CN111475816A - Distribution network terminal safety detection system and detection method thereof - Google Patents
Distribution network terminal safety detection system and detection method thereof Download PDFInfo
- Publication number
- CN111475816A CN111475816A CN202010273403.9A CN202010273403A CN111475816A CN 111475816 A CN111475816 A CN 111475816A CN 202010273403 A CN202010273403 A CN 202010273403A CN 111475816 A CN111475816 A CN 111475816A
- Authority
- CN
- China
- Prior art keywords
- detection
- user
- safety
- module
- item
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 196
- 238000012795 verification Methods 0.000 claims abstract description 54
- 238000000034 method Methods 0.000 claims abstract description 24
- 230000008569 process Effects 0.000 claims abstract description 18
- 230000005540 biological transmission Effects 0.000 claims abstract description 8
- 230000002159 abnormal effect Effects 0.000 claims description 8
- 230000009471 action Effects 0.000 claims description 6
- 238000012790 confirmation Methods 0.000 claims description 6
- 239000002131 composite material Substances 0.000 claims description 3
- 238000004886 process control Methods 0.000 claims description 3
- 238000011895 specific detection Methods 0.000 claims description 3
- 238000007689 inspection Methods 0.000 claims 1
- 238000012360 testing method Methods 0.000 abstract description 8
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Alarm Systems (AREA)
Abstract
The invention discloses a distribution network terminal safety detection system, which belongs to the technical field of distribution network terminal detection and comprises an application layer, a logic layer and a transmission and interface layer, wherein the application layer connects related information input by a user, the logic layer and the transmission and interface layer in sequence, and the system comprises: the application layer comprises a user, an authority log module, a safety detection module and a detection control module, wherein the user and authority log module is used for storing and managing information and authority of the user, the safety detection module is used for detecting corresponding function module information and feeding back verification information to the user, and the detection control module is used for feeding back a result formed in the control detection process to the user in a report mode. The method has the advantages of simple operation, centralized detection function, no need of repeated operation, visualized test result and better experience.
Description
Technical Field
The invention belongs to the technical field of distribution network terminal detection, and particularly relates to a distribution network terminal safety detection system and a detection method thereof.
Background
In the special technical specification of the national power grid material purchasing standard, the power distribution terminal is definitely specified to be provided with a one-way authentication module based on the asymmetric key technology in a file conforming to the national standard [2011] 168. The module is used for preventing the power supply interruption of the power utilization user caused by the attack on the distribution network terminal through the public network.
Before the distribution terminal is put into operation on site, strict detection is required, and the detection tools for the safety function of the distribution network terminal are usually in the following two forms: a simple security messaging tool provides messaging associated with security function testing, allowing a user to flexibly edit and send messages. The tool has the defects that the tool has very high service requirements on users, and the users are required to completely master the implementation scheme of the safety protection of the power distribution terminal and the message protocol interacted with the power distribution terminal; and secondly, a plurality of safety function testing tools are provided, and the tools provide a plurality of functions related to the safety verification of the service function of the power distribution terminal, such as identity authentication, remote key management, remote certificate management and the like. Most functions are provided in a one-key triggered manner, and a user can test item by item according to the related test outline. The tool has the disadvantages of scattered functions, more repetitive operations and non-intuitive test results. The user needs to compare the test outline one by one, and experience is not good.
Disclosure of Invention
The invention aims to provide a distribution network terminal safety detection system and a detection method thereof.
In order to achieve the purpose, the invention adopts the following technical scheme:
a distribution network terminal safety detection system comprises an application layer, a logic layer and a transmission and interface layer, wherein the application layer connects related information input by a user, the logic layer and the transmission and interface layer in sequence, wherein: the application layer comprises a user, an authority log module, a safety detection module and a detection control module, wherein the user and authority log module is used for storing and managing information and authority of the user, the safety detection module is used for detecting corresponding function module information and feeding back verification information to the user, and the detection control module is used for feeding back a result formed in the control detection process to the user in a report mode.
