CN-115859586-B - Method for analyzing and processing two-safety contradiction of relay protection device based on FMVEA analysis method

Abstract

A FMVEA analysis method-based two-safety contradiction analysis and processing method for relay protection device belongs to the field of functional safety and information safety fusion, and specifically comprises the following steps of firstly selecting functional safety measures and information safety measures, respectively evaluating the attributes of the two safety measures in a form of expert scoring, secondly defining and describing the types of contradictions between the two safety measures in a five-tuple form, thirdly obtaining the contradictions between the two selected safety measures by using a FMVEA analysis method, fourthly establishing a game model of the functional safety measures and the information safety measures of the relay protection device, and obtaining an optimal safety protection scheme by using a group intelligent algorithm. The method realizes the contradiction analysis and processing of the functional safety measures and the information safety measures of the relay protection device, and improves the safety protection capability of the relay protection device.

Inventors

• JIN XIANJI
• MA ZIHAN
• Su Changhe
• LI ZHONGWEI
• BI PENGFEI
• JIA CHONGWEI
• LIN NA
• ZHANG LONGXUAN

Assignees

• 哈尔滨工业大学

Dates

Publication Date

20260508

Application Date

20221122

Claims (8)

1. 1. The method for analyzing and processing the contradiction between two safety relay protection devices based on FMVEA analysis method is characterized by comprising the following steps: Selecting functional safety measures and information safety measures, and evaluating the attributes of the two safety measures respectively in a form of expert scoring; and step two, defining and describing the contradiction types between two security measures by utilizing a five-tuple form, wherein the security measure is expressed as a five-tuple calculation formula: ; in the formula, Refers to the assets to be protected by functional security measures and information security measures; Refers to the type of security measure, i.e. whether this security measure is safeguarded from the point of view of functional security measures or from the point of view of information security measures; Refers to the protection goal to be achieved by the security measures on the asset; Representing the protective capability of the security measures; Indicating the influence of the security measures on the system after the security measures are taken; the method comprises the steps of (1) selecting a safety measure to be analyzed if repeated contradiction between two safety measures is selected and analyzed, traversing the selected functional safety measure by combining a FMVEA analysis method if the functional safety measure is selected, determining the influence degree, potential reasons, loopholes and threat factors of the functional safety measure, and estimating the occurrence frequency or probability of the fault mode and the threat mode in a preset time, if the information safety measure is selected, traversing the selected information safety measure by combining a FMVEA analysis method, determining the influence degree, potential reasons, loopholes and threat factors of the information safety measure, and estimating the occurrence frequency or probability of the fault mode and the threat mode in the preset time; and fourthly, establishing a functional safety measure and information safety measure game model of the relay protection device, and solving an optimal safety protection scheme by using a group intelligent algorithm.
2. 2. The method for analyzing and processing the two-safety contradiction of the relay protection device based on FMVEA analysis method according to claim 1 is characterized in that in the first step, functional safety measures are selected for the relay protection device according to international standard IEC 61508, and information safety measures are selected for the relay protection device according to international standard IEC 62443.
3. 3. The method for analyzing and processing the two-safety contradiction of the relay protection device based on FMVEA analysis according to claim 1, wherein in the first step, the attribute of the functional safety measure and the attribute of the information safety measure both include safety protection capability and capability of reducing risk of the device, computing resources of the consuming device, communication real-time influence and memory occupation, and in each attribute, the higher the score is considered to be more obvious, and the lower the score is considered to be less obvious.
4. 4. The method for analyzing and processing the two-safety contradiction of the relay protection device based on FMVEA analysis method according to claim 1, wherein in the second step, the contradiction between the functional safety measure and the information safety measure is classified into a repeated contradiction and a conflicting contradiction.
5. 5. The method for analyzing and processing the contradiction between two safety devices of the relay protection device based on FMVEA analysis method according to claim 1 is characterized in that in the fourth step, the optimal safety protection scheme is obtained by using a group intelligent algorithm with the purpose of maximizing respective profit functions of functional safety measures and information safety measures and with resource allocation as constraint.
6. 6. The method for analyzing and processing the two-safety contradiction of the relay protection device based on FMVEA analysis method is characterized in that the method for calculating the optimal safety protection scheme by using a group intelligent algorithm comprises the specific steps of carrying out one iteration on functional safety measures and information safety measure groups according to the group intelligent algorithm, selecting optimal individuals, comprehensively calculating the fitness of the optimal individuals of the two safety measures, entering a second iteration, comparing the second iteration with the fitness obtained by the calculation of the last iteration, selecting the optimal safety protection scheme, judging whether the maximum iteration times are reached, outputting the optimal safety protection scheme if the maximum iteration times are reached, and otherwise, cycling the steps.
7. 7. The method for analyzing and processing the two-safety contradiction of a relay protection device based on FMVEA analysis according to claim 1, wherein the game model is used for describing a process of competing the functional safety measures and the information safety measures for the computing resources of the device.
8. 8. The method for analyzing and processing the two-safety contradiction of the relay protection device based on FMVEA analysis method according to claim 1, wherein after the safety measures are taken, the influence of the safety measures on the system includes the influence of the safety measures on the real-time performance of the device communication, the influence of the consumed computing resources of the device and the influence of the occupied memory.

