变电站自动化IED的可信设计与应用
|
摘要
随着Internet的迅速发展,信息安全问题面临新的挑战。电力系统信息安全问题已威胁到电力系统的安全、稳定、经济、优质运行,影响着“数字电力系统”的实现进程。研究电力系统信息安全问题,开发相应的应用系统,制定电力系统信息遭受外部攻击时的防范与系统恢复措施等信息安全战略,是当前电力信息化工作的重要内容。
针对这种安全需求,本文介绍了变电站自动化国际标准-----IEC61850标准及其在远程通信的安全需求,以及可信计算的概念及在信息安全方面的应用,在分析变电站通信安全需求的基础上,根据IEC61850变电站通信标准,对变电站自动化的底层设备IED(智能电子设备)及其软件模型和通信模式进行了研究,提出了在IED中种植TPM(可信平台模块)的设计方案----以TPM芯片为硬件基础能实现IED安全启动和安全通信的可信IED结构及其主要功能。在该方案中首先设计了变电站IED中用于与TPM安全通信的Java优化处理器模块;然后在可信IED中采用片上可编程系统(SOPC)技术进行设计,逐级建立可信任链,将可信任关系扩展到远端;最后设计了一种基于广域网络的可信身份认证方法,实现了安全远程通信的实验。整个系统的设计从变电站底层设备IED、与变电站自动化的安全通信流程、广域网应用的安全信息传输机制及安全身份认证机制等几个方面对可信IED、可信计算模块的安全性实现进行了设计并进行了可信性的分析。该方案符合IEC61850标准,和目前电力远动中采用的标准保持一致,并且能较好地实现变电站信息的安全传送,较好地解决了变电站自动化系统中远程通信的安全问题。
With the rapid development of network technology, new challenges of information security have also emerged. As the problems of information security have threatened the safety, stability, economy and optimal operation of electric power systems, and have had great impact on the actualization of“Digital Power Systems”. It is particularly important, in the present information work of electric power systems, to do research on information security, to develop relevant applications, to establish information security policies that could protect electric power systems from attack and to devise measures that could recovery systems.
Aiming at this security need, this thesis introduces the international standard of substation automation– IEC 61085 and its security demand in remote communication, the concept of trusted computing and its application in information security. Some aspects such as network construction of the system,information model and communication model of IED of substation for telecontrol are analyzed and designed.A new secure distributed telecontrol inform action transmission mode between IED of substation and dispatching center based on network is established. To the requirement of security, Trusted Computing method issued by Trusted Computing Group (TCG) was introduced into substation automation, and TPM must be embedded in IEDs with a trust chain set up, meanwhile System on Programmable Chip (SOPC) was used in order to expand the trust to remote platforms, then the platform of security remote communication was designed. In the end, the method of user’s identification authentication has been design, and some experimentation proved security remote communication. This article has analyzed in detail on trusted computing under the system that wide area security defense-oriented, such as application and security of bottom IED device, electric substation cipher management, transformation protocol and dependable authentication. In addition, we have discussed originally the applied feasibility and advantages of this technique in future electric substation IED secure communication .The design coincides well with the latest international standards --- IEC61850. It provides a foundation for remote security communication in substation automation.
针对这种安全需求,本文介绍了变电站自动化国际标准-----IEC61850标准及其在远程通信的安全需求,以及可信计算的概念及在信息安全方面的应用,在分析变电站通信安全需求的基础上,根据IEC61850变电站通信标准,对变电站自动化的底层设备IED(智能电子设备)及其软件模型和通信模式进行了研究,提出了在IED中种植TPM(可信平台模块)的设计方案----以TPM芯片为硬件基础能实现IED安全启动和安全通信的可信IED结构及其主要功能。在该方案中首先设计了变电站IED中用于与TPM安全通信的Java优化处理器模块;然后在可信IED中采用片上可编程系统(SOPC)技术进行设计,逐级建立可信任链,将可信任关系扩展到远端;最后设计了一种基于广域网络的可信身份认证方法,实现了安全远程通信的实验。整个系统的设计从变电站底层设备IED、与变电站自动化的安全通信流程、广域网应用的安全信息传输机制及安全身份认证机制等几个方面对可信IED、可信计算模块的安全性实现进行了设计并进行了可信性的分析。该方案符合IEC61850标准,和目前电力远动中采用的标准保持一致,并且能较好地实现变电站信息的安全传送,较好地解决了变电站自动化系统中远程通信的安全问题。
With the rapid development of network technology, new challenges of information security have also emerged. As the problems of information security have threatened the safety, stability, economy and optimal operation of electric power systems, and have had great impact on the actualization of“Digital Power Systems”. It is particularly important, in the present information work of electric power systems, to do research on information security, to develop relevant applications, to establish information security policies that could protect electric power systems from attack and to devise measures that could recovery systems.
