CN105656623A - Device for enhancing security of intelligent substation IED - Google Patents
Device for enhancing security of intelligent substation IED Download PDFInfo
- Publication number
- CN105656623A CN105656623A CN201610046652.8A CN201610046652A CN105656623A CN 105656623 A CN105656623 A CN 105656623A CN 201610046652 A CN201610046652 A CN 201610046652A CN 105656623 A CN105656623 A CN 105656623A
- Authority
- CN
- China
- Prior art keywords
- message
- ied
- unit
- message digest
- goose
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002708 enhancing effect Effects 0.000 title abstract description 8
- 230000005540 biological transmission Effects 0.000 claims description 20
- 238000005728 strengthening Methods 0.000 claims description 14
- 238000000034 method Methods 0.000 claims description 12
- 241000272814 Anser sp. Species 0.000 claims 17
- 238000004891 communication Methods 0.000 abstract description 17
- 238000012795 verification Methods 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000012634 fragment Substances 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000000052 comparative effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H02J13/0017—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02E—REDUCTION OF GREENHOUSE GAS [GHG] EMISSIONS, RELATED TO ENERGY GENERATION, TRANSMISSION OR DISTRIBUTION
- Y02E60/00—Enabling technologies; Technologies with a potential or indirect contribution to GHG emissions mitigation
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/16—Electric power substations
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/18—Systems supporting electrical power generation, transmission or distribution using switches, relays or circuit breakers, e.g. intelligent electronic devices [IED]
Abstract
The invention discloses a device for enhancing the security of an intelligent substation IED. The LED comprises a sending end IED and a receiving end IED, as well as a TLS secure channel, a digital signature module and a digital signature verification module. The device for enhancing the security of the intelligent substation IED disclosed by the invention greatly improves the serious information security problem of the existing intelligent substations. The device for enhancing the security of the intelligent substation IED disclosed by the invention has practical significance of continuously improving the communication security level of the national intelligent substations and ensuring the national benefits and the promotion and application of the national autonomous password algorithm.
Description
Technical field
The present invention relates to a kind of device strengthening intelligent substation IED safety.
Background technology
The application of intelligent electronic device (IED) can significantly improve the intelligence degree of transformer station; significantly reduce the quantity of cabling and auxiliary device; reduce cost; improving operation and the maintenance levels of whole transformer station, therefore IED is increasingly being applied to the protection in transformer station, control and fields of measurement.
Ethernet is through development for many years, industry, control field are widely applied, Ethernet has enough bandwidth, it is fully able to and meets the requirement of real-time in power system, current Ethernet has become the mainstream network realizing IEC61850 standard, and basic communication protocol selects widely used ICP/IP protocol stack. But not only not comprising any safety measure in IEC61850, ICP/IP protocol itself there is also security breaches.
IEC62351 power system management and information exchange data and communication security standard thereof define and use Transport Layer Security TLS to provide safety for any protocol suite including TCP/IP. TLS is generally used for the secure interactive of Internet, including certification, confidentiality and integrity.
IEC61850 substation communication network and system define the hierarchy of intelligent substation, wherein, process layer IED quickly transmit comprise electric current, voltage analog sampling value message (SMV) to the IED of wall, IED between wall, between wall and substation level, wall and process layer quickly transmits general object-oriented transformer substation case (GOOSE) message, for realizing emergency trip, startup separator record ripple, starting locking unblock etc., so SMV/GOOSE message is significantly high to the requirement of real-time, reliability and safety.
Current power system is used mostly public key encryption algorithm RSA as Diffie-Hellman or Digital Signature Algorithm, consider the raising of the progress along with decomposing large integer method and perfect, computer speed and the development of parallel computing, in order to ensure safety, key needed for RSA is more and more longer, encrypt and consuming time be impatient at, and elliptic curve cryptography ECC can produce and the safety of other public key algorithm same levels with less key length, namely ECC can provide the safety higher than RSA and consuming time less.
The close algorithm of state is at the general within the border commercial cipher algorithm of China, is worked out by Password Management office of country and is disclosed, including based on the asymmetric confidentiality algorithm SM2 of elliptic curve ECC, data summarization algorithm SM3, symmetric encipherment algorithm SM4 etc.