Description

Method for analyzing and processing two-safety contradiction of relay protection device based on FMVEA analysis method Technical Field The invention belongs to the field of fusion of functional safety and information safety, and particularly relates to a method for analyzing and processing contradiction between functional safety and information safety of a relay protection device based on FMVEA analysis method. Background The relay protection device is an important device of the power system, and the safe and stable operation of the relay protection device plays an important role in the stable operation of the power system. However, with the gradual development of the power system towards intellectualization, the information security threat faced by the power system is increasingly serious, and a plurality of malicious attackers attempt to attack the relay protection device so as to achieve the purpose of controlling or destroying the running state of the power system. The safety protection measures of relay protection comprise functional safety measures and information safety measures. The functional safety measures can ensure the normal and reliable operation of the relay protection device, and reduce the risk of misoperation or refusal of the device caused by the self reason of the device as much as possible. The information security measures can reduce the probability of successful invasion of an attacker on the one hand, and can prevent the attacker or illegal personnel from acquiring the system core data on the other hand, so that the probability of malicious tampering of the system core data is reduced. The functional security measures and the information security measures can be mutually promoted when the functional security measures and the information security measures are deployed in one device at the same time, and contradiction exists. However, the current research on functional safety and information safety is focused on one aspect, and no method suitable for analysis and processing of two-safety fusion contradiction exists. Therefore, it is necessary to provide a method for analyzing and processing the contradiction between the functional safety and the information safety of the relay protection device. Unilateral information security protection measures are likely to bring new functional security holes to the whole system. In addition, unilateral functional security measures may bring new information security holes to the system, and even if the information security protection capability of the relay protection device is improved in some cases, the functional security requirements of the relay protection device are contrary to the unilateral functional security measures, so that the contradiction exists between the functional security and the information security measures. However, few methods exist to analyze and handle the two-safety contradiction. Disclosure of Invention Aiming at the contradiction existing in the fusion process of the function safety and the information safety of the relay protection device, at present, few methods can analyze and process the contradiction of two safety, the invention provides a method for analyzing and processing the contradiction of two safety of the relay protection device based on FMVEA analysis method. The invention aims at realizing the following technical scheme: Selecting functional safety measures and information safety measures, and evaluating the attributes of the two safety measures respectively in a form of expert scoring; Defining and describing the contradiction types between two security measures by utilizing a five-tuple form; thirdly, utilizing FMVEA analysis method to obtain contradiction between two selected safety measures; and fourthly, establishing a functional safety measure and information safety measure game model of the relay protection device, and solving an optimal safety protection scheme by using a group intelligent algorithm. Compared with the prior art, the invention has the following advantages: According to the method, contradiction between the functional safety measures and the information safety measures of the relay protection device is analyzed, a game model of the functional safety measures and the information safety measures of the relay protection device is established, and model solving is carried out. Compared with the traditional method of only deploying functional safety measures or only deploying information safety measures, the method has the problem of larger limitation, the method can analyze and process contradictions between the functional safety measures and the information safety measures of the relay protection device, and screen the safety protection scheme to obtain a contradiction-free safety protection scheme, so that the safety protection capability of the relay protection device is improved. Drawings FIG. 1 is a flow chart of a method for analyzing and processing contradiction between two safet