基于双重隔离的电力通用安全接入区设计与实现
|
摘要
为了解决现有安全接入区在设计和实现上困难、通用性差、传输效率低、安全性不足等问题,提出了基于双重隔离的电力通用安全接入区设计。该设计主要包含加密认证装置、正反向隔离装置和通用接入设备。在对现有安全接入区结构和原理分析的基础上,指出了其在实现上的不足。提出的安全接入区采用通用接入设备简化了安全接入区的设计,实现了通信双方的无感接入以及安全接入区的双重隔离和基于国密算法的加密和认证。测试及验证结果证明了该设计的可行性并给出了关键通信和安全参数的测试结果。与现有方案相比,该设计在通用性、性能和安全性上都得到了提高,具有较好的实用性。
In order to solve the problems in the design and implementation of current security access zone, such as poor universality, low transmission efficiency and lack of security, a design of power universal security access zone based on dual isolation is proposed. The design mainly includes the encryption and authentication device, the forward and reverse isolation devices and the universal access device. Based on the analysis of the structure and principle of the current security access zone, its shortcomings are given. By using universal access device, the design of security access zone is simplified, the no sense access of the two communication ends is realized, and the dual isolation of the security access zone and the encryption and authentication based on the state secret algorithm are realized. The results of test and verification prove the feasibility of the design and the test results of key communication and security parameters are given. Compared with the current schemes, the design has been improved in terms of universality, performance and security, and has good practicability.
In order to solve the problems in the design and implementation of current security access zone, such as poor universality, low transmission efficiency and lack of security, a design of power universal security access zone based on dual isolation is proposed. The design mainly includes the encryption and authentication device, the forward and reverse isolation devices and the universal access device. Based on the analysis of the structure and principle of the current security access zone, its shortcomings are given. By using universal access device, the design of security access zone is simplified, the no sense access of the two communication ends is realized, and the dual isolation of the security access zone and the encryption and authentication based on the state secret algorithm are realized. The results of test and verification prove the feasibility of the design and the test results of key communication and security parameters are given. Compared with the current schemes, the design has been improved in terms of universality, performance and security, and has good practicability.
引文
[1]周冬旭,张明,朱红,等.新电改形势下智能配电网调度互动研究应用[J].电力工程技术,2018,37(2):89-94.ZHOU Dongxu,ZHANG Ming,ZHU Hong,et al.Intelligent distribution network dispatching interactive practice exploration under the background of electric power system reformation[J].E-lectric Power Engineering Technology,2018,37(3):89-94.
[2]郑宗强,韩冰,闪鑫,等.输配电网高级应用协同运行关键技术分析[J].电力系统自动化,2017,41(6):122-128.ZHENG Zongqiang,HAN Bing,SHAN Xin,et al.Analysis on key technologies for coordinated operation of advanced application software in transmission and distribution network[J].Automation of Electric Power Systems,2017,41(6):122-128.
[3]刘建,赵树仁,张小庆.中国配电自动化的进展及若干建议[J].电力系统自动化,2012,36(19):6-10.LIU Jian,ZHAO Shuren,ZHANG Xiaoqing.Development of distribution automation in China and some suggestions[J].Automation of Electric Power Systems,2012,36(19):6-10.
[4]李映雪,陆俊,徐志强,等.多技术融合的智能配用电终端通信接入架构设计[J].电力系统自动化,2018,42(10):163-169.LI Yingxue,LU Jun,XU Zhiqiang,et al.Design of terminal communication access architecture for smart power distribution and utilization based on integration of multiple technologies[J].Automation of Electric Power Systems,2018,42(10):163-169.
[5]曹晶,卞宇翔,冯宝,等.电力无线专网通信终端接入工勘测试体系研究[J].电力工程技术,2018,37(3):97-101.CAO Jing,BIAN Yuxiang,FENG Bao,et al.Research on access engineering exploration test system of power wireless private network communication terminal[J].Electric Power Engineering Technology,2018,37(3):97-101.
[6]王炫,李红,丛琳.基于无线通信和光通信的高压输电线路监测系统[J].电网技术,2009,33(18):198-203.WANG Xuan,LI Hong,CONG Lin.A novel monitoring system for high voltage transmission lines based on wireless and optical communication technologies[J].Power System Technology,2009,33(18):198-203.
[7]魏访.TD-LTE技术在智能电网无线通讯中的应用[J].青岛大学学报,2018,31(1):128-132.WEI Fang.The TD-LTE technology in smart grid for the application of wireless communications[J].Journal of Qingdao University,2018,31(1):128-132.
[8]周浩,吴国庆,陆竑,等.TD-LTE 230无线专网在嘉兴电力通信的应用[J].浙江电力,2018,37(5):16-21.ZHOU Hao,WU Guoqing,LU Hong,et al.Application of TD-LTE 230 wireless private network in jiaxing power communication[J].Zhejiang Electric Power,2018,37(5):16-21.
