment results show that our method achieves a superior detection performance with the accuracy of 98% and has more outstanding performance than the same type of work.

Detecting Anomalies in Intelligent Vehicle Charging and Station Power Supply Systems With Multi-Head Attention Models

Safe and reliable intelligent charging stations are imperative in an intelligent transportation infrastructure. Over the past few years, a big number of smart charging stations have been deployed, and most of them are online and connected, resulting in potential risks of threats. Although there exists related work on securing intelligent vehicles, very little work focused on the security of charging devices. Unlike traditional network systems, these power-related Industrial Control Systems (ICSs) use many different proprietary protocols and diverse interactions. Traditional anomaly detection methods based on network traffic are thus not suitable for these systems. In this work, we propose an anomaly detection method in real vehicle power supply systems based on a deep architecture model. In particular, we propose a novel traffic anomaly detection model based on Multi-Head Attentions (MHA) that take into account the inherent correlations of traffic generated by ICSs. The MHA model is employed to substitute the traditional feature extraction and rule making process with an acceptable computational cost for classifying traffic data. It is an attention-based model that employs Google Transformer encoder architecture to extract recessive features of traffic for anomaly detection. The effectiveness of the model is demonstrated by experiments on two real-world power ICS testbeds including a substation with a slave charging station and a power generation simulation platform based on a distributed control system. Comprehensive experimental results indicate that the MHA model outperforms the Convolutional Neural Networks (CNN)-based and classical machine learning detection models with an accuracy rate of 99.86%.

Construction of Safety Protection System for Power Industrial Control System and Enhancement Design of Communication Protocol

The safe and stable operation of the power system has always been a common problem related to social stability and economic development in the world. To adapt to the development of “Internet +" and energy Internet, to ensure the information security of the power industrial control side, the power industrial control system Information security raises higher requirements. First, the ICS communication model is abstracted, the security risks and threats faced by ICS are sorted out, the most urgent and critical security requirements are clarified, and then a communication enhancement scheme is designed without affecting functions, efficiency, and rapid deployment. This includes one-way authentication and integrity checking of critical communication messages, combined with a timestamp mechanism and registration mechanism. Finally, through the security analysis of the enhanced scheme, it proves that it can resist common attacks such as camouflage, tampering and replay.

Study of Security Protection on Power Industrial Control System

In this paper, the security structure of power industrial control systems is introduced, and the information security risk of them is deeply analyzed. A security protection architecture based on power industrial control systems is put forward according to the development of information security at home and abroad, and it is made up of safe operation, technology, management, and security evaluation to ensure safety.

Research on Information Security Test Bed and Evaluation Framework for Distribution Automation System

Analyzing the characters and abstracting the system model of the distribution automation system, information security test-bed of distribution automation is designed. Meanwhile, information security test and evaluation framework is proposed based on the lifecycle of distribution automation system. The evaluation activities and the testing methods are analyzed and key problems and solutions of information security evaluation and reinforcement requirements for distribution automation system are introduced. The work in this paper can effectively support the information security protection of distribution automation system, and can provide reference for other power industrial control systems.

Data Storm Monitoring System of Large Power Industrial Control Network under Non Uniform Format

In the high power industrial control network, due to the large user base, the data traffic is plodding, the data formats are inconsistent, the network data storm is difficult to monitor. A kind of high power industrial control network data monitoring and control system is designed under non-uniform formats. The network node information collector is designed, the data is collected, and the data collection result is taken as the mathematical expectation, the mathematical expectation is trained. The problem of data flow storm statistics is solved. In the system, the format conversion function is added, data storm monitoring results is taken with the format conversion, and they are stored as text format. The monitoring program reads and displays the result, the difficulties brought by the format is not unified are solved. System test results show that the system can monitor the large power industrial control network data storm, the monitoring result is precise, and it can make the formatting process fast. A size of the generated result file is 18.1%, of the original file, and can fully reflect the network data storm characteristics, the effect is perfect.

Research on Audit Model of Users’ Operation Normalization Based on Graph Theory in Power System

Users’ correct operations should be abstracted into the data which can be stored in computer. So we need model users’ operation. Power industrial control system is a closed system. It has specific operations. By analyzing, abstracting, modeling the manual of users’ operation procedures and storing it in the computer, we can audit users’ procedures through the already defined operation flow.

Design and Implementation of Data Management System for Low-Voltage Electrical Performance Test Based on Virtual Instrument Technology

Low voltage electrical apparatus is the electrical appliances which play the role of on-off, control or protection in the circuit of AC voltage to the 1200V, DC voltage to1500V. The function of it will have a direct impact on the safe and reliable operation of the power system and industrial control system. It is needed to carry out an accurate test on the each function of them before they leave the factory. In order to ensure the accurate of the test data, it is worth studying on how to build a test data management system for low voltage electrical apparatus. Through LabVIEW establish a connection to the Access database technology. An independent data management system is developed.