An energy storage configuration optimization method and system combined with grid adaptive regulation

By constructing a snapshot trajectory map of authentication behavior and a dual endorsement mechanism, potential forged authentication nodes are identified and isolated, solving the authentication security problem in the optimization of power grid energy storage configuration and improving the stability and adaptability of power grid load regulation.

CN120579745BActive Publication Date: 2026-06-26TAIZHOU BANGMEI MACHINERY MANUFACTURING CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
TAIZHOU BANGMEI MACHINERY MANUFACTURING CO LTD
Filing Date
2025-05-16
Publication Date
2026-06-26

AI Technical Summary

Technical Problem

In a highly autonomous grid adaptive control architecture, the authentication mechanism of distributed energy storage nodes is vulnerable to being tampered with by attackers through simulating role switching processes and constructing "relay authorization jump points," which threatens the security of grid energy storage configuration optimization.

Method used

By constructing a trajectory graph structure based on authentication behavior snapshots, combined with a dual endorsement mechanism and path continuity judgment, potential energy storage nodes with forged authentications can be identified and isolated to prevent unauthorized role takeover.

Benefits of technology

It achieves security protection for grid energy storage configuration, ensures the stability and reliability of authentication path, improves the ability to identify and handle low-frequency but suspicious behavior, and has the ability to dynamically adapt to new energy configuration forms.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN120579745B_ABST
    Figure CN120579745B_ABST
Patent Text Reader

Abstract

The application discloses a kind of energy storage configuration optimization method and system combined with power grid adaptive regulation, is specifically related to energy storage configuration optimization field, including the authentication behavior snapshot based on the authentication behavior of energy storage node generation, the authentication behavior snapshot includes authentication initiator identification, target identity label, role switching flag, authentication timestamp and authentication type label;According to the authentication behavior snapshot, construct authentication trajectory graph structure, the trajectory graph includes multiple authentication nodes and its authentication jump path.By constructing the trajectory graph structure based on authentication behavior snapshot, combined with double endorsement mechanism and path continuity judgment, whether " jump pseudo-legal " abnormal chain exists in authentication path can be identified, so that potential counterfeit authentication energy storage node is frozen and isolated in time, to prevent attackers from tampering with edge device control path to realize role fraud takeover.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of energy storage configuration optimization technology, and more specifically, to an energy storage configuration optimization method and system that combines grid adaptive regulation. Background Technology

[0002] Adaptive grid control of energy storage configuration refers to the system adjusting the charging and discharging strategies and control roles of each energy storage node according to the real-time load fluctuations of the grid, changes in renewable energy output, and dynamic changes in regional power demand, so as to achieve the optimal allocation of electricity in time and space and improve grid stability and energy utilization efficiency.

[0003] In a highly autonomous grid adaptive control architecture, distributed energy storage nodes need to dynamically switch master-slave roles based on system load to achieve redundant control and fault tolerance optimization. Distributed energy storage nodes include BESS, home energy storage, and electric vehicle feedback stations. Therefore, the authentication mechanism is no longer static, but a role-transferable identity system is achieved through a dynamic negotiation chain. Once an attacker intrudes into an edge energy storage device, they can construct a "relay authorization jump point" by simulating the role switching process, bypass the master control authentication path, and obtain the right to execute control commands through "boundary deception". This will directly threaten the security foundation of grid energy storage configuration optimization. Summary of the Invention

[0004] To overcome the aforementioned deficiencies of the prior art, embodiments of the present invention provide an energy storage configuration optimization method and system that combines grid adaptive regulation. By constructing a trajectory graph structure based on authentication behavior snapshots and combining a dual endorsement mechanism with path continuity judgment, it is possible to identify whether there are abnormal chains of "fake legality" in the authentication path, thereby freezing and isolating potentially forged authentication energy storage nodes in a timely manner, thus solving the problems mentioned in the background art.

[0005] To achieve the above objectives, the present invention provides the following technical solution: an energy storage configuration optimization method combined with grid adaptive regulation;

[0006] The method is used to prevent unauthorized role takeover in a distributed energy storage network with dynamic master-slave role switching, and the method includes:

[0007] An authentication behavior snapshot is generated based on the authentication behavior of the energy storage node. The authentication behavior snapshot includes the authentication initiator identifier, the target identity identifier, the role switching flag, the authentication timestamp, and the authentication type label.

[0008] An authentication trajectory graph structure is constructed based on the authentication behavior snapshot, and the trajectory graph includes multiple authentication nodes and their authentication jump paths;

[0009] During each authentication jump, the first endorsement signature is obtained from the previous authentication node, and the second endorsement signature is obtained from at least one auxiliary node.

[0010] Determine whether the authentication redirection path satisfies the preset set of role switching authorization paths in the boundary model;

[0011] If the jump path does not meet the authorization structure requirements of the boundary model, the corresponding trajectory path is frozen, and the energy storage device corresponding to the authentication node is moved into the verification pool for isolation control.

[0012] If the authentication behavior path is interpreted as a novel path, it is then incorporated into the authorized authentication path set through the boundary model expansion mechanism.

[0013] In a preferred embodiment, the authentication behavior snapshot is used to represent a set of information representing the complete state of the authentication process. The authentication behavior snapshot includes authentication behavior elements, which include identity identification elements, behavior attribute elements, and role instruction elements. The identity identification elements include authentication initiator identification and target identity identification, the behavior attribute elements include authentication timestamp and authentication type label, and the role instruction elements include role switching flag.

[0014] The authentication behavior snapshot is generated by the authentication behavior collection mechanism through a structured combination of various elements, and is embedded into the authentication trajectory graph structure in the form of authentication records, forming the basis for the state expression of each authentication node.