Aiming at this security need, this thesis introduces the international standard of substation automation– IEC 61085 and its security demand in remote communication, the concept of trusted computing and its application in information security. Some aspects such as network construction of the system,information model and communication model of IED of substation for telecontrol are analyzed and designed.A new secure distributed telecontrol inform action transmission mode between IED of substation and dispatching center based on network is established. To the requirement of security, Trusted Computing method issued by Trusted Computing Group (TCG) was introduced into substation automation, and TPM must be embedded in IEDs with a trust chain set up, meanwhile System on Programmable Chip (SOPC) was used in order to expand the trust to remote platforms, then the platform of security remote communication was designed. In the end, the method of user’s identification authentication has been design, and some experimentation proved security remote communication. This article has analyzed in detail on trusted computing under the system that wide area security defense-oriented, such as application and security of bottom IED device, electric substation cipher management, transformation protocol and dependable authentication. In addition, we have discussed originally the applied feasibility and advantages of this technique in future electric substation IED secure communication .The design coincides well with the latest international standards --- IEC61850. It provides a foundation for remote security communication in substation automation.
引文
[1] 蔡运清,汪磊,Morison K 等.广域保护(稳控)技术的现状与展望[J].电网技术,2004,28(8): 20-25.
[2] 候方勇,周进,王志英,刘真,刘芸.可信计算研究[J].计算机应用研究,2004(12):1-4 .
[3] 汪可友,张沛超,郁惟镛等.应用 IEC 61850 通信协议的新一代故障信息处理系统[J] .电网技术,2004,28(10):55-58.
[4] 胡炎,谢小荣,韩英铎等.电力系统安全体系设计方法综述[J] .电网技术,2005,29(1):35-39.
[5] 谭文恕.远动的无缝通信体系结构[J] .电网技术,2001,25(8):7-10.
[6] Group T C.TPM main specification. http //www.trustedcomputinggroup.org/ Nov.2003 Ver-sion 1.2.
[7] 王克宏,徐剑军.Java嵌入式技术[M].北京;清华大学出版社,1998.
[8] 沙流,白硕.公开密钥基础设施综述[J] .微电子学与计算机.2002(2):24-28.
[9] 高卓,罗毅,涂光瑜等.变电站的计算机网络安全分析[J].电力系统自动化(Automation of Electric Power System),2002,26(1):53-57
[10] IEC61850-1, Communication Network and Systems in Substations-Part 1:Introduction and overview[S].Geneva:IEC,2003.
[11] IEC61850-1, Communication Network and Systems in Substations-Part 2: Glossary[S].Geneva: IEC,2003.
[12] IEC 61850-5,Communication networks and systems in substation-Part 5: Communication requirement for functions and device models[S].Geneva: IEC, 2003.
[13] IEC 61850-6, Communication networks and systems in substation-Part 6: Configuration description language for communication in electrical substations related to IEDs[S] .Geneva:IEC,2004.
[14] IEC 61850-7-1, Communication networks and systems in substation-Part 7-1: Basic communication structure for substation and feeder equipment-Principles and models[S].Geneva: IEC, 2003.
[15] IEC 61850-7-2, Communication networks and systems in substation Part 7-2: Basic communication structure for substation and feeder equipment - Abstract communication service interface (ACSI)[S] .Geneva: IEC, 2003.
