Research on Security Protection Architecture of Energy Internet Information Communication

. The large-scale development and utilization of renewable energy has become a major trend in the development of the global energy sector. Compared with traditional power grids, energy Internet information security has many features and complex technologies, and the hidden dangers of information security risks are more prominent. In the face of various cyber threats, effective measures must be taken to ensure the safe operation of the power information network. This paper introduces the relationship between energy Internet and smart grid, sorts out the current new technology of energy Internet application, analyzes the risks it faces, and designs the security architecture of energy Internet information communication system.


Introduction
With the gradual depletion of traditional fossil energy and the worsening of environmental problems caused by energy consumption, relieving the energy crisis and reducing air pollution have become urgent problems in the sustainable development of energy. Traditional energy use patterns characterized by centralized use of high-carbon energy sources will be difficult to sustain. The rapid development of technologies such as information and communication, new energy, and smart grids around the world has brought profound impacts on energy, manufacturing, and transportation. The energy Internet is regarded as a product of the integration of information and communication technology and energy technology. It will provide possible solutions for transforming the way of energy development and achieving sustainable development, which has attracted wide attention from scholars at home and abroad. After the publication of the book The Third Industrial Revolution, the energy Internet has caused widespread concern. It provides a viable solution for the global energy development model. Countries around the world have come up with their own energy development strategies. For example, the FREEDM system proposed by the University of North Carolina's Future Renewable Power Transfer and Energy Management System Research Center, Germany's information energy E-Energy, China's strong smart grid.

Energy internet 2.1 Energy internet and smart grid
In the book "The Third Industrial Revolution" [1], the famous American economist Jeremy Rifkin puts forward that "in the coming era, we will need to create an energy Internet, so that hundreds of millions of people can produce green renewable energy in their homes, offices and factories. Excess energy can be shared with others, just like we share information on the web now", "The energy Internet, which combines Internet technology and renewable energy, will be an effective model for achieving distributed energy supply". Broadly speaking, the energy Internet is to build a complete future energy system from the aspects of energy production, transportation, distribution, conversion and consumption: It is to made strategic layout of cross-continental interconnection of energy by UHV, AC and DC transmission technology in the transmission and transmission, and to build a global energy internet [2].
International research and development specifically for the energy Internet began in 2008, and some countries such as Germany and Japan have begun to practice energy Internet in a small scope. Although energy Internet technology has attracted widespread attention at home and abroad, related research is still in its infancy.
Since 2013, the Beijing Municipal Science and Technology Commission has organized the "Third Industrial Revolution" and "Energy Internet" expert seminars, and initiated research on related soft topics, and completed the "Beijing Energy Internet Technology and Industry Development Research Report", which form a detailed energy Internet research report and roadmap to provide guidance for further technology projects. In December 2013, State Grid Corporation issued a document in the Science and Technology Daily that clearly stated that the future smart grid is the "energy Internet". In February  The smart grid is an important concept proposed in the early 21st century and has been rapidly developed in recent years [3]. It is the product of information and communication technology (ICT) and grid integration. There are many similarities between the energy Internet and the smart grid. It is the further development and deepening of the smart grid concept. However, there are also important differences between the energy Internet and the smart grid, as shown in Table 1.

