CN-122027373-A - Low-delay safe transmission method for electric power fgOTN

Abstract

The invention relates to the technical field of network data security, in particular to a power fgOTN power low-delay secure transmission method, which comprises the steps of obtaining a service bearing network topology and link transmission parameters, constructing a network connection matrix, simulating a flow redistribution process after single node faults, calculating a topology intermediate center index of a transformer substation node, analyzing the payload content of a power service data frame at a pre-mapping stage at fgOTN, extracting continuous monitoring characteristics and discrete control characteristics, calculating a real-time service criticality index of each data frame by combining the frequency deviation and voltage fluctuation state of a current network, establishing a two-dimensional decision matrix, generating a defense strategy according to the mapping position of the topology intermediate center index and the criticality index value in the matrix, executing processing on service data according to the generated defense strategy, mapping the service data into fine granularity time slots of fgOTN, embedding security state signaling in frame overhead, and transmitting the security state signaling to opposite terminal equipment through an optical transmission unit.

Inventors

• ZHANG GE
• LI SHICHENG
• ZHU YANG
• ZENG JIAJUN
• HAN JIARUI
• YE XIN
• CHEN HAOLIANG
• ZHANG SONG
• Cong Shuan

Assignees

• 中国电力工程顾问集团东北电力设计院有限公司

Dates

Publication Date

20260512

Application Date

20260416

Claims (8)

