策略动态更新的变电站安全通信体系研究OA

In view of the inadequate response of single fixed encryption and decryption algorithm in substations to third-party interceptions and brute-force attacks,this paper analyzes the characteristics of substation network and proposes a secure system scheme with dynamic negotiation of security policy.First,a unified security policy library is established,which is managed through certificate authority and secret key agent,and a subset of the policy library matching with each device is made.In the communication progress,the security policy that adapt to the communication devices is dynamically selected,the device characteristics information is added to the secret key data in the distribution process,and a time-effective management is performed.This mechanism can realize the adaptive select of the security policy,and improve the ability to cope with third-party interception and brute-force cracking.Through the design of a test platform,it is confirmed that the policy dynamic update mechanism does not affect the normal operation of the key functions of the equipments,and has a slight impact on the real-time communication of the equipment.