Energy internet framework
The energy Internet is based on the existing energy infrastructure, trying to integrate advanced Internet information technology and renewable energy power generation technology to achieve wide-area intelligent optimization of multiple energy sources [4]. The establishment of the energy Internet will overcome the bottlenecks in the access, transmission and control of large-scale clean energy, promote the large-scale utilization and sharing of clean energy, and realize the sustainable development and utilization of multiple energy sources.
Energy Internet is a comprehensive utilization of renewable energy power generation technology, intelligent transmission network technology, Internet information technology, system planning analysis technology, and the integration of power grid, natural gas network, heat network and electrified transportation network, to form a multi-energy efficient use of energy sharing network [5]. The ideal operation mode of the energy Internet should be a grid-led joint operation mode involving multiple producers of energy producers and consumers, energy network operators, and energy agents [6]. With the deep integration of energy and information, the energy industry will develop new business models in energy materials and equipment, energy production, trading, consumption and energy assets in the process of becoming more interconnected and efficient. Specifically, it includes offline market for energy materials and equipment, vertical e-commerce for B2B (business to business) industry; third-party industrial energy-saving business model based on big data, energy-saving solutions; energy trading platform for energy product trading, utilization of energy assets And agency operation services, Internet finance for energy asset securitization, e-commerce for energy assets; energy value-added services based on big data-based energy consulting, new energy vehicle industry, etc.
In order to achieve the goal of overall optimization of the energy Internet, on the basis of clarifying the scope of energy interconnection, it is necessary to further study the rational energy Internet technology framework [7]. It is to apply advanced technology to take advantage of the overall advantages of multiple energy and user interaction The sole purpose of this energy Internet technology framework design is to take advantage of technology, and to improve energy efficiency from a technical perspective. Under the premise of no policy, market and technical constraints, the energy Internet technology framework model that meets the above conditions is designed, as shown in Figure 1. Figure 1 shows the energy Internet technology framework, including market environment, energy supply, conversion and consumption, information support, and scheduling control.  Market environment includes energy supply side market and energy demand side market. Among them, the energy supply side market is responsible for issuing market price signals for different types of energy, and regulating the market energy supply structure (you can use price signals or subsidies to encourage the use of clean energy and reduce environmental pollution).The energy demand side market is the power generation complexes which responsible for releasing attractive load control and having reverse power transmission (or other forms of energy). It participates in the price or other incentive signals of the demand side dispatch control to encourage the load to participate in the demand side response.
Energy supply, conversion and consumption are energy flows in the energy Internet. It is also the ultimate optimization coordination object of the entire technical framework. The forms of electricity such as electricity, heat and cold emitted by various energy sources finally reach the user side through the transmission grid, pipe network or transportation channel to meet the user's energy needs. The Energy Internet Framework has strengthened support for distributed power and micro grids based on the above. At the same time, the application of various energy storage and electricity conversion to gas and other technologies, combined with information sharing and cost comparison of multiple energy sources, with energy as the center to achieve a variety of energy (optimized or reduced pollution, improve clean energy ratio, etc.) Substitution and conversion. In addition to traditional users, the consumer segment also adds intelligent controllable users and power generation complexes that can be reversely powered. Information sharing support is the flow of information throughout the technology framework. Highspeed, reliable and secure future information network technology is the basic condition for realizing a large number of data collection and transmission, analysis and optimization calculation under the framework of energy Internet technology.
With the support of information technology, in order to ensure the safety and optimization of the entire energy framework, it is necessary to set up necessary operational management institutions to centrally manage energy. This kind of dispatch management can adopt a business operation mode that is compatible with the external market environment and design according to the scope of energy management. At the same time, for the user-side controllable load and the power generation complex with power generation and other energy supply (heating, cooling, etc.) capabilities, it can directly participate in or by load dispatch control agent application on a voluntary basis. Virtual Power Plant Technology Participates in Energy Network Scheduling Control. This kind of optimization of energy utilization through energy overall dispatch control based on information sharing is the core content of the energy Internet technology framework.

Physical security
Physical security is a key issue to be considered when protecting the energy Internet terminal, including the equipment in the energy Internet system and the equipment in the information communication system [8]. The equipment in the energy Internet system includes energy acquisition equipment, energy routing equipment, smart meters, measuring instruments, sensor equipment and so on. The equipments in the information communication system include various network equipments, computers and various storage media for storing data. The objective of physical security protection is to prevent someone from destroying the external physical characteristics of the business system in order to stop the system from serving, or to prevent someone from intruding the system through physical contact. It is necessary to be able to audit and trace the physical contact behavior of equipment before and after information security incidents.

Data and energy acquisition security
The data and energy gathering process of the energy Internet is mainly focused on the perception layer. The information security problems that may exist in the perception layer mainly include: the smart meter acquisition terminal is attacked, some mobile handheld devices are attacked, and many smart devices in smart substations are attacked [9]. The attacker can restore the content of the key through the same analysis and entropy analysis. The attacker sends out the marked command and control message through the key, and chooses the attack area to carry out the attack. The key technologies of data acquisition security in perceptual layer include data encryption technology, key management mechanism, anti-interference technology, intrusion detection technology, secure access technology, access control technology and so on.

