Applying of network security situation awareness in smart substations

Applying of network security situation awareness in smart substations provides a high level view to understand the security situation of substations. After analyzing security threats faced by smart substations, this paper not only proposes a security situation awareness framework from aspects of physical security, network security, system security, protocol security and data security, but also puts forward a network security monitoring solution for substations, which uses a kind of dedicated smart substation network security situation awareness devices to collect security events, analyze them and generate situation analysis results. Further, we focus on several key technologies used in our framework. Finally, we describe a design scheme including hardware and software for the smart substation network security awareness system and its implementation architecture, in which a multi-layer software architecture is adopted by the system, and a combinatory of the Intel® Sandy Bridge, the bus structure and a modular design technology, is adopted in order to meet the need of high performance.

[1]  Erik Hjelmvik The SPID Algorithm Statistical Protocol IDentification , 2008 .

[2]  Jill Slay,et al.  Lessons Learned from the Maroochy Water Breach , 2007, Critical Infrastructure Protection.

[3]  Xiuzhen Chen,et al.  Network security situation prediction based on improved adaptive grey Verhulst model , 2010 .

[4]  Wang Huiqiang,et al.  Study of Network Security Situation Awareness Model Based on Simple Additive Weight and Grey Theory , 2006, 2006 International Conference on Computational Intelligence and Security.

[5]  T. Bass,et al.  Defense-in-depth revisited: qualitative risk analysis methodology for complex network-centric operations , 2001, 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277).

[6]  R.E. Mackiewicz,et al.  Overview of IEC 61850 and Benefits , 2006, 2005/2006 IEEE/PES Transmission and Distribution Conference and Exhibition.

[7]  Deborah A. Frincke,et al.  Alert confidence fusion in intrusion detection systems with extended Dempster-Shafer theory , 2005, ACM-SE 43.

[8]  Tim Bass,et al.  Intrusion detection systems and multisensor data fusion , 2000, CACM.

[9]  Xi Hongsheng,et al.  A Novel Approach to Network Security Situation Awareness Based on Multi-Perspective Analysis , 2007 .

[10]  Hongsheng Xi,et al.  A Novel Approach to Network Security Situation Awareness Based on Multi-Perspective Analysis , 2007, 2007 International Conference on Computational Intelligence and Security (CIS 2007).

[11]  Zhao Hong,et al.  Network Security Situation Assessment Based on Data Fusion , 2008, First International Workshop on Knowledge Discovery and Data Mining (WKDD 2008).

[12]  Mica R. Endsley,et al.  Toward a Theory of Situation Awareness in Dynamic Systems , 1995, Hum. Factors.

[13]  Chen Xiu Quantitative Hierarchical Threat Evaluation Model for Network Security , 2006 .