计及网络攻击影响的安全稳定控制系统风险评估方法

安全稳定控制系统（稳控系统）是保证电网可靠运行的重要防线，针对稳控系统的网络攻击会造成严重的物理后果。为了量化评估稳控系统遭受网络攻击的影响以及现有风险评估方法缺乏充分考虑网络攻击的易发性，提出一种计及网络攻击影响的安全稳定控制系统风险评估方法。文中首先分析了稳控系统的层次结构。然后，从攻击对象、攻击方式，攻击后果三个角度分析了稳控装置本体与稳控装置站间通信的网络攻击风险点。其次，基于模糊层次分析法对网络攻击易发性进行量化，并结合Petri网建立的网络攻击防护单元模型，建立针对稳控系统的网络攻击成功概率模型。最后，结合物理后果和攻击成功概率，对标准系统和实际系统进行风险评估，计算了正常运行和网络攻击两种情况下的风险值，验证了所提模型的有效性。

Risk assessment method of security and stability control system considering the impact of cyber attacks

The safety and stability control system (SSCS) is an important defense line to ensure the reliable operation of the power grid. Serious physical consequences can be caused by cyber attacks against the SSCS. Given the lack of sufficient consideration on the susceptibility of cyber attacks in existing risk assessment methods, a risk assessment method of SSCS considering the impact of cyber attacks is proposed to quantitatively evaluate the impact of cyber attacks on SSCS. Firstly, the hierarchical structure of the SSCS is analyzed. Then, the risk points of cyber attacks of the the stability control device body and stability control device''s inter-station communication from the three perspectives of attack object, attack method, and attack consequence are analyzed. Secondly, the susceptibility of cyber attacks is quantified based on the fuzzy analytic hierarchy process, and a successful probability model of cyber attacks for SSCS is established combined with the defense unit model of cyber attacks built by Petri nets. Finally, the risk assessment is carried out on the standard and actual systems combined with the physical consequences and the probability of successful attacks, and the risk values under two conditions of normal operation and cyber attack are calculated to verify the validity of the proposed model