Accordingly, it would be desirable to a kind of device strengthening intelligent substation IED safety is to solve the problems referred to above.
Summary of the invention
Goal of the invention: the present invention is directed to the defect of prior art, it is provided that a kind of device strengthening intelligent substation IED safety.
Technical scheme: for solving above-mentioned technical problem, the device strengthening intelligent substation IED safety of the present invention adopts the following technical scheme that
A kind of device strengthening intelligent substation IED safety, Substation IED includes transmitting terminal IED and receiving terminal IED, including TLS escape way, Digital Signature module and checking Digital Signature module, described TLS escape way includes TLS module, utilizing described TLS module to set up described TLS escape way, described transmitting terminal IED and receiving terminal IED connects Substation Station control computer each through described TLS escape way; GOOSE/SMV message is calculated eap-message digest by described Digital Signature module by described transmitting terminal IED, increases to the rear end of GOOSE/SMV message, the GOOSE/SMV message being expanded after described eap-message digest being encrypted as extended field; After receiving terminal IED receives the GOOSE/SMV message of extension, the GOOSE/SMV message of described extension is divided into original GOOSE/SMV message and digital signature by described checking Digital Signature module, utilize original GOOSE/SMV message and digital signature to calculate respectively and obtain message digest M1 and message digest M2, relatively message digest M1 and message digest M2, if inconsistent, it be that unsafe IED sends the message of coming, abandon this section of message and alert Substation Station control computer disposal; If consistent, message is to be sent by credible IED, and receiving terminal IED performs message commands according to message content.
Further, described Digital Signature module includes SM3 message digest computing unit A, SM3 message digest generates unit A, SM2 encrypted private key unit, digital signature generates unit, the GODSE/SMV message of extension generates unit and transmission unit A, GOOSE/SMV message is carried out message digest computation by described SM3 algorithm, described SM3 message digest generates the unit A SM3 eap-message digest for generating 128, described SM2 encrypted private key unit uses the SM2 private key of transmitting terminal IED that described SM3 eap-message digest is encrypted, described digital signature generates and generates digital signature in unit, the GOOSE/SMV message of described extension generates unit increases to the rear end of GOOSE/SMV message using digital signature as extended field, the GOOSE/SMV message being expanded, the GOOSE/SMV message of described extension is sent to receiving terminal IED by described transmission unit A.
Further, described digital signature authentication module includes transmission unit B, SM3 message digest computing unit B, message digest generates unit B, SM2 public key decryptions unit, message digest generates unit C, comparing unit, performance element and Alarm Unit, described transmission unit B receives described transmission unit A and sends the GOOSE/SMV message of the described extension come, and the GOOSE/SMV message of described extension is divided into original GOOSE/SMV message and digital signature, the described SM3 message digest computing unit B original GOOSE/SMV message to receiving adopts SM3 algorithm to calculate eap-message digest, described message digest generates the message digest M1 that unit B utilizes eap-message digest to obtain 256, described SM2 public key decryptions unit utilizes the SM2 PKI of receiving terminal IED, digital signature is decrypted, obtain decryption information, described message digest generates unit C and utilizes decryption information to generate message digest M2, described comparing unit is for comparing message digest M1 and message digest M2, if message digest M1 is identical with message digest M2, then entering performance element, receiving terminal IED performs the corresponding command in GOOSE/SMV message,If message digest M1 and message digest M2 differs, then enter Alarm Unit.
Further, described TLS escape way includes long connection mode of operation and short connection mode of operation, wherein, described short connection mode of operation is regular update exchange key between IED and Substation Station control computer, carries out once complete TLS handshake authentication process; The described long mode of operation that connects is keep the TLS having built up to connect according to the key consulted and TLS session parameter. From the feature of intelligent substation communication, farthest ensure that the real-time of rapid message, be that a kind of new type of safe having safety and real-time concurrently strengthens structure.
Beneficial effect: the device strengthening intelligent substation IED safety of the present invention substantially improves the serious information security issue existed in current intelligent substation. Realizing improving constantly China's intelligent substation communication level of security, ensureing there is the popularization and application of national interests and the autonomous cryptographic algorithm of China realistic meaning widely of the device of enhancing intelligent substation IED safety of the present invention.
