国密算法在核安全级DCS中的应用研究

Research on the Application of Domestic Cryptographic Algorithm for Nuclear Power Plant Safety-DCS

随着国际形式的日益严峻及关键技术自主可控要求的日益提高,作为1E级设备的核安全级分布式控制系统(DCS)的信息安全特性受到了越来越广泛的关注。简要介绍了核安全级DCS的系统平台架构及其基本功能站特性,详细介绍了具有完全自主知识产权的国密SM2、SM3及SM4加密算法,分析了不同加密算法实现流程及其技术手段。同时,针对核安全级DCS,根据不同国密算法特点,研究了不同国密算法在其系统中的应用场景,提出了可信认证系统、本地数据加密系统及通信加密系统的初步设计方案,并对方案可行性进行了全面分析。分析结果表明,具有自主知识产权的国密加密算法能够完全适用于核安全级DCS的各项应用场景。3种加密方案为核安全级DCS的自主可控及信息安全特性的提升提供了强有力的理论支撑。

With severer international situation and higher requirements for autonomous and controllable key technologies,wide attention has been drawn to the information security features of the nuclear power plants safety distributed control system(DCS)as 1E class electrical equipment.The system architecture and the features of fundamental functional stations of safety DCS is briefly introduced.After that,with proprietary intellectual property rights,the domestic cryptographic algorithm including SM2,SM3 and SM4 algorithms has been introduced in detail,and their technologies and implementation flows have been analyzed.Meanwhile,focusing on the safety DCS,the implementation scenarios of the domestic cryptographic algorithm and proposes a preliminary design scheme including trusted authentication system,local-data encryption system and communication encryption system introduced.The availability of this design scheme is comprehensive analyzed.The analysis results show that the domestic cryptographic algorithm with independent intellectual property rights can be fully applicable to various application scenarios of the safety DCS.The three encryption schemes can provide a strong foundation for the independent controllability and the improvement of the information security characteristics.