[0015] During the execution of the authentication path, the authentication behavior snapshot is called as the structural input for judging the legality of the trajectory path, and the integrity of the node behavior chain is judged by the continuity and combination between snapshots.

[0016] In a preferred embodiment, the authentication trajectory graph structure is used to represent the behavior jump relationship of authentication nodes. Each authentication node in the authentication trajectory graph structure is composed of a snapshot of authentication behavior, and its jump edges are generated by authentication jump data.

[0017] The authentication jump data includes authentication behavior snapshot index information, previous jump node identification information and endorsement signature identification. The authentication jump data is used to establish the directionality and credibility of the jump edge.

[0018] The authentication trajectory graph structure continuously expands the combination of nodes and edges during the continuous update of authentication behavior, and embeds the endorsement signature in each jump into the jump edge information to identify its trust source; based on the authentication trajectory graph structure, structural mapping processing is performed on all authentication paths, and the behavior path sequence formed by nodes and jump edges in the authentication trajectory graph structure is used as input for boundary model matching judgment to support the subsequent risk assessment process.

[0019] In a preferred embodiment, each authentication jump satisfies a dual endorsement condition, which includes endorsement from the source node and endorsement from the auxiliary node.

[0020] The source node endorsement is generated by the previous authentication node in the jump path based on the snapshot of the current authentication behavior, and is bound to the corresponding authentication jump data;

[0021] The auxiliary node endorsement is generated by an energy storage node of equal role level. The energy storage node generates a response signature after performing a consistency comparison on the authentication behavior snapshot based on the historical state data collected in its behavior observation window.

[0022] Consistency checks are performed on the source node endorsement and the auxiliary node endorsement. If any endorsement chain is found to have directional inconsistency, missing signature, or snapshot matching failure, the authentication jump behavior is marked as a potential risk path. The potential risk path is suspended, and the jump edge it forms is frozen in the authentication trajectory graph structure and recorded in the risk assessment result set.

[0023] In a preferred embodiment, the boundary model is used as a set of rules for determining the validity of the authentication jump path structure. The set of rules is constructed based on the authentication path structure constraint logic, which includes: role level transfer rules, authentication jump depth limits, node continuity requirements, and path time window matching rules.

[0024] The system receives path information from the authentication trajectory graph structure and combines it with role switching flags and timestamp data from the corresponding authentication behavior snapshot. It then performs matching analysis based on the authentication path structure constraint logic. When a path does not meet the structure constraint logic and its structure combination is in a high-risk range in the path sample, the system calculates its risk score through risk assessment.

[0025] If the risk score is higher than the preset threshold, the authentication jump path will be marked as a structurally abnormal path, the relevant jump edges will be frozen, and the node execution behavior will be isolated.

[0026] In a preferred embodiment, the energy storage device corresponding to the authentication node whose trajectory is frozen performs isolation processing, which includes disconnecting the authentication chain contact relationship, temporarily freezing the control authority, and restricting the authentication role transfer capability.

[0027] At the start of the isolation process, the authentication behavior snapshot chain associated with the authentication node is saved and entered into the verification pool, and its behavior response process is recorded as a state trajectory archive. Based on the state trajectory, a behavior replay process is constructed to verify the state deviation performance of the energy storage device under different control paths, and the deviation results are used as the input basis for the credibility judgment.

[0028] The risk assessment generates a credibility score based on the state deviation performance. If the credibility score is lower than the set credibility threshold, the energy storage device is put into a permanent isolation state. If the score is in the pre-acceptable deviation range, the energy storage device is subject to an observation mechanism and operates within a limited authentication frequency and response window.

[0029] In a preferred embodiment, the boundary model extension is based on a joint judgment and execution of novel path identification, behavior evolution determination, and risk assessment; the novel path identification is based on candidate extraction of paths that appear in the authentication trajectory graph structure with a frequency lower than a preset threshold and have offset characteristics, and records the associated authentication behavior snapshot sequence.

[0030] The authentication behavior snapshot sequence is compared for consistency by behavioral evolution determination, matched to the historical authentication trajectory evolution curve, and the path credibility score is calculated.

[0031] A risk assessment is jointly performed based on the path credibility score and the node's historical offset record to determine whether the candidate path has scalability.

[0032] If a candidate path exhibits a continuous behavioral pattern and its state deviation fluctuates within the standard range of historical path deviations in terms of evolutionary trends, and its path credibility score is determined to be lower than the extended credibility score threshold when compared with the extended credibility score threshold, then the candidate path is included in the boundary model authorized path set, and an extended label is assigned to it to track the consistency of its subsequent evolutionary paths in terms of structural trends.

[0033] In a preferred embodiment, a trajectory evolution record is constructed within the authentication behavior execution cycle, and all path changes in the authentication trajectory graph structure are continuously tracked; a trajectory freeze record table is established to organize the freezing reasons, recovery conditions and evolution results of all frozen paths, and a behavior tag set is constructed.

[0034] The trajectory evolution record provides input data for future path credibility assessment. A path prediction model is trained based on the trajectory evolution record, and the path prediction model is used to predict the future evolution trend of the authentication behavior path.

[0035] If an authentication path is deemed a trusted path after multiple rounds of freezing, it will be marked as a gray behavior path. Future redirects to this path must meet the triple endorsement requirements and include risk score information for verification. The sensitivity level of gray behavior paths will be dynamically updated, and the tolerance strategy for authentication redirection behavior will be adjusted accordingly to reduce the risk of path deception interfering with the authentication system.

[0036] An energy storage configuration optimization system that combines grid adaptive regulation includes a snapshot generation module, a trajectory mapping module, an endorsement verification module, a path determination module, an anomaly isolation module, and a path expansion module.