Accompanying drawing explanation
Fig. 1 is the device schematic diagram strengthening intelligent substation IED safety of the present invention;
Fig. 2 is the GOOSE/SMV message structure schematic diagram of Digital Signature module and extension;
Fig. 3 is checking Digital Signature module schematic diagram.
Detailed description of the invention
Below in conjunction with the drawings and specific embodiments, it is further elucidated with the present invention, it should be understood that these embodiments are merely to illustrate the present invention rather than restriction the scope of the present invention, after having read the present invention, the amendment of the various equivalent form of values of the present invention is all fallen within the application claims limited range by those skilled in the art.
Refer to Fig. 1, shown in Fig. 2 and Fig. 3, the method of enhancing intelligent substation IED safety provided by the invention, can solve in intelligent substation between IED and transformer substation computer, the safety issue of data transmission between IED and IED, ensure the confidentiality of intelligent substation communication network, integrity, availability and non repudiation, the new type of safe of above-mentioned intelligent substation IED strengthens structure as shown in Figure 1, including TLS passage, Digital Signature module and checking Digital Signature module, TLS escape way include TLS module, foundation and the maintenance of TLS escape way is completed by TLS module at IED end.
The method of enhancing intelligent substation IED safety provided by the invention, it is suitable for the secure communication applications scene in intelligent substation main website, relate to the IED definitiveness accessed and safety, prevent the IED of unauthenticated from accessing the secret communication of intelligent substation communication network, GOOSE/SMV message, also from the feature of intelligent substation communication, farthest ensure the real-time of rapid message, be a kind of novel I ED having safety and real-time concurrently.
The close algorithm of state is at the general within the border commercial cipher algorithm of China, is worked out by Password Management office of country and is disclosed, including based on the asymmetric confidentiality algorithm SM2 of elliptic curve ECC, data summarization algorithm SM3, symmetric encipherment algorithm SM4 etc. Elliptic curve cryptography can produce and the safety of other public key algorithm same levels with less key length, the safe class of 256 keys of SM2 algorithm is equivalent to the safe class of RSA Algorithm 2048, and namely SM2 can provide the safety higher than RSA and consuming time less.
The method of enhancing intelligent substation IED safety provided by the invention, also includes Digital Signature module as shown in Figure 2 and checking Digital Signature module as shown in Figure 3.GOOSE/SMV message is calculated eap-message digest by Digital Signature module by transmitting terminal IED, will increase to the rear end of GOOSE/SMV message as extended field after this section of summary encryption. After receiving terminal IED receives the GOOSE/SMV message of extension, by verify Digital Signature module compare local terminal calculate eap-message digest and deciphering after opposite end transmission message digest value whether consistent, inconsistent is then that unsafe IED sends the message of coming, and abandons this section of message and alerts transformer substation computer process; If consistent, then message is to be sent by credible IED, and receiving terminal IED, according to message content, performs the orders such as tripping operation, failure wave-recording, locking unblock.
Below in conjunction with accompanying drawing, present disclosure is discussed in detail.
The present invention propose a kind of method strengthening intelligent substation IED safety, as shown in fig. 1, including the TLS passage between Substation Station control computer and IED, IED Digital Signature module and checking Digital Signature module; TLS passage includes TLS module, foundation and the maintenance of TLS escape way is completed by TLS module at IED end, TLS passage has " short connection " mode of operation 1 and " long connection " mode of operation 2, and wherein, the cipher suite of TLS passage is configured to TLS_SM2_WITH_SM4_128_SM3.
In " short connection " mode of operation 1, IED in intelligent substation carries out complete TLS three-way handshake with station control computer, wherein, Diffie-Hellman is the SM2 algorithm of 256, Message Digest 5 is the SM3 algorithm of 256, and the SM4 algorithm that symmetric key is 128 is, after three-way handshake completes, communication two ends carry out data transmission according to the security parameter consulted, and set up the TLS passage of safety.
In " long connection " mode of operation 2, communication two ends no longer carry out new cipher key agreement process, but according to the key consulted in " short connection ", TLS session parameter etc., keep the TLS having built up to connect.
