Abstract
As emerging technologies in information security protection, trusted computing and blockchain can guarantee a safe and reliable operating environment and management mechanism in the Power Distribution IoT. Relying on the comprehensive evaluation algorithm of fuzzy mathematics set theory in this paper, a blockchain-based distributed decision-making and collaborative autonomy model for the power distribution IoT is built, and the “manageable and controllable, precise protection, visible and credible, and smart defense” security protection model is established to carry out trusted computing and privacy protection of computer blockchain IoT nodes, and the information security defense level of the distribution network is improved comprehensively.
Introduction
With the rapid development of the Internet and perceptive technology, the Internet of Due to the relatively limited perception, communication, and computing capabilities of WSN nodes in complex environments and many nodes, they are vulnerable to the threat of malicious nodes [2, 7]. The operating environment of the distribution network is complex, where ubiquitous IoT and panoramic perception need to be realized based on the power distribution IoT [5, 8], and the dynamic and changeable structure and boundary of distribution network brought by the flexible and diverse access environment and methods of the IoT and many terminals as well as the higher security risks need to be faced [1, 4]. Therefore, it is necessary to carry out research on the in-depth protection system of distribution network information security that combines offense and defense [11, 12], proper attention to both inside and outside, and multi-dimensional integration [6, 10].
Relying on the comprehensive evaluation algorithm of fuzzy mathematical set theory, in view of the complementary coupling of the distribution network and the flat management structure requirements, as well as the existing passive and preventive defense status of “emphasis on the boundary and neglect the interior” of the existing energy and power information security, in this paper it is researched how to improve the information security defense capabilities of the active distribution network from the architecture and internal mechanisms of the distribution network IoT, and realize the internal security management of the 3 dimensions of the power distribution IoT: its own environment credibility, operating mechanism credibility and data credibility management.
Comprehensive evaluation model based on fuzzy set theory
Determination of the index set
The factors that can influence the evaluation object are classified into the main factors and secondary factors according to several aspects of the Internet of Things (IoT) nodes in the computer blockchain. The set of factors mentioned herein refers to the set of indexes we would like to evaluate. They are expressed as U=(u1,u2,...,um), which stand for the aspects of the objects to be evaluated from which we judge and describe. It is characterized by a set of several factors and secondary factors. The ultimate goal of the fuzzy evaluation system in this paper is to evaluate the trusted computing and privacy protection of the IoT nodes in the computer blockchain comprehensively. Hence, it is necessary to consider the contribution of all underlying factors to the overall goal.
Determination of the comment set
The set V is used to stand for the comment set, V=(v1,v2,...,vk), in which k stands for the number of comments, which is actually a division of the change interval in the objects to be evaluated. In this paper, the quality of trusted computing and privacy protection is classified into five levels, that is, bad state, relatively poor state, general state, good state, and ideal state. Although the comment set can distinguish between trusted computing and privacy protection quality in the definition, in the practical statistical process, especially in the questionnaire survey process, the settings of the comments for each index are required to be easy to understand and in line with the context. Hence, the comment set of each secondary index is reset in this paper.
Determination of the weight set
The comprehensive evaluation of
According to the process and algorithm of AHP, the first-level index weight and the second-level index weight of the trusted computing and privacy protection quality evaluation index system are obtained in this paper, which has provided a set of weights for the subsequently fuzzy evaluation. At the same time, it can also be known that the importance of various indexes in the whole system is different, which has reflected the uneven influence of trusted computing and privacy protection quality.
On the basis of the established index system, according to the steps of constructing the fuzzy balanced scorecard model, the corresponding weight set and fuzzy evaluation matrix are obtained through investigation and interview in this paper. Finally, the comprehensive fuzzy evaluation of the first-level classification and the overall goal are carried out, respectively.
Determination of the index set
If each factor ui is taken as a separate evaluation f(ui), it can be regarded as a fuzzy mapping f from U to V, that is, the following can be obtained
Therefore, the fuzzy mapping
In the above equation,
The number of sensors in each sn communication range
The fuzzy relationship
In order to take the role of each index on employment competitiveness into comprehensive evaluation (as shown in Table 1), a weighted average model is used for the weight W and the fuzzy matrix
The function of Equation (4) is similar to that of a converter, as shown in Fig. 1 below.

Membership matrix conversion of fuzzy evaluation.