[0037] The snapshot generation module generates an authentication behavior snapshot based on the authentication behavior of the energy storage node. The authentication behavior snapshot includes the authentication initiator identifier, target identity identifier, role switching flag, authentication timestamp, and authentication type label. The snapshot generation module is used to describe the complete behavioral information of the authentication status.

[0038] The trajectory mapping module constructs an authentication trajectory graph structure based on the authentication behavior snapshot. The trajectory graph includes multiple authentication nodes and their authentication jump paths. The trajectory mapping module is used to represent the authentication behavior associations between energy storage devices.

[0039] The endorsement verification module is used to obtain the first endorsement signature from the previous authentication node and the second endorsement signature from at least one auxiliary node during each authentication jump; the endorsement verification module is used to confirm the credible source of the authentication jump path;

[0040] The path determination module is used to determine whether the authentication jump path meets the preset set of role switching authorization paths in the boundary model, and outputs the path matching result through the path determination module;

[0041] The anomaly isolation module includes: if the jump path does not meet the authorization structure requirements of the boundary model, the corresponding trajectory path is frozen, and the energy storage device corresponding to the authentication node is moved into the verification pool to perform isolation control;

[0042] The path extension module includes: if the authentication behavior path is interpreted as a new type of path, it is included in the authorized authentication path set through a boundary model extension mechanism.

[0043] The technical effects and advantages of this invention are as follows:

[0044] 1. By constructing a trajectory graph structure based on authentication behavior snapshots, combined with a dual endorsement mechanism and path continuity judgment, it is possible to identify whether there are abnormal chains of "fake legitimacy" in the authentication path, thereby freezing and isolating potentially forged energy storage nodes in a timely manner, and preventing attackers from taking over the role by tampering with the master control path through edge devices;

[0045] 2. By modeling the authentication behavior path as a trajectory graph structure and constraining dimensions such as role level jumps, authentication depth, and time windows through boundary models, the structural rationality of energy storage nodes during master-slave switching is judged, thereby ensuring that the dynamic adjustment process of grid load regulation has a stable authentication structure foundation.

[0046] 3. After the authentication anomaly node is identified and isolated, the system performs multi-path state replay. By analyzing its state response deviation under typical control paths, a credibility score is generated as the basis for permanent isolation or recovery, which improves the ability to identify and handle "low-frequency but suspicious behavior" in the grid energy storage configuration.

[0047] 4. By introducing a path credibility score and historical trajectory curve fitting mechanism, the behavior evolution of low-frequency deviation paths is determined, and an extended credibility threshold is set as the basis for judgment. Thus, without sacrificing authentication security, it has the ability to dynamically incorporate new authentication structures and maintain the adaptability of the control system to new energy configuration forms.

[0048] 5. By constructing a behavior evolution vector based on the historical number of freezes, recovery records, and risk score fluctuations of the frozen path, a sensitivity score is generated, and the authentication endorsement strength and jump frequency tolerance of the path are dynamically adjusted accordingly to prevent gray paths from repeatedly exploiting vulnerabilities for boundary deception. Attached Figure Description

[0049] Figure 1 This is a flowchart of the method steps of the present invention.

[0050] Figure 2 This is a schematic diagram of the system modules of the present invention.

[0051] Figure 3 This is a flowchart illustrating the authentication path establishment and endorsement verification process of this invention.

[0052] Figure 4 This is a flowchart of the structural risk scoring and novel path expansion of the present invention.

[0053] Figure 5 This is a flowchart illustrating the behavior replay and reliability assessment of the frozen device according to the present invention.

[0054] Figure 6 This is a flowchart illustrating the gray path sensitive tracking and jump control strategy adjustment of the present invention. Detailed Implementation

[0055] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0056] Refer to the instruction manual appendix Figure 1-6 An embodiment of the present invention provides an energy storage configuration optimization method combined with grid adaptive regulation; the method is used to prevent unauthorized role takeover behavior in a distributed energy storage network with dynamic master-slave role switching, the method comprising:

[0057] An authentication behavior snapshot is generated based on the authentication behavior of the energy storage node. The authentication behavior snapshot includes the authentication initiator identifier, the target identity identifier, the role switching flag, the authentication timestamp, and the authentication type label.

[0058] An authentication trajectory graph structure is constructed based on the authentication behavior snapshot, and the trajectory graph includes multiple authentication nodes and their authentication jump paths;

[0059] During each authentication jump, the first endorsement signature is obtained from the previous authentication node, and the second endorsement signature is obtained from at least one auxiliary node.

[0060] Determine whether the authentication redirection path satisfies the preset set of role switching authorization paths in the boundary model;

[0061] If the jump path does not meet the authorization structure requirements of the boundary model, the corresponding trajectory path is frozen, and the energy storage device corresponding to the authentication node is moved into the verification pool for isolation control.

[0062] If the authentication behavior path is interpreted as a novel path, it is then incorporated into the authorized authentication path set through the boundary model expansion mechanism.

[0063] The authentication behavior snapshot is a collection of information representing the complete state of the authentication process. The authentication behavior snapshot contains authentication behavior elements, which include identity identification elements, behavior attribute elements, and role instruction elements. The identity identification elements include authentication initiator identification and target identity identification, the behavior attribute elements include authentication timestamp and authentication type label, and the role instruction elements include role switching flag.

[0064] The authentication behavior snapshot is generated by the authentication behavior collection mechanism through a structured combination of various elements, and is embedded into the authentication trajectory graph structure in the form of authentication records, forming the basis for the state expression of each authentication node.

[0065] During the execution of the authentication path, the authentication behavior snapshot is called as the structural input for judging the legality of the trajectory path, and the integrity of the node behavior chain is judged by the continuity and combination between snapshots.

