《电力自动化设备》

引用本文:	杨乘胜,张帆,宋坤.基于商用密码的新能源集控系统内生安全研究[J].电力自动化设备,2023,43(7):
	YANG Chengsheng,ZHANG Fan,SONG Kun.Research on endogenous security of new energy centralized control system based on commercial password[J].Electric Power Automation Equipment,2023,43(7):

【打印本页】【HTML】【下载PDF全文】【查看/发表评论】【EndNote】【RefMan】【BibTex】

←前一篇|后一篇→

过刊浏览高级检索

本文已被：浏览 4098次下载 848次
字体:加大+\|默认\|缩小-
基于商用密码的新能源集控系统内生安全研究
杨乘胜¹, 张帆², 宋坤¹
1.国电南京自动化股份有限公司信息技术事业部，江苏南京 211100;2.南京工业大学计算机与信息工程学院(人工智能学院)，江苏南京 211816

摘要:

新能源集控系统跨地域部署，点多面广，面临来自网络空间的不确定性动态攻击风险。利用模糊层次分析法分析新能源集控系统的安全风险。针对非法遥控、非法访问等高危安全风险，从内生安全角度研究系统安全防护方法，提出国产密码技术与DL/T 476 — 2012规约深度融合方法，用于远程数据通信，并对数据验签、解密失败行为进行安全审计，根据审计结果屏蔽恶意攻击。在数据加密过程中，提出基于Linux随机数生成器(LRNG)的“一次一密”SM4秘钥生成方案，降低了秘钥泄漏风险。编写的程序搭建实验环境对所提方法进行验证，验证结果表明所提方法是可行有效的。

关键词: 新能源集控系统商用密码国密算法内生安全模糊层次分析法

DOI：10.16081/j.epae.202302016

分类号:TP319

基金项目:中国华电集团有限公司科技项目(CHDKJ22-01-09)

Research on endogenous security of new energy centralized control system based on commercial password

YANG Chengsheng¹, ZHANG Fan², SONG Kun¹

1.Information Technology Division, Guodian Nanjing Automation Co.,Ltd.,Nanjing 211100, China;2.College of Computer and Information Engineering(College of Artificial Intelligence),Nanjing Tech University, Nanjing 211816, China

Abstract:

The new energy centralized control system is deployed across regions, covering a wide range of areas, facing the risk of uncertain dynamic attacks from cyberspace. The fuzzy analytic hierarchy process is used to analyze the security risk of the new energy centralized control system. Aiming at high security risks such as illegal remote control and illegal access, the system security protection method is researched from the perspective of endogenous security. A deep fusion method of domestic cryptography technology and DL/T 476-2012 protocol is proposed for remote data communication. In addition, security audit is conducted on data signature verification and decryption failures, and the malicious attacks are shielded based on audit results. In the process of data encryption, the generation scheme of one-time SM4 secret key based on Linux random number generator(LRNG) is proposed, which can reduce the risk of secret key leakage. A experiment environment is established by coding software, and the results show that the proposed method is feasible and effective.

Key words: new energy centralized control system commercial password state domestic password algorithm endogenous security fuzzy analytic hierarchy process

用微信扫一扫