There are serious cyber security threats in wind farm SCADA systems drinking a large number of embedded terminals with scarce computing resources, so a lightweight key management scheme needs to be designed. Security threats to wind farm SCADA system keys and types of system communication are analyzed. Lightweight key management schemes based on CL-PKC and CRT are proposed. In this scheme, we have completed the generation and distribution of device public and private keys and unicast session keys by CL-PKC, and the generation and distribution of group session keys by CRT, and give the process of key update and key destruction. The verification results show that the key management scheme secures the keys and is resistant to forgery, replay, interruption and tampering attacks. In addition, the solution has good forward security and backward security.
Due to the increasingly complex network environment, wind farm power monitoring systems are more and more likely to be exposed to vulnerabilities. Intrusion detection, as an important supplement to firewalls, can detect anomalies and effectively defend against network attacks. In this paper, a normal behavior feature model is constructed, and then rules are configured for Snort3. Finally, a Snort3-based wind farm behavioral characteristic inspector is designed based on the normal behavioral characteristic model and Snort3 rule configuration to detect unknown anomalous messages. The ability of the inspector to extract behavioral characteristics and detect anomalous messages was verified through experiments. The results show that the inspector can effectively detect data tampering attacks and man-in-the-middle attacks with reasonableness and effectiveness.
In response to the problems of undetectable intrusions caused by the absence of authentication mechanism in the NTP protocol used in wind power monitoring systems, an intrusion detection algorithm for wind farm NTP messages based on message periodicity and autoregressive model was proposed. The periodic feature of the wind farm NTP messages under normal and intruded conditions was analyzed. An autoregressive model based on the current network conditions was built, the model parameters based on the Yule-Walker method were estimated and the detection thresholds were determined within 95% confidence intervals. The proposed algorithm was validated based on real capture messages from wind farms. The results show that the proposed intrusion detection algorithm can effectively identify denial-of-service attacks, man-in-the-middle attacks and clock offset attacks.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.