If a weight W∈H(U) is input, a comprehensive judgment is output as the following
When
Among them, fh stands for the score of the h-th level comment, with a full score of 100, which can be obtained based on the arithmetic scoring method as follows: F=(20,40,60,80,100). Finally, the membership degree matrix is multiplied by the score set to obtain the comprehensive score of the fuzzy evaluation. The equation is
However, due to the numerous sensors in WSN, the location information of all nodes are difficult to be obtained by the sensor network systems in the initial stage. In this paper, the terminal nodes in the network are divided into two categories: anchor node set (AN) and unknown-location node set (ULN) set. Of which, the anchor node set represents a type of special node that knows its location, and the unknown node set represents a type of node that does not know its location. In order to obtain the location information of all nodes, a quadrilateral measurement method (QM) is proposed in this paper, by which those nodes with unknown locations can be obtained, and then the unified NLL is improved, so as to get their location quickly while monitoring the status and behavior of the sensors in real time. The above method of perfecting NLL can be written into the smart contract of the blockchain. The specific flowchart is shown in Fig. 2.

QM flow chart.
The above-mentioned QM method can be described by the following simple example: Suppose A(x1, y1, z1) B(x2, y2, z2), C(x3, y3, z3) and D(x4, y4, z4) ∈ AN, U (x, y, z) ∈ UN, d1, d2, d3 and d4 are the distances from node U to the four points A, B, C, and D respectively. The position data of node U can be obtained by calculation formula (6).
The hierarchical trusted immune control strategy of the “Cloud-Edge-Terminal” architecture of the power distribution IoT master station and edge Terminals
Power distribution IoT has the characteristics of extensive access and interactive interconnection, therefore, more and more hidden dangers of information security occur. Traditional passive defense strategies have little effect on attacks against the power grid. In recent years, the Stuxnet virus incident, the hacking incident of the Ukrainian power grid, and the large-scale cyber attack on the Israeli national power grid have caused major security incidents that have not only endangered the power grid, but also covered natural gas, oil, gasoline, and water supply systems. It can be seen that the target of most attacks is critical infrastructure (i.e., terminals). If the security and credibility of the terminal can be ensured before the terminal is connected to the power grid, the possibility of malicious attacks will be reduced from the root cause. In addition, the secure and trusted authentication mechanism during network transmission is also one of the important contents of security protection. Therefore, based on the architecture of the power distribution IoT, the weak points of active trusted protection for internal terminals are analyzed, and its trusted computing environment for active defense is studied in this paper.
At present, the overall security protection strategy of the power secondary system can be summarized into 4 parts: security partition, network processing unit, lateral isolation, and vertical authentication. The weak points of active and trusted protection for internal terminals are obvious: The network is prone to be attacked due to the large number of terminals of power distribution IoT, open deployment environment, and lack of security and credibility authentication for power distribution terminals and IoT terminals; the credibility of the terminal’s network connection cannot be guaranteed, and the terminal’s network access may still be maliciously used by attackers.
The trusted computing technology effectively compensates for the security loopholes in the computing platform itself through the dual-system structure of “computing+protection”, and can protect the integrity of the internal operating system, business programs, and operation logic of the power distribution IoT system to prevent from the interference of malicious code and operation and achieve the effect of a safe immune system similar to that of an organism.
Therefore, based on the “Cloud-Edge-Terminal” architecture of the ubiquitous electric power IoT and edge computing technology, the processing load on the power distribution master station side is reduced, thereby a hierarchical trusted immune control strategy for the power distribution IoT master station side and edge side is constructed, to ensure the safety and stability of the power distribution IoT.
Trusted computing is generally divided into 3 levels: node credibility, network connection credibility, and application credibility: the node credibility layer provides the starting point of trust for the entire active immune system as the source of the active immune system; the network connection credibility layer undertakes interactive immunity between nodes as a key part of network credibility; application credibility layer provides immunity support and services for nodes and networks, updates security policies, and enhances the immunity of nodes.
First, sn puts the collected key data of a certain sensor into Cmndb-IC, and then calculates the key data according to the formula in Cmndb-IC to obtain the corresponding NCQ, η, which shows the NCQ and η of all sensors within the sn1 communication range of sn1 in the smart contract.
Each level of hierarchical trusted immune control strategy constructed in this paper for the master station and edge terminals of the power distribution IoT realizes the functions of three levels of node credibility, network connection credibility and application credibility of trusted computing, and delegate secure access zone and trusted control to the edge side, to realize the localization and in-place of computing, analysis, and security control with edge computation technology, improve processing efficiency and response rate, reduce the processing load on the master station terminal, and support remote and localized processing collaboration and optimization management.
