Search

CN-121984074-A - Access control safety protection method under vehicle network zero trust architecture

CN121984074ACN 121984074 ACN121984074 ACN 121984074ACN-121984074-A

Abstract

The invention relates to the technical field of power regulation of a power grid, in particular to an access control safety protection method under a vehicle network zero trust architecture. According to the method, a power grid dispatching instruction power sequence and a charging pile metering power sequence are collected, time sequence lag alignment analysis is conducted by combining step event detection, further, ascending indexes of impedance along with power change are analyzed in the amplitude dimension by means of power segmentation mapping, directivity difference indexes of loading and unloading paths are analyzed in the time sequence dimension, and an access characteristic state execution grading power control strategy is obtained. According to the invention, the states of the real physical system and the ideal linear simulator are distinguished by analyzing the inherent inertia and nonlinear response lag of the physical system, and the power access authority is dynamically adjusted while gradually accumulating the verification data through the hierarchical power control strategy, so that the normal response of the compliance equipment and the operation safety of the power grid are ensured.

Inventors

  • WANG SHIQIAN
  • SONG DAWEI
  • LIU YANG
  • DONG MINGHAO
  • HAN DING
  • BU FEIFEI
  • YANG BINGRUN
  • ZHANG WEIJIAN
  • LI QIUYAN
  • HUANG YONG
  • WANG YUANYUAN
  • DI LI

Assignees

  • 国网河南省电力公司经济技术研究院
  • 郑州大学
  • 河南九域腾龙信息工程有限公司

Dates

Publication Date
20260505
Application Date
20260211

Claims (10)

  1. 1. An access control security protection method under a vehicle network zero trust architecture is characterized by comprising the following steps: The method comprises the steps of collecting a command power sequence issued by power grid dispatching and a metering power sequence fed back by a charging pile, and detecting step change events in the command power sequence; mapping all feature vectors in a preset sliding window into preset power segments according to load power, and analyzing the full-quantity feature aggregation features of the amplitude dimension based on the load power and response hysteresis index of the feature vectors in each power segment; Obtaining an impedance rising index based on the variation trend of the total feature aggregation features of all the segments, obtaining a directivity difference index based on the difference condition of the directivity grouping aggregation features of all the segments, and determining the access characteristic state of the access object according to the threshold judgment result of the impedance rising index and the directivity difference index; and executing a hierarchical power control strategy for the access object according to the access characteristic state.
  2. 2. The access control security protection method under a vehicle network zero trust architecture according to claim 1, wherein the step change event detection method comprises: and carrying out first-order difference on the instruction power sequence, and recording a step change event when the absolute value of the difference value is larger than a preset step trigger threshold.
  3. 3. The method for access control security protection under a vehicle network zero trust architecture according to claim 2, wherein the method for obtaining the feature vector comprises: for any step change event, taking the absolute value of the command power at the last moment in the moment corresponding to the step change event as the load power of the step change event; determining an adjusting direction according to the positive and negative of the difference value corresponding to the step change event; calculating transmission delay time by using a cross-correlation algorithm in a preset analysis window after the initial moment corresponding to the step change event, and carrying out time sequence alignment on the metering power sequence based on the transmission delay time, accumulating errors of the aligned instruction power sequence and the metering power sequence to obtain response energy deviation, taking the ratio of the response energy deviation to the load power corresponding to the step change event as a response hysteresis index; the vector composed of the load power, the adjusting direction and the response hysteresis index of the step change event is taken as the characteristic vector.
  4. 4. The method for access control security protection under a vehicle network zero trust architecture according to claim 1, wherein mapping all feature vectors in a preset sliding window into preset power segments according to load power comprises: Setting a power analysis range by taking the maximum rated power as an upper limit, dividing the power analysis range into continuous and non-overlapping power segments, and mapping the eigenvector into the corresponding power segments according to the load power value of the eigenvector in a preset sliding window.
  5. 5. The method for access control security protection under a vehicle network zero trust architecture according to claim 1, wherein the method for acquiring the full-scale feature aggregation features comprises the following steps: And taking the vector formed by the average load power and the average response hysteresis index of all the feature vectors as a full aggregate feature in each power segment.
  6. 6. The method for access control security protection under a vehicle network zero trust architecture according to claim 1, wherein the method for obtaining the directional packet aggregation feature comprises: And calculating an average response hysteresis index of the loading group and an average response hysteresis index of the unloading group to form a directional grouping aggregation characteristic.
  7. 7. The access control security protection method under a vehicle network zero trust architecture according to claim 1, wherein the method for obtaining the impedance rising index comprises: when the number of the power segments with the feature vectors is larger than the preset analysis number, calculating the variance of the average load power in the total aggregation features of the power segments with the feature vectors as a load instability index; And if not, adopting a least square method to segment each power with the characteristic vector, and carrying out linear fitting according to the average load power and the average unit response hysteresis index in the total aggregation characteristic to obtain the slope of a fitting straight line as the impedance rising index.
  8. 8. The method for access control security protection under a vehicle network zero trust architecture according to claim 1, wherein the method for obtaining the directivity difference index comprises: screening out power segments simultaneously containing loading group data and unloading group data as effective power segments; And calculating the difference between the average unit response hysteresis index of the loading group and the average unit response hysteresis index of the unloading group in the directional grouping aggregation characteristic corresponding to each effective power segment to obtain directional deviation, and taking the average value of the directional deviations of all the effective power segments as a directional difference index.
  9. 9. The method for access control security protection under a vehicle network zero trust architecture according to claim 1, wherein the method for determining the access characteristic state comprises: if the impedance rising index is larger than a preset nonlinear threshold value or the directivity difference index is larger than a preset asymmetric threshold value, the access characteristic state is marked as an effective entity state; if the impedance rising index is smaller than or equal to a preset nonlinear threshold value and the directivity difference index is smaller than or equal to a preset asymmetric threshold value in the preset observation time, the access characteristic state is marked as an analog attack state, otherwise, the access characteristic state is marked as a pending state.
  10. 10. The method for protecting access control security under a vehicle network zero trust architecture according to claim 9, wherein the executing a hierarchical power control policy on an access object according to the access characteristic state comprises: Recording as a detection stage when the initial access is performed, limiting the execution power within a first limit value, and monitoring a response lag index; The method comprises the steps of accumulating and obtaining impedance rising indexes and directivity difference indexes in a gray level stage, judging an access characteristic state, switching to an effective stage when the access characteristic state is an effective entity state, removing execution power limitation, and marking abnormality and alarming when the access characteristic state is judged to be a simulated attack state.