[16] IEC 61850-7-3, Communication networks and systems in substation Part 7-3: Basic communication structure for substation and feeder equipment-Common data classes[S] .Geneva: IEC, 2003.
[17] IEC 61850-7-4, Communication networks and systems in substation Part 7-4: Basic communication structure for substation and feeder equipment - Compatible logical node classes and data classes[S].Geneva: IEC, 2003.
[18] IEC 61850-8-1, Communication networks and systems in substation- Part 8-1: Specific communication service mapping(SCSM)-Mapping to MMS(ISO/IEC 9506-1 and ISO/IEC 9506-2) and to ISO/IEC 8802-3[S].Geneva:IEC,2003.
[19] Baigent D,Adamiak M,Mackiewicz R. IEC61850 Communication Networks and Systems In Substations: An Overview for Users.[DB/OL]. http://www.sisconet.com. .
[20] IEC 61850-9-1, Communication networks and systems in substation- Part 9-1: Specific communication service mapping (SCSM)-Sampled values over serial unidirectional multidrop point to point link[S].Geneva:IEC,2003.
[21] IEC 61850-9-2, Communication networks and systems in substation- Part 9-2: Specific Communication service mapping (SCSM)-Sampled values over ISO/IEC 8802-3[S] .Geneva: IEC,2004.
[22] 童晓阳,李岗,陈德明,王晓茹. 采用 IEC61850 的变电站间隔层 IED 软件设计方案[J] .电力系统自动化, 2006,14(30) :54-57
[23] 万博.基于 IEC61850 的变电站自动化系统体系结构的研究[D] .哈尔滨工程大学,2003.
[24] 彭瑜.工业以太网及以太网向现场层延伸的若干问题思考[J].自动化博览,2004(1):10-18.
[25] 窦晓波,吴在军,胡敏强.借鉴 IEC61850 功能分层的保护装置设计[J].电力系统自动化,2004,28(23) :65-70.
[26] 崔沅,张剑云.分布式控制系统内部强实时性通信研究[J] .计算机工程,2002,28(12):168-170.
[27] TCG. TCG specification architecture overview, specification version 1.2[S] .USA: TCG,2004.
[28] TCG. TPM main part 1, Design principles, specification version 1.2[S] .USA:TCG,2003.
[29] TCG. TPM main part 2, TPM Structures, specification version 1.2[S] .USA:TCG,2003.
[30] Rivest R L, Shamir A and Adleman L, A Method of obtaining Digital Signatures and Public Key Cryptosystems[J] . Comm. Of ACM, 1978, 21(2) :120-126.
[31] 肖政,韩英,叶蓬,侯紫峰.基于可信计算平台的体系结构研究与应用[J].计算机应用. 2006,8(26) :1807-1809.
[32] 郭煜.TPM 中身份证明密钥的管理[J].信息安全与通信,2006(4):75-78.
[33] 亢保元,王育民.完善保密密码体制的条件与设计.通信学报,2004, 25(2):168-170.
[34] 赵波,刘树波,唐明等.基于硬件系统的商用密码可信计算实现方法[J].武汉大学学报(信息科学版),200429(11): 1030-1033.
[35] 陈晓峰,伍前红王育民.基于安全双方计算的密钥协商方案[J].西安电子科技大学学报(自然科学版),2003,30(4): 477-480.
[36] C. C. Yang, T. S. Chang, and C. W. Jen.A new RSA cryptosystem hardware design based on Montgomery ‘s algorithm[J].IEEE Trans. Circuit and Systems II: Analog and Digital Signal Processing, 1998(7) :908-913.
[37] 常晓林,冯登国.AES 密码计算构件的设计及应用[J].计算机工程,2005,31(21) :181-183.
[38] 谭兴烈.可信平台中的关键部件 TPM[J].信息安全与通信保密,2005(2):29-31.
[39] 孔维广.可信计算平台的工作原理与应用研究[J].武汉科技学院学报,2003,16(6):81-84.
