Research On Security Risk Assessment Of Software-Defined Substation Considering Cyber Attack

As the degree of informatization continues to deepen,the role of smart substations in the power system is becoming more and more important.The gradual increase in the scale of smart substation networks has given attackers the opportunity to attack substations through network vulnerabilities,leading to paralysis of the substation system and even large-scale power outages.The communication network of smart substations has gradually increased the problems exposed in network transmission.Software-defined network(Software Design Network,SDN)is a relatively novel network analysis technology architecture.Its core idea is to separate the control plane and the data plane to achieve flow control.It is widely used to detect network attacks and suppress abnormalities.Flow and other aspects.The SDN Open Flow switch communicates data with the controller through the Open Flow communication protocol,and the controller issues commands that are executed by the switch for traffic forwarding.Therefore,SDN can be applied to the architecture analysis process of smart substations to achieve centralized control and safe forwarding of traffic in substations.This article mainly studies the architecture optimization problem of combining SDN and smart substation and how to realize quantitative risk assessment based on the architecture.(1)This article analyzes the current network security problems of smart substations and expounds the characteristics and advantages of SDN.Due to the weak links in the network management of substations and the lack of centralized control capabilities,the substations are prone to security problems in the management and control links.In this context,a software-defined substation architecture based on centralized control has been constructed.The SDN controller is used to achieve centralized control of the substation.The Open Flow switch is used as the basis for data forwarding.The controller realizes realtime monitoring and flow control of the switch.The structure of the substation is simplified,and the protection capability of the substation against network attacks is also improved.In order to verify the reliability of the clustered multi-controller,this paper presents three controller placement algorithms.The simulation results confirm that the cluster-based placement algorithm can achieve the optimal connection between the multi-controller and the switch,thus verifying this article The rationality of the centralized control softwaredefined substation architecture.Then,a simulation experiment is carried out to verify the traffic monitoring function of the architecture constructed in this article.Set up a test environment on the Mininet virtual machine,and use s Flow-rt technology to monitor the flow.By observing the traffic change state of the DDos attack before and after the attack,the rationality of the application of SDN in smart substations is verified.(2)In order to achieve quantitative security risk assessment based on software-defined substation architecture,this paper proposes an improved attack graph algorithm and introduces the concept of sensitivity.By analyzing the information flow transmission process of the software-defined substation based on D2-1,each device is abstracted into vertices,combined with the attack path to establish an attack graph model,and the sensitivity factor of the device and the sensitivity of all attack paths are calculated according to the improved attack graph algorithm.The comparison results can analyze the level of equipment risk and the corresponding risk levels of attack paths at different depths.This verifies the feasibility of the method described in this article,and at the same time provides a reference for the subsequent protection of substations.