论文信息 - Detecting Attacks in Power Plant Interfacing Substations through Probabilistic Validation of Attack-Effect Bindings

Detecting Attacks in Power Plant Interfacing Substations through Probabilistic Validation of Attack-Effect Bindings

In this paper we provide a mathematical approach to detection of attacks on relays in electrical substations speaking IEC 61850, an abstract industrial protocol devised by the Technical Committee 57 of the International Electrotechnical Commission as a standard for substation communications. Our contribution regards those electrical transmission substations which interface with the generators of a power plant through step-up transformers. In this paper we take as an instance power plants which use nuclear reactors as a source of energy. The basis of the proposed approach is formed by structural equations which semantically model the relations between operational variables of substation and nuclear power plant components as monitored by the respective control systems. Causality relations investigated via structural equations are reflected on Bayesian belief networks to probabilistically characterize the legitimacy and abnormality of IEC 61850 traffic. We then employ the stochastic activity network formalism to construct composed models of substation operation from which we derive intrusion detection rules.

Julian L. Rrushi | R. Campbell | J. Rrushi

[1] William H. Sanders,et al. Stochastic Activity Networks: Structure, Behavior, and Application , 1985, PNPM.

[2] Mark Adamiak,et al. IEC 61850 Communication Networks and Systems In Substations: An Overview for Users , 1988 .

[3] William H. Sanders,et al. Construction and solution of performability models based on stochastic activity networks , 1988 .

[4] William H. Sanders,et al. A Unified Approach for Specifying Measures of Performance, Dependability and Performability , 1991 .

[5] Herbert A. Simon,et al. Causality in Bayesian Belief Networks , 1993, UAI.

[6] William H. Sanders,et al. Specification and construction of performability models , 1993 .

[7] David C. Luckham,et al. Complex Event Processing in Distributed Systems , 1998 .

[8] J. Pearl. Causality: Models, Reasoning and Inference , 2000 .

[9] William H. Sanders,et al. The Möbius Framework and Its Implementation , 2002, IEEE Trans. Software Eng..

[10] Vasant Honavar,et al. Condition Data Aggregation with Application to Failure Rate Calculation of Power Transformers , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[11] David Luckham,et al. The power of events - an introduction to complex event processing in distributed enterprise systems , 2002, RuleML.

[12] Bayesian Analysis of Power Transformer Failure Rate Based on Condition Monitoring Information , 2022 .