当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
An Intrusion Detection Method for Line Current Differential Relays
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2019-05-15 , DOI: 10.1109/tifs.2019.2916331 Amir Ameli , Ali Hooshyar , Ehab F. El-Saadany , Amr M. Youssef
IEEE Transactions on Information Forensics and Security ( IF 6.8 ) Pub Date : 2019-05-15 , DOI: 10.1109/tifs.2019.2916331 Amir Ameli , Ali Hooshyar , Ehab F. El-Saadany , Amr M. Youssef
The U.S. Department of Homeland Security (DHS) has recently identified digital relays as targets vulnerable to cyber-attacks. The DHS has also noted that attacks to multiple relays can bring about cascading outages of transmission lines, leading to blackouts. As a result, making protective relays cyber-resilient is a prominent security issue in power networks. Line current differential relays (LCDRs) are among the potentially vulnerable digital relays that are increasingly deployed for protecting critical transmission lines. LCDRs, however, lack the required resiliency against cyber attacks, due to their high dependence on communication systems. This paper unveils that such susceptibilities can result in unwarranted trip signals through false data injection attacks (FDIAs), and so cause instability if several attacks are coordinated. It also presents a solution for detecting FDIAs and distinguishing them from real internal faults. To detect attacks, the proposed method compares the estimated and locally measured voltages at an LCDR's terminal for both the positive sequence (PS) and negative sequence (NS). To estimate the local voltage for each sequence, the proposed technique uses an unknown input observer (UIO), the state-space model of the faulty line, and remote and local measurements, all associated with that sequence. The difference between the measured and estimated local voltages for each sequence remains close to zero during real internal faults because, in this condition, the state-space model based on which the UIO operates correctly represents the line. Nevertheless, the state-space model mismatch during FDIAs leads to a large difference between measured and estimated values in both sequences. The effectiveness of the proposed method is corroborated using simulation results for the IEEE 39-bus network.
中文翻译:
线路电流差动继电器的入侵检测方法
美国国土安全部(DHS)最近将数字中继确定为易受网络攻击的目标。国土安全部还指出,对多个中继的攻击可能导致传输线的级联中断,从而导致停电。结果,使保护继电器具有网络弹性是电力网络中一个突出的安全问题。线电流差动继电器(LCDR)是潜在易受攻击的数字继电器之一,这些继电器越来越多地用于保护关键的传输线。然而,LCDR由于对通信系统的高度依赖,因此缺乏抗击网络攻击所需的弹性。本文揭示了这种敏感性可能会通过错误的数据注入攻击(FDIA)导致不必要的跳闸信号,因此如果协调多次攻击,则会导致不稳定。它还提供了一种检测FDIA并将其与实际内部故障区分开的解决方案。为了检测攻击,该方法比较了LCDR终端的正序(PS)和负序(NS)的估计电压和本地测量电压。为了估计每个序列的局部电压,所提出的技术使用未知输入观测器(UIO),故障线路的状态空间模型以及远程和局部测量,所有这些都与该序列相关联。在实际内部故障期间,每个序列的测得的局部电压和估计的局部电压之间的差异保持接近于零,这是因为在这种情况下,UIO正确运行所基于的状态空间模型代表了线路。不过,FDIA期间的状态空间模型不匹配会导致两个序列的测量值和估计值之间存在较大差异。IEEE 39总线网络的仿真结果证实了该方法的有效性。
更新日期:2020-04-22
中文翻译:
线路电流差动继电器的入侵检测方法
美国国土安全部(DHS)最近将数字中继确定为易受网络攻击的目标。国土安全部还指出,对多个中继的攻击可能导致传输线的级联中断,从而导致停电。结果,使保护继电器具有网络弹性是电力网络中一个突出的安全问题。线电流差动继电器(LCDR)是潜在易受攻击的数字继电器之一,这些继电器越来越多地用于保护关键的传输线。然而,LCDR由于对通信系统的高度依赖,因此缺乏抗击网络攻击所需的弹性。本文揭示了这种敏感性可能会通过错误的数据注入攻击(FDIA)导致不必要的跳闸信号,因此如果协调多次攻击,则会导致不稳定。它还提供了一种检测FDIA并将其与实际内部故障区分开的解决方案。为了检测攻击,该方法比较了LCDR终端的正序(PS)和负序(NS)的估计电压和本地测量电压。为了估计每个序列的局部电压,所提出的技术使用未知输入观测器(UIO),故障线路的状态空间模型以及远程和局部测量,所有这些都与该序列相关联。在实际内部故障期间,每个序列的测得的局部电压和估计的局部电压之间的差异保持接近于零,这是因为在这种情况下,UIO正确运行所基于的状态空间模型代表了线路。不过,FDIA期间的状态空间模型不匹配会导致两个序列的测量值和估计值之间存在较大差异。IEEE 39总线网络的仿真结果证实了该方法的有效性。
京公网安备 11010802027423号