[9]周金辉,盛晔,苏义荣,等.含高比例光伏的配电网电压协调控制策略研究[J].浙江电力,2018,37(4):7-13.ZHOU Jinhui,SHENG Ye,SU Yirong,et al.Research on coordinated distribution network voltage control strategy with high proportion photovoltaics[J].Zhejiang Electric Power,2018,37(4):7-13.
[10]王海欧,白金泉,陈群锋,等.基于无线传输技术的接地导通测试仪的研究与设计[J].浙江电力,2017,36(5):5-7.WANG Haiou,BAI Jinquan,CHEN Qunfeng,et al.Research and design of grounding conduction tester based on wireless transmission technology[J].Zhejiang Electric Power,2017,36(5):5-7.
[11]纪元,娄征.基于安全代理的数据交换在电力系统中的研究与应用[J].通信技术,2017,50(2):365-369.JI Yuan,LOU Zheng.Application of security agent-based data exchange in power system[J].Communications Technology,2017,50(2):365-369.
[12]韦磊,刘锐,高雪.电力LTE无线专网安全防护方案研究[J].江苏电机工程,2016,35(3):29-33.WEI Lei,LIU Rui,GAO Xue.Research on security protection solution to LTE power wireless private network[J].Jiangsu E-lectrical Engineering,2016,35(3):29-33.
[13]彭竹.电力行业工控终端设备安全接入系统的设计与实现[D].北京:中国科学院大学,2015.PENG Zhu.Design and implementation of industrial control terminal equipment of security access system in electric power industry[D].Beijing:University of Chinese Academy of Sciences,2015.
[14]孙红强.电力移动终端安全接入系统研究与实现[D].河北:河北工业大学,2015.SUN Hongqiang.Research and implementation of secure access system for power mobile terminal[D].Hebei:Hebei university of technology,2015.
[15]吕航.诸暨市配电网自动化改造方案研究[D].北京:华北电力大学,2017.LYU Hang.Study on automatic transformation scheme of distribution network in zhuji[D].Beijing:North China electric power university,2017.
[16]廖建容,段斌,谭步学,等.基于口令的变电站数据与通信安全认证[J].电力系统自动化,2007,31(10):71-75.LIAO Jianrong,DUAN Bin,TAN Buxue,el al.Authentication of substation automation data and communication security based on password[J].Automation of Electric Power Systems,2007,31(10):71-75.
[17]刘刚,梁野,李毅松,等.数字证书技术在电力二次系统中的实现及应用[J].电网技术,2006,30:71-75.LIU Gang,LIANG Ye,LI Yisong,et al.Realization and application of certificate in secondary part power system[J].Power System Technology,2006,30:71-75.
[18]赵兵,高欣,翟峰,等.面向用电信息采集系统的双向认证协议[J].电网技术,2014,38(9):2328-2335.ZHAO Bing,GAO Xin,ZHAI Feng,et al.Mutual authentication protocol for electricity consumption information acquisition system[J].Power System Technology,2014,38(9):2328-2335.
[19]骆钊,谢吉华,顾伟,等.SM2加密体系在智能变电站站内通信中的应用[J].电力系统自动化,2015,39(13):116-123.LUO Zhao,XIE Jihua,GU Wei,et al.Application of SM2 encrypted system in smart substation inner communication[J].Automation of Electric Power Systems,2015,39(13):116-123.
[20]骆钊,谢吉华,顾伟,等.基于SM2密码体系的电网信息安全支撑平台开发[J].电力系统自动化,2014,38(6):68-74.LUO Zhao,XIE Jihua,GU Wei,et al.SM2-cryptosystem based information security supporting platform in power grid[J].Automation of Electric Power Systems,2014,38(6):68-74.
[2]郑宗强,韩冰,闪鑫,等.输配电网高级应用协同运行关键技术分析[J].电力系统自动化,2017,41(6):122-128.ZHENG Zongqiang,HAN Bing,SHAN Xin,et al.Analysis on key technologies for coordinated operation of advanced application software in transmission and distribution network[J].Automation of Electric Power Systems,2017,41(6):122-128.
[3]刘建,赵树仁,张小庆.中国配电自动化的进展及若干建议[J].电力系统自动化,2012,36(19):6-10.LIU Jian,ZHAO Shuren,ZHANG Xiaoqing.Development of distribution automation in China and some suggestions[J].Automation of Electric Power Systems,2012,36(19):6-10.
[4]李映雪,陆俊,徐志强,等.多技术融合的智能配用电终端通信接入架构设计[J].电力系统自动化,2018,42(10):163-169.LI Yingxue,LU Jun,XU Zhiqiang,et al.Design of terminal communication access architecture for smart power distribution and utilization based on integration of multiple technologies[J].Automation of Electric Power Systems,2018,42(10):163-169.
