摘要
IEC60870-5-101规约主要用于电力SCADA数据监控采集系统主站和子站之间传输报文,由于该报文主要采用"帧校验和"的方式,其安全性较低,存在中间人攻击的安全隐患。为了验证该101规约的通信存在问题,构建了馈线终端FTU与主站的通信系统,在云服务器上采集FTU移动物联卡的遥测信息,利用中间人攻击方式,采用ARP欺骗截获通信数据分组,解析数据分组中的遥测信息,尝试数据篡改并成功使监控端数据得不到及时更新,最后提出了一种基于Hash签名的101规约安全机制。
The IEC60870-5-101protocol is mainly used for transmitting messages between the primary station and the substation of the power SCADA data monitoring and acquisition system.Since the message mainly adopts“frame check and sum”to ensure communication security,there is a common security risk among the intermediate personnel.In order to verify the communication problems of the101protocol,the communication system between the FTU and the main station of the feeder terminal was constructed,which collected the telemetry signal of the FTU mobile IoT card on the cloud server,and used the man-in-the-middle attack mode to use the ARP to intercept the communication data packet.To analyze the telemetry information in the data packet,try data tampering and successfully make the monitoring data not updated in time.Finally,an enhancement mechanism against external attacks was proposed.
作者
王勇
王相
贺文婷
周宇昊
蔡雨帆
WANG Yong;WANG Xiang;HE Wenting;ZHOU Yuhao;CAI Yufan(Department of Information Security, Shanghai University of Electric Power, Shanghai 200090, China;Huaneng Shanghai Shidongkou Second Power Plant, Huaneng Shanghgai Shidongkou Power Genertation CO., LTD., Shanghai 200942, China;National Energy Distributed Energy Technology Research and Development (experimental) Center,Huadian Electric Power Research Institute Co., LTD., Hangzhou 310030, China)
出处
《网络与信息安全学报》
2018年第10期22-30,共9页
Chinese Journal of Network and Information Security
基金
国家自然科学基金资助项目(No.61772327)
上海自然科学基金资助项目(No.16ZR1436300)
浙江大学工业控制技术国家重点实验室开放式基金资助项目(No.ICT1800380)
上海电力学院智能电网产学研开发中心基金资助项目(No.A-0009-17-002-05)
上海市科委地方能力建设基金资助项目(No.15110500700)~~
