网络攻击下信息物理融合电力系统的弹性事件触发控制

本文将电动汽车（Electric vehicles，EVs）引入到典型的信息物理系统（Cyber-physical systems，CPS）智能电网中，采用负荷频率控制（Load frequency control，LFC）方法，能够快速抑制系统扰动所引发的频率变化.在考虑拒绝服务（Denial-of-Service，DoS）攻击的情况下，提出了一种弹性事件触发机制，使系统能够容忍攻击所造成的数据丢失.与此同时，PI型静态输出反馈控制器的输入按需更新，减少了通信负担.对于建立的闭环时滞系统模型，构造新型李亚普诺夫泛函，对系统进行稳定性分析，推导出系统所能承受的最大DoS攻击持续时间，并对控制器增益和弹性事件触发矩阵进行协同设计.最后，通过多域电力系统仿真，验证了所提出方法的有效性.     

基于拉普拉斯特征映射学习的隐匿FDI攻击检测

智能电网中的隐匿虚假数据入侵(False data injection, FDI)攻击能够绕过坏数据检测机制, 导致控制中心做出错误的状态估计, 进而干扰电力系统的正常运行. 由于电网系统具有复杂的拓扑结构, 故基于传统机器学习的攻击信号检测方法存在维度过高带来的过拟合问题, 而深度学习检测方法则存在训练时间长、占用大量计算资源的问题. 为此, 针对智能电网中的隐匿FDI攻击信号, 提出了基于拉普拉斯特征映射降维的神经网络检测学习算法, 不仅降低了陷入过拟合的风险, 同时也提高了隐匿FDI攻击检测学习算法的泛化能力. 最后, 在IEEE57-Bus电力系统模型中验证了所提方法的优点和有效性.     

Observer‐based attack‐resilient control for linear systems against FDI attacks on communication links from controller to actuators

For the adversarial attacks on the communication links from the controller to the actuators, most of the existing attack‐resilient control results focus on denial‐of‐service attacks. Unlike the existing results, this paper studies the observer‐based attack‐resilient control problem for linear systems with false data injection attacks and process disturbances. Due to limited resources, the malicious attacker is assumed to only manipulate a certain number of communication links from the controller to the actuators. A novel control architecture is proposed, which consists of an attack‐resilient state observer, a controller gain scheme, and a supervisory switching strategy. The observer is developed based on the maximin strategy, and state estimation will be used to construct the controller. The switching strategy is designed to pick an appropriate controller gain and prevent the attack signals from entering the plant automatically. It is shown that the closed‐loop system is stable with an attack‐resilient performance. Finally, to verify the effectiveness of the proposed controller, simulation results on a linearized reduced‐order aircraft system and an IEEE six‐bus power system are provided.     

一种具有非线性动力学模型的智能电网快速分布式控制

将储能技术作为新兴调节功率的手段引入智能电网,为保障电网平稳运行提供新的思路.考虑到电力系统的暂态稳定问题与蜂拥控制问题的相似性,针对电力系统遭遇故障后恢复暂态稳定的控制问题,提出一种新的基于蜂拥算法的非线性分布式控制方案,该方案利用电机动力学方程中非线性项与系统频率之间的关系,引入系统状态反馈项以加快系统恢复暂态稳定性,通过外部储能设备对系统故障实施控制.最后,将该控制器应用在IEEE新英格兰39节点电力系统模型中,仿真结果验证了该控制器具有快速性、可实施性,并进一步验证了所设计的控制器在储能设备低容量条件下的有效性.     

