Although there are several solutions utilized to prevent security threats in DNP3 networks, existing DNP3-SA networks still have severe shortcomings. To solve this security problem, the attack vector and security requirements of DNP3-SA protocol are analyzed, then, a cryptography security designs and enhancements of DNP3-SA protocol is proposed based on the Trusted Computing, which authenticate the identity and security status of the client and server to prevent node sensitive information from being compromised. The new protocol overcomes man-in-the-middle and replay attacks without increasing communication overhead. The protocol is verified by the SPAN tool, and no intrusion path is found, which ensures the integrity, authenticity, freshness and confidentiality of the nodes participating in the communication.