摘要
随着智能电网的发展,新旧设备共存,由于电表MCU主频及空间资源的限制,使得以纯软件方式实现加密算法耗时长,难以满足智能电表的通信需求。针对国外无硬件加密的智能电表需升级支持TLS1.3安全协议的需求,设计了一种TLS1.3协议的应用方案。基于电表响应时间要求,裁剪优化TLS1.3握手流程,结合加密套件及扩展协商的选择,保证电表安全强度的同时及时响应主站系统。通过设计证书预装方法,解决TLS1.3协议中证书认证无法应用于电网基础设施薄弱的地区等难题。通过厂内的批量测试及现场运行,证明了所设计的基于TLS1.3协议的通信安全方案在电表中运行稳定,无异常反馈。
With the development of smart grid,new and old devices coexist.Due to the limitation of the main frequency of the meter MCU and space resources,it takes a long time to implement the encryption algorithm in pure software,and it is difficult to meet the communication requirements of smart meters.Aiming at the requirement that foreign smart meters without hardware encryption need to upgrade to support TLS1.3 security protocol,an application scheme of TLS1.3 protocol is designed.Based on the meter’s response time requirements,the TLS1.3 handshake process is tailored and optimized,combined with the choice of encryption suite and extended negotiation,to ensure the security strength of the meter and respond to the master system in a timely manner.By designing a certificate pre⁃installation method,the problem that certificate authentication in the TLS1.3 protocol cannot be applied to areas with weak power grid infrastructure is solved.Through the batch test in the factory and on⁃site operation,it is proved that the designed communication security scheme based on the TLS1.3 protocol operates stably in the meter without abnormal feedback.
作者
季海涛
张芳敏
黄柳胜
孙孟玉
黄炳洁
JI Haitao;ZHANG Fangmin;HUANG Liusheng;SUN Mengyu;HUANG Bingjie(School of Electronic and Information Engineering,Shanghai University of Electric Power,Shanghai 200000,China;Jiangsu Linyang Energy Co.,Ltd.,Qidong 226200,China)
出处
《电子设计工程》
2023年第16期162-166,共5页
Electronic Design Engineering