1. 1. A method for low latency secure transmission of power fgOTN comprising: the method comprises the steps of obtaining service bearing network topology and link transmission parameters, constructing a network connection matrix of power grid nodes, and calculating topology medium number centrality indexes of substation nodes by simulating a flow redistribution process after single node faults; Extracting continuous monitoring characteristics and discrete control characteristics in service data, and calculating a real-time service criticality index of each data frame by combining the frequency deviation and the voltage fluctuation state of the current network; establishing a two-dimensional decision matrix taking a topological betweenness centrality index and a real-time service criticality index as axes, and dynamically generating a defense strategy comprising encryption strength, logic check depth and transmission priority according to the mapping positions of the topological betweenness centrality index and the criticality index value in the matrix; And mapping the processed data into fgOTN fine granularity time slots, embedding security state signaling in frame overhead, and transmitting the security state signaling to opposite terminal equipment through an optical transmission unit.
2. 2. The method for low-latency safe transmission of power fgOTN according to claim 1, wherein: the specific process for constructing the network connection matrix of the power grid node comprises the following steps: The method comprises the steps of obtaining the physical connection topology of a current power grid, constructing a service bearing network topology, identifying all power grid nodes and power transmission lines connected with all nodes, reading resistance parameters, reactance parameters and power couple sodium parameters of each power transmission line as link transmission parameters, wherein the power grid nodes comprise transformer substation nodes, power generation nodes and load nodes; constructing a node admittance matrix describing a linear relation between the node injection current and the node voltage of the power grid based on kirchhoff current law, wherein diagonal elements of the node admittance matrix are formed by the sum of admittances of all branches connected to the node, and non-diagonal elements are formed by negative values of the branch admittances connected between two nodes; And carrying out inversion operation on the node admittance matrix by adopting a sparse matrix inversion algorithm to obtain a network connection matrix of the whole network.
3. 3. The method for low-latency safe transmission of power fgOTN according to claim 2, wherein: The specific process for calculating the topology betweenness centrality index comprises the following steps: defining a power generation node pair and a load node pair based on a power grid node to generate a source load transmission pair set; For each transmission pair in the set, on the basis of a network connection matrix, simulating the redistribution condition of power flow in the rest network when a certain transmission node in the power grid breaks down by using a direct current method; The method comprises the steps of calculating the ratio of the flow increment flowing through a transformer substation node to be evaluated to the total flow redistribution amount of the whole network in the flow redistribution process, defining the ratio as a flow redistribution factor, carrying out weighted summation on the flow redistribution factors under all source load transmission pairs, wherein the weight depends on the actual load power of the corresponding transmission pair, and taking the weighted summation result as a topology medium center index.
4. 4. A method for low latency safe transmission of power fgOTN according to claim 3, wherein: the specific process for generating the source load transmission pair set comprises the following steps: the power nodes are traversed, active power data of each node are read, the nodes with positive active power injection values are identified as source nodes according to power flow directions, the power plant grid connection points are covered, and a source node set is constructed; identifying nodes with negative active power injection values as load nodes, covering buses on the power supply side of the transformer substation, and constructing a load node set; The method comprises the steps of performing set Cartesian product operation, establishing full-permutation logic mapping of a source node set and a load node set, defining each group of source nodes and load node combinations as independent source load transmission pairs, and exhausting potential physical paths for carrying out power transmission from any power source to any load under the current topology by the generated source load transmission pair sets to serve as boundary conditions of power flow simulation.
5. 5. The method for low-latency safe transmission of power fgOTN according to claim 1, wherein: The specific process for calculating the real-time business criticality index comprises the following steps: identifying the service type in the data frame by using a deep packet inspection technology; for continuous monitoring characteristics, calculating a deviation normalization coefficient of a current sampling value and a rated value; for discrete control characteristics, detecting whether a displacement operation exists, and if so, giving mutation weight; Meanwhile, the current frequency deviation value and the voltage fluctuation rate of the power grid are obtained through wide-area measurement, and an environment safety situation factor is constructed; And weighting and calculating the information uncertainty risk of the data frame by the deviation normalization coefficient, the mutation weight and the environmental security situation factor, and defining the information uncertainty risk as a business criticality index.
6. 6. The method for low-latency safe transmission of power fgOTN according to claim 1, wherein: the specific process of dynamically generating the defense strategy comprises the following steps: constructing a two-dimensional decision matrix, wherein the horizontal axis is a node topology medium number centrality index, and the vertical axis is a business criticality index; Dividing a coordinate plane into a core defense area, a dynamic enhancement area and a basic transmission area; When the mapping position falls into a core defense area formed by high betweenness and high index, matching a first-level defense strategy, wherein the strategy content comprises a symmetric encryption algorithm adopting 256 bits, double hash integrity check and an absolute priority transmission queue; When the mapping position falls into the dynamic enhancement zone, matching a secondary defense strategy, wherein the strategy content comprises a 128-bit encryption algorithm, a single cyclic redundancy check and a weighted polling transmission queue; when the mapping position falls into the basic transmission area, the three-level defense strategy is matched, and the strategy content comprises only plaintext authentication, basic verification and basic transmission queue.
7. 7. The method for low-latency safe transmission of power fgOTN according to claim 6, wherein: The process of dividing the coordinate plane into three areas of a core defense area, a dynamic enhancement area and a basic transmission area comprises the following steps: Acquiring sample points based on a two-dimensional decision matrix, wherein each sample point comprises numerical values of two dimensions of a topological betweenness centrality index and a business criticality index, carrying out iterative computation on the sample points by adopting an unsupervised clustering algorithm, and aggregating sample spaces into three independent feature clusters based on similarity among the sample points; calculating the geometric centroids of each feature cluster respectively, and calculating the magnitude of a module value of each geometric centroid in the direction of the origin of a two-dimensional coordinate system, wherein the centroid with the maximum module value is defined as a high-risk defense centroid, the centroid with the central module value is defined as a dynamic transition centroid, and the centroid with the minimum module value is defined as a basic transmission centroid; Based on the three geometric centroids, generating a nonlinear decision boundary in a two-dimensional coordinate system, dividing a polygonal area containing a high-risk defensive centroid into a core defensive area, dividing an area containing a dynamic transition centroid into a dynamic enhancement area, dividing an area containing a basic transmission centroid into a basic transmission area, calculating the Euclidean distance between the mapping position of a current data frame in the coordinate system and the geometric centroid, classifying the Euclidean distance into an area corresponding to the centroid with the closest distance, and determining the defensive strategy level which should be adopted by the data frame.
8. 8. The method for low-latency safe transmission of power fgOTN according to claim 1, wherein: mapping the processed data into fgOTN fine granularity time slots and embedding security state signaling in the frame overhead includes: adapting the service data flow after encryption and verification treatment to a fgOTN defined fine granularity optical data unit container by adopting a general mapping procedure; When constructing the frame structure of the optical data unit, the reserved bytes in the path overhead field are used as a safety signaling channel, the defending strategy number adopted by the current data frame, the index identification of the encryption key and the timestamp information are coded and written into the safety signaling channel, and the safety state signaling is synchronously transmitted in the optical fiber network along with the service payload, so that the opposite terminal equipment can firstly read the signaling in the overhead when the frame is separated, thereby acquiring the correct decryption algorithm and the correct verification rule, and realizing the synchronization of the safety strategies of the transmitting terminal and the receiving terminal.