Further, the safety detection module comprises service safety extension function symbol verification, service safety extension function abnormal message verification, safety function composite verification and safety function abnormal message verification.
Furthermore, the detection control module comprises detection process control, detection result judgment and detection report generation.
The invention also provides a detection method using the distribution network terminal safety detection system of claim 1, which comprises the following steps:
firstly, detecting a detection item selected by a user; in the selection process, a user can click buttons such as full selection, reverse selection and cancellation to carry out convenient operation, and after the user selects a detection item, the system forms a detection item scene group to wait for the following detection action;
the second step, detecting the execution and control of the process; when the user clicks the detection start, the system executes the detection items in sequence, the user clicks the detection pause, the system immediately stores the current detection section and waits for the subsequent action, and if the user clicks the detection start, the system continues the detection process from the previous detection section; if the user clicks detection termination, the system terminates the detection process, the user can use the detection termination function at any time, and the system is restored to the initial state at the moment;
thirdly, automatically studying and judging the detection result; the detection system provides specific detection result judgment logic for each detection item, takes identity authentication in service security extension function symbol verification as an example, the detection system firstly obtains 8-byte master station random number R1 from a cipher machine, packs the master station random number R1 to generate a master station identity authentication message and sends the master station identity authentication message to a detected terminal; the method comprises the steps that a tested terminal takes a random number R2, signs an R1+ R2 and then sends the random number to a detection system, the detection system immediately checks a signature, if the signature is failed at the moment, the detection item is terminated, meanwhile, the detection item is marked as failed, the signature is output in a detection log, the item is detected as failed, if the signature is successfully checked at the moment, the detection system signs the random number R2 and sends the random number R2 to the tested terminal, the tested terminal checks the signature and returns authentication confirmation information, finally, the detection system makes logic judgment on a safety extended error code in the confirmation information, if the code is 9000, the identity authentication is successful, the detection item is ended, the detection system marks the random number R2 as passed, the identity authentication is output in the detection log, and the safety extended code is 9000 returned. If the code is 9090, the identity authentication is failed, the detection item is ended, the detection system marks the code as failed, and the detection system outputs 'identity authentication failure, return security extension error code is 9090' in the detection log;
fourthly, generation of a detection report: after the selected detection item is executed, the detection system automatically generates a Word-style detection report.
The invention has the technical effects and advantages that: the method is simple to operate, the detection function is centralized, repeated operation is not needed, the test result is visualized, and the experience is better.
Drawings
Fig. 1 is a block diagram of a distribution network terminal security detection system according to the present invention.
FIG. 2 is a flow chart of the detection method of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
As shown in fig. 1, the distribution network terminal security detection system of the present invention includes an application layer, a logic layer, and a transmission and interface layer, wherein the application layer connects the relevant information input by the user, the logic layer, and the transmission and interface layer in sequence, wherein: the application layer comprises a user, an authority log module, a safety detection module and a detection control module, wherein the user and authority log module is used for storing and managing information and authority of the user, the safety detection module is used for detecting corresponding function module information and feeding back verification information to the user, and the detection control module is used for feeding back a result formed in the control detection process to the user in a report mode.
Preferably, the security detection module includes a service security extension function symbol verification, a service security extension function exception message verification, a security function composite verification, and a security function exception message verification.
Preferably, the detection control module comprises detection process control, detection result judgment and detection report generation.
