摘要
通过对安全功能执行点定位的分析,证明把安全功能执行点定位在智能电子设备(IED)符合 IEC TC57无缝通信体系。针对这种安全需求,将可信计算组织(TCG)推出的可信计算方法引入 变电站自动化中,在IED中种植可信平台模块(TPM)并建立信任链,采用远程过程调用(RPC)技 术将信任关系扩展到远端,设计了一种安全远程通信平台,而报文的安全由公钥基础设施(PKI)或 对称加密技术来保证。在此基础上,针对变电站远程控制的安全需求,结合变电站自动化控制操作 的动作序列,设计了变电站自动化远程控制的安全通信体系。该设计能与IEC 61850,TCG等相关 的最新国际标准保持一致,相关的密码算法遵循国家密码管理局的商用密码管理条例。
The location for implementing security functions should be kept in intelligent electronic devices (IEDs), so that the design can accord with seamless communication system of IEC TC57. To meet the security requirement, the trusted computing method initia:ed by Trusted Computing Group (TCG) is introduced into substation automation, and the trusted platform module (TPM) should be embedded in IEDs with a set-up trust chain. Meanwhile the remote procedure call (RPC) is used to expand the trust to remote platforms, then the platform of security remote communication is designed. In the platform, the technology of PKI (public key infrastructure) or symmetric encryption is used to ensure that the message is safe. Based on this, by combining the operation sequence of control in substation automation, a security communication system of remote control for substation automation is designed. The design of the security remote communication is consistent with the latest relevant international standards such as IEC 61850 and TCG, and is of great significance in resolving the security problem of remote communication in substation automation. The interrelated cryptography abides by the Commercial Cryptography Management Statute of National Cipher Management Office.
出处
《电力系统自动化》
EI
CSCD
北大核心
2005年第24期60-64,78,共6页
Automation of Electric Power Systems
基金
湖南省教育厅优秀青年基金资助项目(05B006)湖南省自然科学基金资助项目(05JJ30209)。~~
关键词
可信计算
变电站
智能电子设备
IEC
61850
trusted computation
substation
intelligent electronic device (IED)
IEC 61850
作者简介
伍军(1979-),男,硕士研究生,主要从事电力系统信息安全研究。E-mail:wujun79@126.com
段斌(1966-),男,博士,教授,主要从事信息安全和电力系统自动化研究。
黄生龙(1970-),男,工程师,主要从事电力调度通信研究。
