|
|
|
| Application of chain trusted boot in high voltage direct current control protection host |
| LI Yuepeng, KANG Jingjing, ZHANG Jian, JI Chaoqiang |
| XJ Electric Co., Ltd, Xuchang, He’nan 461000 |
|
|
|
|
Abstract In response to the current issue of weak security protection capabilities of control and protection hosts in hign voltage direct current (HVDC), this paper proposes a method based on trusted platform module (TPM) security chip, which uses the national secret algorithm SM2, SM3, SM4 to build the trusted root and use it for identity authentication. Through identity authentication and digital signature, the system overall design establishes a complete trusted chain from both hardware startup and software startup, and realizes the chain trusted boot for control and protection host from hardware startup, system load to system running. The experimental results show that the proposed scheme can well identify the risks of firmware tampering and identity forgery, realize the safe startup of the control and protection host, and improve the overall protection level of HVDC.
|
|
Received: 04 September 2023
|
|
|
|
| Cite this article: |
|
LI Yuepeng,KANG Jingjing,ZHANG Jian等. Application of chain trusted boot in high voltage direct current control protection host[J]. Electrical Engineering, 2023, 24(11): 71-75.
|
|
|
|
| URL: |
|
http://dqjs.cesmedia.cn/EN/Y2023/V24/I11/71
|
[1] 刘振亚. 特高压交直流电网[M]. 北京: 中国电力出版社, 2013.
[2] 孟沛彧, 向往, 潘尔生, 等. 分址建设直流输电系统拓扑方案与运行特性研究[J]. 电工技术学报, 2022, 37(19): 4808-4822.
[3] 周劼英, 张晓, 邵立嵩, 等. 新型电力系统网络安全防护挑战与展望[J]. 电力系统自动化, 2023, 47(8): 15-24.
[4] 王子骏, 刘杨, 鲍远义, 等. 电力系统安全仿真技术: 工程安全、网络安全与信息物理综合安全[J]. 中国科学(信息科学), 2022, 52(3): 399-429.
[5] 林峰, 梅勇, 朱益华, 等. 网络攻击对电力系统典型场景全过程影响综述[J/OL]. 南方电网技术: 1-15 [2023-09-06]. http://kns.cnki.net/kcms/detail/44.1643.TK.20230621.1743.002.html.
[6] 张浩然, 贾帅锋, 赵冠华, 等. 直流控制保护系统网络安全分析与对策[J]. 电气技术, 2020, 21(1): 110-112,125.
[7] 唐士杰, 袁方, 李俊, 等. 工业控制系统关键组件安全风险综述[J]. 网络与信息安全学报, 2022, 8(3): 1-17.
[8] 黄信兵, 刘桂雄. 基于SHA1的SCADA系统PLC固件完整性验证方法[J]. 中国测试, 2017, 43(6): 114-117.
[9] 金先涛, 李丹, 钟晶, 等. 商用密码算法在PLC固件完整性校验中的应用[J]. 电子产品可靠性与环境试验, 2021, 39(2): 22-25.
[10] MÜLLER K U, ULRICH R, STANITZKI A, et al. Enabling secure boot functionality by using physical unclonable functions[C]//2018 14th Conference on Ph.D. Research in Microelectronics and Electronics (PRIME), Prague, Czech Republic, 2018: 81-84.
[11] KELEMAN L, MATIĆ D, POPOVIĆ M, et al.Secure firmware update in embedded systems[C]//2019 IEEE 9th International Conference on Consumer Electronics (ICCE-Berlin), Berlin, Germany, 2019: 16-19.
[12] 董攀, 丁滟, 江哲, 等. 基于TEE的主动可信TPM/ TCM设计与实现[J]. 软件学报, 2020, 31(5): 1392-1405.
[13] 石丰略, 朱元, 吴志红, 等. 基于TPM芯片的车载安全空中下载系统研究[J]. 信息通信, 2018(7): 24-26.
[14] MALIPATLOLLA S, FELLER T, HUSS S A.An adaptive system architecture for mitigating asymmetric cryptography weaknesses on TPMs[C]//2012 NASA/ ESA Conference on Adaptive Hardware and Systems (AHS), Erlangen, Germany, 2012: 221-226.
[15] 李建立, 莫燕南, 粟涛, 等. 基于国密算法SM2、SM3、SM4的高速混合加密系统硬件设计[J]. 计算机应用研究, 2022, 39(9): 2818-2825, 2831.
[16] 胡景秀, 杨阳, 熊璐, 等. 国密算法分析与软件性能研究[J]. 信息网络安全, 2021(10): 8-16.
[17] 于颖超, 陈左宁, 甘水滔, 等. 嵌入式设备固件安全分析技术研究[J]. 计算机学报, 2021, 44(5): 859-881.
[18] 施一明, 高博, 王天林, 等. PLC控制系统可信架构及硬件技术研究[J]. 中国仪器仪表, 2022(4): 27-30, 36.
[19] 刘文彪, 王位杰, 江南, 等. 二次设备配置工具安全加固设计及实现[J]. 电气技术, 2020, 21(6): 141-145.
[20] 姜云鹏, 任洲洋, 李秋燕, 等. 考虑多灵活性资源协调调度的配电网新能源消纳策略[J]. 电工技术学报, 2022, 37(7): 1820-1835. |
|
|
|
2023, Vol. 24 