基于Paillier算法的智能电网数据聚合与激励方案

针对智能电网数据聚合和激励存在的隐私泄露问题,基于Paillier算法设计智能电网数据聚合和激励方案。采用超递增序列构造多维数据,并利用同态Paillier密码技术加密结构化数据。在云计算中心直接对用户与电网管理中心之间的密文数据进行聚合,添加与密钥相关的哈希运算消息认证码防止密文数据被篡改,并由电网管理中心解密后获得原始数据的聚合结果。此外,通过引入区块链和环签名实现高效匿名的光伏发电奖励和电网管理中心与用户之间的双向匿名,利用批验证算法降低计算成本。分析结果表明,在保障数据完整性和用户匿名性前提下,该方案可实现高效安全的智能电网数据聚合和激励。     

Cyber Attack Protection and Control of Microgrids

Recently, the smart grid has been considered as a next-generation power system to modernize the traditional grid to improve its security, connectivity, efficiency and sustainability. Unfortunately, the smart grid is susceptible to malicious cyber attacks, which can create serious technical, economical, social and control problems in power network operations. In contrast to the traditional cyber attack minimization techniques, this paper proposes a recursive systematic convolutional (RSC) code and Kalman filter (KF) based method in the context of smart grids. Specifically, the proposed RSC code is used to add redundancy in the microgrid states, and the log maximum a-posterior is used to recover the state information, which is affected by random noises and cyber attacks. Once the estimated states are obtained by KF algorithm, a semidefinite programming based optimal feedback controller is proposed to regulate the system states, so that the power system can operate properly. Test results show that the proposed approach can accurately mitigate the cyber attacks and properly estimate and control the system states.      

分布式电源接入场景下的电网振荡攻击建模与检测

随着分布式电源在电网中所占比重的不断提升,针对分布式电源的攻击将给电网带来更严重的安全威胁。攻击者可以通过网络入侵手段协同控制电网中防御较弱的配网侧分布式电源功率输出,最终影响发电侧发电机等关键设备的安全运行。为保障电网安全稳定运行,亟需研究针对分布式电源接入场景下的安全威胁及其防御措施。首先,本文在电力系统动态模型基础之上建立了电网振荡攻击的最小代价攻击模型,通过协同控制多个分布式电源的功率,在牺牲最少被控节点的前提下导致电网发生振荡。其次,针对现有振荡检测算法的不足,本文提出一种启发式的攻击源检测算法,通过分析系统内各节点的势能变化,可有效辅助定位攻击源。算例仿真分析结果验证了通过最小代价攻击影响电网稳定运行的可行性,以及攻击检测方法的有效性。     

智能电网ICS系统信息安全研究简

智能电网的应用改变了原有电网的网络通信结构和应用模式,如何全面的保障新形式下电网ICS系统的信息安全是一个必须深入探讨和研究并亟待解决的关键问题之一。本文首先剖析了智能电网中ICS系统与传统IT的区别,在分析ICS系统所面临的信息安全漏洞后提出了针对以上信息安全威胁的安全防护建议。     

Resilient Time-Varying Formation-Tracking of Multi-UAV Systems Against Composite Attacks: A Two-Layered Framework

This paper studies the countermeasure design problems of distributed resilient time-varying formation-tracking control for multi-UAV systems with single-way communications against composite attacks, including denial-of-services (DoS) attacks, false-data injection attacks, camouflage attacks, and actuation attacks (AAs). Inspired by the concept of digital twin, a new two-layered protocol equipped with a safe and private twin layer (TL) is proposed, which decouples the above problems into the defense scheme against DoS attacks on the TL and the defense scheme against AAs on the cyber-physical layer. First, a topology-repairing strategy against frequency-constrained DoS attacks is implemented via a Zeno-free event-triggered estimation scheme, which saves communication resources considerably. The upper bound of the reaction time needed to launch the repaired topology after the occurrence of DoS attacks is calculated. Second, a decentralized adaptive and chattering-relief controller against potentially unbounded AAs is designed. Moreover, this novel adaptive controller can achieve uniformly ultimately bounded convergence, whose error bound can be given explicitly. The practicability and validity of this new two-layered protocol are shown via a simulation example and a UAV swarm experiment equipped with both Ultra-WideBand and WiFi communication channels.      

