摘要
针对目前高压直流输电中控制保护主机自身安全防护能力弱的问题,提出基于可信平台模块(TPM)安全芯片,使用国密算法SM2、SM3、SM4构建可信根并用于身份认证。系统整体设计从硬件启动和软件启动两方面,通过身份认证和数字签名建立完整的信任链,实现了控制保护主机从硬件启动、系统加载到系统运行全过程的链式可信启动。实验结果表明,所提方案可识别固件篡改、身份伪造等风险,实现了控制保护主机的安全启动,提高了高压直流输电系统的整体防护水平。
In response to the current issue of weak security protection capabilities of control and protection hosts in hign voltage direct current(HVDC),this paper proposes a method based on trusted platform module(TPM)security chip,which uses the national secret algorithm SM2,SM3,SM4 to build the trusted root and use it for identity authentication.Through identity authentication and digital signature,the system overall design establishes a complete trusted chain from both hardware startup and software startup,and realizes the chain trusted boot for control and protection host from hardware startup,system load to system running.The experimental results show that the proposed scheme can well identify the risks of firmware tampering and identity forgery,realize the safe startup of the control and protection host,and improve the overall protection level of HVDC.
作者
李跃鹏
康婧婧
张健
冀朝强
LI Yuepeng;KANG Jingjing;ZHANG Jian;JI Chaoqiang(XJ Electric Co.,Ltd,Xuchang,He’nan 461000)
出处
《电气技术》
2023年第11期71-75,80,共6页
Electrical Engineering
