Communication data security protection method for private electric power public network

Abstract

The invention discloses a data security protection method for private electric power public network communication. The method provides safe and reliable data communication for private electric power public network data communication through the technical means of network isolation, authority control, identity authentication and transmission encryption, and realizes Use public network communication anywhere and safely without any changes to the application environment or software. In application, the calling telecontrol communication security gateway (7) and the called telecontrol communication security gateway (9) are connected to the public network (8) through dial-up, and are the communication front-end processor (6) and the telecontrol terminal RTU (10) The communication establishes an encrypted public network communication channel, and the data is connected to the remote communication security gateway (7) from the communication front-end processor (6) through a serial port or network, and connected to the public network (8) through the calling telecontrol communication security gateway (7). , connect the called telecontrol communication security gateway (9) from the public network (8), and then connect the telecontrol terminal RTU (10) through a serial port or network. The invention can be widely used in the field of public network communication data security protection.

Description

technical field [0001] The invention relates to a method for protecting the security of communication data in a dedicated electric power public network. Background technique [0002] At present, the national electric power system is comprehensively carrying out security protection work in accordance with the requirements of the sixteen-character policy of "safety partition, network dedicated, horizontal isolation, and vertical authentication" determined by the "Secondary Electric Power System Safety Protection Regulations" (No. 5 Order of the Electric Power Regulatory Commission) , It is of great strategic significance to increase the strength of network and information security, ensure the smooth flow of information in normal production and operation, and ensure the safety of the secondary power system. [0003] According to the "Secondary Safety Protection Plan for Electric Power", its requirements for public network communication are as follows: [0004] "Safety protecti...

AI Technical Summary

Problems solved by technology

[0018] To sum up, since the design goal of DTU is protocol conversion and data communication, it does not adopt identity authentication and transmission encryption technology on the network layer in principle, so its security is very low, especially when the transmission delay of GPRS network is long. Large (usually about 1500ms), when using TCP communication, there will often be retransmitted data packets. In order to reduce data traffic and reduce communication costs, many DTUs change TCP to UDP. At this time, they are more vulnerable to hackers on the network and their security is more fragile. , so there is a big potential safety hazard when using this communication mode to realize the data communication of power dispatching, and necessary safety protection measures must be taken

Images