| The Cyber Physical Power System(CPPS)is a new form of traditional power systems under the support of advanced information technology.CPPS is the main feature of smart grids,but it also brings potential security issues.This risk is caused by the complex mechanism in the coupling of the primary system to the secondary system.The CPPS is mainly composed of a power information system and a power physics system.A stable and reliable information communication system is essential for the safe operation of the power system,and a large amount of safety information is hidden in the massive log data generated by the operation of the information communication system.How to use log analysis technology to monitor the running status and user behavior of the system has become a difficult problem at present.In this context,this paper proposes a network security situational awareness method that considers spatiotemporal characteristics,and implements the system through C# programming.The method includes two parts: alarm information fusion and CPPS network security situational awareness.Firstly,an alarm information fusion method is proposed.The log of the power information system has the characteristics of large data volume,multi-source heterogeneous log data,and no direct connection between logs.Based on the characteristics of the log,this paper proposes an alarm information fusion method that considers the spatiotemporal characteristics.In the method,the alarm information fusion is implemented according to the steps of log data preprocessing,data source credibility analysis,and alarm information fusion.And through experiments,the method has high availability.Secondly,a network security situation assessment method for CPPS is proposed.The method is based on the fused alarm information.In this method,CPPS is first abstracted into a network,and threat propagation between assets is defined as a threat propagation tree.On the basis of abstraction,the importance of network nodes is quantitatively evaluated,and a membership function suitable for specific scenarios and considering the accuracy and timeliness compromise decision is used to improve the threat propagation tree generation algorithm.Finally,a situation assessment of the network security of the CPPS is performed.The feasibility and effectiveness of the above method are verified by simulation calculation.Finally,the system design and implementation are carried out in combination with the actual power system and the network security situational awareness method considering the spatiotemporal characteristics given in this paper.The system is presented through specific application cases. |
PDF Full Text Request