As shown in fig. 2, the present invention also provides a detection method using the distribution network terminal security detection system of claim 1, including the following steps:
1. definition of detection items: the system predefines the following four major automatic detection items according to 101 and 104 protocols respectively: verifying a service safety extension function symbol, verifying a service safety extension function abnormal message, verifying safety function conformity and verifying a safety function abnormal message;
the service safety extension function symbol verification comprises detection items such as gateway and terminal authentication function verification, master station and terminal authentication function verification, field operation and maintenance tool and terminal authentication function verification, remote key updating function verification, remote certificate management function verification, field terminal certificate extraction application information function verification, field key recovery function verification, field certificate management function verification and the like;
the verification of the abnormal message of the service safety extension function comprises detection items such as safety certification signature error verification, safety certification signature-free verification, service safety protocol layer message verification and error verification, unauthorized access verification failing to pass safety certification, update terminal symmetric key signature-free verification, update terminal symmetric key signature error verification, update certificate signature-free verification, update certificate signature error verification, MAC error verification and the like;
the safety function conformance verification comprises detection items such as remote control function verification, remote parameter updating function verification, remote program upgrading function verification, total calling function verification, execution time verification and the like;
the safety function abnormal message verification comprises detection items such as signature error message verification, message verification without signature, message verification without time, message verification with time error, message verification without random number, message verification with random number error, issuing plaintext message verification and the like;
2. and (3) detecting selection of items: combining the detection items in the step 1, a detection user can select the detection items according to the requirement of the detection user, the system automatically forms a multi-selection tree structure according to the parent-child relationship of the detection items, the structure supports the user to perform operations such as full selection, reverse selection, cancellation of selection and the like, and after the user selects the detection items, the system forms a detection item scene group to wait for the following detection actions;
3. and (3) executing and controlling the detection process: the detection system provides three states of detection start, detection pause and detection termination, when a user clicks the detection start, the system sequentially detects items one by one according to the selected items, in the whole detection process, the user can use the detection pause function to stop the current detection item at any time, the system immediately stores the current detection section and waits for subsequent actions, and if the user clicks the detection start, the system continues the detection process from the previous detection section; if the user clicks detection termination, the system terminates the detection process, and in the detection process, the user can use the detection termination function at any time, and the system is restored to an initial state;
4. and (3) automatic study and judgment of detection results: the detection system provides specific detection result judgment logic for each detection item, takes identity authentication in service security extension function symbol verification as an example, the detection system firstly obtains 8-byte master station random number R1 from a cipher machine, packs the master station random number R1 to generate a master station identity authentication message and sends the master station identity authentication message to a detected terminal; the tested terminal takes the random number R2, the R1+ R2 is signed and then is sent to the detection system, the detection system checks the signature immediately, if the signature fails at the moment, the detection item is terminated, meanwhile, the detection item is marked as failed, the signature failure and the item detection fail are output in the detection log, if the signature is successful at the moment, the detection system signs the random number R2 and sends the random number R2 to the tested terminal, the tested terminal checks the signature and returns authentication confirmation information, finally, the detection system makes logic judgment on the safety extended error code in the confirmation information, if the code is 9000, the identity authentication is successful, the detection item is finished, the detection system marks the random number R2 as passed, the identity authentication is output in the detection log, the safety extended code is 9000, if the code is 9090, the identity authentication failure is indicated, the detection item is finished, the detection system marks the security extension error as failure, and outputs 'identity authentication failure and safety extension error code of 9090' in the detection log;
5. generation of a detection report: after the selected detection item is executed, the detection system automatically generates a Word-style detection report, the report supports checking, refreshing and exporting functions, and aiming at the report checking function, a detector can be switched to a detection report interface at any time to check the execution condition of the current detection item, such as the number of successful detections and the number of failed detections; aiming at the report refreshing function, the detection system can automatically refresh the report according to the change of the detection condition in the automatic detection process; for the report export function, the detection system can export a corresponding Word detection report according to the template selected by the user.
The points to be finally explained are: first, in the description of the present application, it should be noted that, unless otherwise specified and limited, the terms "mounted," "connected," and "connected" should be understood broadly, and may be a mechanical connection or an electrical connection, or a communication between two elements, and may be a direct connection, and "upper," "lower," "left," and "right" are only used to indicate a relative positional relationship, and when the absolute position of the object to be described is changed, the relative positional relationship may be changed;
secondly, the method comprises the following steps: in the drawings of the disclosed embodiments of the invention, only the structures related to the disclosed embodiments are referred to, other structures can refer to common designs, and the same embodiment and different embodiments of the invention can be combined with each other without conflict;
and finally: the above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that are within the spirit and principle of the present invention are intended to be included in the scope of the present invention.
