CN-122020647-A - Data-driven malicious attack detection and containment control method for distributed energy storage system

Abstract

The invention relates to the technical field of automation and discloses a data-driven malicious attack detection and control method, which comprises the steps of firstly, establishing a state space model of a distributed energy storage system, and constructing a data representation form of the system by utilizing input/output data collected by an open loop experiment on the premise of not obtaining an accurate physical model of the system. Secondly, an attack detection mechanism based on data driving is designed, and sparse reconstruction and accurate estimation of an unknown malicious attack matrix are realized by constructing a dynamic residual vector and solving the minimum absolute shrinkage and selection operator problem. On the basis, a hierarchical pinning control strategy based on a switching gain observer is provided, which depends on an attack estimated value, and only control is applied to key nodes in a network to inhibit attack diffusion. And finally, constructing an augmentation error system comprising a synchronization error and an attack estimation error, and deducing a sufficient condition for ensuring global asymptotic stability of the system by utilizing a Lyapunov stability theory.

Inventors

• ZHANG JUNFENG
• JIA XUAN
• WU JIEWEI
• YANG HAOYUE
• XING WEI

Assignees

• 海南大学

Dates

Publication Date

20260512

Application Date

20251225

Claims (8)

1. 1. A data-driven malicious attack detection and containment control method for a distributed energy storage system is characterized by comprising the following steps: step 1, establishing a state space model of a distributed energy storage system; step 2, collecting input/output data in a state space model operation experiment; Step 3, designing an attack detection method and a hold-down controller of the distributed energy storage system; step 4, constructing a synchronous error system of the distributed energy storage system; Step 5, designing the safe and stable operation conditions of the distributed energy storage system; and 6, designing a controller of the distributed energy storage system.
2. 2. The method for detecting and controlling malicious attacks driven by data in a distributed energy storage system according to claim 1, wherein the step 1 is specifically as follows: step 1.1, firstly, a nonlinear interconnection system consisting of N subsystems in a distributed energy storage system is established, and information flow among the subsystems is represented by an undirected graph Representation of wherein A set of subsystems is represented and, Representing edge sets, an Then it is the adjacency matrix, if there is an information link between subsystems v i and v j , d ij ＝d ji =1, otherwise d ij =0, d ii =0 for all i e 1, n Is an attacked subsystem set, then Representing a normal subsystem set, wherein the dynamic description form of the ith subsystem is as follows: Wherein, the Representing a forward operator; For the state in the ith subsystem of the k-moment distributed energy storage system, the initial state N i is the state dimension of the i-th subsystem, For the input quantity of the data packet in the ith subsystem of the k-moment distributed energy storage system, The space consisting of the ++th sum sequence, m i is the data volume input by the ith subsystem, and For the number of data measured by the sensor of the ith subsystem of the k-moment distributed energy storage system, And is also provided with For the following Representing the components from 0 to M, q i being the dimension of the measured data for the ith subsystem; For the purpose of an external disturbance, In order to output the relevant external disturbance, As a time-varying parameter, Having a diagonal structure Ensuring that the system has a solution at least partially at forward time as a continuous function; For the following And For the following Is an unknown continuous matrix function, if the ith subsystem can receive the information of the jth subsystem, A ij,o is not equal to 0, otherwise A ij,o =0, if (A i,o ,B i ) is controllable and (A i,o ,C i,o ) is observable, setting k 0 ＝n i and f 0 (x i )＝x i ; the nonlinearity in the distributed energy storage system satisfies the following sector conditions: For any arbitrary And The condition indicates that the nonlinear term is zero only when the state is zero, and that after proper re-indexing and decomposition of f z , there is an integer So that For all of And Hold true and have an integer So that For all of And is also provided with If so, then there is at least one non-linear term that is unbounded in the radial direction, and when ε=0, then all non-linear terms are bounded, assuming that the sector non-linearity satisfies the following stronger incremental sector condition: For all of And Establishment; Step 1.2, a distributed energy storage system with a measurable scheduling parameter θ i , θ i ∈Θ i , where Is a known tight set And is also provided with Wherein the method comprises the steps of And is also provided with For the following And Satisfy the following requirements Step 1.3, consider middle part molecular system of distributed energy storage system The system is subjected to malicious attack, the malicious attack breaks the synchronism of the whole system by injecting false data or operating states, and the dynamic description form of the subsystem subjected to the i m th attack is as follows: Wherein, the And is also provided with Malicious attack by vector Modeling in which Is a malicious attack matrix; for each subsystem under attack An estimated value of the real malicious attack matrix H i can be obtained Real matrix H i and its estimation error All satisfy the norm constraint, where error is defined as The norm is expressed in a bounded manner as inequality II H i ‖≤δ i Wherein delta i is greater than or equal to 0 and Is a known constant; step 1.4, according to step 1.2, the system can be restated as: Wherein, the And
