A secure transmission method for cross-domain goose messages in rail transit substations

Abstract

The present invention provides a method for safe transmission of cross-domain GOOSE messages in rail transit substations. Combined with the characteristics of cross-domain GOOSE messages, the state information transmitted by GOOSE is corresponding to bits and converted into combined values. By traversing the state information All combinations of the plaintext / ciphertext mapping table are generated in advance. When the device is started, the plaintext / ciphertext mapping table data is written into the DDR, and the combined value is used as the table retrieval index. The encryption and decryption of the data directly adopt the table lookup method. The process of encryption and decryption is omitted, the data processing delay is reduced, and the real-time performance of GOOSE is not affected.

Description

technical field [0001] The invention relates to the technical field of network data transmission, in particular to a method for safely transmitting GOOSE messages across domains of rail transit substations. Background technique [0002] The rail transit power supply system adopts the IEC61850 communication protocol to realize information sharing between power supply equipment. Among them, cross-domain signals between substations, such as interlocking signals, bilateral joint jump signals, etc., are also transmitted through optical fiber media and the GOOSE protocol. IEC61850 The standard only focuses on the information exchange between IED devices, and does not consider the security in the communication process. However, the cross-domain signal GOOSE has a large transmission interval and many transmission nodes, so it is relatively easy to be invaded, and there is a certain potential danger of being invaded. Once the GOOSE network is invaded, it will affect the normal opera...

AI Technical Summary

Problems solved by technology

[0002] The rail transit power supply system adopts the IEC61850 communication protocol to realize information sharing between power supply equipment. Among them, cross-domain signals between substations, such as interlocking signals, bilateral joint jump signals, etc., are also transmitted through optical fiber media and the GOOSE protocol. IEC61850 The standard only focuses on information interaction between IED devices, and does not consider the security of the communication process

However, the cross-domain signal GOOSE has a large transmission interval and many transmission nodes, so it is relatively easy to be invaded, and there is a certain potential danger of being invaded.

Once the GOOSE network is invaded, it will affect the normal operation of the subway power supply system, and the consequences will be unimaginable. Therefore, the security issue of using GOOSE information to transmit cross-domain information needs to be resolved urgently

[0003] The IEC62351 standard is a data and communication security standard developed by the International Electrotechnical Commission for communication protocols related to the electric power field. In IEC62351, encryption and authentication are the core content. IEC62351-6 provides a security mechanism for GOOSE communication, which is compatible with the original GOOSE message , to ensure the consistency of data processing. Due to the extremely high time requirements of GOOSE messages, the encryption of GOOSE messages may not meet the time requirements. The mechanism does not define encryption for messages, so this mechanism solves identity authentication and anti-replay attack, did not address data eavesdropping

Images