" long connection " mode of operation 2, according to intelligent substation practical operation situation, is periodically subject to key updating, namely switches to " short connection " mode of operation 1, and communicating pair is consulted new TLS security parameter and carried out data transmission.
The structure that " short connection " and " long connection " mode of operation switches mutually, not only considerably increases the safety of data transmission between IED and station control computer, always according to the feature of intelligent substation communication, ensure that the real-time that data are transmitted to greatest extent.
Digital Signature module includes: SM3 message digest computing unit A1, SM3 message digest generates unit A2, SM2 encrypted private key unit 3, digital signature generates unit 4, the GOOSE/SMV message of extension generates unit 5 and transmission unit A6, as shown in Figure 2.
SM3 message digest computing unit A1, adopts SM3 algorithm that source file and GOOSE/SMV message are carried out message digest computation, generates the SM3 eap-message digest generating 128 in unit A2 at SM3 message digest; SM2 encrypted private key unit 3 uses the SM2 private key of transmitting terminal IED that SM3 eap-message digest is encrypted, and generates ciphertext and the digital signature of 256 in digital signature unit 4; The GOOSE/SMV message of extension generates unit 5 increases to the rear end of GOOSE/SMV message using digital signature as extended field, generates the GOOSE/SMV message of new extension, transmission unit A6 is sent to receiving terminal IED.
Digital signature authentication module includes: transmission unit B7, SM3 digest calculations unit B 8, message digest generate unit B 9, SM2 public key decryptions unit 10, message digest generation unit C11, comparing unit 12, performance element 13 and Alarm Unit 14, as shown in Figure 3.Message digest generates the message digest M1 generated in unit B 9 and message digest generates the message digest M2 generated in unit C11, compares in comparing unit 12, and according to comparative result, identical entrance performance element 13, difference then enters Alarm Unit 14.
Transmission unit B7 receives transmission unit A6 and sends the GOOSE/SMV message of the extension come;
The GOOSE/SMV message received is not included digital signature fragments by SM3 message digest computing unit B8, and original GOOSE/SMV message adopts SM3 algorithm to calculate eap-message digest, generates the message digest M1 obtaining 256 in unit B 9 at message digest; Meanwhile, SM2 public key decryptions unit 10 utilizes the SM2 PKI of receiving terminal IED, and digital signature fragments is entered deciphering, generates in unit C11 at message digest and obtains eap-message digest M2; Whether identical comparing M1 and M2 value in comparing unit 12, if identical, then enter performance element 13, receiving terminal IED performs the corresponding command in GOOSE/SMV message, for instance emergency trip, startup separator record ripple, startup locking unblock etc.; If it is different, enter Alarm Unit 14, reporting the Substation Station incredible IED of control computer discovery, requesting site control person on duty take immediate steps, and IED abandons the message received simultaneously.
To sum up, Transport Layer Security TLS, digital signature technology, the close algorithm of state, intelligent substation IED are combined by the present invention, SM2, SM3 and SM4 algorithm is applied in intelligent substation communication scene, controlling at intelligent substation station of also innovating is provided with TLS escape way between computer and IED, and " long connection " and mode of operation of " short connection " switching mutually are proposed, namely enhance the requirement of real-time that communications security also ensure that data are transmitted. Realizing improving constantly China's intelligent substation communication level of security, ensureing there is the popularization and application of national interests and the autonomous cryptographic algorithm of China realistic meaning widely of the method strengthening intelligent substation IED safety of the present invention.
Claims (4)
1. the device strengthening intelligent substation IED safety, IED includes transmitting terminal IED and receiving terminal IED, it is characterized in that, including TLS escape way, Digital Signature module and checking Digital Signature module, described TLS escape way includes TLS module, utilizing described TLS module to set up described TLS escape way, described transmitting terminal IED and receiving terminal IED connects Substation Station control computer each through described TLS escape way; GOOSE/SMV message is calculated eap-message digest by described Digital Signature module by described transmitting terminal IED, increases to the rear end of GOOSE/SMV message, the GOOSE/SMV message being expanded after described eap-message digest being encrypted as extended field; After receiving terminal IED receives the GOOSE/SMV message of extension, the GOOSE/SMV message of described extension is divided into original GOOSE/SMV message and digital signature by described checking Digital Signature module, utilize original GOOSE/SMV message and digital signature to calculate respectively and obtain message digest M1 and message digest M2, relatively message digest M1 and message digest M2, if inconsistent, it be that unsafe IED sends the message of coming, abandon this section of message and alert Substation Station control computer disposal; If consistent, message is to be sent by credible IED, and receiving terminal IED performs message commands according to message content.