自适应事件触发通信机制下机理解析与数据驱动融合的ICPS双重安全控制

针对存在拒绝服务(DoS)攻击与执行器故障的工业信息物理融合系统(ICPS),将机理解析与数据驱动方法相结合,在新型自适应事件触发通信机制下,研究双重安全控制问题.首先,设计自适应事件触发机制,能够触发参数随系统行为动态自适应变化,节约更多网络通信资源;其次,基于系统最大允许时延建立攻击检测机制,可以有效区分大、小能量DoS攻击;再次,基于极限学习机算法(ELM)建立时序预测模型,用于大能量DoS攻击时重构修正控制量,以主动容侵攻击的影响,并给出与小能量攻击时机理解析的弹性被动容侵来提升系统对攻击的防御能力;然后,借助T-S模糊理论、时滞系统理论、新型Bessel-Legendre不等式等,推证得到系统鲁棒观测器及双重安全控制器的解析求解方法,使双重安全控制与通讯性能得到折衷协同提升;最后,通过实例仿真验证所提出方法的有效性.     

Delay-dependent resilient-robust stabilisation of uncertain networked control systems with variable sampling intervals

This work is concerned with the robust resilient control problem for uncertain networked control systems (NCSs) with variable sampling intervals, variant-induced delays and possible data dropouts, which is seldom considered in current literature. It is mainly based on the continuous time-varying-delay system approach. Followed by the nominal case, delay-dependent resilient robust stabilising conditions for the closed-loop NCS against controller gain variations are derived by employing a novel Lyapunov–Krasovskii functional which makes good use of the information of both lower and upper bounds on the varying input delay, and the upper bound on the variable sampling interval as well. A feasible solution of the obtained criterion formulated as linear matrix inequalities can be gotten. A tighter bounding technique is presented for acquiring the time derivative of the functional so as to utilise many more useful elements, meanwhile neither slack variable nor correlated augmented item is introduced to reduce overall computational burden. Two examples are given to show the effectiveness of the proposed method.     

基于SOPC的家庭智能用电控制器

智能电网鼓励用户与电网双向互动,针对当前家庭用电设备智能化程度无法满足智能用电要求的问题,基于SOPC技术设计一款适用于家庭用电的智能控制器。以FPGA为硬件核心实现,包含电能计量、无线通信、继电器控制等多个功能电路,并完成了相关应用程序设计和开发,使控制器具有采集负荷用电信息、与用户手机终端交互、控制电器电源通断的能力。经实验验证,本文设计电路功能全面、结构简单,能实现对家用电器的智能化改造的目标,可获取家庭内负荷用电信息,促进科学、合理用电和节能。     

计及时滞的互联电网负荷频率控制最优分数阶PID控制器设计

分数阶PID控制器相比于传统整数阶PID控制器,具有控制性能好、鲁棒性强等诸多优势,可应用于电网的负荷频率控制(load frequency control,LFC)中.针对网络化时滞互联电网的LFC问题,提出了一种基于计算智能的分数阶PID控制器参数优化整定方案.该方案选择时滞LFC系统时域输出响应构建优化目标函数,采用最近提出的灰狼优化算法获得最优的分数阶PID控制器参数,所设计的控制器能确保一定时滞区间内LFC系统的稳定性.仿真算例表明,所设计的LFC最优分数阶PID控制器比传统整数阶PID控制器的控制性能更优,时滞鲁棒性更强.     

基于递归神经网络的智能电网虚假数据检测

虚假数据注入(FDI)攻击为智能电网的稳定运行带来了挑战,特别是虚假数据经过人为精心构造后,能够绕过电力系统中的常规错误数据检测技术,为电网安全运行带来了安全隐患。为此本文应用递归神经网络(RNN)来检测智能电网中的虚假数据攻击(FDI攻击)。通过编写检测算法,基于IEEE-30总线系统以及从实际电网中获得的为期五年的潮流数据,对FDI进行了仿真模拟。仿真结果表明,本文提出的基于递归神经网络的算法通过观察连续数据序列的时间变化,有效检测出了混入正常潮流数据中的虚假攻击数据。     

不确定奇异时滞系统的时滞相关型鲁棒H∞弹性控制

研究了含范数有界参数不确定性的奇异时滞系统的时滞相关型鲁棒H_∞弹性控制问题.文中所考虑的控制器增益摄动包括加性摄动和乘性摄动两种形式.在标称奇异时滞系统的时滞相关型稳定性判据的基础上,引入了一个新的时滞相关型有界实引理(BRL),进而给出了时滞相关型鲁棒H_∞弹性控制器存在的充分性条件,并利用LMIs和锥补线性化算法给出了控制器的表达式.从数值算例可以看出,所给出的设计算法是有效的.     

