###
计算机系统应用英文版:2021,30(5):262-268
本文二维码信息
码上扫一扫!
配电网自动化DTU终端的103规约的安全性分析
(1.上海电力大学 计算机科学与技术学院, 上海 201306;2.国家电网 上海市电力公司检修公司, 上海 200063)
Security Analysis of 103 Protocol of DTU Terminal in Distribution Network Automation
(1.School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 201306, China;2.Shanghai Electric Power Company Maintenance Company, State Grid Corporation of China, Shanghai 200063, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 733次   下载 2183
Received:September 03, 2020    Revised:September 25, 2020
中文摘要: IEC 60870-5-103规约是应用于继电保护设备的信息接口配套标准, 传输的主要内容是与继电保护有关的信息. 该报文进行的是明文传输, 缺乏加密措施和数字签名机制, 安全性较低. 为了验证以太网传输的103规约存在安全隐患和风险, 搭建了主站与配电网自动化DTU终端的通信实验环境. 运用ARP欺骗手段对系统进行了中间人攻击测试, 实验的结果表明以太网传输的103规约具有中间人攻击的风险. 为了提高协议的安全性, 提出了一种基于非对称密码算法的双向身份认证机制, 并采用对称加密机制、数字签名技术确保传输报文的机密性和完整性, 最后通过仿真测试验证该方法的有效性.
中文关键词: DTU  103规约  ARP欺骗  中间人攻击  身份认证
Abstract:The IEC 60870-5-103 protocol is an information interface supporting standard applied to relay protection equipment and transmits mainly the information related to relay protection. The message is transmitted in plain text and has poor security for a lack of encryption measures and digital signature mechanism. A communication experiment environment between the master station and the DTU terminal is built to verify that there are hidden dangers in the 103 protocol of Ethernet transmission. A man-in-the-middle attack test is carried out on the system by detecting ARP spoofing. The experimental results show that the 103 protocol of Ethernet transmission faces the risk of man-in-the-middle attack. In order to improve the security of the protocol, we propose a two-way identity authentication mechanism based on an asymmetric cryptographic algorithm and rely on a symmetric encryption mechanism and digital signature technology to ensure the confidentiality and integrity of the transmitted message. Finally, the method is validated through simulation tests.
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金面上项目(61772327); 上海自然科学基金面上项目(20ZR1455900); 奇安信大数据协同安全技术国家工程实验室开放课题(QAX-201803); 浙江大学工业控制技术国家重点实验室开放式基金(ICT1800380)
引用文本:
余鹏,王勇,王相,王敏.配电网自动化DTU终端的103规约的安全性分析.计算机系统应用,2021,30(5):262-268
YU Peng,WANG Yong,WANG Xiang,WANG Min.Security Analysis of 103 Protocol of DTU Terminal in Distribution Network Automation.COMPUTER SYSTEMS APPLICATIONS,2021,30(5):262-268