| 馈线终端单元FTU的101规约安全性测试 |
| |
| 作者姓名: | 王勇 王相 贺文婷 周宇昊 蔡雨帆 |
| |
| 作者单位: | 1. 上海电力学院信息安全系,上海 200090;2. 华能上海石洞口发电有限责任公司华能上海石洞口第二电厂,上海 200942;3. 华电电力科学研究院有限公司国家能源分布式能源技术研发(实验)中心,浙江 杭州 310030 |
| |
| 基金项目: | 国家自然科学基金资助项目(61772327);上海自然科学基金资助项目(16ZR1436300);浙江大学工业控制技术国家重点实验室开放式基金资助项目(ICT1800380);上海电力学院智能电网产学研开发中心基金资助项目(A-0009-17-002-05);上海市科委地方能力建设基金资助项目(15110500700) |
| |
| 摘 要: | IEC60870-5-101规约主要用于电力SCADA数据监控采集系统主站和子站之间传输报文,由于该报文主要采用“帧校验和”的方式,其安全性较低,存在中间人攻击的安全隐患。为了验证该101规约的通信存在问题,构建了馈线终端FTU与主站的通信系统,在云服务器上采集FTU移动物联卡的遥测信息,利用中间人攻击方式,采用 ARP 欺骗截获通信数据分组,解析数据分组中的遥测信息,尝试数据篡改并成功使监控端数据得不到及时更新,最后提出了一种基于Hash签名的101规约安全机制。
|
| 关 键 词: | 馈线终端FTU 101规约 中间人攻击 ARP欺骗 |
Security test of 101 protocol of FTU |
| |
| Authors: | Yong WANG Xiang WANG Wenting HE Yuhao ZHOU Yufan CAI |
| |
| Affiliation: | 1. Department of Information Security,Shanghai University of Electric Power,Shanghai 200090,China;2. Huaneng Shanghai Shidongkou Second Power Plant,Huaneng Shanghgai Shidongkou Power Genertation CO.,LTD.,Shanghai 200942,China;3. National Energy Distributed Energy Technology Research and Development (experimental) Center,Huadian Electric Power Research Institute Co.,LTD.,Hangzhou 310030,China |
| |
| Abstract: | The IEC60870-5-101 protocol is mainly used for transmitting messages between the primary station and the substation of the power SCADA data monitoring and acquisition system.Since the message mainly adopts “frame check and sum” to ensure communication security,there is a common security risk among the intermediate personnel.In order to verify the communication problems of the 101 protocol,the communication system between the FTU and the main station of the feeder terminal was constructed,which collected the telemetry signal of the FTU mobile IoT card on the cloud server,and used the man-in-the-middle attack mode to use the ARP to intercept the communication data packet.To analyze the telemetry information in the data packet,try data tampering and successfully make the monitoring data not updated in time.Finally,an enhancement mechanism against external attacks was proposed. |
| |
| Keywords: | FTU 101 protocol man-in-the-middle attack ARP spoofing |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