Claims (4)
1. The utility model provides a join in marriage net terminal safety inspection system which characterized in that: the system comprises an application layer, a logic layer and a transmission and interface layer, wherein the application layer connects the relevant information input by a user, the logic layer and the transmission and interface layer in sequence, wherein: the application layer comprises a user, an authority log module, a safety detection module and a detection control module, wherein the user and authority log module is used for storing and managing information and authority of the user, the safety detection module is used for detecting corresponding function module information and feeding back verification information to the user, and the detection control module is used for feeding back a result formed in the control detection process to the user in a report mode.
2. The distribution network terminal safety detection system of claim 1, wherein: the safety detection module comprises service safety extension function symbol verification, service safety extension function abnormal message verification, safety function composite verification and safety function abnormal message verification.
3. The distribution network terminal safety detection system of claim 1, wherein: the detection control module comprises detection process control, detection result study and judgment and detection report generation.
4. A detection method using the distribution network terminal security detection system of claim 1, characterized in that: the method comprises the following steps:
firstly, detecting a detection item selected by a user; in the selection process, a user can click buttons such as full selection, reverse selection and cancellation to carry out convenient operation, and after the user selects a detection item, the system forms a detection item scene group to wait for the following detection action;
the second step, detecting the execution and control of the process; when the user clicks the detection start, the system executes the detection items in sequence, the user clicks the detection pause, the system immediately stores the current detection section and waits for the subsequent action, and if the user clicks the detection start, the system continues the detection process from the previous detection section; if the user clicks detection termination, the system terminates the detection process, the user can use the detection termination function at any time, and the system is restored to the initial state at the moment;
thirdly, automatically studying and judging the detection result; the detection system provides specific detection result judgment logic for each detection item, takes identity authentication in service security extension function symbol verification as an example, the detection system firstly obtains 8-byte master station random number R1 from a cipher machine, packs the master station random number R1 to generate a master station identity authentication message and sends the master station identity authentication message to a detected terminal; the method comprises the steps that a tested terminal takes a random number R2, signs an R1+ R2 and then sends the random number to a detection system, the detection system immediately checks a signature, if the signature is failed at the moment, the detection item is terminated, meanwhile, the detection item is marked as failed, the signature is output in a detection log, the item is detected as failed, if the signature is successfully checked at the moment, the detection system signs the random number R2 and sends the random number R2 to the tested terminal, the tested terminal checks the signature and returns authentication confirmation information, finally, the detection system makes logic judgment on a safety extended error code in the confirmation information, if the code is 9000, the identity authentication is successful, the detection item is ended, the detection system marks the random number R2 as passed, the identity authentication is output in the detection log, and the safety extended code is 9000 returned. If the code is 9090, the identity authentication is failed, the detection item is ended, the detection system marks the code as failed, and the detection system outputs 'identity authentication failure, return security extension error code is 9090' in the detection log;
fourthly, generation of a detection report: after the selected detection item is executed, the detection system automatically generates a Word-style detection report.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010273403.9A CN111475816A (en) | 2020-04-09 | 2020-04-09 | Distribution network terminal safety detection system and detection method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010273403.9A CN111475816A (en) | 2020-04-09 | 2020-04-09 | Distribution network terminal safety detection system and detection method thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111475816A true CN111475816A (en) | 2020-07-31 |