[0066] The authentication trajectory graph structure is used to represent the behavior jump relationship of authentication nodes. Each authentication node in the authentication trajectory graph structure is composed of a snapshot of authentication behavior, and its jump edges are generated by authentication jump data.

[0067] The authentication jump data includes authentication behavior snapshot index information, previous jump node identification information and endorsement signature identification. The authentication jump data is used to establish the directionality and credibility of the jump edge.

[0068] The authentication trajectory graph structure continuously expands the combination of nodes and edges during the continuous update of authentication behavior, and embeds the endorsement signature in each jump into the jump edge information to identify its trust source; based on the authentication trajectory graph structure, structural mapping processing is performed on all authentication paths, and the behavior path sequence formed by nodes and jump edges in the authentication trajectory graph structure is used as input for boundary model matching judgment to support the subsequent risk assessment process.

[0069] Each authentication jump satisfies the dual endorsement condition, which includes endorsement from the source node and endorsement from the auxiliary node.

[0070] The source node endorsement is generated by the previous authentication node in the jump path based on the snapshot of the current authentication behavior, and is bound to the corresponding authentication jump data;

[0071] The auxiliary node endorsement is generated by an energy storage node of equal role level. The energy storage node generates a response signature after performing a consistency comparison on the authentication behavior snapshot based on the historical state data collected in its behavior observation window.

[0072] Consistency checks are performed on the source node endorsement and the auxiliary node endorsement. If any endorsement chain is found to have directional inconsistency, missing signature, or snapshot matching failure, the authentication jump behavior is marked as a potential risk path. The potential risk path is suspended, and the jump edge it forms is frozen in the authentication trajectory graph structure and recorded in the risk assessment result set.

[0073] Further explanation of the above scheme is needed regarding the construction of a behavioral snapshot difference function ΔS(X,Y) for the jump action. This function measures the semantic consistency between the "current jump" and the "endorsement reference snapshot," forming the behavioral basis for subsequent decision-making logic. The proposed S... c The current authentication behavior is a snapshot structure; S s The snapshot structure of the previous hop recorded by the source node; This is the snapshot structure of the i-th auxiliary node; the snapshot structure includes: identity pair ID f ID t R represents the role identifier, T represents the timestamp, and L represents the authentication tag; X represents a snapshot of the current authentication behavior; Y represents a snapshot of the endorsement source citation.

[0074] Define the snapshot difference function:

[0075]

[0076] Where: Enc(·) is the identity pair encoding function, encoding the initiator / target into a vector; ||·|| H The Hamming distance is used to express the discrete differences between identity pairs; φ(T) X ,TY ) = log(1 + |T X -T Y |) is the time window offset function; Hamming(L) X ,L Y ) represents the degree of label heterogeneity; λ1, λ2, λ3, and λ4 represent the importance of the differences in each dimension, respectively;

[0077] Define the joint function for the validity of double endorsement The endorsement information of the source node and multiple auxiliary nodes are evaluated in a unified manner, and a credibility score is output.

[0078] Determine ΔS s =ΔS(S c ,S s ); N a Let θ be the total number of auxiliary nodes; Θ(·) be the step logic function; construct the joint validity function:

[0079] exist The first term in the formula expresses whether the source node endorsement is trustworthy, and the second term expresses the average consistency of the auxiliary nodes; each term in the formula is converted into the reciprocal of the trust distance to enhance the sensitivity to differences; Θ1 and Θ2 in the formula are expressed in the following form:

[0080] Where α k The steepness of the control function, δ k The trust threshold is set for the system; x represents the trust score input corresponding to a certain type of endorsement; k represents the index number of the endorsement type, used to distinguish between source node endorsement k=1 and auxiliary node endorsement k=2;

[0081] pass The definition represents the logical result of whether the current authentication redirect is determined to be a trusted path under double endorsement verification. The final trusted redirect determination condition is:

[0082]

[0083] Where γ min The minimum credibility score threshold is set; when At that time, the authentication redirection path is marked as a potential risk path and written into the freeze list and risk assessment result set.

[0084] The boundary model is a set of rules used to determine the validity of the authentication jump path structure. The set of rules is constructed based on the authentication path structure constraint logic, which includes: role level transfer rules, authentication jump depth limits, node continuity requirements, and path time window matching rules.

[0085] The system receives path information from the authentication trajectory graph structure and combines it with role switching flags and timestamp data from the corresponding authentication behavior snapshot. It then performs matching analysis based on the authentication path structure constraint logic. When a path does not meet the structure constraint logic and its structure combination is in a high-risk range in the path sample, the system calculates its risk score through risk assessment.

[0086] If the risk score is higher than the preset threshold, the authentication jump path will be marked as a structurally abnormal path, the relevant jump edges will be frozen, and the node execution behavior will be isolated.

[0087] Regarding the above, it is necessary to further explain that, based on the path deviation at the structural level and by integrating constraints from multiple structural dimensions, a path structural deviation function Ψ is constructed. dev Ψ dev =η1·f lvl (ΔR)+η2·f dep (D)+η3·f con (ρ)+η4·f win (τ);

[0088] Among them Ψ dev The path structure deviation score measures the degree of deviation between the jump path and the system's defined structural rules. A higher score indicates a more severe deviation. η1, η2, η3, and η4 are the corresponding weight functions in the formula; f lvl (ΔR) is the character level transfer function, which represents the non-linear amplification score of the difference between the source and target character levels during the jump; ΔR=|R s -R t |, where R s ,R t These are the role level identifiers for the source and target nodes, respectively, expressed using integer values; f dep (D) is the jump depth function, where D represents the jump depth of the path and the number of nodes; f con (ρ) is the node continuity function, which measures the degree of structural breakage in the trajectory path; ρ∈[0,1] is the path continuity rate, 1 for complete continuity, and 0 for complete discontinuity; f win (τ) is the time window mismatch function, where τ = |T s -T t | represents the time difference between the jump nodes, which is obtained from the timestamp in the snapshot;