Description

Access control safety protection method under vehicle network zero trust architecture Technical Field The invention relates to the technical field of power regulation of a power grid, in particular to an access control safety protection method under a vehicle network zero trust architecture. Background In a vehicle-network interaction (V2G) system, an electric vehicle is used as a distributed energy storage unit to participate in an electric network automatic power generation control frequency modulation service, and an electric network operator pays economic compensation according to the capacity and mileage of a vehicle response instruction, however, the mechanism induces the risk of cheating compensation by using low-cost equipment, and part of malicious users use a linear resistor array or an algorithm simulator based on a power electronic converter to replace a real chemical battery to access the electric network. Because the simulation equipment has no battery cycle life loss and can perfectly forge protocol data at a communication layer, the conventional identity authentication mechanism based on the digital certificate can only identify the legality of a communication main body, and is difficult to identify the real attribute of a physical entity, and the potential safety hazard of spoofing and supplementing attack by using the linear simulation equipment to disguise as a real battery cannot be identified only by means of the identity authentication of the communication layer. Disclosure of Invention In order to solve the technical problem that the potential safety hazard of spoofing and supplementing attack to a real battery by using linear simulation equipment can not be identified only by means of communication layer identity authentication in the prior art, the invention aims to provide an access control safety protection method under a vehicle network zero trust architecture, and the adopted technical scheme is as follows: The first aspect of the present application provides an access control security protection method under a vehicle network zero trust architecture, comprising: The method comprises the steps of collecting a command power sequence issued by power grid dispatching and a metering power sequence fed back by a charging pile, and detecting step change events in the command power sequence; mapping all feature vectors in a preset sliding window into preset power segments according to load power, and analyzing the full-quantity feature aggregation features of the amplitude dimension based on the load power and response hysteresis index of the feature vectors in each power segment; Obtaining an impedance rising index based on the variation trend of the total feature aggregation features of all the segments, obtaining a directivity difference index based on the difference condition of the directivity grouping aggregation features of all the segments, and determining the access characteristic state of the access object according to the threshold judgment result of the impedance rising index and the directivity difference index; and executing a hierarchical power control strategy for the access object according to the access characteristic state. Further, the detection method of the step change event comprises the following steps: and carrying out first-order difference on the instruction power sequence, and recording a step change event when the absolute value of the difference value is larger than a preset step trigger threshold. Further, the method for obtaining the feature vector comprises the following steps: for any step change event, taking the absolute value of the command power at the last moment in the moment corresponding to the step change event as the load power of the step change event; determining an adjusting direction according to the positive and negative of the difference value corresponding to the step change event; calculating transmission delay time by using a cross-correlation algorithm in a preset analysis window after the initial moment corresponding to the step change event, and carrying out time sequence alignment on the metering power sequence based on the transmission delay time, accumulating errors of the aligned instruction power sequence and the metering power sequence to obtain response energy deviation, taking the ratio of the response energy deviation to the load power corresponding to the step change event as a response hysteresis index; the vector composed of the load power, the adjusting direction and the response hysteresis index of the step change event is taken as the characteristic vector. Further, the mapping all feature vectors in the preset sliding window to the preset power segment according to the load power includes: Setting a power analysis range by taking the maximum rated power as an upper limit, dividing the power analysis range into continuous and non-overlapping power segments, and mapping the eigenvector into the corresponding power se