2. the device strengthening intelligent substation IED safety as claimed in claim 1, it is characterized in that, described Digital Signature module includes SM3 message digest computing unit A(1), SM3 message digest generates unit A(2), SM2 encrypted private key unit (3), digital signature generates unit (4), the GODSE/SMV message of extension generates unit (5) and transmission unit A(6), GOOSE/SMV message is carried out message digest computation by described SM3 algorithm, described SM3 message digest generates the unit A SM3 eap-message digest for generating 128, described SM2 encrypted private key unit uses the SM2 private key of transmitting terminal IED that described SM3 eap-message digest is encrypted, described digital signature generates and generates digital signature in unit, the GOOSE/SMV message of described extension generates unit increases to the rear end of GOOSE/SMV message using digital signature as extended field, the GOOSE/SMV message being expanded, the GOOSE/SMV message of described extension is sent to receiving terminal IED by described transmission unit A.
3. the device strengthening intelligent substation IED safety as claimed in claim 1, it is characterized in that, described digital signature authentication module includes transmission unit B(7), SM3 message digest computing unit B(8), message digest generates unit B (9), SM2 public key decryptions unit (10), message digest generates unit C(11), comparing unit (12), performance element (13) and Alarm Unit (14), described transmission unit B(7) receive described transmission unit A(6) send the GOOSE/SMV message of described extension of coming, and the GOOSE/SMV message of described extension is divided into original GOOSE/SMV message and digital signature, described SM3 message digest computing unit B(8) adopt SM3 algorithm to calculate eap-message digest the original GOOSE/SMV message received, described message digest generates the message digest M1 that unit B (9) utilizes eap-message digest to obtain 256, described SM2 public key decryptions unit (10) utilizes the SM2 PKI of receiving terminal IED, digital signature is decrypted, obtain decryption information, described message digest generates unit C(11) utilize decryption information to generate message digest M2, described comparing unit (12) is for comparing message digest M1 and message digest M2, if message digest M1 is identical with message digest M2, then entering performance element (13), receiving terminal IED performs the corresponding command in GOOSE/SMV message, if message digest M1 and message digest M2 differs, then enter Alarm Unit (14).
4. the device strengthening intelligent substation IED safety as claimed in claim 1, it is characterized in that, described TLS escape way includes long connection mode of operation and short connection mode of operation, wherein, described short connection mode of operation is regular update exchange key between IED and Substation Station control computer, carries out once complete TLS handshake authentication process; The described long mode of operation that connects is keep the TLS having built up to connect according to the key consulted and TLS session parameter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610046652.8A CN105656623A (en) | 2016-01-22 | 2016-01-22 | Device for enhancing security of intelligent substation IED |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610046652.8A CN105656623A (en) | 2016-01-22 | 2016-01-22 | Device for enhancing security of intelligent substation IED |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105656623A true CN105656623A (en) | 2016-06-08 |
Family
ID=56487025
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610046652.8A Pending CN105656623A (en) | 2016-01-22 | 2016-01-22 | Device for enhancing security of intelligent substation IED |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105656623A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107483444A (en) * | 2017-08-22 | 2017-12-15 | 北京邮电大学 | A kind of intelligent grid information transmission security protector and safety protecting method |
| CN108306863A (en) * | 2018-01-02 | 2018-07-20 | 东南大学 | A kind of electric power message reinforcement means based on communication connection attribute |
| CN110224823A (en) * | 2019-06-12 | 2019-09-10 | 湖南大学 | Substation's message safety protecting method, device, computer equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103118027A (en) * | 2013-02-05 | 2013-05-22 | 中金金融认证中心有限公司 | Transport layer security (TLS) channel constructing method based on cryptographic algorithm |