Family
ID=71751394
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010273403.9A Pending CN111475816A (en) | 2020-04-09 | 2020-04-09 | Distribution network terminal safety detection system and detection method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111475816A (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105306489A (en) * | 2015-11-20 | 2016-02-03 | 国网智能电网研究院 | Method for detecting security of electrical equipment |
CN107402332A (en) * | 2016-05-20 | 2017-11-28 | 中国电力科学研究院 | A kind of Intelligent power distribution terminal multi-epitope automatic checkout system and its detection method |
CN107977311A (en) * | 2017-11-15 | 2018-05-01 | 中国电力科学研究院有限公司 | A kind of automatic method and system for carrying out distribution terminal information security detection |
CN108881224A (en) * | 2018-06-19 | 2018-11-23 | 南方电网科学研究院有限责任公司 | A kind of encryption method and relevant apparatus of electrical power distribution automatization system |
CN110365804A (en) * | 2019-08-29 | 2019-10-22 | 国网重庆市电力公司电力科学研究院 | A kind of distribution terminal cloud detection system |
-
2020
- 2020-04-09 CN CN202010273403.9A patent/CN111475816A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105306489A (en) * | 2015-11-20 | 2016-02-03 | 国网智能电网研究院 | Method for detecting security of electrical equipment |
CN107402332A (en) * | 2016-05-20 | 2017-11-28 | 中国电力科学研究院 | A kind of Intelligent power distribution terminal multi-epitope automatic checkout system and its detection method |
CN107977311A (en) * | 2017-11-15 | 2018-05-01 | 中国电力科学研究院有限公司 | A kind of automatic method and system for carrying out distribution terminal information security detection |
CN108881224A (en) * | 2018-06-19 | 2018-11-23 | 南方电网科学研究院有限责任公司 | A kind of encryption method and relevant apparatus of electrical power distribution automatization system |
CN110365804A (en) * | 2019-08-29 | 2019-10-22 | 国网重庆市电力公司电力科学研究院 | A kind of distribution terminal cloud detection system |
Non-Patent Citations (2)
Title |
---|
欧世锋等: "配电终端自动化测试系统的设计与实现" * |
翟晓卉;刘宏国;孙艳玲;何毓函;王昕萌;王艳;顾卫国;: "一种采集终端检测的技术与方法" * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108366067B (en) | System and method for testing consistency of universal service protocol of power system | |
CN111092869B (en) | Security management and control method for terminal access to office network and authentication server | |
CN101789889B (en) | Method and system for automatic testing communication equipment | |
US20220321440A1 (en) | Interface Service Function Monitoring Method and System Based on Data Acquisition | |
CN109191082A (en) | A kind of method for programming of dispatching platform, system and computer readable storage medium | |
CN112053041B (en) | Province-region integrated source network load storage real-time control system and control method | |
CN105978147B (en) | The long-range fixed value modification system of automatic safety device based on file interaction | |
CN111564905A (en) | Automatic simultaneous joint debugging method and system for unattended multiple power distribution terminals of main station | |
CN108710566B (en) | Power distribution dispatching master station integration test system and method | |
CN101674285A (en) | Single sign-on system and method thereof | |
CN109782724B (en) | Control method for preventing misoperation-locking and terminal equipment | |
CN108508296B (en) | Bidirectional ring network-based in-place element protection test method and system | |
CN105592459B (en) | Safety certification device based on wireless communication | |
CN111651319A (en) | Synchronous start-stop method for monitoring system application service | |
CN104079579A (en) | Power distribution terminal communication encryption protocol detecting method | |
CN111475816A (en) | Distribution network terminal safety detection system and detection method thereof | |
CN107276997B (en) | A kind of intelligent cut-in method, the apparatus and system of electric power mobile application terminal | |
CN109495499B (en) | Encryption algorithm-based communication protocol bidirectional verification automatic test tool and method | |
CN111740863A (en) | Configuration method and system for intelligent distribution transformer terminal | |
CN112862372A (en) | Remote control method, device, equipment and storage medium for transformer substation disconnecting link | |
CN116775224B (en) | One-key sequential control testing system and testing method | |
CN111478433A (en) | Safe intelligent substation sequence control method and system | |
CN100458617C (en) | Computer monitoring anti-misoperation system | |
CN106549493A (en) | Transformer station's error-unlocking prevention control device and control method | |
CN107424307B (en) | Double-channel unlocking method for self-service transaction terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200731 |
|
RJ01 | Rejection of invention patent application after publication |