面向电力系统网络安全的多层协同防御模型研究

为满足电力监控系统组网架构及网络安全协同防护的需求，提出一种多层次且纵深分布的主动安全协同防御模型，并从模型架构、功能机制等方面设计一整套实现方案。基于域内自防御和跨域协防的特性，通过基于灰色关联分析的最高关联度防御决策，并协同安全防护设备间协作，实现从主机层、安防设备层到网络层的网络安全多级防御。通过电力监控系统典型现场对网络安全应用场景进行实验验证，结果表明，该协同防御模型增强了各层级间安全防护能力，能够提供更高效的安全风险监测、安全事件响应及动态处置的手段。

Research on Mulit-Layer Cooperative Defense Model Oriented to Network Security of Power System

The security control and production management of the power system are highly dependent on the network communication between the levels of regulatory agencies, and cyberspace security events always threaten the stable operation of the power grid.In order to meet the needs of power monitoring system architecture and network security collaborative protection, a multi-level, deep distributed collaborative defense model is designed and proposed, and a set of implementation methods are given from the perspective of model architecture, technical methods and functional mechanisms of each module.Based on the characteristics of self-defense and cross-domain cooperative defense in the domain, the model cooperates with security protection devices to perform multi-level active collaborative defense from the host layer, security device layer to the network layer by the highest degree of correlation defense decision-making based on the gray correlation decision.Through the analysis, it is found that the model has the capability of real-time monitoring of network security risks, rapid response to security threats, and dynamic handling of cyber security events, which can effectively improve the level of network security protection of power monitoring systems.