电力智能传感器及传感网安全防护技术

doi:10.11930/j.issn.1004-9649.202305083

中国电力 ›› 2023, Vol. 56 ›› Issue (11): 67-76.DOI: 10.11930/j.issn.1004-9649.202305083

• 面向电网设备状态感知的低功耗无线传感网技术及应用 • 上一篇下一篇

电力智能传感器及传感网安全防护技术

安春燕¹(), 陆阳¹(), 翟迪¹, 朱雪琼²

1. 国网智能电网研究院有限公司，北京　102209
2. 国网江苏省电力有限公司电力科学研究院，江苏南京　211103

收稿日期:2023-05-18 接受日期:2023-10-12 出版日期:2023-11-28 发布日期:2023-11-28
作者简介:安春燕（1987—），女，通信作者，博士，高级工程师（教授级），从事感知与通信安全技术研究，E-mail： anchunyan@geiri.sgcc.com.cn
陆阳（1984—），男，博士，高级工程师（教授级），从事电力通信及传感技术研究，E-mail： luyang@geiri.sgcc.com.cn
基金资助:
国家电网有限公司科技项目（电力低功耗宽窄融合无线传感网络轻量级安全连接技术研究，5500-202158416A-0-0-00）。

Security Protection of Electrical Intelligent Sensors and Sensor Networks

Chunyan AN¹(), Yang LU¹(), Di ZHAI¹, Xueqiong ZHU²

1. State Grid Smart Grid Research Institute Co., Ltd., Beijing 102209, China
2. State Grid Jiangsu Electric Power Co., Ltd. Research Institute, Nanjing 211103, China

Received:2023-05-18 Accepted:2023-10-12 Online:2023-11-28 Published:2023-11-28
Supported by:
This work is supported by Science and Technology Projects of SGCC (Research on Lightweight Secure Connection Technologies for Electric Low Power Wireless Sensor Network with Both Wide-Band and Narrow-Band Terminals, No.5500-202158416A-0-0-00).

摘要/Abstract

摘要：

电力智能传感器及传感网安全研究处于起步阶段，资源受限及应用现场缺乏低压供电导致对安全开销极其敏感，用户侧广泛部署更易遭受侧信道等物理攻击，利用感知机理或数据处理算法发起的新型攻击日渐增多。针对上述问题，结合现场特点、业务特征、设备能力及行业现状，分析电力智能传感器及传感网安全需求，构建安全技术体系，归纳总结电力智能传感器具备特殊需求的感知安全、存储安全、轻量级加密、身份认证、代码安全和固件安全等技术研究现状，提出发展建议，为构建安全、可靠的能源电力数据基座提供支撑。

关键词: 电力智能传感器, 感知安全, 存储安全, 通信安全, 计算安全

Abstract:

Security of electrical intelligent sensors and sensor networks is still in the initial research stage, and resource constraints and lack of low-voltage power supply in most application sites make electrical intelligent sensors extremely sensitive to security costs. The widespread user-side deployment makes them more susceptible to physical attacks such as side channel attacks. Besides, new types of security attacks which utilize sensing mechanisms or data processing algorithms are also increasing. Firstly, we analyzed the security requirements of electrical intelligent sensors and networks based on site conditions, service characteristics, equipment capabilities, and industry status quo. And then we established a security technology framework, and reviewed the state-of-the-art research on the security technologies which the electrical intelligent sensors have special needs on, such as sensing security, storage security, lightweight encryption, identity authentication, code and firmware security. Finally, we proposed some development suggestions on the security technologies, which can be used to support the construction of the safe and reliable power database.

Key words: electrical intelligent sensors, sensing security, storage security, communication security, computing security

安春燕, 陆阳, 翟迪, 朱雪琼. 电力智能传感器及传感网安全防护技术[J]. 中国电力, 2023, 56(11): 67-76.

Chunyan AN, Yang LU, Di ZHAI, Xueqiong ZHU. Security Protection of Electrical Intelligent Sensors and Sensor Networks[J]. Electric Power, 2023, 56(11): 67-76.

