摘要
随着物联网的发展,电力物联网的应用也越来越多,其中MQTT通信协议因其占用资源少、效率高、适应低带宽和不稳定网络的特点而被广泛应用。电力系统基于安全考虑分为安全Ⅰ区、Ⅱ区、Ⅲ区、Ⅳ区和互联网大区,物联设备运行于互联网大区,而互联网大区为公共网络区。基于实际需要,安全Ⅳ区的生产指挥管控系统需与互联网区的物联设备通信,需要保证数据的安全和高效传输,因此重点研究安全Ⅳ区系统与互联网区物联设备的通信安全和效率。在电力系统安全Ⅳ区部署MQTT Broker服务器,支持SSL连接;同时部署安全网关,把MQTT Broker映射到安全网关,支持物联设备连接;部署MQTT客户端,采用国密算法,增加CA证书、数字签名、数字验证、散列加密等,物联设备通过SM2国密证书校验才允许通信,采用双向证书验证机制。同时定义MQTT通信的JSON格式,保证通信双方数据交互的一致性。
With the development of the Internet of Things,the application of the IoT in power is also increasing.Among them,the MQTT communication protocol is the most widely used due to its characteristics of low resource consumption,high efficiency,adaptability to low bandwidth and unstable networks.The power system is divided into safety zones I,II,III,IV,and the Internet region based on safety considerations.Most IoT devices operate in the Internet region,which is a public network area.Based on practical needs,the security I zone system needs to communicate with IoT devices in the Internet zone,ensuring data security and efficiency.Therefore,this paper focuses on security and efficiency of communication between the security I zone system and IoT devices in the Internet zone.It studies the deployment of MQTT Broker servers in zone IV of power system security,supporting SSL connections and simultaneous deployment of a security gateway,mapping MQTT Broker to a security gateway which supports IoT device connectivity.Moreover,MQTT client and National Security Algorithm are also deployed,and CA certificate,digital signature,digital verification,hash encryption,etc.are introduced,in which IoT devices are only allowed to communicate through SM2 national security certificate verification and bidirectional certificate verification mechanism is adopted.JSON format for MQTT communication is defined to ensure consistency in data exchange between the two communication parties.
作者
李瑞山
闫文敬
牛雪朋
尹丽楠
张高远
LI Ruishan;YAN Wenjing;NIU Xuepeng;YIN Linan;ZHANG Gaoyuan(Xuji Electric Co.,Ltd.,Xuchang 461000,China)
出处
《电工技术》
2024年第7期203-205,共3页
Electric Engineering