[40] 潘松等.SOPC 技术使用教程[M].北京:清华大学出版社,2005.
[41] 王涛,毛志刚,叶以正.一种 Java IC 卡专用 CPU 结构[J].电子学报,2000(11):77-79.
[42] 王永铭.过程监控信息集成中的若干关键新技术研究[D].杭州:浙江大学,2003.
[43] Guide to SchlumbergerSema Smart Card Middleware[S].France:SchlumbergerSema,2002.
[44] 孙薇,王建民.新趋势网络安全平台设计[J]. 信息安全与通信保密,2005(6):52-55.
[45] 伍军,段斌,黄生龙.变电站远程通信的安全体系研究[J].电力系统及其自动化学报,2006,18(4) :35-40.
[46] 伍军,段斌,黄生龙.基于可信计算方法的变电站自动化远程通信设计[J].电力系统自动化, 2005,19(24) :32-33.
[47] 黄楠,姜鹏,姜浩伟.基于TCG构建的可信计算终端[J].计算机与数字工程,2006,4(34) : 74-76.
[2] 候方勇,周进,王志英,刘真,刘芸.可信计算研究[J].计算机应用研究,2004(12):1-4 .
[3] 汪可友,张沛超,郁惟镛等.应用 IEC 61850 通信协议的新一代故障信息处理系统[J] .电网技术,2004,28(10):55-58.
[4] 胡炎,谢小荣,韩英铎等.电力系统安全体系设计方法综述[J] .电网技术,2005,29(1):35-39.
[5] 谭文恕.远动的无缝通信体系结构[J] .电网技术,2001,25(8):7-10.
[6] Group T C.TPM main specification. http //www.trustedcomputinggroup.org/ Nov.2003 Ver-sion 1.2.
[7] 王克宏,徐剑军.Java嵌入式技术[M].北京;清华大学出版社,1998.
[8] 沙流,白硕.公开密钥基础设施综述[J] .微电子学与计算机.2002(2):24-28.
[9] 高卓,罗毅,涂光瑜等.变电站的计算机网络安全分析[J].电力系统自动化(Automation of Electric Power System),2002,26(1):53-57
[10] IEC61850-1, Communication Network and Systems in Substations-Part 1:Introduction and overview[S].Geneva:IEC,2003.
[11] IEC61850-1, Communication Network and Systems in Substations-Part 2: Glossary[S].Geneva: IEC,2003.
[12] IEC 61850-5,Communication networks and systems in substation-Part 5: Communication requirement for functions and device models[S].Geneva: IEC, 2003.
[13] IEC 61850-6, Communication networks and systems in substation-Part 6: Configuration description language for communication in electrical substations related to IEDs[S] .Geneva:IEC,2004.
[14] IEC 61850-7-1, Communication networks and systems in substation-Part 7-1: Basic communication structure for substation and feeder equipment-Principles and models[S].Geneva: IEC, 2003.
[15] IEC 61850-7-2, Communication networks and systems in substation Part 7-2: Basic communication structure for substation and feeder equipment - Abstract communication service interface (ACSI)[S] .Geneva: IEC, 2003.
[16] IEC 61850-7-3, Communication networks and systems in substation Part 7-3: Basic communication structure for substation and feeder equipment-Common data classes[S] .Geneva: IEC, 2003.
[17] IEC 61850-7-4, Communication networks and systems in substation Part 7-4: Basic communication structure for substation and feeder equipment - Compatible logical node classes and data classes[S].Geneva: IEC, 2003.
[18] IEC 61850-8-1, Communication networks and systems in substation- Part 8-1: Specific communication service mapping(SCSM)-Mapping to MMS(ISO/IEC 9506-1 and ISO/IEC 9506-2) and to ISO/IEC 8802-3[S].Geneva:IEC,2003.
[19] Baigent D,Adamiak M,Mackiewicz R. IEC61850 Communication Networks and Systems In Substations: An Overview for Users.[DB/OL]. http://www.sisconet.com. .