导出引用管理器 EndNote|Ris|BibTeX

链接本文: https://www.electricpower.com.cn/CN/10.11930/j.issn.1004-9649.202305083

https://www.electricpower.com.cn/CN/Y2023/V56/I11/67

图/表 3

参考文献 56

1	吴钢, 周金辉, 李慧. 面向边缘增强分布式电力无线传感网的资源分配[J]. 中国电力, 2023, 56 (8): 77- 85, 98. DOI
	WU Gang, ZHOU Jinhui, LI Hui. Resource allocation for edge-enhanced distributed power wireless sensor network[J]. Electric Power, 2023, 56 (8): 77- 85, 98. DOI
2	SAM Seamless Network. 2021 IoT security landscape[R/OL]. (2022-04-07)[2023-05-09].https://securingsam.com/2021-iot-security-landscape/.
3	赵建立, 向佳霓, 汤卓凡, 等. 虚拟电厂在上海的实践探索与前景分析[J]. 中国电力, 2023, 56 (2): 1- 13. DOI
	ZHAO Jianli, XIANG Jiani, TANG Zhuofan, et al. Practice exploration and prospect analysis of virtual power plant in Shanghai[J]. Electric Power, 2023, 56 (2): 1- 13. DOI
4	ZHU M N, ZHANG P H, WANG C, et al. Research and analysis on measurement error of three-phase electricity meter with magnetic field interference[C]//2022 2nd International Conference on Electrical Engineering and Control Science (IC2ECS). Nanjing, China. IEEE, 2023: 123–128.
5	THYS S, VAN RANST W, GOEDEMÉ T. Fooling automated surveillance cameras: adversarial patches to attack person detection[C]//2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW). Long Beach, CA, USA. IEEE, 2020: 49–55.
6	全国信息安全标准化技术委员会. 信息安全技术网络安全等级保护基本要求: GB/T 22239—2019[S]. 北京: 中国标准出版社, 2019.
	China Information Security Standardization Technical Committee. Information security technology-baseline for classified protection of cybersecurity: GB/T 22239—2019[S]. Beijing: Standards Press of China, 2019.
7	全国信息安全标准化技术委员会. 信息安全技术物联网感知层接入通信网的安全要求: GB/T 37093—2018[S]. 北京: 中国标准出版社, 2018.
	China Information Security Standardization Technical Committee. Information security technology-security requirements for IoT sensing layer access to communication network: GB/T 37093—2018[S]. Beijing: Standards Press of China, 2018.
8	全国信息安全标准化技术委员会. 信息安全技术物联网感知终端应用安全技术要求: GB/T 36951—2018[S]. 北京: 中国标准出版社, 2018.
	China Information Security Standardization Technical Committee. Information security technology—Security technical requirements for application of sensing terminals in internet of things: GB/T 36951—2018[S]. Beijing: Standards Press of China, 2018.
9	国家电网有限公司互联网部. 电力物联网全场景安全技术要求: Q/GDW 12108—2021[S]. 北京: 国家电网有限公司, 2021.
	Internet Department of SGCC. Full scene security technical requirements of eIoT: Q/GDW 12108-2021[S]. Beijing: State Grid Corporation of China, 2021.
10	国家电网有限公司互联网部. 电力物联网感知层设备接入安全技术规范: Q/GDW 12109—2021[S]. 北京: 国家电网有限公司, 2021.
	Internet Department of SGCC. Technical specifications for security access of sensing layer devices in eIoT: Q/GDW 12109—2021[S]. Beijing: State Grid Corporation of China, 2021.
11	国家电网有限公司互联网部. 电网智能业务终端接入规范: Q/GDW 12147—2021[S]. 北京: 国家电网有限公司, 2021.
	Internet Department of SGCC. Access specification for intelligent terminal of power grid: Q/GDW 12147-2021[S]. Beijing: State Grid Corporation of China, 2021.
12	国家电网有限公司互联网部. 电力物联网感知层技术导则: Q/GDW 12100—2021[S]. 北京: 国家电网有限公司, 2021.
	Internet Department of SGCC. Technical guide for perception layer of electric IoT: Q/GDW 12100-2021[S]. Beijing: State Grid Corporation of China, 2021.