[0089] Structural deviation is mapped to a structural risk score in the system, representing the probability trend of structural inconsistency failures caused by the path. A risk score function is constructed: R struct =tanh(Ψ) dev·Φ(freq));

[0090] Where R struct The structural risk score has a range of (0, 1), with a score closer to 1 indicating higher path risk. tanh(·) is the hyperbolic tangent function, used to compress risk within an interval, maintaining boundary controllability. Φ(freq) is the inverse function of the path's frequency of occurrence in the authentication trajectory, avoiding false alarms for high-frequency paths; it is defined as:

[0091] The risk score is transformed into the trigger logic for system countermeasures, and a freeze trigger determination function is constructed.

[0092]

[0093] in To freeze the trigger command output, if If θ is 1, the path is frozen; freeze The system sets a structural risk tolerance threshold to control the sensitivity of freeze triggering.

[0094] The energy storage device corresponding to the authentication node whose trajectory is frozen performs isolation processing, which includes disconnecting the authentication chain contact relationship, temporarily freezing the control authority, and restricting the authentication role transfer capability;

[0095] At the start of the isolation process, the authentication behavior snapshot chain associated with the authentication node is saved and entered into the verification pool, and its behavior response process is recorded as a state trajectory archive. Based on the state trajectory, a behavior replay process is constructed to verify the state deviation performance of the energy storage device under different control paths, and the deviation results are used as the input basis for the credibility judgment.

[0096] The risk assessment generates a credibility score based on the state deviation performance. If the credibility score is lower than the set credibility threshold, the energy storage device is put into a permanent isolation state. If the score is in the pre-acceptable deviation range, the energy storage device is subject to an observation mechanism and operates within a limited authentication frequency and response window.

[0097] Construct a state response difference sequence for the frozen node under different control paths for subsequent replay analysis. Based on this, use the state offset sequence O... Δ To describe the generation of the state offset sequence;

[0098] O Δ ={Δo (1) ,Δo (2) ,…,Δo (m)},

[0099] The state offset sequence OΔ This represents the state difference of a frozen node under m typical control paths; Δo( i ) represents the single state offset value on the i-th path; This refers to the device response status under the current analog control path, such as SOC changes and response lag time. The historical normal state values ​​for this path are represented by m; m is the number of typical paths set by the system.

[0100] Construct the state offset intensity function Γ dev , Γ dev It is used to integrate the degree of offset under all paths and amplify the deviation effect in a complex nonlinear manner;

[0101]

[0102] Where Γ dev The state offset intensity of the frozen node; ψ i The importance function for the i-th path, which dynamically changes based on the device's historical participation on that path; tanh(κ) i ·Δo (i) ) represents a smoothing nonlinear offset function, which is used to suppress abrupt changes and enhance sensitivity to continuous offsets; γ i is the offset amplification factor, which is used to enhance the expression of persistent anomalies under certain paths; ln(1+·) is the nonlinear compression mapping, which is used to enhance the dominant influence of large offset terms.

[0103] Construct a credibility scoring function for final decision-making and determine whether permanent isolation is necessary:

[0104]

[0105] in The device's trustworthiness is scored; the closer the score is to 1, the more trustworthy the behavior. δ iso The system's preset permanent isolation trust threshold; δ obs The credibility threshold for the system's preset entry observation mechanism; The isolation policy instruction is set to 1 for permanent isolation; 0 for entering the observation mechanism, which controls the frequency limit and shrinks the response window; and -1 for allowing the restoration of authentication privileges.

[0106] The overall logical flow of the above parts is explained as follows:

[0107] (1) Freeze the node to extract snapshot history, replay the response under multipath control, and then obtain the offset sequence; (2) Fuse the offset with a nonlinear function and then obtain the comprehensive offset intensity; (3) Map it to a credibility score and then determine whether the isolation, observation or recovery conditions are met.

[0108] The boundary model extension is based on the joint judgment and execution of novel path recognition, behavior evolution determination and risk assessment; the novel path recognition is based on the extraction of candidate paths that appear in the authentication trajectory graph structure with a frequency lower than a preset threshold and have offset characteristics, and records the associated authentication behavior snapshot sequence.

[0109] The authentication behavior snapshot sequence is compared for consistency by behavioral evolution determination, matched to the historical authentication trajectory evolution curve, and the path credibility score is calculated.

[0110] A risk assessment is jointly performed based on the path credibility score and the node's historical offset record to determine whether the candidate path has scalability.

[0111] If a candidate path exhibits a continuous behavioral pattern and fluctuates within the standard range of historical path deviations in terms of evolutionary trends, and its path credibility score is determined to be lower than the extended credibility score threshold when compared with the extended credibility score threshold, then the candidate path is included in the boundary model authorized path set and an extended label is assigned to it to track the consistency of its subsequent evolutionary paths in terms of structural trends.

