配电网自动化DTU终端的103规约的安全性分析

IEC 60870-5-103规约是应用于继电保护设备的信息接口配套标准,传输的主要内容是与继电保护有关的信息.该报文进行的是明文传输,缺乏加密措施和数字签名机制,安全性较低.为了验证以太网传输的103规约存在安全隐患和风险,搭建了主站与配电网自动化DTU终端的通信实验环境.运用ARP欺骗手段对系统进行了中间人攻击测试,实验的结果表明以太网传输的103规约具有中间人攻击的风险.为了提高协议的安全性,提出了一种基于非对称密码算法的双向身份认证机制,并采用对称加密机制、数字签名技术确保传输报文的机密性和完整性,最后通过仿真测试验证该方法的有效性.

Security Analysis of 103 Protocol of DTU Terminal in Distribution Network Automation

The IEC 60870-5-103 protocol is an information interface supporting standard applied to relay protection equipment and transmits mainly the information related to relay protection. The message is transmitted in plain text and has poor security for a lack of encryption measures and digital signature mechanism. A communication experiment environment between the master station and the DTU terminal is built to verify that there are hidden dangers in the 103 protocol of Ethernet transmission. A man-in-the-middle attack test is carried out on the system by detecting ARP spoofing. The experimental results show that the 103 protocol of Ethernet transmission faces the risk of man-in-the-middle attack. In order to improve the security of the protocol, we propose a two-way identity authentication mechanism based on an asymmetric cryptographic algorithm and rely on a symmetric encryption mechanism and digital signature technology to ensure the confidentiality and integrity of the transmitted message. Finally, the method is validated through simulation tests.