13	XU W Y, YAN C, JIA W B, et al. Analyzing and enhancing the security of ultrasonic sensors for autonomous vehicles[J]. IEEE Internet of Things Journal, 2018, 5 (6): 5015- 5029. DOI
14	YAN C, ZHANG G M, JI X Y, et al. The feasibility of injecting inaudible voice commands to voice assistants[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18 (3): 1108- 1124.
15	TANAKA T, SUGAWARA T. Laser-based signal-injection attack on piezoresistive MEMS pressure sensors[C]//2022 IEEE Sensors. Dallas, TX, USA. IEEE, 2022: 1–4.
16	JI X Y, CHENG Y S, XU W Y, et al. No seeing is also believing: electromagnetic-emission-based application guessing attacks via smartphones[J]. IEEE Transactions on Mobile Computing, 2023, 22 (2): 1095- 1109. DOI
17	王永娟, 樊昊鹏, 代政一, 等. 侧信道攻击与防御技术研究进展[J]. 计算机学报, 2023, 46 (1): 202- 228. DOI
	WANG Yongjuan, FAN Haopeng, DAI Zhengyi, et al. Advances in side channel attacks and countermeasures[J]. Chinese Journal of Computers, 2023, 46 (1): 202- 228. DOI
18	AKRAM A, MUSHTAQ M, BHATTI M K, et al. Meet the sherlock Holmes’ of side channel leakage: a survey of cache SCA detection techniques[J]. IEEE Access, 2020, 8, 70836- 70860. DOI
19	DENG S W, MATYUNIN N, XIONG W J, et al. Evaluation of cache attacks on arm processors and secure caches[J]. IEEE Transactions on Computers, 2022, 71 (9): 2248- 2262.
20	XIE Y F, XUE X Y, YANG J G, et al. A logic resistive memory chip for embedded key storage with physical security[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2016, 63 (4): 336- 340. DOI
21	NAGARAJAN K, AHMED F U, KHAN M N I, et al. SecNVM: power side-channel elimination using on-chip capacitors for highly secure emerging NVM[J]. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 2021, 29 (8): 1518- 1528. DOI
22	LARIMIAN S, MAHMOODI M R, STRUKOV D B. Lightweight integrated design of PUF and TRNG security primitives based on eFlash memory in 55-nm CMOS[J]. IEEE Transactions on Electron Devices, 2020, 67 (4): 1586- 1592. DOI
23	THAKOR V A, RAZZAQUE M A, KHANDAKER M R A. Lightweight cryptography algorithms for resource-constrained IoT devices: a review, comparison and research opportunities[J]. IEEE Access, 2021, 9, 28177- 28193. DOI
24	ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection. Information security–lightweight cryptography - part 2: block ciphers: ISO/IEC 29192-2: 2019[S]. 2019.
25	DAS A K, ZEADALLY S, HE D B. Taxonomy and analysis of security protocols for Internet of Things[J]. Future Generation Computer Systems, 2018, 89, 110- 125. DOI
26	刘客. 嵌入式SoC片上SRAM PUF的设计与实现[D]. 武汉: 华中科技大学, 2013: 1–48.
	LIU Ke. Design and implementation of on-chip SRAM PUF for embedded SoC[D]. Wuhan: Huazhong University of Science and Technology, 2013: 1–48.
27	GÜNLÜ O, İŞCAN O, SIDORENKO V, et al. Code constructions for physical unclonable functions and biometric secrecy systems[J]. IEEE Transactions on Information Forensics and Security, 2019, 14 (11): 2848- 2858. DOI
28	AMAN M N, CHUA K C, SIKDAR B. Mutual authentication in IoT systems using physical unclonable functions[J]. IEEE Internet of Things Journal, 2017, 4 (5): 1327- 1340. DOI