[0112] The modeling of the novel path offset trajectory vector defines the path behavior change vector as follows:

[0113] in ΔR is the offset trajectory vector of the new authentication path; ΔR is the jump magnitude of the current path relative to the standard role level, such as the difference between the role level of the previous legal path and the current path; ΔT is the jump time window offset; ΔL is the structural difference of the tag sequence, represented after quantization; ΔD is the change in path structure depth, such as the change magnitude of the number of node layers. Used for subsequent comparison of behavior curves with historical path vectors;

[0114] Define the similarity between the novel path and the most matching path in the historical authentication trajectory set, and construct the historical trajectory comparison similarity function Ω. sim ;

[0115]

[0116] in A set of historical authentication trajectory vectors; Let be the offset vector of the i-th historical authentication trajectory; Let ζ be the offset of the new path in the j-th behavioral dimension; j tanh is the importance function for the behavioral dimension. This is a dynamic function representing the contribution of this dimension to the path's credibility within the current semantic context. 2 (·) represents the hyperbolic tangent square function, which is used to emphasize fine-grained changes at small offsets; additionally, in Ω… sin The maximum similarity value is taken in the formula in order to capture the path that is closest to the historical structure for benchmarking and judgment.

[0117] The path reliability score is calculated by combining the magnitude of the offset with the degree of fit to historical trajectories.

[0118] Among them, path credibility score A higher Λ value indicates a more reliable new path; bias χ is the offset penalty term, used to express the overall offset strength of the path; j β is the dimension penalty function. j β is the exponential scaling parameter. j Used to enhance the pulling effect of high-offset dimensions on the overall penalty term;

[0119] Construct a trusted extended decision function Ultimately, the decision to include the new path within the authorization boundary is made based on a comparison of the score and the threshold.

[0120]

[0121] in Indicates whether to extend the flag; ε expand The path credibility score expansion threshold is set for the boundary model; if expansion is achieved, the path is added to the boundary authorization model and marked with an expansion label for subsequent structure tracking.

[0122] Structural process summary: (1) Vector modeling of the new path structure features → obtaining (2) Compare the similarity with the set of historical authentication evolution paths → obtain Ω sim (3) Simultaneously calculate the path structure offset penalty, and then obtain Λ bias (4) Final fusion calculation of credibility score The output is compared with the threshold to determine whether to expand the judgment.

[0123] Within the authentication behavior execution cycle, a trajectory evolution record is constructed, and all path changes in the authentication trajectory graph structure are continuously tracked; a trajectory freeze record table is established to organize the freezing reasons, recovery conditions and evolution results of all frozen paths, and a behavior label set is constructed.

[0124] The trajectory evolution record provides input data for future path credibility assessment. A path prediction model is trained based on the trajectory evolution record, and the path prediction model is used to predict the future evolution trend of the authentication behavior path.

[0125] If an authentication path is deemed a trusted path after multiple rounds of freezing, it will be marked as a gray behavior path. Future redirects to this path must meet the triple endorsement requirements and include risk score information for future reference. The sensitivity level of gray behavior paths will be dynamically updated, and the tolerance strategy for authentication redirection behavior will be adjusted accordingly to reduce the risk of path deception behavior interfering with the authentication system.

[0126] Define the behavior evolution record vector for path p; construct the trajectory evolution record model.

[0127] in N represents the trajectory evolution history of path p; freeze N represents the cumulative number of times this path has been frozen by the system. recover This refers to the number of times the system has re-identified the user as trustworthy after the account has been frozen. This is the trend mean of all risk scores for this path; The degree of non-linear volatility in the risk score; T last This is the timestamp of the last time the path was restored to authentication;

[0128] Construct a grey path sensitive scoring function S gray S gray Used to determine if it exhibits a high probability of deception through repeated freeze-recovery behavior:

[0129]

[0130] Where S gray The gray-sensitive score for the path; ψ1, ψ2, ψ3, ψ4 are behavioral feature trade-off functions, which can be dynamically set according to the risk evolution model in practical applications; φ(t) = log(1+t) 2 ) is the time decay function, used to indicate that the longer the recovery time, the lower the sensitivity; T now S represents the current moment; gray By integrating four indicators—the growth trend of the number of freezes, the frequency of recovery, the volatility of the score, and the active time—the overall credibility of the path behavior is ensured.

[0131] Based on the sensitivity score, a minimum endorsement strength is set for subsequent redirection behaviors along the path, and an endorsement strength requirement function μ is constructed. p ;

[0132]

[0133] The endorsement strength requirement function μp This represents the minimum number of endorsements required for subsequent jumps to path p. This is the floor function; the purpose expressed in the formula is to minimize to 2, which is also a double endorsement. If the sensitivity score is high, it will be gradually upgraded to a triple or quadruple endorsement mechanism to prevent the path from being easily authenticated and redirected in a highly sensitive state, thereby enhancing the anti-deception strength.

[0134] Construct the authentication tolerance adjustment function δ p Define the time and frequency tolerance window adjustment factor for the subsequent jump behavior of this gray path in the authentication system;

[0135]

[0136] Where α is the sensitivity score slope adjustment parameter; β is the system sensitivity median, which is used to control the inflection point of the tolerance strategy; if δ p →1 indicates complete intolerance, i.e., high risk, and the authentication frequency and time window will be extremely compressed; if δ p →0 indicates the default strategy, allowing normal redirection;

[0137] For the overall explanation of the above formula: (1) The freezing and restoration process of each path forms a structured behavioral record. (2) Construct a sensitivity score S based on freezing frequency, risk fluctuation, and recovery frequency. gray (3) Sensitive scoring controls subsequent endorsement threshold μ p (4) At the same time, use the tolerance function δ to prevent the path from being easily reused; p Adjust the system's ability to accept authentication redirection behavior.

[0138] An energy storage configuration optimization system that combines grid adaptive regulation includes a snapshot generation module, a trajectory mapping module, an endorsement verification module, a path determination module, an anomaly isolation module, and a path expansion module.

[0139] The snapshot generation module generates an authentication behavior snapshot based on the authentication behavior of the energy storage node. The authentication behavior snapshot includes the authentication initiator identifier, target identity identifier, role switching flag, authentication timestamp, and authentication type label. The snapshot generation module is used to describe the complete behavioral information of the authentication status.

