变电站软件版本安全管控与溯源

doi:10.11930/j.issn.1004-9649.202007090

中国电力 ›› 2021, Vol. 54 ›› Issue (11): 206-213.DOI: 10.11930/j.issn.1004-9649.202007090

变电站软件版本安全管控与溯源

李金¹, 张喜铭¹, 胡荣¹, 许艾², 周华锋¹, 邱荣福²

1. 中国南方电网有限责任公司,广东广州 510663;
2. 南方电网数字电网研究院有限公司,广东广州 510663

收稿日期:2020-07-23 修回日期:2021-03-04 出版日期:2021-11-05 发布日期:2021-11-16
作者简介:李金(1979-),男,高级工程师(教授级),硕士,从事电力系统调度自动化相关技术研究,E-mail:Lijin2@csg.cn;张喜铭(1980-),男,高级工程师(教授级),硕士,从事电力系统调度自动化相关技术研究,E-mail:zhangxm@csg.cn;胡荣(1979-),男,高级工程师(教授级),硕士,从事电力系统调度自动化相关技术研究,E-mail:hurong@csg.cn;许艾(1982-),男,高级工程师,从事密码学、信息安全、物联网安全等相关领域的研究及应用,E-mail:xuai_xc@126.com
基金资助:
中国南方电网公司科技项目(ZDKJXM20180009)

Security Management and Traceability of Substation Software Versions

LI Jin¹, ZHANG Ximing¹, HU Rong¹, XU Ai², ZHOU Huafeng¹, QIU Rongfu²

1. China Southern Power Grid Co., Ltd., Guangzhou 510663, China;
2. Digital Grid Research Institute, CSG, Guangzhou 510663, China

Received:2020-07-23 Revised:2021-03-04 Online:2021-11-05 Published:2021-11-16
Supported by:
This work is supported by Science and Technology Project of China Southern Power Grid Corporation (No.ZDKJXM20180009)

摘要/Abstract

摘要： 目前，变电站自动化设备软件与配置没有经过严格的检测与验证也没有集中统一管理，给变电站自动化系统的安全运维带来了极大风险。通过对网省/地三级自动化运维管理系统体系架构设计解决设备软件等软件版本的集中统一管理、管控；基于数字认证技术与国密算法对变电站内设备软件进行数字签名、验证，实现软件版本完整与可追溯。其核心内容及创新点包括：通过设计一套网省/地三级自动化运维管理系统来实现变电站设备软件、配置文件的集中统一管理、管控；采用基于数字认证技术与国密算法实现设备软件、配置文件的逐级数字签名与验证，解决软件版本在各流程环节的完整性与可追溯性问题。

关键词: 变电站安全运维, 调度证书, 溯源, 数字认证, SM2

Abstract: At present, the software and configuration of substation automation equipment have not undergone rigorous testing and verification or centralized management, which has brought great risks to the safe operation and maintenance of substation automation systems. A three-level (network-provincial-local) automated operation and maintenance management system architecture is designed in this paper to realize the centralized and unified management and control of equipment software and other software versions. Based on the digital authentication technology and national secret algorithm, the integrity and traceability of software versions are achieved through digital signature and verification of equipment software in substations. The key contents and innovation in this paper include: (1) the centralized and unified management and control of the substation equipment software and configuration files are achieved through designing a three-level automated operation and maintenance management system; (2) the integrity and traceability of software versions in each process is realized through step-by-step digital signature and verification of equipment software and configuration files using digital authentication technology and national encryption algorithm.

Key words: substation safe operation and maintenance, dispatch certificate, traceability, digital certification, SM2

李金, 张喜铭, 胡荣, 许艾, 周华锋, 邱荣福. 变电站软件版本安全管控与溯源[J]. 中国电力, 2021, 54(11): 206-213.

LI Jin, ZHANG Ximing, HU Rong, XU Ai, ZHOU Huafeng, QIU Rongfu. Security Management and Traceability of Substation Software Versions[J]. Electric Power, 2021, 54(11): 206-213.

