Research of Distribution Automation Terminal Information Security Risk Evaluation Methods

LIN Yong-feng，CHEN Liang，ZHANG Guo-qiang
（The Electric Power Research Institute of State Grid Tianjin Electric Power Company，Tianjin 300384，China）
Abstract：In order to solve the information security attacks of distribution automation terminal caused by its own complexity，design flaws as well as viruses，Trojans and other threats，this paper analyzed the information security risk which may exist in distribution automation terminal from the system layer，communication layer and distribution layer，presented a set of distribution automation terminal information security evaluation methods，including configuration checking，vulnerability scanning，penetration testing，risk value calculating，and standardization work flow of evaluation.By distributing automation system network and business models，the paper put forward a method to build the test platform，which provided the experimental environment for developing information security evaluation and vulnerability detection of automation terminal. The method has been applied in practical work to solve the information security risks existing in distribution automation terminal.
Key words：distribution automation；information security；evaluation；experimental platform；vulnerability