城市轨道交通跨所GOOSE信息安全传输方案

我国城市轨道交通变电所已采用IEC 61850标准协议实现了供电设备间的信息交互,其中跨所传输信号如馈线双边联跳保护信息、上网隔开闭锁信息等,也逐步采用GOOSE通信进行传输。由于跨所信号传输距离长,传输中间节点多,存在一定被侵入的潜在危险,可能危及到城市轨道交通供电系统的信息安全。针对上述信息安全问题,基于IEC 62351标准,运用HMAC加密、AES加密等算法,研究了一种结合GOOSE报文认证及数据域加密的双重信息保护方案,搭建起城市轨道交通跨所GOOSE信息安全传输通道,并对该安全传输方案的性能进行分析。

The substation of urban rail transit in China has adopted IEC 61850 standard protocol to realize the information exchange between power supply equipment,among which the signals transmitted across substations,such as feeder bilateral inter-trip protection information,online isolation locking information,are also gradually transmitted using GOOSE communication.Due to the long distance between signal transmission areas across substations and many transmitting intermediate nodes,there is a certain potential danger of being invaded,which may endanger the information security of power supply system of urban rail transit.With regard to the above information security problems,based on IEC 62351,using HMAC encryption,AES encryption and other algorithms,the paper studies a dual information protection scheme combining GOOSE message authentication and data domain encryption,builds a secure GOOSE information transmission channel across substations of urban rail transit,and analyzes the performance of this secure transmission scheme.