[20] IEC 61850-9-1, Communication networks and systems in substation- Part 9-1: Specific communication service mapping (SCSM)-Sampled values over serial unidirectional multidrop point to point link[S].Geneva:IEC,2003.
[21] IEC 61850-9-2, Communication networks and systems in substation- Part 9-2: Specific Communication service mapping (SCSM)-Sampled values over ISO/IEC 8802-3[S] .Geneva: IEC,2004.
[22] 童晓阳,李岗,陈德明,王晓茹. 采用 IEC61850 的变电站间隔层 IED 软件设计方案[J] .电力系统自动化, 2006,14(30) :54-57
[23] 万博.基于 IEC61850 的变电站自动化系统体系结构的研究[D] .哈尔滨工程大学,2003.
[24] 彭瑜.工业以太网及以太网向现场层延伸的若干问题思考[J].自动化博览,2004(1):10-18.
[25] 窦晓波,吴在军,胡敏强.借鉴 IEC61850 功能分层的保护装置设计[J].电力系统自动化,2004,28(23) :65-70.
[26] 崔沅,张剑云.分布式控制系统内部强实时性通信研究[J] .计算机工程,2002,28(12):168-170.
[27] TCG. TCG specification architecture overview, specification version 1.2[S] .USA: TCG,2004.
[28] TCG. TPM main part 1, Design principles, specification version 1.2[S] .USA:TCG,2003.
[29] TCG. TPM main part 2, TPM Structures, specification version 1.2[S] .USA:TCG,2003.
[30] Rivest R L, Shamir A and Adleman L, A Method of obtaining Digital Signatures and Public Key Cryptosystems[J] . Comm. Of ACM, 1978, 21(2) :120-126.
[31] 肖政,韩英,叶蓬,侯紫峰.基于可信计算平台的体系结构研究与应用[J].计算机应用. 2006,8(26) :1807-1809.
[32] 郭煜.TPM 中身份证明密钥的管理[J].信息安全与通信,2006(4):75-78.
[33] 亢保元,王育民.完善保密密码体制的条件与设计.通信学报,2004, 25(2):168-170.
[34] 赵波,刘树波,唐明等.基于硬件系统的商用密码可信计算实现方法[J].武汉大学学报(信息科学版),200429(11): 1030-1033.
[35] 陈晓峰,伍前红王育民.基于安全双方计算的密钥协商方案[J].西安电子科技大学学报(自然科学版),2003,30(4): 477-480.
[36] C. C. Yang, T. S. Chang, and C. W. Jen.A new RSA cryptosystem hardware design based on Montgomery ‘s algorithm[J].IEEE Trans. Circuit and Systems II: Analog and Digital Signal Processing, 1998(7) :908-913.
[37] 常晓林,冯登国.AES 密码计算构件的设计及应用[J].计算机工程,2005,31(21) :181-183.
[38] 谭兴烈.可信平台中的关键部件 TPM[J].信息安全与通信保密,2005(2):29-31.
[39] 孔维广.可信计算平台的工作原理与应用研究[J].武汉科技学院学报,2003,16(6):81-84.
[40] 潘松等.SOPC 技术使用教程[M].北京:清华大学出版社,2005.
[41] 王涛,毛志刚,叶以正.一种 Java IC 卡专用 CPU 结构[J].电子学报,2000(11):77-79.
[42] 王永铭.过程监控信息集成中的若干关键新技术研究[D].杭州:浙江大学,2003.
[43] Guide to SchlumbergerSema Smart Card Middleware[S].France:SchlumbergerSema,2002.
[44] 孙薇,王建民.新趋势网络安全平台设计[J]. 信息安全与通信保密,2005(6):52-55.
[45] 伍军,段斌,黄生龙.变电站远程通信的安全体系研究[J].电力系统及其自动化学报,2006,18(4) :35-40.
[46] 伍军,段斌,黄生龙.基于可信计算方法的变电站自动化远程通信设计[J].电力系统自动化, 2005,19(24) :32-33.
[47] 黄楠,姜鹏,姜浩伟.基于TCG构建的可信计算终端[J].计算机与数字工程,2006,4(34) : 74-76.