29	TAN X, ZHANG J L, ZHANG Y J, et al. A PUF-based and cloud-assisted lightweight authentication for multi-hop body area network[J]. Tsinghua Science and Technology, 2020, 26 (1): 36- 47.
30	GOPE P, SIKDAR B. Lightweight and privacy-preserving two-factor authentication scheme for IoT devices[J]. IEEE Internet of Things Journal, 2019, 6 (1): 580- 589. DOI
31	The state of open source vulnerabilities management [R/OL]. (2019-09-22)[2020-02-25].https://www.whitesourcesoftware.com/open-source-vulnerability-management-report/#hero_section.
32	冯兆文, 刘振慧. 开源软件漏洞安全风险分析[J]. 保密科学技术, 2020, (2): 27- 32.
33	Linux Foundation Research Team. Addressing cybersecurity challenges in open source software[R/OL]. (2022-06-30) [2023-04-25].https://www.linuxfoundation.org/research/addressing-cybersecurity-challenges-in-open-source-software.
34	贾培养, 孙鸿宇, 曹婉莹, 等. 开源软件漏洞库综述[J]. 信息安全研究, 2021, 7 (6): 566- 574.
	JIA Peiyang, SUN Hongyu, CAO Wanying, et al. Open source software vulnerability data base overview[J]. Journal of Information Security Research, 2021, 7 (6): 566- 574.
35	LI X, JIANG J J, BENTON S, et al. A large-scale study on API misuses in the wild[C]//2021 14th IEEE Conference on Software Testing, Verification and Validation (ICST). Porto de Galinhas, Brazil. IEEE, 2021: 241–252.
36	GU Z X, WU J C, LIU J X, et al. An empirical study on API-misuse bugs in open-source C programs[C]//2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). Milwaukee, WI, USA. IEEE, 2019: 11–20.
37	LAZAR D, CHEN H G, WANG X, et al. Why does cryptographic software fail? : a case study and open problems[C]//Proceedings of 5th Asia-Pacific Workshop on Systems. Beijing, China. New York: ACM, 2014: 1–7.
38	BRAGA A, DAHAB R. Mining cryptography misuse in online forums[C]//2016 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). Vienna, Austria. IEEE, 2016: 143–150.
39	DANN A, PLATE H, HERMANN B, et al. Identifying challenges for OSS vulnerability scanners-A study & test suite[J]. IEEE Transactions on Software Engineering, 2022, 48 (9): 3613- 3625. DOI
40	AMANN S, NGUYEN H A, NADI S, et al. A systematic evaluation of static API-misuse detectors[J]. IEEE Transactions on Software Engineering, 2019, 45 (12): 1170- 1188. DOI
41	AN C Y, ZHANG D L, GAO X J, et al. CryptoDetection: a cryptography misuse detection method based on Bi-LSTM[C]//2022 IEEE 8th International Conference on Computer and Communications (ICCC). Chengdu, China. IEEE, 2023: 1244–1249.
42	LAMOTHE M, LI H, SHANG W Y. Assisting example-based API misuse detection via complementary artificial examples[J]. IEEE Transactions on Software Engineering, 2022, 48 (9): 3410- 3422. DOI
43	汪昕, 陈驰, 赵逸凡, 等. 基于深度学习的API误用缺陷检测[J]. 软件学报, 2019, 30 (5): 1342- 1358. DOI
	WANG Xin, CHEN Chi, ZHAO Yifan, et al. API misuse bug detection based on deep learning[J]. Journal of Software, 2019, 30 (5): 1342- 1358. DOI
44	LI Q, TAN D W, GE X, et al. Understanding security risks of embedded devices through fine-grained firmware fingerprinting[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 19 (6): 4099- 4112.
45	国家互联网应急中心. 联网智能设备安全态势季度报告(2021年第2季度)[R/OL]. (2021-08-10) [2023-04-27].https://www.cert.org.cn/publish/main/68/2021/20210810172517619736236/20210810172517619736236_.html.
