| IEC61850communication protocol system is the international communicationstandards developed by the International Electrotechnical Commission in the powerindustry. It is the only international standard for substation automation systems basedon general-purpose network communication platform, now in many nationalelectricity industry widely adopted. China has also been adopted the standard for thepower industry standard. But in IEC61850safety didn’t make a correspondingspecification, so that the standards cannot guarantee that communications dataconfidentiality, integrity and authentication. In recent years, how to ensure thenetwork security of power information system has become a hot topic.This paper consider to insert resume session handshake protocol and SSL recordprotocol between the application layer and the transport layer to increase a solution tothis situation and in order to adapt to the power system for the real-time requirements,made a lot of improvements, and to enable it to meet the requirements of real-timeand with respect to the traditional handshake agreement with a less amount of datatransmission. Handshake protocol is used to negotiate about the session parametersbetween the client and the server for the completion of the identity of the client andserver side, as well as the communication required password and encryption key. Thetraditional sense of the handshake agreement between the client and server negotiatethe session parameters take a very long time, and a lot of data usage, which obviouslydoes not meet the real-time requirements of the power system, the authors used aquick connect way-resume session handshake protocol. When the two sides toestablish a connection at the same time is not always create a new session, but in aperiod of time after the certification, the recovery session instead of establishing anew session. After completing the handshake process, the record protocol useconsultation session parameters for data transmission, at the same time must ensurethe confidentiality and integrity of data.This paper has carried on the detailed introduction of IEC61850, analyzes thesecurity problems faced by the communication standard, and analyses why thesesecurity problems are created. And then it described the definition of IEC61850ontransmission time. According to different requirements of transmission time, thecommunication standard of substation communication message can be divided into seven types, and each type of message are described in detail. IEC61850divides theseven kinds of message into different type of service, this paper introduces the threekinds of commonly used communication service: SV service, GOOSE service andMMS service, these three kinds of services have different requirement fortransmission time and safety.In this paper, the OpenSSL open source software development kit is used for thedetailed design and validation, and the simulation experiment of the proposed solution.The simulation experiment has achieved a large amount of data. Experiments showthat the solution of this paper can not only guarantee the communication process ofdata confidentiality, integrity, complete the communication on both sides of theidentity authentication, but also be able to meet the requirements of electric powerindustry information system for real time, effectively reduce the amount of data.This paper studies the security problem of IEC61850communication protocolsystem and proposed solutions. It has greatly enriched the protocol system so that itcan meet the high security requirements. If applied to the real, it can enhance thesecurity of the power system, preventing network attacks, providing a powerfulguarantee for the stable operation of the power system. |
PDF Full Text Request