###
DOI:10.15888/j.cnki.csa.007890
计算机系统应用英文版:2021,30(5):262-268
View/Add Comment     过刊浏览    高级检索     HTML
←前一篇   |   后一篇→
本文二维码信息
码上扫一扫!
配电网自动化DTU终端的103规约的安全性分析
余鹏1, 王勇1, 王相2, 王敏1
(1.上海电力大学 计算机科学与技术学院, 上海 201306;2.国家电网 上海市电力公司检修公司, 上海 200063)
Security Analysis of 103 Protocol of DTU Terminal in Distribution Network Automation
YU Peng1, WANG Yong1, WANG Xiang2, WANG Min1
(1.School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 201306, China;2.Shanghai Electric Power Company Maintenance Company, State Grid Corporation of China, Shanghai 200063, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 593次   下载 1460
Received:September 03, 2020    Revised:September 25, 2020
中文摘要: IEC 60870-5-103规约是应用于继电保护设备的信息接口配套标准, 传输的主要内容是与继电保护有关的信息. 该报文进行的是明文传输, 缺乏加密措施和数字签名机制, 安全性较低. 为了验证以太网传输的103规约存在安全隐患和风险, 搭建了主站与配电网自动化DTU终端的通信实验环境. 运用ARP欺骗手段对系统进行了中间人攻击测试, 实验的结果表明以太网传输的103规约具有中间人攻击的风险. 为了提高协议的安全性, 提出了一种基于非对称密码算法的双向身份认证机制, 并采用对称加密机制、数字签名技术确保传输报文的机密性和完整性, 最后通过仿真测试验证该方法的有效性.
中文关键词: DTU  103规约  ARP欺骗  中间人攻击  身份认证
Abstract:The IEC 60870-5-103 protocol is an information interface supporting standard applied to relay protection equipment and transmits mainly the information related to relay protection. The message is transmitted in plain text and has poor security for a lack of encryption measures and digital signature mechanism. A communication experiment environment between the master station and the DTU terminal is built to verify that there are hidden dangers in the 103 protocol of Ethernet transmission. A man-in-the-middle attack test is carried out on the system by detecting ARP spoofing. The experimental results show that the 103 protocol of Ethernet transmission faces the risk of man-in-the-middle attack. In order to improve the security of the protocol, we propose a two-way identity authentication mechanism based on an asymmetric cryptographic algorithm and rely on a symmetric encryption mechanism and digital signature technology to ensure the confidentiality and integrity of the transmitted message. Finally, the method is validated through simulation tests.
keywords: DTU  103 protocol  ARP spoofing  man-in-the-middle attack  authentication
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金面上项目(61772327); 上海自然科学基金面上项目(20ZR1455900); 奇安信大数据协同安全技术国家工程实验室开放课题(QAX-201803); 浙江大学工业控制技术国家重点实验室开放式基金(ICT1800380)
Author NameAffiliationE-mail
YU Peng School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 201306, China yupeng0201@126.com 
WANG Yong School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 201306, China  
WANG Xiang Shanghai Electric Power Company Maintenance Company, State Grid Corporation of China, Shanghai 200063, China  
WANG Min School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 201306, China  
Author NameAffiliationE-mail
YU Peng School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 201306, China yupeng0201@126.com 
WANG Yong School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 201306, China  
WANG Xiang Shanghai Electric Power Company Maintenance Company, State Grid Corporation of China, Shanghai 200063, China  
WANG Min School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 201306, China  
引用文本:
余鹏,王勇,王相,王敏.配电网自动化DTU终端的103规约的安全性分析.计算机系统应用,2021,30(5):262-268
YU Peng,WANG Yong,WANG Xiang,WANG Min.Security Analysis of 103 Protocol of DTU Terminal in Distribution Network Automation.COMPUTER SYSTEMS APPLICATIONS,2021,30(5):262-268

用微信扫一扫

Copyright:Institute of Software, Chinese Academy of Sciences
Postal address:4# South Fourth Street, Zhongguancun,Haidian, Beijing,Encoding:100190
Tel:010-62661041 Email:csa (a) iscas.ac.cn
Technical support:Beijing Qin Yun science and Technology Development Co., Ltd.