Research On Cyber Attack Detection Of Protection Devices For Vulnerable Lines In Power System

Intelligent measurement in smart grid is closely related to power information system,and its cyber security has attracted much attention.The current longitudinal differential relay protections are widely used in the main protection of power transmission branch.But in the digital communication scene of intelligent substation,hackers can use the loophole of intelligent substation communication protocol to tamper with the electrical measurements and clock synchronization signals collected by electronic transformer,so as to affect the correct action of the protection device.The causes of most large-scale power accidents and some cascading faults at home and abroad are mostly related to the abnormal actions of relay protection devices,especially the disconnection of some weak branches.If network attacks are launched on the protection devices of vulnerable lines,resulting in the abnormal exit of vulnerable lines,hackers will be able to cause serious damage to the security and stability of the power grid at a very small cost.Based on these current situations.So it is of great significance to study the vulnerable branch identification technology of power system,find out the weak links of the system,study the network attack detection algorithm for the protection device,and then deploy the network attack detection module for the vulnerable branch.The main works of this paper are summarized as follows,1.Based on the complex network theory and power flow entropy theory,the active power transmission betweenness index considering the transmission contribution and carrying capacity of the line is constructed from the structural level,and the impact index of power flow transfer entropy considering the transmission margin and the impact on the global power flow distribution of the system is constructed from the operating state level.The overload risk index is proposed to measure the local impact of line disconnection.2.Based on the protection principle of line current longitude differential protection,the mathematical models of false measurement injection attacks and timestamp tampering attacks that can deceive the tripping criterion of protection are constructed.Based on IEEE39 standard network simulation,various types of normal fault scenarios and attack scenarios on fragile lines are simulated,and redundant electrical measurement data on both sides of fragile lines are collected to construct fault sample sets and attack sample sets,as the data source of attack detection model.3.The attack detection model based on Deep Belief Network is constructed to effectively distinguish fault scenarios and attack scenarios.Based on the generated fault sample set and attack sample set,the model is trained offline,and then the performance of the model is comprehensively evaluated by using the test set,which verifies the superiority of the detection model in feature extraction and the significant improvement in the accuracy of false positive samples compared with the shallow learning model.