摘要
随着电力系统网络化的发展,很多调度主站和变电站远程终端设备(RTU)的通信已经逐步采用以太网,国际电工委员会(IEC)于1998年8月制定了 IEC60870-5-104协议,该协议的目的是将原有的 IEC60870-5-101远动协议用于 TCP/IP 网络。通过 TCP/IP 网络传输远动信息也带来了一系列安全问题,其不安全因素主要体现在对远动报文的窃听、篡改和伪造等3个方面,解决方法在于调度主站及厂站 RTU 的身份认证与远动报文信息的加密。为此,应用信息安全技术对IEC60870-5-104应用协议数据单元(APDU)及其传输模式进行了研究,在不改变原有报文传输模式的情况下提出了一种安全报文的设想,在一定程度上能有效地满足信息保密与安全认证的需要。
The telecontrol system is changing step by step with the development of communication and network technology.IEC60870-5-104 is a telecontrol transmission protocol,which can be called network access for IEC 60870-5-101 using standardtransport profiles,and the purpose of this protocol is to use IEC 60870-5-101 on the TCP/IP network.There will be a series ofsecurity problems when the telecontrol information is transmitted on the network,and the insecurity factors are embodied insuch attacks as interception,modification and fabrication.To remedy such a situation,the useful way is sender and receiver'sidentity authentication,message encryption and integrity authentication.Therefore,the application protocol data unit(APDU)of IEC 60870-5-104 protocol based on the information security technology is analyzed,and a telecontrol security message isdesigned,for which an idea of security message is put forward without changing the original message transmission model whilemeeting the requirement for information security and authentication.
出处
《电力系统自动化》
EI
CSCD
北大核心
2005年第2期93-96,共4页
Automation of Electric Power Systems