IEC 60870-5-104远动协议的一种安全报文探讨

随着电力系统网络化的发展，很多调度主站和变电站远程终端设备(RTU)的通信已经逐步采用以太网，国际电工委员会(IEC)于1998年8月制定了 IEC60870-5-104协议，该协议的目的是将原有的 IEC60870-5-101远动协议用于 TCP/IP 网络。通过 TCP/IP 网络传输远动信息也带来了一系列安全问题，其不安全因素主要体现在对远动报文的窃听、篡改和伪造等3个方面，解决方法在于调度主站及厂站 RTU 的身份认证与远动报文信息的加密。为此，应用信息安全技术对IEC60870-5-104应用协议数据单元(APDU)及其传输模式进行了研究，在不改变原有报文传输模式的情况下提出了一种安全报文的设想，在一定程度上能有效地满足信息保密与安全认证的需要。

Discussion on Security Message of IEC 60870-5-104 Telecontrol Protocol

The telecontrol system is changing step by step with the development of communication and network technology.IEC60870-5-104 is a telecontrol transmission protocol,which can be called network access for IEC 60870-5-101 using standardtransport profiles,and the purpose of this protocol is to use IEC 60870-5-101 on the TCP/IP network.There will be a series ofsecurity problems when the telecontrol information is transmitted on the network,and the insecurity factors are embodied insuch attacks as interception,modification and fabrication.To remedy such a situation,the useful way is sender and receiver'sidentity authentication,message encryption and integrity authentication.Therefore,the application protocol data unit(APDU)of IEC 60870-5-104 protocol based on the information security technology is analyzed,and a telecontrol security message isdesigned,for which an idea of security message is put forward without changing the original message transmission model whilemeeting the requirement for information security and authentication.