导出引用管理器 EndNote|Ris|BibTeX

链接本文: https://www.electricpower.com.cn/CN/10.11930/j.issn.1004-9649.202007090

https://www.electricpower.com.cn/CN/Y2021/V54/I11/206

参考文献

[1] 刘宏君, 高旭, 杜丽艳, 等. 智能变电站SCD文件管控系统模块化设计[J]. 电力系统保护与控制, 2019, 47(3): 154–159
LIU Hongjun, GAO Xu, DU Liyan, et al. Modular design of intelligent substation SCD file management and control system[J]. Power System Protection and Control, 2019, 47(3): 154–159
[2] 王光亮, 陈文, 唐明帅, 等. 基于相关间隔解耦的SCD文件管控系统设计与开发[J]. 电力系统保护与控制, 2019, 47(11): 157–164
WANG Guangliang, CHEN Wen, TANG Mingshuai, et al. Design and development of SCD file control system based on correlation interval decoupling[J]. Power System Protection and Control, 2019, 47(11): 157–164
[3] 汪溢, 马凯, 李先波. 变电站自动化设备参数统一配置研究[J]. 电气应用, 2015, 34(增刊1): 386–389
[4] 徐文霞. 关于智能变电站运维模式的研究[J]. 大众标准化, 2019(16): 221–222
[5] 朱江波. 智能变电站文件管控问题及系统解决方案[D]. 西安: 西安科技大学, 2019.
ZHU Jiangbo. Exploration and practice of document control of intelligent substation[D]. Xi'an: Xi'an University of Science and Technology, 2019.
[6] JIANG Yitao, REN Yubao, ZHOU Xiuhe, et al. The analysis of training schemes for new staff members from substation operation and maintenance departments[C]//Proceedings of the Asia-Pacific Electronics and Electrical Engineering Conference(EEEC 2014). 2014: 4.
[7] 周磊, 夏勇军, 黎恒烜, 等. 智能变电站配置集成一体化软件设计与实现[J]. 电气技术, 2019, 20(8): 69–74
ZHOU Lei, XIA Yongjun, LI Hengxuan, et al. Design and implementation of intelligent substation configuration integrated software[J]. Electrical Engineering, 2019, 20(8): 69–74
[8] 陈国平, 王德林, 裘愉涛, 等. 继电保护面临的挑战与展望[J]. 电力系统自动化, 2017, 41(16): 1–11, 26
CHEN Guoping, WANG Delin, QIU Yutao, et al. Challenges and development prospects of relay protection technology[J]. Automation of Electric Power Systems, 2017, 41(16): 1–11, 26
[9] 罗振威, 刘永欣, 余栋斌, 等. 智能变电站二次系统集成优化设计[J]. 电气技术, 2017(8): 84–88, 92
LUO Zhenwei, LIU Yongxin, YU Dongbin, et al. Optimal integration design of the smart substation secondary system[J]. Electrical Engineering, 2017(8): 84–88, 92
[10] 魏军锋. 浅析变电站自动化设备的安装调试及其运维[J]. 中国高新技术企业, 2017(1): 145–146
[11] 蒋婷, 范耀波, 肖平. 变电站自动化设备远程维护的实现[J]. 广西电力, 2016, 39(3): 66–68
JIANG Ting, FAN Yaobo, XIAO Ping. Realization of remote maintenance of automation equipment in substation[J]. Guangxi Electric Power, 2016, 39(3): 66–68
[12] 陈宏君, 刘克金, 冯亚东, 等. 新一代保护测控装置配套工具软件设计与应用[J]. 电力系统自动化, 2013, 37(20): 92–96
CHEN Hongjun, LIU Kejin, FENG Yadong, et al. Design and application of supporting tool software for new generation protection and measuring-control devices[J]. Automation of Electric Power Systems, 2013, 37(20): 92–96
[13] 叶翔, 刘辉, 周永忠. 智能变电站图模一体化设计软件实现方案[J]. 江苏电机工程, 2014, 33(3): 41–44
YE Xiang, LIU Hui, ZHOU Yongzhong. Implementation of graph and model integration software for smart substation[J]. Jiangsu Electrical Engineering, 2014, 33(3): 41–44
[14] 白青海, 周岚. 公钥基础设施PKI体系结构探析[J]. 内蒙古民族大学学报(自然科学版), 2010, 25(4): 373–375
BAI Qinghai, ZHOU Lan. The discuss of architecture structure of public key infrastructure system[J]. Journal of Inner Mongolia University for Nationalities (Natural Sciences), 2010, 25(4): 373–375
[15] 许俊华, 米卫平. 基于PKI/CA构建国防军工可信网络环境[J]. 航空制造技术, 2014, 57(18): 103–104