Data and energy transmission security
The data and energy transmission process of the energy Internet is mainly focused on the network layer. The network layer may have some information security problems such as illegal modification, instruction change, service interruption caused by unidentified intrusion [10]. Data modification, that is, application data such as passwords, passwords and other data on the network using TCP / IP protocol plaintext transmission, easy to eavesdropping, forgery and tampering; Source address spoofing, that is, the source IP address segment is directly modified to the IP address of other hosts, all services and sessions facing the IP address are at risk; Source routing spoofing means that an attacker can provide a pseudosource IP address so that the return information of the target host can be transmitted in a route to the pseudosource IP address host to obtain the legitimate service of the source host. TCP Sequence Number Spoofing, that is, TCP Sequence Number is predicted by an attacker, establishes a connection with the target host and transmits false data. Data transmission security of energy Internet needs to adopt boundary isolation methods such as firewall technology, VPN technology, intrusion prevention technology to prevent illegal intrusion, and strengthen the monitoring and review of the network, especially to strengthen the status and identity authentication of equipment access, including post-audit.
The key technologies of data transmission security in network layer include secure routing mechanism, key management mechanism, access control, intrusion tolerance technology, intrusion detection technology, active defense technology, security audit technology and so on.

Data and energy handling security
The data and energy processing processes of the energy Internet are mainly focused on the application service layer. Information security in application service layer includes two meanings. One is the security of data itself. If data and control commands do not have authentication information, it is possible to illegally access, destroy information integrity, destroy system availability, impersonate and repeat. In particular, unauthenticated control commands will lead to the loss of control over the entire network, or such as remote telemetry, remote signaling, remote control information, electrical energy information are transmitted in plain text, there is a risk of eavesdropping, intercepting and modifying the information. Therefore, it is necessary to use cryptographic technology to protect data in the process of business processing, such as data encryption, data integrity protection, two-way identity authentication, etc. [11]. Secondly, data storage technology is used to protect data actively in the process of business processing, such as ensuring data security by means of disk array, data backup, remote disaster recovery and cloud storage. The main security technologies used in data processing security of application service layer include intrusion detection technology, privacy protection technology, cloud security storage technology, data encryption technology, identity authentication technology and so on. With the development of new business and information technology, the security threats to energy Internet information communication are becoming more and more complex. The three elements of information security CIA (confidentiality, integrity and availability) can no longer meet the requirements of future information network security capabilities. Therefore, in order to deal with all kinds of security threats comprehensively, the attributes of authenticity, controllability, identifiability, traceability, verifiability and predictability are introduced, and nine security requirements are put forward.
Confidentiality: refers to the information in the energy Internet information communication system will not be leaked to unauthorized users or illegal use of the characteristics. That is, information can only be used by legitimate authorized users, and other illegal users are denied access.
Integrity: refers to the information in the communication energy Internet information communication system in the process of storage or transmission to maintain unauthorized and unchangeable characteristics. That is, information in the transmission process will not be arbitrarily tampered with, deleted, forged, in the storage process will not be modified and damaged by illegal users.
Availability: refers to the characteristics of resources, data and information that authorize users to access and use the energy Internet information communication system on demand. That is to ensure that legitimate users will not be abused by the use of resources and information.
Authentication: refers to the authenticity and validity of the user's identity, the content of the information sent by the user. That is, the identity of the owner or sender of information can be authenticated and authenticated, the source of information, the authenticity and reliability of transmission can be verified.
Controllability: refers to the ability to control the flow of information within the authorized scope of the energy Internet information communication system. That is, information can be selectively blocked, the network and information system can be monitored and managed by the controllers to ensure the security and legitimacy of information content. energy Internet Security Architecture considers the security strategy and management measures from the aspects of management, strategy, role and technology to form an energy Internet information communication security. The architecture model is shown in Figure 2. In the technical dimension, the model is applied to the security protection of information system development, testing and operation. According to the characteristics of information system life cycle, the three planes assume different security technology functions, and guarantee the completeness of the whole technology and defense measures by heterogeneity. The three planes are divided into cloud security, interconnection security and end-toend security, which can fully meet the needs of all-round security protection under the security framework of information and communication on energy internet.

Conclusion
In order to adapt to the development of global energy Internet, more innovations and breakthroughs are needed in the information and communication security protection system. The coordination and interaction of various physical devices in the energy internet need strong information network support. The introduction of advanced information technology, especially the connection with open networks such as the Internet, will bring great challenges to the security of the energy Internet. The unified modeling of information physical systems and the security of Information Physics will be one of the core contents and difficulties in the research of energy Internet. According to the core concept of energy internet, this paper compares the difference between energy internet and smart grid, discusses the composition of the core carrier of energy internet, analyzes and expounds in detail the application basis of large data, cloud computing and internet of Things technology in energy internet, and analyzes various threats faced by energy internet. The security architecture of the energy internet information communication system is designed, and the security requirements and model dimensions are analyzed. This will provide a reference for the future development of energy Internet.