今日頭條
官方微信
官方抖音
資訊頻道★ 許艾 北京四方繼保工程技術有限公司
★ 劉剛,徐延明,李維 北京四方繼保自動化股份有限公司
摘要:近兩年,為了提高關鍵設備軟硬件自主可控的比例,電網公司加大了對電力基礎設施的投資,目標是解決現有智能變電站存在的軟硬件非國產、核心技術非自主可控、關鍵元器件嚴重依賴國外的現狀。本文主要論述三方面的內容,第一,調度主站到網關機通信基于國密算法安全組件與數字證書技術實現雙向安全認證;第二,在變電站內,監控主機與測控、保護設備基于自主可控協議進行安全通信;第三,采用自主可控協議與數字證書相結合的方式實現應用層的雙向身份認證與傳輸層數據加密。通過采用自主可控協議與國產密碼技術,基本解決了調度到變電站及變電站內通信系統方面的安全隱患。
關鍵詞:SM2;自主可控;變電站安全;身份認證;安全可信
Abstract: In the past two years, in order to increase the proportion of independent controllable key equipment software and hardware, the power grid companies have increased their investment in power infrastructure. The goal is to solve the existing smart substations that have non-domestic software and hardware, and core technologies that are not independent and controllable. Components rely heavily on the status quo abroad. This article mainly discusses three aspects. First, the communication between the dispatching master station and the gateway machine is based on the national secret algorithm security component and digital certificate technology to achieve two-way security authentication. Secondly, in the substation, the monitoring host communicates with the measurement and control and protection equipment safely based on the autonomous and controllable protocol. Thirdly, the combination of autonomous and controllable protocol and digital certificate is used to achieve application layer two-way identity authentication and transport layer data encryption. By using of independent controllable protocols and domestic cryptographic technology, the hidden dangers of dispatching to the substation and the communication system in the substation are basically solved.
Key words: SM2; Autonomous and controllable; Substation security; Identity authentication; Safe and reliable
摘自《自動化博覽》2022年1月刊暨《工業控制系統信息安全專刊(第八輯)》
北京市公安局海淀分局備案號:11010802023656號