| Interactive is a characteristics of smart grid essentially different from traditional grid, while the nature of interactive is two-way information exchange. So information exchange is an important prerequisite to implement the basic function of smart grid. On the one hand, longitudinal two-way information exchange between outside intelligent terminals and inside business systems can realize real-time acquisition of information and timly adjustment of power grid operation state; on the other hand, lateral two-way information exchange between business systems is more conducive to timly sharing of information, which provides the basis for scientific decision-making. Information exchange makes information network and power network of smart grid fusetogether.Information network security performs direct effect on smart grid safety protection.In addition, due to the presence of network isolation measures, inside business systems how to establish communication with terminals, how to prevent illegal terminal from unauthorized access and how to transmit information between business systems with different reliability levels have a direct impact on the availability of business systems. Therefore, information secure exchange becomesa prerequisite for the normal operation of business systems and ensuring information secure exchange is an important issue for the construction of smart grid.This dissertation takes strong smart grid for researh background, researches information secure exchange models of smart grid and key technologies of implementing information secure exchange on the basis of summarizing the information exchange mode and analyzing the security needs, and takes power user electric energy data acquire system as an example, describes the implementation of information secure exchange system. The main contributions of this dissertation are summarized as follows:(1) Through analyzing the hierarchy of smart grid from longitudinal and lateral, this dissertation concludes that there are two information exchange modes in smart grid, that is, longitudinal information exchange between outside terminals and inside business systems and lateral between business systems with different security levels, and analyses safetyrequirements of two modes, that is, realizing two-way information secure exchange between outside terminals and inside business systems by ensuring terminal safety, data transport channel safety and business systems safety and realizing one-way information exchange between business systems with different reliability levels and business systems with the same reliability levels but in different physical networks bydividing reliability levels and regulating one-way rules.(2) Two information secure exchange models is designed. The TISEM (Two-way Information Secure Exchange Model) is used to solve the security problemsbetween outside terminals and inside business systems. The OISEM (One-way Information Secure Exchange Model) is used to tackle the security problems between different business systems.Also, the formal description, the safety rules and security features of the two models is given.(3)Relevant technologies are researchedfor the implementation of TISEM and OISEM. In view of techniques of TISEM, the security technologies of terminals, data transport channels, control instruction and data packets are researched based on trust theories. Firstly, the domestic TCM chip is used as trusted root to build trusted terminals to ensure the identity and operation environment is trusted. Secondly, a remote attestation model RAMS A (Remote Attestation Model Sponsored by Attestor) is build and the relevant protocol is designed after researching remote attestation technologies. The remote attestation can extend the trust of terminals to networks and make sure the data transmission is trust. Thirdly, according to the mandatory hardware confirm control technologies, the instruction credibility problems is researched and mathematical expression of instruction credibility is given. At last, an improved d-Left Counting Bloom Filter algorithm which can solve the problem that the elements cannot be deleted when the fingerprint of different elements is the same is proposed. On this basis, a deep packet inspection model DCBF_DPIM (Deep Packet Inspection Model based on d-Left Counting Bloom Filter) based on the d-Left Counter Bloom Filter algorithm is constructed. The model can allow data from terminals in accordance with established rules and forbid malicious data to prevent business systems and internal network from being damaged.Based on the one-way flow of information transmission principle of "no read down no write up; read up write down", the one-way data transmission technology based on the network diode is researched.(4) The information secure exchange system of power user electric energy data acquire system is designed due to research results of TISEM and OISEM. The system has guiding significance for the construction of information secure exchange system of business systems in smart grid which have similar security needs with power user electric energy data acquire system.
|
PDF Full Text Request