Visible to the public Security Risk Control of Water Power Generation Industrial Control Network Based on Attack and Defense Map

TitleSecurity Risk Control of Water Power Generation Industrial Control Network Based on Attack and Defense Map
Publication TypeConference Paper
Year of Publication2019
AuthorsDong, Xiao, Li, Qianmu, Hou, Jun, Zhang, Jing, Liu, Yaozong
Conference Name2019 IEEE Fifth International Conference on Big Data Computing Service and Applications (BigDataService)
Keywordsattack and defense map, Communication networks, composability, computer network security, Databases, dedicated network, defense strategy, future hydroelectric power generation system, Hazards, Hydroelectric power generation, hydroelectric power stations, industrial control, industrial control network system, industrial control systems, Industrial Control Systems Anomaly Detection, network security problems, Networked Control Systems Security, open network, power engineering computing, power system security, Predictive Metrics, Protocols, pubcrawl, resilience, Resiliency, Scalability, security, security risk control, Servers, smart power grids, water power generation industrial control network

With the latest development of hydroelectric power generation system, the industrial control network system of hydroelectric power generation has undergone the transformation from the dedicated network, using proprietary protocols to an increasingly open network, adopting standard protocols, and increasing integration with hydroelectric power generation system. It generally believed that with the improvement of the smart grid, the future hydroelectric power generation system will rely more on the powerful network system. The general application of standardized communication protocol and intelligent electronic equipment in industrial control network provides a technical guarantee for realizing the intellectualization of hydroelectric power generation system but also brings about the network security problems that cannot be ignored. In order to solve the vulnerability of the system, we analyze and quantitatively evaluate the industrial control network of hydropower generation as a whole, and propose a set of attack and defense strategies. The method of vulnerability assessment with high diversity score proposed by us avoids the indifference of different vulnerability score to the greatest extent. At the same time, we propose an optimal attack and defense decision algorithm, which generates the optimal attack and defense strategy. The work of this paper can distinguish the actual hazards of vulnerable points more effectively.

Citation Keydong_security_2019