摘要
为确保我国铁路列车调度指挥系统(TDCS)与调度集中系统(CTC)中业务数据的安全,研究基于国密算法的通信加密传输方案。以安全认证网关为核心,通过路由技术将业务流量导向安全认证网关,实现TDCS/CTC系统各层级间的数据传输加密。在冗余能力方面,当任意节点的安全认证网关故障时,路由技术会将流量切换至下一优先级路由,保障业务的连续性。通过仿真试验对方案的加密有效性、故障倒切能力、承压能力3方面开展验证测试,测试结果满足业务要求。该方案在不影响TDCS/CTC系统原有冗余能力的同时,保证了业务数据传输过程中的安全性,有效填补了我国TDCS/CTC系统数据传输加密防护方面的空白。
To ensure data security of the TDCS/CTC system of China railway,the communication encryption transmission scheme based on national cryptographic algorithms is studied.With the security authentication gateway as the core,business traffic is directed towards the security authentication gateway through routing technology,achieving encrypted data transmission between different levels of TDCS/CTC.In terms of redundancy capability,when the security authentication gateway of any node fails,the routing technology enables the switching of traffic to the next priority route to ensure business continuity.The scheme was tested through simulation experiments to verify its encryption effectiveness,fault switching ability,and pressure bearing capacity.The test results show that the scheme meet the business requirements.The scheme ensures the security of business data transmission without affecting the original redundancy capability of TDCS/CTC,effectively filling the gap in encryption protection for data transmission in TDCS/CTC.
作者
苗义烽
宋毅
张芸鹏
MIAO Yifeng;SONG Yi;ZHANG Yunpeng
出处
《铁道通信信号》
2024年第10期58-64,共7页
Railway Signalling & Communication
基金
中国铁道科学研究院集团有限公司重点课题(2022YJ325)。
关键词
列车调度指挥系统
调度集中系统
国密算法
通信加密
安全认证网关
网络安全
Train operation Dispatching Command System(TDCS)
Centralized Traffic Control(CTC)system
National cryptography algorithm
Communication encryption
Security authentication gateway
Network security