Search

CN-122001743-A - Analysis method for power network risk alarm event

CN122001743ACN 122001743 ACN122001743 ACN 122001743ACN-122001743-A

Abstract

The application relates to the technical field of power system automation and artificial intelligence, and particularly discloses an analysis method of a power network risk alarm event. And then, comprehensively calculating multidimensional indexes such as topology centrality, time sequence attenuation, semantic rareness and the like, and quantifying the causal significance of each alarm node. On the basis, self-adaptive sparse sampling based on maximum interpretation gain is implemented, and common mode interpretation effect and space-time coupling strength of downstream alarms are evaluated through the evaluation node, so that high-score core events are precisely reserved and a public precursor node with global overall shooting ability is forcefully recalled on the premise of strictly adhering to the context token limit of a large model. Finally, inputting the simplified high-value evidence chain into a large language model for carrying out thinking chain reasoning, thereby realizing the accurate positioning of the complex fault root cause and the automatic generation of the treatment strategy.

Inventors

  • LI WENCUI
  • ZHANG YUJIA
  • WANG HAOTIAN
  • LI MIAOMIAO
  • WANG CHUNYING
  • ZHANG NINGNING
  • AN ZHIYUAN
  • WU LIJIE
  • LIU YAN
  • LIU HUIFANG
  • SHENG LEI
  • WANG LEI

Assignees

  • 国网河南省电力公司信息通信分公司

Dates

Publication Date
20260508
Application Date
20260211

Claims (8)

  1. 1. A method for analyzing a power network risk alert event, comprising: S1, carrying out standardized stream window selection on received original alarm stream data to obtain an initial window event set containing semantic vectors; s2, mapping each alarm event in the initial window event set to a corresponding physical equipment node based on the power grid topological structure data, and establishing a propagation edge between nodes with physical connection relations to obtain a fault propagation map; s3, carrying out multidimensional space-time causal saliency calculation on each alarm node in the fault propagation map to obtain a scoring event list containing causal saliency scores; S4, based on the large model token limiting parameters, carrying out sparse resampling on the context of the scoring event list based on significance to obtain a sparse context text; S5, filling the sparse context text into a prompt word template, and inputting the sparse context text into a large language model for carrying out thinking chain reasoning analysis so as to obtain an analysis reasoning result containing root cause positioning conclusion; And S6, analyzing root cause conclusion in the reasoning result, and carrying out intention recognition and strategy matching of the treatment scheme in the operation and maintenance knowledge base to obtain a risk treatment strategy report.
  2. 2. The method for analyzing a power network risk alert event according to claim 1, wherein step S1 includes: carrying out protocol type identification and key field extraction and recombination on the original alarm stream data to obtain standardized alarm stream data with standardized fields; performing range interception and expiration data rejection based on a time stamp on the standardized alarm stream data to obtain a time sequence slice event set; and carrying out lightweight semantic feature vectorization coding on the text content in the time sequence slice event set to obtain an initial window event set containing semantic vectors.
  3. 3. The method for analyzing a power network risk alert event according to claim 1, wherein step S2 includes: based on equipment indexes in the power grid topological structure data, performing physical entity matching on the initial window event set to obtain a mapped event node set containing physical coordinate information; carrying out space connection judgment and time sequence verification on the mapped event node set by utilizing the connection relation in the power grid topological structure data and a preset propagation delay threshold value so as to obtain an initial unweighted propagation diagram comprising causal edges; And carrying out weak connected component extraction and isolated noise pruning treatment on the initial unweighted propagation map to obtain a fault propagation map.
  4. 4. The method for analyzing a power network risk alert event according to claim 1, wherein step S3 includes: Carrying out topological centrality weight estimation on the fault propagation map to obtain a topological weight mapping table; Based on the earliest occurrence time stamp in the fault propagation map, performing time sequence deviation attenuation calculation on each event node in the fault propagation map to obtain a time sequence weight mapping table; performing word frequency statistics and inverse document frequency query on alarm content in the fault propagation map to construct a semantic weight mapping table; and carrying out multidimensional significance fusion and object updating on the topology weight mapping table, the time sequence weight mapping table and the semantic weight mapping table to obtain a scoring event list.
  5. 5. The method for analyzing a power network risk alert event according to claim 1, wherein step S4 comprises: Based on the large model token limiting parameter and the preset average length of single alarm, performing Top-K truncation screening based on scores on the scoring event list to obtain a candidate core event set; based on causal connection edges in the fault propagation map, carrying out causal neighborhood forced recall on the candidate core event set to obtain a complete causal event set; And carrying out time sequence serialization and text reconstruction on the complete causal event set to obtain sparse context.
  6. 6. The method for analyzing a power network risk alert event according to claim 1, wherein step S5 includes: injecting the sparse context text into a prompt word template to obtain a packaged request load object; Submitting the request load object to an inference engine, and guiding the inference engine to perform multistage thinking chain inference execution to obtain an original inference response stream; And carrying out reasoning result analysis and structural mapping on the original reasoning response flow to obtain analysis reasoning results of the structural package.
  7. 7. The method for analyzing a power network risk alert event according to claim 1, wherein step S6 includes: Extracting key entities from the analysis reasoning result and mapping the standardized intention to generate a structured intention object; converting the structured intention object into a query vector, and carrying out search matching based on cosine similarity and threshold screening in an operation and maintenance knowledge base to obtain a matching treatment plan; And carrying out risk comprehensive index calculation and grade judgment packaging on the matched treatment plan to obtain a risk treatment strategy report.
  8. 8. The method of claim 5, wherein performing causal neighborhood forced recall on the candidate core event set based on causal connection edges in the fault propagation graph to obtain a complete causal event set comprises: Based on causal connection edges in the fault propagation map, estimating the space-time coupling strength of the candidate core event set to obtain a space-time coupling strength matrix; based on the space-time coupling strength matrix, performing common mode interpretation utility evaluation on each potential precursor node in the candidate core event set to obtain a node interpretation utility mapping table; and based on the node interpretation utility mapping table and the large model token limit parameter, carrying out maximum marginal gain greedy sampling on the candidate core event set to obtain a complete causal event set.