Blockchain-based distribution IoT node mapping model
Blockchain technology has similarities with power distribution IoT in terms of operation mode, topology, bilateral negotiation, and security protection. Therefore, the research on the corresponding mapping model of physics, logic, function, and protocol of blockchain and power distribution IoT is developed in this paper. The blockchain technology is used to support the secure interaction and sharing of peering interconnected data of the power distribution IoT, ensuring the security and credibility of the distributed decision-making and collaborative autonomous management mechanism of the power distribution IoT, as well as the anti-tampering and traceability of data.
The characteristics of decentralization and trustless of blockchain technology make each node in the network participate in related work, such as data interaction and record management, etc., but the nodes in the network are quite different, and their computing power is not the same, so it is difficult to require all nodes to bear the task of security protection, therefore, the node types are divided into 2 categories: (1) Full nodes, which have a complete block structure and data on the chain, and each node is equipped with all the functions in the blockchain; (2) Light nodes, which only retain part of the data on the chain, do not provide computing power for the overall network, and participate in simple verification in the network relying on the functions of full nodes.
Referring to the type of blockchain nodes and the computing power, security protection capabilities and importance of data of each node in the power distribution IoT, each node of the power distribution Internet of Things is mapped into 2 types of blockchain nodes in this paper: (1) Distributed power supply, Power grids, power distribution terminals, large user loads, energy storage devices, IoT gateways, and other nodes are full nodes or host nodes, with the strongest computing, storage and security protection capabilities, as well as complete function of block preservation, routing, query and security verification and etc.; (2) The terminal nodes of the IoT are light nodes or slave nodes, and the computing power output and storage space of this type of node are not enough to retain a complete blockchain, and only have basic functions such as storage of the blockchain, routing, query, and simple security verification.
Endogenous security protection model of power distribution IoT based on trusted computing and blockchain
A secure and trusted operating environment with trusted nodes, trusted network connections, and trusted applications of the power distribution IoT is realized by trusted computing technology, that is, its own secure and trusted dimensional control; and the manageability and credibility of the decision-making and collaborative autonomous management mechanism is realized by the blockchain, namely, dimensional control of the security and credibility of the operation management mechanism. Therefore, based on the construction of a hierarchical trusted immune control strategy for the master station and edge terminals of the power distribution IoT, the three- level hierarchical functions of node credibility, network connection credibility and application credibility are realized at each level, and the computing capabilities, security protection capabilities, and data importance of each node in the distribution network and power distribution IoT are mapped respectively to full nodes or master nodes, light nodes or slave nodes, to build a blockchain-based distribution decision-making and collaborative autonomous model for the power distribution IoT by combining power distribution business perception equipment and the needs of network security management, and establish a “manageable and controllable, precise protection, visible and credible, and smart defense” security protection model for the power distribution IoT, as shown in Fig. 3.

Schematic diagram of node location.
Before the power distribution IoT operates, level-by-level credible authentication and connection are carried out between all levels of nodes. The two parties establish a temporary communication channel after performing asymmetric encryption and mutual verification of identities with public and private keys. It is determined whether it is in a safe and reliable state by passing credibility report and comparing it with the whitelist. Trusted authentication is carried out level by level, and the chain of trust is gradually passed from the master station terminal to the edge terminal. At the same time, the consortium blockchain built between the master station, substation, and smart terminals further ensures the immutability and traceability of the data on the chain.
Based on the comprehensive evaluation algorithm of fuzzy mathematical set theory, the endogenous security of the power distribution IoT is explored in this paper. On the basis of the hierarchical trusted immune control strategy for design of the “Cloud-Edge-Terminal” architecture of the power distribution IoT master station and edge terminal, a blockchain-based distribution decision-making and collaborative autonomy model for the power distribution IoT is built, and a “manageable and controllable, precise protection, visible and credible, and smart defense” security protection model for the power distribution IoT was established to achieve endogenous security management of three dimensions of power distribution IoT, including its own environment credibility, operating mechanism credibility and data credibility, which has comprehensively improved the information security defense level of the distribution network.
Footnotes
Acknowledgment
This paper was cosupported by the Foundation for Young Scholars in Wuhan Donghu University under grant 2018dhzk008.
