摘要
当前配电网自动化系统配电终端的安全防护、升级改造大都通过更换终端设备硬件板卡的方式实现,改造过程中需要对配电终端所在区域停电。设计了配电自动化终端设备信息安全加密模块,通过在配电终端前加装该模块,实现对终端设备的安全防护改造,且不需对改造区域断电,也无需对终端设备进行其他硬件改造和软件配置。介绍了加密模块的工作原理和硬件功能,描述了加密模块对遥控命令报文的信息完整性检测与时间戳校验过程,及对配电主站的身份认证过程。模块实现了对遥控报文的完整性保护和主站的身份鉴别,能满足对配电终端的信息安全防护要求。
Current security protection upgrade of remote terminal units in a distribution automation system is mostly realized by replacing the terminal device hardware board with electricity of the distribution terminal area cut off in the transformation process.An information security encryption module is designed for application by remote terminal units in the distribution automation system.By installing the encryption module in remote terminal units,security protection upgrade of remote terminal units can be carried out without interruption of power supply,nor is it necessary to do any hardware modification and software configuration to the remote terminal units.The operational principle and hardware functions are briefly treated,the validation of remote control message integrity and timeliness,and the authentication process of distribution master station emphasized.The module realizes the integrity protection of remote control message and the identity authentication of the master station,which meets the requirements of the information security protection of the distribution terminal.
出处
《电力系统自动化》
EI
CSCD
北大核心
2016年第19期134-138,共5页
Automation of Electric Power Systems
关键词
加密模块
安全防护
身份认证
SM2加密算法
encryption module
security protection
authentication
SM2encryption algorithm