[0140] The trajectory mapping module constructs an authentication trajectory graph structure based on the authentication behavior snapshot. The trajectory graph includes multiple authentication nodes and their authentication jump paths. The trajectory mapping module is used to represent the authentication behavior associations between energy storage devices.

[0141] The endorsement verification module is used to obtain the first endorsement signature from the previous authentication node and the second endorsement signature from at least one auxiliary node during each authentication jump; the endorsement verification module is used to confirm the trusted source of the authentication jump path;

[0142] The path determination module is used to determine whether the authentication jump path meets the preset set of role switching authorization paths in the boundary model, and outputs the path matching result through the path determination module;

[0143] The anomaly isolation module includes: if the jump path does not meet the authorization structure requirements of the boundary model, the corresponding trajectory path is frozen, and the energy storage device corresponding to the authentication node is moved into the verification pool to perform isolation control;

[0144] The path extension module includes: if the authentication behavior path is interpreted as a new type of path, it is included in the authorized authentication path set through a boundary model extension mechanism.

[0145] The above description is merely a preferred embodiment of the present invention and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of the present invention should be included within the protection scope of the present invention.

Claims

1. A method for optimizing energy storage configuration by combining adaptive grid control, characterized in that: The method is used to prevent unauthorized role takeover in a distributed energy storage network with dynamic master-slave role switching, and the method includes: An authentication behavior snapshot is generated based on the authentication behavior of the energy storage node. The authentication behavior snapshot includes the authentication initiator identifier, the target identity identifier, the role switching flag, the authentication timestamp, and the authentication type label. An authentication trajectory graph structure is constructed based on the authentication behavior snapshot, and the trajectory graph includes multiple authentication nodes and their authentication jump paths; During each authentication jump, the first endorsement signature is obtained from the previous authentication node, and the second endorsement signature is obtained from at least one auxiliary node. Determine whether the authentication redirection path satisfies the preset set of role switching authorization paths in the boundary model; If the jump path does not meet the authorization structure requirements of the boundary model, the corresponding trajectory path is frozen, and the energy storage device corresponding to the authentication node is moved into the verification pool for isolation control. If the authentication behavior path is interpreted as a new type of path, it is included in the authorized authentication path set through the boundary model expansion mechanism; The authentication behavior snapshot is a collection of information representing the complete state of the authentication process. The authentication behavior snapshot contains authentication behavior elements, which include identity identification elements, behavior attribute elements, and role instruction elements. The identity identification elements include authentication initiator identification and target identity identification, the behavior attribute elements include authentication timestamp and authentication type label, and the role instruction elements include role switching flag. The authentication behavior snapshot is generated by the authentication behavior collection mechanism through a structured combination of various elements, and is embedded into the authentication trajectory graph structure in the form of authentication records, forming the basis for the state expression of each authentication node. During the execution of the authentication path, the authentication behavior snapshot is called as the structural input for judging the legality of the trajectory path, and the integrity of the node behavior chain is judged by the continuity and combination between snapshots. The authentication trajectory graph structure is used to represent the behavior jump relationship of authentication nodes. Each authentication node in the authentication trajectory graph structure is composed of a snapshot of authentication behavior, and its jump edges are generated by authentication jump data. The authentication jump data includes authentication behavior snapshot index information, previous jump node identification information and endorsement signature identification. The authentication jump data is used to establish the directionality and credibility of the jump edge. The authentication trajectory graph structure continuously expands the combination of nodes and edges during the continuous update of authentication behavior, and embeds the endorsement signature in each jump into the jump edge information to identify its trust source; based on the authentication trajectory graph structure, structural mapping processing is performed on all authentication paths, and the behavior path sequence formed by nodes and jump edges in the authentication trajectory graph structure is used as input for boundary model matching judgment to support the subsequent risk assessment process.

2. The energy storage configuration optimization method combined with grid adaptive regulation according to claim 1, characterized in that: Each authentication jump satisfies the dual endorsement condition, which includes endorsement from the source node and endorsement from the auxiliary node. The source node endorsement is generated by the previous authentication node in the jump path based on the snapshot of the current authentication behavior, and is bound to the corresponding authentication jump data; The auxiliary node endorsement is generated by an energy storage node of equal role level. The energy storage node generates a response signature after performing a consistency comparison on the authentication behavior snapshot based on the historical state data collected in its behavior observation window. Consistency checks are performed on the source node endorsement and the auxiliary node endorsement. If any endorsement chain is found to have directional inconsistency, missing signature, or snapshot matching failure, the authentication jump behavior is marked as a potential risk path. The potential risk path is suspended, and the resulting jump edges are frozen in the authentication trajectory graph structure and recorded in the risk assessment result set.

3. The energy storage configuration optimization method combined with grid adaptive regulation according to claim 2, characterized in that: The boundary model is a set of rules used to determine the validity of the authentication jump path structure. The set of rules is constructed based on the authentication path structure constraint logic, which includes: role level transfer rules, authentication jump depth limits, node continuity requirements, and path time window matching rules. The system receives path information from the authentication trajectory graph structure and combines it with role switching flags and timestamp data from the corresponding authentication behavior snapshot. It then performs matching analysis based on the authentication path structure constraint logic. When a path does not meet the structure constraint logic and its structure combination is in a high-risk range in the path sample, the system calculates its risk score through risk assessment. If the risk score is higher than the preset threshold, the authentication jump path will be marked as a structurally abnormal path, the relevant jump edges will be frozen, and the node execution behavior will be isolated.