XU Junhua, MI Weiping. Construct national defense credible network based on PKI/CA[J]. Aeronautical Manufacturing Technology, 2014, 57(18): 103–104
[16] 韩笑, 李洁原. PKI技术在敏感信息采集传输中的应用研究[J]. 中国传媒科技, 2018(8): 50–51, 69
[17] 王晓丽, 卓泽朋. 云环境下基于PKI技术身份认证研究[J]. 江苏理工学院学报, 2018, 24(4): 16–19
WANG Xiaoli, ZHUO Zepeng. Research on identity authentication based on PKI technology in cloud environment[J]. Journal of Jiangsu University of Technology, 2018, 24(4): 16–19
[18] 中华人民共和国国家质量监督检验检疫总局, 中国国家标准化管理委员会. 电力系统通用服务协议: GB/T 33602—2017[S]. 北京: 中国标准出版社, 2017.
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China. General service protocol for electric power system: GB/T 33602—2017[S]. Beijing: Standards Press of China, 2017.
[19] 周彦飞, 葛雅川, 李楠, 等. 电力系统通用服务协议的应用层数据加密技术研究[J]. 电工技术, 2019(17): 12–14
ZHOU Yanfei, GE Yachuan, LI Nan, et al. Research on application layer data encryption technology of general service protocol for power system[J]. Electric Engineering, 2019(17): 12–14
[20] 彭志强, 张琦兵, 苏大威, 等. 基于GSP的变电站监控系统远程运维技术[J]. 电力自动化设备, 2019, 39(4): 210–216
PENG Zhiqiang, ZHANG Qibing, SU Dawei, et al. Remote operation and maintenance technology of substation supervisory control system based on GPS[J]. Electric Power Automation Equipment, 2019, 39(4): 210–216
[21] 林青, 胡绍谦, 代小翔, 等. 面向服务的继电保护数据智能传输方案分析[J]. 电气技术, 2019, 20(5): 79–83
LIN Qing, HU Shaoqian, DAI Xiaoxiang, et al. Discussion on scheme of intelligent data transmission of service-oriented architecture for relay protection[J]. Electrical Engineering, 2019, 20(5): 79–83
[22] 徐茹枝, 郭健, 李衍辉. 智能电网中电力调度数字证书系统[J]. 中国电力, 2011, 44(1): 37–40
XU Ruzhi, GUO Jian, LI Yanhui. Power dispatching digital certificate system in smart grid[J]. Electric Power, 2011, 44(1): 37–40
[23] 中华人民共和国国家质量监督检验检疫总局, 中国国家标准化管理委员会. 信息安全技术 SM2椭圆曲线公钥密码算法第2部分: 数字签名算法: GB/T 32918.2—2016[S]. 北京: 中国标准出版社, 2017.
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China. Public key cryptographic algorithm SM2 based on elliptic curves. Part 2: Digital signature algorithm: GB/T 32918.2—2016[S]. Beijing: Standards Press of China, 2017.
[24] 中华人民共和国国家质量监督检验检疫总局, 中国国家标准化管理委员会. 信息安全技术 SM3密码杂凑算法: GB/T 32905—2016[S]. 北京: 中国标准出版社, 2017.
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China. Information security techniques—SM3 cryptographic hash algorithm: GB/T 32905—2016[S]. Beijing: Standards Press of China, 2017.
[25] 中华人民共和国国家质量监督检验检疫总局, 中国国家标准化管理委员会. 信息安全技术 SM4分组密码算法: GB/T 32907—2016[S]. 北京: 中国标准出版社, 2017.
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China. Information security technology—SM4 block cipher algorithm: GB/T 32907—2016[S]. Beijing: Standards Press of China, 2017.

变电站软件版本安全管控与溯源

Security Management and Traceability of Substation Software Versions

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

编辑推荐

Metrics

[1]	张艳军, 刘佳琦, 高凯, 张建, 周在彦, 姜赫. 基于冲击负荷注入的电力系统混合动态仿真方法[J]. 中国电力, 2020, 53(3): 59-65.
[2]	王志贺，骆钊，谢吉华，，顾伟，陈海超，许超，周亮. 基于SM2密码体系的SD卡的电力移动终端安全接入方案[J]. 中国电力, 2015, 48(5): 75-80.

模态框（Modal）标题

变电站软件版本安全管控与溯源

Security Management and Traceability of Substation Software Versions

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

编辑推荐

Metrics