浅谈智能变电站网络安全风险与防护建议  被引量：3

作　　者：于希永 尹亮 刘嘉奇 Yu Xiyong;Yin Liang;Liu Jiaqi(Beijing SGITG-Accenture Information Technology Co.,Ltd.,Beijing,100052;Nsfocus Technologies Group Co.,Ltd.,Beijing,100089)

机构地区：[1]北京国网信通埃森哲信息技术有限公司,北京100052 [2]绿盟科技集团股份有限公司,北京100089

出　　处：《工业信息安全》2023年第3期76-82,共7页Industry Information Security

摘　　要：随着越来越多的智能变电站投入使用,因智能变电站的高度集成化、网络化、智能化等因素,导致原本封闭孤立的变电站生产环境被打破,网络与业务的暴露面增大,给电网安全稳定运行带来挑战。本论文通过对智能变电站三层两网的业务场景进行剖析,分析出当下智能变电站存在IEC-61850规约无认证、加密、授权机制,站控层和过程层网络无安全审计和异常流量检测机制,电力监控主机无抵御未知威胁能力以及路由器、交换机以及主机设备安全配置基线缺失等网络安全主要问题。针对这些安全问题,本论文给出通过部署安全防护产品和安全策略加固等3个方面的安全防护建议,对今后智能变电站网络安全防护建设,具有一定理论指导意义。With more and more intelligent substations being put into use,due to factors such as high integration,networking,and intelligence of intelligent substations,the originally closed and reliable production environment of substations has been broken,and the exposure of networks and businesses has increased,facing new security threats and posing challenges to the security and stable operation of our power grid.This paper analyzes the business scenarios of intelligent substations with three layers and two networks,and identifies the current IEC-61850 protocol without authentication,encryption,and authorization mechanisms in intelligent substations;There is no security audit and abnormal traffic detection mechanism in the station control layer and process layer networks.The main network security issues include the inability of power monitoring hosts to resist unknown threats and the lack of security configuration baselines for routers,switches,and host devices.In response to these security issues,this paper provides security protection suggestions at three aspects:deploying security protection products and strengthening security strategies,which have certain theoretical guidance significance for the future construction of smart substation network security protection.

关 键 词：智能变电站 站控层 间隔层 过程层 安全风险 

分 类 号：TM63[电气工程—电力系统及自动化] TP393.08[自动化与计算机技术—计算机应用技术]