4. The energy storage configuration optimization method combined with grid adaptive regulation according to claim 3, characterized in that: The energy storage device corresponding to the authentication node whose trajectory is frozen performs isolation processing, which includes disconnecting the authentication chain contact relationship, temporarily freezing the control authority, and restricting the authentication role transfer capability; At the start of the isolation process, the authentication behavior snapshot chain associated with the authentication node is saved and entered into the verification pool, and its behavior response process is recorded as a state trajectory archive. Based on the state trajectory, a behavior replay process is constructed to verify the state deviation performance of the energy storage device under different control paths, and the deviation results are used as the input basis for the credibility judgment. The risk assessment generates a credibility score based on the state deviation performance. If the credibility score is lower than the set credibility threshold, the energy storage device will be permanently isolated. If the score falls within the pre-acceptance offset range, the energy storage device is subject to an observation mechanism and operates within a limited certification frequency and response window.

5. The energy storage configuration optimization method combined with grid adaptive regulation according to claim 4, characterized in that: The boundary model extension is based on the joint judgment and execution of novel path recognition, behavior evolution determination and risk assessment; the novel path recognition is based on the extraction of candidate paths that appear in the authentication trajectory graph structure with a frequency lower than a preset threshold and have offset characteristics, and records the associated authentication behavior snapshot sequence. The authentication behavior snapshot sequence is compared for consistency by behavioral evolution determination, matched to the historical authentication trajectory evolution curve, and the path credibility score is calculated. A risk assessment is jointly performed based on the path credibility score and the node's historical offset record to determine whether the candidate path has scalability. If a candidate path exhibits a continuous behavioral pattern and its state deviation fluctuates within the standard range of historical path deviations in terms of evolutionary trends, and its path credibility score is determined to be lower than the extended credibility score threshold when compared with the extended credibility score threshold, then the candidate path is included in the boundary model authorized path set, and an extended label is assigned to it to track the consistency of its subsequent evolutionary paths in terms of structural trends.

6. The energy storage configuration optimization method combined with grid adaptive regulation according to claim 5, characterized in that: Within the authentication behavior execution cycle, a trajectory evolution record is constructed, and all path changes in the authentication trajectory graph structure are continuously tracked; a trajectory freeze record table is established to organize the freezing reasons, recovery conditions and evolution results of all frozen paths, and a behavior label set is constructed. The trajectory evolution record provides input data for future path credibility assessment. A path prediction model is trained based on the trajectory evolution record, and the path prediction model is used to predict the future evolution trend of the authentication behavior path. If an authentication path is deemed a trusted path after multiple rounds of freezing, then the path is marked as a gray behavior path, and its future redirection must meet the triple endorsement requirements and be accompanied by risk score information for future reference. The sensitivity level of gray behavior paths is dynamically updated, and the tolerance strategy for authentication redirection behavior is adjusted accordingly to reduce the risk of path deception behavior interfering with the authentication system.

7. An energy storage configuration optimization system combined with grid adaptive regulation, comprising a snapshot generation module, a trajectory mapping module, an endorsement verification module, a path determination module, an anomaly isolation module, and a path expansion module, characterized in that: The snapshot generation module generates an authentication behavior snapshot based on the authentication behavior of the energy storage node. The authentication behavior snapshot includes the authentication initiator identifier, target identity identifier, role switching flag, authentication timestamp, and authentication type label. The snapshot generation module is used to describe the complete behavioral information of the authentication status. The trajectory mapping module constructs an authentication trajectory graph structure based on the authentication behavior snapshot. The trajectory graph includes multiple authentication nodes and their authentication jump paths. The trajectory mapping module is used to represent the authentication behavior associations between energy storage devices. The endorsement verification module is used to obtain the first endorsement signature from the previous authentication node and the second endorsement signature from at least one auxiliary node during each authentication jump; the endorsement verification module is used to confirm the trusted source of the authentication jump path; The path determination module is used to determine whether the authentication jump path meets the preset set of role switching authorization paths in the boundary model, and outputs the path matching result through the path determination module; The anomaly isolation module includes: if the jump path does not meet the authorization structure requirements of the boundary model, the corresponding trajectory path is frozen, and the energy storage device corresponding to the authentication node is moved into the verification pool to perform isolation control; The path extension module includes: if the authentication behavior path is interpreted as a new type of path, then it is included in the authorized authentication path set through a boundary model extension mechanism; The authentication behavior snapshot is a collection of information representing the complete state of the authentication process. The authentication behavior snapshot contains authentication behavior elements, which include identity identification elements, behavior attribute elements, and role instruction elements. The identity identification elements include authentication initiator identification and target identity identification, the behavior attribute elements include authentication timestamp and authentication type label, and the role instruction elements include role switching flag. The authentication behavior snapshot is generated by the authentication behavior collection mechanism through a structured combination of various elements, and is embedded into the authentication trajectory graph structure in the form of authentication records, forming the basis for the state expression of each authentication node. During the execution of the authentication path, the authentication behavior snapshot is called as the structural input for judging the legality of the trajectory path, and the integrity of the node behavior chain is judged by the continuity and combination between snapshots. The authentication trajectory graph structure is used to represent the behavior jump relationship of authentication nodes. Each authentication node in the authentication trajectory graph structure is composed of a snapshot of authentication behavior, and its jump edges are generated by authentication jump data. The authentication jump data includes authentication behavior snapshot index information, previous jump node identification information and endorsement signature identification. The authentication jump data is used to establish the directionality and credibility of the jump edge. The authentication trajectory graph structure continuously expands the combination of nodes and edges during the continuous update of authentication behavior, and embeds the endorsement signature in each jump into the jump edge information to identify its trust source; based on the authentication trajectory graph structure, structural mapping processing is performed on all authentication paths, and the behavior path sequence formed by nodes and jump edges in the authentication trajectory graph structure is used as input for boundary model matching judgment to support the subsequent risk assessment process.