摘要
针对智能配电物联网设备异构化、攻击隐蔽化、防护碎片化的安全痛点,提出元数据-物理量耦合的内生安全防护体系,涵盖设备行为连续信任评估、元数据-物理量耦合异常检测、多模块协同防护三大核心模块。信任评估层构建滑动窗口信任迭代模型与四级权限状态机,结合昇腾可信执行环境硬件的可信根适配光伏逆变器、储能终端等异构设备的动态认证需求;异常检测层设计元数据-物理量跨模态特征融合框架,解决配电场景中虚假数据注入、互联网控制消息协议隐蔽信道等隐蔽攻击检测难题;协同层建立信任预警-异常识别-权限阻断的联动机制,支撑台区级源-网-荷-储互动场景下的安全防护。基于国网12省台区数据与华为昇腾硬件实验表明:信任评估准确率96.5%,异常检测时延28μs,边缘节点内存占用9MB;90天稳定性测试中模型准确率漂移≤1.2%,国网某省100个台区试点年均减少攻击损失1200万元,降低因高级持续性威胁攻击、固件篡改导致的停电时长2500h,硬件成本降低43.8%,满足配电物联网边缘节点轻量化、国产化部署需求。
Aiming at the security pain points of smart distribution Internet of Things(SDIoT)such as device heterogeneity,attack concealment,and protection fragmentation,an endogenous security protection system based on metadata-physical quantity coupling is proposed,including three core modules:continuous trust evaluation of device behavior,metadata-physical quantity coupled anomaly detection,and multi-module collaborative protection.The trust evaluation layer constructs a sliding window trust iteration model and a four-level permission state machine,which are combined with the trusted root of the Ascend Trusted Execution Environment hardware to adapt to the dynamic authentication requirements of heterogeneous devices such as photovoltaic inverters and energy storage terminals.The anomaly detection layer designs a metadata-physical quantity cross-modal feature fusion framework to solve the detection challenges of covert attacks such as false data injection and Internet Control Message Protocol covert channels in distribution scenarios.The coordination layer establishes a linkage mechanism of trust early warning,anomaly recognition,and permission blocking to support security protection in the interactive scenario of source-grid-load-storage at the substation level.Experiments based on data from 12 substation areas of the State Grid and Huawei Ascend hardware show that the trust evaluation accuracy rate is 96.5%,the anomaly detection latency is 28µs,and the edge node memory occupation is 9MB.In a 90-day stability test,the model accuracy drift is≤1.2%.A pilot project involving 100substation areas in a province of the State Grid has reduced annual attack losses by 12 million yuan,decreased the duration of power outages caused by Advanced Persistent Threat attacks and firmware tampering by 2,500 hours,and reduced hardware costs by 43.8%.This meets the lightweight and localized deployment requirements of distribution IoT edge nodes.
作者
李炳森
王成山
朱介北
杨挺
宋关羽
胡长斌
LI Bingsen;WANG Chengshan;ZHU Jiebei;YANG Ting;SONG Guanyu;HU Changbin(School of Electrical and Information Engineering,Tianjin University,Nankai District,Tianjin 300072,China;State Grid Information&Telecommunication Group Co.,Ltd.,Changping District,Beijing 102211,China;College of Electrical and Control Engineering,North China University of Technology,Shijingshan District,Beijing 100144,China)
出处
《电力信息与通信技术》
2025年第12期101-109,共9页
Electric Power Information and Communication Technology
基金
智能电网国家科技重大专项资助项目(2025ZD0806800)。
关键词
智能配电物联网
内生安全
信任评估
异常检测
元数据-物理量耦合
国产化硬件
smart distribution internet of things(SDIoT)
endogenous security
trust evaluation
anomaly detection
metadata-physical quantity coupling
domestic hardware