3. 3. The method for detecting and controlling malicious attacks driven by data in a distributed energy storage system according to claim 2, wherein in step 2, input/output data of each subsystem is collected in an open loop experiment of the system in step 1: based on the above data and by applying system behavior theory, it can be obtained For equation (4), the noise sequences W i - and V i - are unknown but have bounded energies: Wherein, the And Is a known constant, a nonlinear data matrix The following data-based sector conditions are satisfied: By aligning Performing proper re-labeling and decomposition, in the presence of So that For all of And Is true and exists So that For all of And The non-linear data satisfies the following data-based incremental sector conditions:
4. 4. The method for detecting and controlling malicious attacks driven by data in a distributed energy storage system according to claim 3, wherein the step2 is specifically as follows: step 2.1, hypothesis matrix And Are all full row rank matrices, wherein, Is a constant value, and is used for the treatment of the skin, Is a complex number set; Step 2.2, defining a sample covariance matrix as follows: The following matrix is defined: Then, the process is carried out, Wherein, the And Step 2.3, constructing data expression of an unknown system matrix through a system behavior theory, wherein the specific form is as follows: Order the In step 2.1, the matrix Is pseudo-inverse and defined The combination (6) can be obtained: And Then Wherein the method comprises the steps of And Step 2.4, defining a matrix And Then And Step 2.5, setting And The system in step 1.4 is restated as: Wherein, the And Step 2.6, according to the system matrix in step 2.4, the system in step 2.5 can be rewritten as: step 2.7, using a similar procedure to equation (6), obtaining a data representation of the subsystem under attack: Wherein, the
5. 5. The method for detecting and controlling malicious attacks driven by data in a distributed energy storage system according to claim 4, wherein the construction form in the step 3 is as follows: Step 3.1, establishing a data-driven attack detection method of the distributed energy storage system, wherein the method comprises the following steps of firstly, carrying out malicious attack on each subsystem Calculating dynamic residual errors Next, the residuals are combined into a composite vector Y total , which composite vector Y total may be defined as: Similarly, a complex regression matrix Φ total is constructed by vertically stacking the kronecker products of the subsystems that are each subject to malicious attacks: The transformation converts the problem into a single large-scale linear regression form, Y total ≈Φ total χ, where the unknown malicious behavior parameter vector χ = vec (H), which can be estimated by solving the following minimum absolute contraction and selection operator problem: Finally, by expressing the solution vector Remodelling into an m x n matrix, i.e. reconstructing the matrix Step 3.2, aiming at a first sexual principle model of the distributed energy storage system, establishing a model which depends on a layered containment controller based on a switching gain observer, wherein the set of all subsystems is that Is divided into two disjoint subsets, a health subsystem set And a set of subsystems that are subject to malicious attacks The subsystem aggregate is the union of the healthy subsystem and the malicious subsystem, namely The model allows for cross-group coupling at the same time, i.e. two groups of subsystems can interact, and relies on the formula of a hierarchical pinning controller based on a switching gain observer as follows: Wherein, the Is an estimate of x; And The observation gain to be designed; And Gain for the controller to be designed; is an estimated value of unknown malicious behavior matrix when Lambda i >0 When lambda i =0, it means that the ith subsystem is in the pinned state If so, indicating that the subsystem is not contained; step 3.3, establishing a data-driven hierarchical pinning controller based on a switching gain observer through the data characterization of the unknown system matrix established in the steps 2.3 and 2.4: Wherein, the λ=diag{λ 1 ,…,λ N },
6. 6. The method for detecting and controlling malicious attacks driven by data in a distributed energy storage system according to claim 5, wherein the step 4 is specifically as follows: Step 4.1, defining error term as θf z (e)＝f z (x m (t)+e)-f z (x m ), And e=x-x m ; set The synchronization error system of the distributed energy storage system can be expressed as: Wherein, the And Step 4.2, for efficient processing of nonlinear terms based on the data system, the following constraints are introduced (1) that there is a symmetric matrix So that the nonlinear function f z (η) satisfies the following quadratic inequality: (2) Function f z has global liphatz continuity, i.e., there is a constant v z >0 such that for all And The following inequality holds for II f z (y)-f z (x)‖≤ν z II y-x II.
7. 7. The method for detecting and controlling malicious attacks driven by data in a distributed energy storage system according to claim 6, wherein the step 5 is specifically as follows: in the case where step 2.1 is true, the design constant k >0, Matrix array Sum matrix function So that For all of And If so, the distributed energy storage system is globally asymptotically stable, where,
8. 8. The method for data-driven malicious attack detection and containment control of a distributed energy storage system according to claim 7, wherein the controller for designing the distributed energy storage system in step 6 is as follows In the case where step 2.1 is true, the design constant k >0, Matrix array Sum matrix function So that For all of And If so, under the action of the data driving hold-down controller, the distributed energy storage system has global asymptotic stability, and the controller is in the form of: Wherein, the

