电能计量用通信规约安全改造技术  被引量：2

作　　者：任辉 栗会峰 赵辉[3] 贺枫 窦仁晖 姚志强 赵国庆 REN Hui;LI Huifeng;ZHAO Hui;HE Feng;DOU Renhui;YAO Zhiqiang;ZHAO Guoqing(Nanjing Department of China Electric Power Research Institute,Nanjing 210003,China;State Grid Hebei Electric Power Supply Co.,Ltd.Electric Power Research Institute,Shijiazhuang 050021,China;Jicheng Electronic Co.,Ltd.,Jinan 250100,China;Shanghai Boban Data Technology Co.,Ltd.,Shanghai 200333,China;Beijing Key Laboratory of Research and System Evaluation of Power Dispatching Automation Technology,Beijing 100192,China)

机构地区：[1]中国电力科学研究院有限公司南京分院,江苏南京210003 [2]国网河北省电力有限公司电力科学研究院,河北石家庄050021 [3]积成电子股份有限公司,山东济南250100 [4]上海博般数据技术有限公司,上海200333 [5]电力调度自动化技术研究与系统评价北京重点实验室,北京100192

出　　处：《中国电力》2021年第1期167-174,共8页Electric Power

基　　金：国家电网有限公司科技项目(变电站站控层国产化通信协议研究与应用,5108-202018037A-0-0-00)。

摘　　要：网络攻击正向工业控制系统渗透。电能量采集关系到各方面经济利益,及时获取精准的电量数据尤为重要。基于IEC 62351标准对采用网络传输的102规约进行了网络安全性改造,在传输层增加传输层安全(transport layer security,TLS)协议,应用层采用哈希运算消息认证码(Hash-based message authentication code,HMAC)对报文应用服务数据单元(application service data unit,ASDU)进行安全性校验,实现电能量采集系统主子站间通信加密、认证和完整性校验功能。测试电能量采集系统102规约改造前后主子站间通信的认证时间、单帧数据增加时间等关键数据指标。测试结果表明:应用层改造环节消耗较多时间,在报文帧数量大的情况下会严重影响通信效率。综合比较,当TLS使用国密SM4加密套件时,整体性能较优。Network attacks are now penetrating into industrial control system.Acquisition of electricity energy data is related to the economic interests of all parties,so it is very important to obtain accurate electricity data in time.In the paper,security transformation is made to the 102 protocol based on IEC 62351.The TLS protocol is added in the transmission layer,and the HMAC is used in the application layer to verify the security of ASDU message,so as to realize such functions as the communication encryption,authentication and integrity verification between the main and sub stations of the electricity energy acquisition system.The key data indexes,such as the authentication time of the main and sub stations,the increase time of the single frame data before and after the 102 protocol transformation of the electricity energy acquisition system,are simulated and tested.The testing results show that transformation of the application layer consumes more time and can seriously affect the communication efficiency when message frames are large in numbers.It is concluded through comprehensive comparison that the overall performance is better when SM4 encryption suite is used for TLS protocol.

关 键 词：102规约 IEC 62351 TLS协议 加密认证 应用层改造 

分 类 号：TM933.4[电气工程—电力电子与电力传动] TP393.08[自动化与计算机技术—计算机应用技术]