Description

Low-delay safe transmission method for electric power fgOTN Technical Field The invention relates to the technical field of network data security, in particular to a low-delay secure transmission method for electric power fgOTN. Background With the construction of a novel power system, a power communication network gradually evolves to a refined optical transmission network so as to bear high-real-time services such as relay protection, scheduling instructions, wide area measurement and the like. In the field of network security, in order to prevent interception or tampering of service data during transmission, a whole frame encryption mechanism based on a symmetric key or a link layer security protocol based on IPSec/MACsec is generally adopted. However, the conventional general encryption transmission technology has remarkable limitation in the power working condition scene, lacks cooperation with the physical situation of the power grid, and the conventional key management and defense strategy is only based on the logic state of the network layer, so that the operation working condition of the physical power grid is completely separated. For example, when the power grid fails N-1 or is in a fragile state with severe frequency fluctuation, the primary goal of communication should be to "keep alive and keep fast", while the existing security mechanism cannot sense the medium central change of the physical topology, and still mechanically execute a complex verification process, which may cause the critical control command to fail due to timeout. The encryption and decryption processing of complex algorithms such as AES-256 and the like can introduce significant computation time delay for millisecond-level control services such as relay protection and the like in an electric power system, and often lead to the end-to-end transmission time delay exceeding a critical threshold value, thereby seriously affecting the removal speed of power grid faults. Therefore, a low-delay safe transmission method for electric power fgOTN is provided. Disclosure of Invention The invention aims to provide a low-delay safe transmission method of electric power fgOTN, which is characterized by establishing a two-dimensional decision matrix, generating a defense strategy according to the mapping positions of a topology betweenness centrality index and a criticality index value in the matrix, and executing processing on service data according to the generated defense strategy. In order to achieve the above purpose, the present invention provides the following technical solutions: a low latency secure transmission method for power fgOTN, comprising: the method comprises the steps of obtaining service bearing network topology and link transmission parameters, constructing a network connection matrix of power grid nodes, and calculating topology medium number centrality indexes of substation nodes by simulating a flow redistribution process after single node faults; Extracting continuous monitoring characteristics and discrete control characteristics in service data, and calculating a real-time service criticality index of each data frame by combining the frequency deviation and the voltage fluctuation state of the current network; establishing a two-dimensional decision matrix taking a topological betweenness centrality index and a real-time service criticality index as axes, and dynamically generating a defense strategy comprising encryption strength, logic check depth and transmission priority according to the mapping positions of the topological betweenness centrality index and the criticality index value in the matrix; And mapping the processed data into fgOTN fine granularity time slots, embedding security state signaling in frame overhead, and transmitting the security state signaling to opposite terminal equipment through an optical transmission unit. The specific process for constructing the network connection matrix of the power grid node comprises the following steps: The method comprises the steps of obtaining the physical connection topology of a current power grid, constructing a service bearing network topology, identifying all power grid nodes and power transmission lines connected with all nodes, reading resistance parameters, reactance parameters and power couple sodium parameters of each power transmission line as link transmission parameters, wherein the power grid nodes comprise transformer substation nodes, power generation nodes and load nodes; constructing a node admittance matrix describing a linear relation between the node injection current and the node voltage of the power grid based on kirchhoff current law, wherein diagonal elements of the node admittance matrix are formed by the sum of admittances of all branches connected to the node, and non-diagonal elements are formed by negative values of the branch admittances connected between two nodes; And carrying out inversion operation on the node admittance