Description

Analysis method for power network risk alarm event Technical Field The application relates to the technical field of power system automation and artificial intelligence, and more particularly relates to an analysis method of a power network risk alarm event. Background With the rapid development of energy Internet and novel power systems, the topology structures of power communication networks and secondary systems are increasingly complex, and the number of devices and the service scale are exponentially increased. In the daily operation and maintenance and emergency treatment process of the power grid, massive multi-source heterogeneous monitoring data (such as high-frequency sensor values, discrete system logs and operation records) are generated in real time. How to quickly identify risks and accurately position fault causes from the numerous and complicated data is important to guaranteeing safe and stable operation of the power grid. Particularly, the rise of large language model technology provides a new intelligent means for the operation and maintenance of the power network, and the automatic root cause analysis by utilizing the powerful semantic understanding and reasoning capability of the intelligent means becomes a hotspot of industrial research. However, the existing large-model-based power network risk analysis technology still faces serious challenges in practical application, and the problem is the contradiction between critical feature flooding in alarm storm and model context window limitation. When the power network has cascade faults, the characteristics of one point trigger and whole network diffusion are often presented, and a single fault of core equipment can instantly cause derivative alarms of thousands of unreachable links or service interruption. Existing analysis methods typically employ simple time slicing or semantic similarity based search enhancement generation techniques, which result in high frequency derived noise crowding into a limited context window, while low frequency but critical root cause features are submerged or truncated, resulting in illusion or inference failure of the large model. In addition, when complex scenes such as common mode faults (e.g. multiple feeder lines trip caused by bus faults) are processed, the existing neighborhood recall mechanism lacks quantitative evaluation on space-time coupling strength and node interpretation effect, and all topological connections are often treated equally, so that common precursor nodes with high generalization cannot be effectively identified and preferentially reserved. The coarseness of the causal evidence screening leads to the fact that the context of the input model is full of redundant phenomenon layer description, and a global logic starting point is omitted, so that the accuracy and timeliness of automatic operation and maintenance are severely restricted. Accordingly, an optimized analysis scheme for power network risk alert events is desired. Disclosure of Invention The present application has been made to solve the above-mentioned technical problems. The embodiment of the application provides an analysis method of a power network risk alarm event, which comprises the following steps: S1, carrying out standardized stream window selection on received original alarm stream data to obtain an initial window event set containing semantic vectors; s2, mapping each alarm event in the initial window event set to a corresponding physical equipment node based on the power grid topological structure data, and establishing a propagation edge between nodes with physical connection relations to obtain a fault propagation map; s3, carrying out multidimensional space-time causal saliency calculation on each alarm node in the fault propagation map to obtain a scoring event list containing causal saliency scores; S4, based on the large model token limiting parameters, carrying out sparse resampling on the context of the scoring event list based on significance to obtain a sparse context text; S5, filling the sparse context text into a prompt word template, and inputting the sparse context text into a large language model for carrying out thinking chain reasoning analysis so as to obtain an analysis reasoning result containing root cause positioning conclusion; And S6, analyzing root cause conclusion in the reasoning result, and carrying out intention recognition and strategy matching of the treatment scheme in the operation and maintenance knowledge base to obtain a risk treatment strategy report. Compared with the prior art, the application provides an analysis method for the power network risk alarm event. The method comprises the steps of carrying out standardized window selection and semantic vectorization on an original alarm stream, mapping the original alarm stream to a power grid topology to construct a fault propagation map, and calculating multidimensional causal saliency by combining topology centrality, time