[5]曹晶,卞宇翔,冯宝,等.电力无线专网通信终端接入工勘测试体系研究[J].电力工程技术,2018,37(3):97-101.CAO Jing,BIAN Yuxiang,FENG Bao,et al.Research on access engineering exploration test system of power wireless private network communication terminal[J].Electric Power Engineering Technology,2018,37(3):97-101.
[6]王炫,李红,丛琳.基于无线通信和光通信的高压输电线路监测系统[J].电网技术,2009,33(18):198-203.WANG Xuan,LI Hong,CONG Lin.A novel monitoring system for high voltage transmission lines based on wireless and optical communication technologies[J].Power System Technology,2009,33(18):198-203.
[7]魏访.TD-LTE技术在智能电网无线通讯中的应用[J].青岛大学学报,2018,31(1):128-132.WEI Fang.The TD-LTE technology in smart grid for the application of wireless communications[J].Journal of Qingdao University,2018,31(1):128-132.
[8]周浩,吴国庆,陆竑,等.TD-LTE 230无线专网在嘉兴电力通信的应用[J].浙江电力,2018,37(5):16-21.ZHOU Hao,WU Guoqing,LU Hong,et al.Application of TD-LTE 230 wireless private network in jiaxing power communication[J].Zhejiang Electric Power,2018,37(5):16-21.
[9]周金辉,盛晔,苏义荣,等.含高比例光伏的配电网电压协调控制策略研究[J].浙江电力,2018,37(4):7-13.ZHOU Jinhui,SHENG Ye,SU Yirong,et al.Research on coordinated distribution network voltage control strategy with high proportion photovoltaics[J].Zhejiang Electric Power,2018,37(4):7-13.
[10]王海欧,白金泉,陈群锋,等.基于无线传输技术的接地导通测试仪的研究与设计[J].浙江电力,2017,36(5):5-7.WANG Haiou,BAI Jinquan,CHEN Qunfeng,et al.Research and design of grounding conduction tester based on wireless transmission technology[J].Zhejiang Electric Power,2017,36(5):5-7.
[11]纪元,娄征.基于安全代理的数据交换在电力系统中的研究与应用[J].通信技术,2017,50(2):365-369.JI Yuan,LOU Zheng.Application of security agent-based data exchange in power system[J].Communications Technology,2017,50(2):365-369.
[12]韦磊,刘锐,高雪.电力LTE无线专网安全防护方案研究[J].江苏电机工程,2016,35(3):29-33.WEI Lei,LIU Rui,GAO Xue.Research on security protection solution to LTE power wireless private network[J].Jiangsu E-lectrical Engineering,2016,35(3):29-33.
[13]彭竹.电力行业工控终端设备安全接入系统的设计与实现[D].北京:中国科学院大学,2015.PENG Zhu.Design and implementation of industrial control terminal equipment of security access system in electric power industry[D].Beijing:University of Chinese Academy of Sciences,2015.
[14]孙红强.电力移动终端安全接入系统研究与实现[D].河北:河北工业大学,2015.SUN Hongqiang.Research and implementation of secure access system for power mobile terminal[D].Hebei:Hebei university of technology,2015.
[15]吕航.诸暨市配电网自动化改造方案研究[D].北京:华北电力大学,2017.LYU Hang.Study on automatic transformation scheme of distribution network in zhuji[D].Beijing:North China electric power university,2017.
[16]廖建容,段斌,谭步学,等.基于口令的变电站数据与通信安全认证[J].电力系统自动化,2007,31(10):71-75.LIAO Jianrong,DUAN Bin,TAN Buxue,el al.Authentication of substation automation data and communication security based on password[J].Automation of Electric Power Systems,2007,31(10):71-75.
[17]刘刚,梁野,李毅松,等.数字证书技术在电力二次系统中的实现及应用[J].电网技术,2006,30:71-75.LIU Gang,LIANG Ye,LI Yisong,et al.Realization and application of certificate in secondary part power system[J].Power System Technology,2006,30:71-75.
[18]赵兵,高欣,翟峰,等.面向用电信息采集系统的双向认证协议[J].电网技术,2014,38(9):2328-2335.ZHAO Bing,GAO Xin,ZHAI Feng,et al.Mutual authentication protocol for electricity consumption information acquisition system[J].Power System Technology,2014,38(9):2328-2335.
[19]骆钊,谢吉华,顾伟,等.SM2加密体系在智能变电站站内通信中的应用[J].电力系统自动化,2015,39(13):116-123.LUO Zhao,XIE Jihua,GU Wei,et al.Application of SM2 encrypted system in smart substation inner communication[J].Automation of Electric Power Systems,2015,39(13):116-123.
[20]骆钊,谢吉华,顾伟,等.基于SM2密码体系的电网信息安全支撑平台开发[J].电力系统自动化,2014,38(6):68-74.LUO Zhao,XIE Jihua,GU Wei,et al.SM2-cryptosystem based information security supporting platform in power grid[J].Automation of Electric Power Systems,2014,38(6):68-74.