智能电网中家域网安全数据汇聚与调度方法研究

智能电网中通信网络的安全是实施智能电网的一个重要环节。用户信息的隐私保护是智能电网安全服务的一个主要任务。智能电网中用户信息隐私保护主要围绕智能电表数据的机密性和匿名性展开。本文以家域网作为智能电网通信网络的一个基本数据汇聚与调度单元,提出了一种安全的网内数据汇聚与调度方法,从而保证了智能家居设备的用电信息的机密性和匿名性。采用NS-2对本文提出的网内方法进行了仿真研究。仿真结果表明,本文提出的网内数据汇聚与调度方法与传统方法相比具有较高的实用性。     

Supporting resilient conceptual design using functional decomposition and conflict resolution

Concept generation plays a critical role in product design especially in the early design phase when functional requirements are either uncertain or partially known. To cope with the uncertainty imposed by the varying work environment, resilient design has often been called upon to leverage system capacity from the perspective of functional requirements. While the resilient design has been advanced recently, how to design a resilient product structure so to accommodate more functional requirements at the conceptual design phase remains challenging. To tackle this issue, we propose a methodology to support resilient conceptual design using functional decomposition and conflict resolution. To reduce the impact imposed by potential issues and uncertain environments, the overall system functional requirements are defined based on five principles of resilient design. The redundant conceptual scheme that meets functional requirements is given resilience through functional decomposition and conflict resolution. A case study of the conceptual design of a hard rock coring structure present to demonstrate the feasibility of the proposed approach. The results yielded have suggested that the proposed approach can not only support resilient conceptual design, but also leverage design reliability and robustness under uncertainty, especially in terms of varying work environments.     

A fine-grained privacy protection data aggregation scheme for outsourcing smart grid

Compared with the traditional power grid, smart grid involves many advanced technologies and applications. However, due to the rapid development of various network technologies, smart grid is facing the challenges of balancing privacy, security, efficiency, and functionality. In the proposed scheme, we design a privacy protection scheme for outsourcing smart grid aided by fog computing, which supports fine-grained privacy-protected data aggregation based on user characteristics. The fog server matches the encrypted characteristics in the received message with the encrypted aggregation rules issued by the service provider. Therefore, the service provider can get more fine-grained analysis data based on user characteristics. Different from the existing outsourcing smart grid schemes, the proposed scheme can achieve real-time pricing on the premise of protecting user privacy and achieving system fault tolerance. Finally, experiment analyses demonstrate that the proposed scheme has less computation overhead and lower transmission delay than existing schemes.     

雾辅助智能电网中容错隐私保护数据聚合方案

针对雾辅助智能电网数据收集过程中存在的隐私泄露问题, 本文提出一种新的支持容错的隐私保护数据聚合方案. 首先, 结合BGN同态加密算法和Shamir秘密共享方案确保电量数据的隐私性. 同时, 基于椭圆曲线离散对数困难问题构造高效的签名认证方法保证数据的完整性. 特别地, 方案具有两种容错措施, 当部分智能电表数据无法正常发送或部分云服务器遭受攻击而无法工作时, 方案仍然能够进行聚合统计. 安全分析证明了方案满足智能电网的安全需求; 性能实验表明, 与已有方案相比, 本文方案计算和通信性能更优.     

Simulation of the smart grid communications: Challenges,techniques, and future trends

This paper gives an overview of available simulation techniques to support the analysis of smart grid communications. Intelligent power grids, known as smart grids, are required as the demand for energy continues to grow and more emphasis is being placed on the supply of renewable energy. The main ingredient of smart grid is the integration of information and communication technology into the grids to monitor and regulate power generation and the demand. The impact of the communication networks on the performance of power system dynamics can only be understood through numerical simulations. This paper provides an overview of available simulation techniques for smart grid communications with a particular focus on the co-simulation frameworks and their enabling technologies. Moreover, a case study with VPNET for analyzing agent based shipboard smart grid protections considering communication impacts is provided.