46	国家互联网应急中心. 联网智能设备安全态势季度报告(2021年第3季度)[R/OL]. (2021-12-23) [2023-04-27].https://www.cert.org.cn/publish/main/68/2021/20211223143731210674656/20211223143731210674656_.html.
47	FENG X T, ZHU X G, HAN Q L, et al. Detecting vulnerability on IoT device firmware: a survey[J]. IEEE/CAA Journal of Automatica Sinica, 2022, 10 (1): 25- 41.
48	国家电网有限公司设备管理部. 输变电设备物联网微功率无线网通信协议: Q/GDW 12020—2019[S]. 北京: 国家电网有限公司, 2019.
	Equipment Management Department of SGCC. Micro-power wireless network communication protocol for the internet of power transmission and transformation equipment: Q/GDW 12020—2019 [S]. Beijing: State Grid Corporation of China, 2019.
49	国家电网有限公司设备管理部. 输变电设备物联网节点设备无线组网协议: Q/GDW 12021—2019[S]. 北京: 国家电网有限公司, 2019.
	Equipment Management Department of SGCC. Node device wireless networking protocol for the internet of power transmission and transformation equipment: Q/GDW 12021—2019[S]. Beijing: State Grid Corporation of China, 2019.
50	HE D J, GU H J, LI T H, et al. Toward hybrid static-dynamic detection of vulnerabilities in IoT firmware[J]. IEEE Network, 2021, 35 (2): 202- 207. DOI
51	LI M X, LI F, YIN J, et al. Research on security vulnerability mining technology for terminals of electric power Internet of Things[C]//2022 IEEE 6th Information Technology and Mechatronics Engineering Conference (ITOEC). Chongqing, China. IEEE, 2022: 1638–1642.
52	HEMRAM S, KATHRINE G J W, PALMER G M, et al. Firmware vulnerability detection in embedded systems and Internet of Things[C]//2022 International Conference on Augmented Intelligence and Sustainable Systems (ICAISS). Trichy, India. IEEE, 2023: 1161–1167.
53	ZHANG B, XI Z S, GAO K L. Fuzzy test guidance technology for power Internet of Things firmware vulnerability detection[C]//2021 IEEE International Conference on Energy Internet (ICEI). Southampton, United Kingdom. IEEE, 2022: 157–163.
54	WANG Y S, SHEN J J, LIN J, et al. Staged method of code similarity analysis for firmware vulnerability detection[J]. IEEE Access, 2019, 7, 14171- 14185. DOI
55	XIAO J C, ZHAO Y, WANG J Q, et al. Research on large-scale firmware function security detection method based on SimHash[C]//2021 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). Shenyang, China. IEEE, 2021: 170–175.
56	ZHU X B, LI Q B, CHEN Z F, et al. Research on security detection technology for Internet of Things terminal based on firmware code genes[J]. IEEE Access, 2020, 8, 150226- 150241. DOI

身份认证因子	安全特性	安全特性状况
设备ID	唯一性	一般
	不可复制性	较差
	随机性	一般
	稳定性	非常好
数字证书	唯一性	一般
	不可复制性	一般
	随机性	一般
	稳定性	非常好
硬件指纹（射频指纹、PUF、过电压特性）	唯一性	非常好
	不可复制性	非常好
	随机性	非常好
	稳定性	一般

身份认证因子	安全特性	安全特性状况
设备ID	唯一性	一般
	不可复制性	较差
	随机性	一般
	稳定性	非常好
数字证书	唯一性	一般
	不可复制性	一般
	随机性	一般
	稳定性	非常好
硬件指纹（射频指纹、PUF、过电压特性）	唯一性	非常好
	不可复制性	非常好
	随机性	非常好
	稳定性	一般

电力智能传感器及传感网安全防护技术

Security Protection of Electrical Intelligent Sensors and Sensor Networks

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 3

参考文献 56

相关文章 0

编辑推荐

Metrics

模态框（Modal）标题

电力智能传感器及传感网安全防护技术

Security Protection of Electrical Intelligent Sensors and Sensor Networks

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 3

参考文献 56

相关文章 0

编辑推荐

Metrics