| CN103312731A (en) * | 2012-03-06 | 2013-09-18 | 杭州华为企业通信技术有限公司 | Processing method supporting both TLS short connection and long connection, processing system supporting both TLS short connection and long connection, and equipment |
-
2016
- 2016-01-22 CN CN201610046652.8A patent/CN105656623A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103312731A (en) * | 2012-03-06 | 2013-09-18 | 杭州华为企业通信技术有限公司 | Processing method supporting both TLS short connection and long connection, processing system supporting both TLS short connection and long connection, and equipment |
| CN103118027A (en) * | 2013-02-05 | 2013-05-22 | 中金金融认证中心有限公司 | Transport layer security (TLS) channel constructing method based on cryptographic algorithm |
Non-Patent Citations (4)
| Title |
|---|
| 严童等: "智能变电站 TCP/ IP 通信网络的安全解决方案", 《电力系统及其自动化》 * |
| 刘光亚: "实时同步云存储客户端的设计与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
| 赵安军等: "一种快速TLS握手协议分析与实现", 《计算机工程》 * |
| 骆钊等: "SM2加密体系在智能变电站站内通信中的应用", 《电力系统自动化》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107483444A (en) * | 2017-08-22 | 2017-12-15 | 北京邮电大学 | A kind of intelligent grid information transmission security protector and safety protecting method |
| CN107483444B (en) * | 2017-08-22 | 2020-10-20 | 北京邮电大学 | Intelligent power grid information transmission safety protection device and safety protection method |
| CN108306863A (en) * | 2018-01-02 | 2018-07-20 | 东南大学 | A kind of electric power message reinforcement means based on communication connection attribute |
| CN110224823A (en) * | 2019-06-12 | 2019-09-10 | 湖南大学 | Substation's message safety protecting method, device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102111265B (en) | Method for encrypting secure chip of power system acquisition terminal | |
| CN108234501A (en) | A kind of virtual plant safety communicating method based on quantum key fusion | |
| CN106789015B (en) | Intelligent power distribution network communication safety system | |
| Iyer | Cyber security for smart grid, cryptography, and privacy | |
| CN113691380B (en) | Multidimensional private data aggregation method in smart power grid | |
| Saxena et al. | Integrated distributed authentication protocol for smart grid communications | |
| CN102983965A (en) | Transformer substation quantum communication model, quantum secret key distribution center and model achieving method | |
| CN105610773B (en) | A kind of communication encryption method of electric energy meter remote meter reading | |
| CN110489982B (en) | Smart power grid data aggregation and encryption method with forward security | |
| CN103095696A (en) | Identity authentication and key agreement method suitable for electricity consumption information collection system | |
| CN102111273B (en) | Pre-sharing-based secure data transmission method for electric load management system | |
| CN109640299B (en) | Aggregation method and system for ensuring M2M communication integrity and fault tolerance | |
| CN105245326A (en) | Intelligent power grid safety communication method based on combination cipher | |
| CN111711625A (en) | Power system information security encryption system based on power distribution terminal | |
| Zhang et al. | A security scheme for intelligent substation communications considering real-time performance | |
| WO2024027070A1 (en) | Terminal device authentication method and system based on identification public key, and computer-readable storage medium | |
| CN110620660A (en) | Key distribution method for data communication based on block chain | |
| CN105656623A (en) | Device for enhancing security of intelligent substation IED | |
| Cho et al. | Using QKD in MACsec for secure Ethernet networks | |
| CN110942538A (en) | Remote authorized real-time Bluetooth electronic key with encryption algorithm | |
| CN113472539A (en) | Method for carrying out national encryption by using RDMA R _ Key | |
| Zhang et al. | Design and Implementation of IEC61850 Communication Security Protection Scheme for Smart Substation based on Bilinear Function | |
| CN112787819A (en) | Industrial control safety communication system and communication method | |
| Zhao et al. | A lightweight secure access protocol for collecting terminals in power internet of things based on symmetric cryptographic algorithm | |
| Roman | Proposal and evaluation of authentication protocols for Smart Grid networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160608 |
|
| RJ01 | Rejection of invention patent application after publication |