面向微电网网络化控制系统的数据完整性攻击检测与安全控制

Currently, the attack detection and resilient control of smart grid have attracted increasing efforts from a variety of communities including power system, information system, control engineering, etc. This project focuses on the security of smart micorgird networked frequency and voltage control under data integrity attacks. While most existing work investigate the security of smart grid either from the aspect of information system security or system control engineering separately, the strong interaction between the information system and the physical system is studied in this project, in order to enhance the security of the microgrid networked frequency and voltage control. In specific, the data integrity attack detection and resilient control methods are investigated. Firstly, the model-based digital signature creation method and the corresponding data integrity attack detection mechanism are proposed. Specifically, the dynamic model of the power system is used to predict the future states of the system and the statistics of a number of future states are calculated and used as the dynamic hash to determine the integrity of the data communicated. Secondly, considering the constraints resulted from the proposed integrity attack detection method, a model-based resilient load frequency controller is designed for the smart microgrid. In the end, with the general assumption on the randomness of the attack sequence and time interval, the stochastic stability analysis of the closed-loop microgrid networked control system integrated with the attack detection mechanism and resilient frequency and voltage controllers is studied. The fulfillment of this research will expand and improve the theoretic and applied research on the intrusion detection and resilient control of the smart grid networked control system.

智能电网安全检测与安全控制研究已成为电力、信息、控制等学科的共同研究热点。本项目针对数据完整性攻击下的智能微电网，充分考虑信息系统与电气物理系统强耦合性，深入研究网络化频率及电压控制系统的网络攻击检测与安全控制算法，以实现微电网网络化控制系统攻击检测和安全控制的有机结合和统一设计，确保智能微电网安全稳定运行。首先，提出一种结合微电网电气物理系统预测状态量数理特性的动态数字签名及数据完整性攻击检测算法；其次，考虑信息系统网络攻击检测器对网络攻击行为带来的约束条件，提出基于系统模型的微电网网络化频率及电压安全控制策略；最后，本项目结合对数据完整性攻击持续时长随机特性的一般性假设，对嵌入网络攻击检测器与安全控制器的智能微电网闭环系统进行随机稳定性分析, 给出融合网络攻击随机特性参数的稳定性标准。本项目的突破将进一步丰富和完善智能电网网络化控制系统攻击检测及安全控制的基础理论及应用研究。

鉴于网络攻击对智能电网等关键基础设施的稳定、经济运行和社会安定将产生严重威胁及恶劣后果，针对智能电网等关键工业网络化控制系统的网络安全检测和安全控制研究已经成为控制，通信以及电力系统等多个领域的共同研究重点。本项目围绕着智能电网控制系统的网络攻击检测算法，提出了基于梯度变化的可信度检测算法；针对拒绝服务攻击，提出了一种融合入侵检测器的微电网二次频率安全控制系统；考虑网络攻击检测器出现错误判断的情况，对微电网系统进行了随机稳定性分析并设计安全控制器；设计以及基于事件触发的通信和控制联合机制进行了深入研究；针对网络及物理攻击同时存在的电力系统，设计了分布式的模糊滤波算法并设计负载频率安全控制器. 该项目的主要研究成果均发表在控制及工程技术领域国际顶级及著名期刊并受到了国际范围的快速关注及引用。