Abstract: The security problem of data transmission from smart edge devices in distributed resources (DR) brings hidden risks for power system. The Modbus TCP (transmission control protocol) is a commonly used communication method for edge devices, but its flawed security design makes the system vulnerable to cyber-attacks. In this paper, based on a review of the existing security methods, we analyzed their shortcomings under DR application scenarios, and proposed a non-intrusive Modbus TCP security enhancement method. The method adopts an architecture of cloud-edge collaboration, and uses the cloud platform of the power control center to manage access control principles, and deploys the actual access control module in the edge devices to restrict malicious behaviours through fine-grained access control combinations. Finally, based on the Modbus protocol reference guide, a DR application scenario was built for penetration testing. It was proved that the proposed method can effectively defend against the replay attacks and man-in-the-middle attacks in this scenario, and the time cost is within a hundred microseconds.