Description

Data-driven malicious attack detection and containment control method for distributed energy storage system Technical Field The invention relates to the technical field of automation, in particular to a data-driven malicious attack detection and control method for a distributed energy storage system. Background The distributed energy storage system utilizes the modern power electronic technology, an automatic control method, a battery management technology, a cloud computing platform and the like to realize energy exchange and information sharing among an energy storage unit, a power grid, a user and the cloud platform. And collecting battery state of charge (SOC) information and external power demand information through equipment such as a voltage and current sensor, a temperature probe, a BMS terminal and the like which are arranged on the energy storage unit, and transmitting the information to adjacent energy storage nodes, an energy management system or a cloud platform through a network system. At the current stage, the distributed energy storage system is widely applied to micro-grids and new energy consumption, and great contribution is made to the construction of a novel power system taking new energy as a main body. The development of the distributed energy storage system is very rapid, because the demand of the power grid for peak regulation and frequency modulation is continuously increased, and the demand of users for power supply quality and reliability is also higher and higher, and the traditional rigid power supply can not meet the demands of people. The distributed energy storage system directly exchanges information such as power distribution, SOC balance, voltage recovery, grid synchronization and the like through a network, so that the flexibility of energy utilization is improved, and the occurrence of the phenomena of wind and light discarding is reduced. It is worth noting that in the process of networked cooperative control, the control on the anti-attack capability of the system must be enhanced, so that a complete data communication and security defense method needs to be designed, and the effectiveness of data transmission and the system consistency between the distributed energy storage systems are ensured. With the networking development of the distributed energy storage technology, the interaction of state data by the energy storage units through the communication network not only faces the privacy challenge of tampered operation data, but also faces the new security problems of increasingly malicious network attack and the like aiming at the cooperative control layer of the energy storage system in recent years. To overcome such problems, the present invention proposes a method of data-driven malicious attack detection. As a model for data-driven control, the first principle model of the energy storage system is not required to be identified, and the data of the charging and discharging process is directly analyzed, so that the identification of the attack characteristics by the distributed energy storage system is more flexible and practical. The data of the distributed energy storage system in the running process has the characteristics of quick dynamic change, high coupling degree, high requirement on synchronism and the like. Because of the complexity of the network environment and the concealment of the attack means, the traditional model-based monitoring method cannot effectively solve various attack problems affecting the synchronization stability of the system. Therefore, the feasible data-driven malicious attack detection and control method is provided, and has important significance for avoiding the frequency/voltage runaway of the energy storage cluster caused by malicious attack and improving the reliability of network data and the robustness of the system. The data-driven control is a business decision and action mode based on lean analysis and a data closed-loop concept, and is characterized in that a large amount of data is utilized for extraction, insight and prediction, the data quantity and data quality are emphasized, and the method has the characteristics of self-adaption and flexibility and performs pattern recognition and prediction through a machine learning algorithm. It is in contrast to the traditional driven approach that the data driven approach does not rely on a predefined accurate physical model. The control signal can be transmitted to the whole network by controlling only a part of key nodes (pinning nodes) in the network, so that the influence of malicious attack is restrained at lower cost, the stability of a control system is improved, and good synchronization performance is obtained. The combination of the two can solve the defects of the prior art to a great extent. Fig. 1 (see the drawing of the specification) shows a schematic diagram of a communication topology structure of a distributed energy storage system, and fig. 2 (see the drawi