Summary of the invention
In view of this, the object of the invention is to propose a kind of method that converged communication network is docked with main website, converged communication network can be realized and dock with the safety of main website.
The method of docking with main website based on above-mentioned purpose converged communication network provided by the invention comprises:
Converged communication network gathers electricity consumption data message, and the identity information of electricity consumption data message and converged communication network is sent to main website fire compartment wall;
The identity information of converged communication network examined by main website fire compartment wall, if the identity information of converged communication network is effective, electricity consumption data message is sent to main website by main website fire compartment wall;
Main website carries out analyzing and processing to the data message that converged communication network is transmitted, and sends the identity information by control command and main website to the converged communication network of correspondence;
Converged communication network examines the identity information of main website, if the identity information of main website is effective, converged communication network performs the corresponding control command that main website sends.
Wherein, converged communication network comprises electric terminal, information acquisition module, this locality of connecting successively and focuses on device and GPRS module, information acquisition module gathers the electricity consumption data message of electric terminal, and this locality that the electricity consumption data message of electric terminal converges to is focused in device, connected by GPRS module and GPRS network, the identity information of electricity consumption data message and converged communication network is sent to main website fire compartment wall.
Further, this locality focuses on device also for examining the identity information of main website and performing the corresponding control command that main website sends.
Further, electric terminal adopts Internet of Things framework, bond networking architecture and protocol specification, sets up the layer structure data model that power information transmits and equipment room is interconnected; Comprising the bottom is essential information, receive by all devices within the scope of Internet of Things and perception, be namely plant capacity, the ID of equipment and the type of equipment; The second layer is extend information, for electricity consumption request, derives from user operation or Based Intelligent Control, needs to provide request signal, and scheduled time length and request rank, for scheduler program analyzing and processing; Third layer is high-level information, is response message, derives from miscellaneous equipment; Also be provided with additional information layer, except this equipment sends to the specific information of special equipment, for application layer encryption and the verification of information.
Particularly, it is the mixed-signal system level single-chip microcomputer be integrated on chip that this locality focuses on device, can carry out data acquisition and Control on Communication; Wherein, to focus on device data acquisition be collection to each channel data and storage in this locality, for GPRS module data source is provided; This locality focuses on the internal RAM that there are 4352 bytes device inside, for depositing ephemeral data; And distribute 3900 bytes to store and transmission for data, this space is divided into 13 pieces, every block 300 byte, and wherein 12 pieces corresponding to the sampled data depositing each passage; Because a power frequency period is sampled as 10 points, so the ephemeral data in RAM remains the data in each passage nearest 30 cycles all the time.
Particularly, this locality focuses on device Control on Communication flow process and comprises: initialization system clock and port, and arranges RAM; Initialize Timer produces 6000Hz Interruption, and initialization serial ports; Start GPRS module, and set up TCP connection; Receive the order of main website by GPRS module and resolve; Judge the command type after resolving, if uploading data order then performs the 6th step, if control command then performs the 7th step; Read the data needing in RAM to upload, the data gathered in this RAM are sent to GPRS module, then send main website to by TCP connection; By control command send to the corresponding electric terminal that will carry out controlling.
Further, GPRS module focuses under device controls in this locality and realizes protocol analysis and long-range connection, and carry out data encapsulation according to the multi-channel information that this locality to be focused on device collection by the request of main website, additional mark code composition information frame is sent to GPRS network, and enters Internet by GGSN gateway and received by main website.
In a preferred embodiment, GPRS module comprises a SIM card, and SIM card is connected by SIM card interface circuit with GPRS module, and SIM card realizes authentication; Employ a tlv triple in the subscriber authentication mechanism of GPRS module, comprise the random parameter RAND of 128, for the A3 arithmetic result SRES of user rs authentication and 64 key K by A8 algorithm calculating gained
c; At network side, this tlv triple to be obtained from attaching position register by SGSN and is stored in SGSN inside; Wherein, K
ibe the subscriber authentication key be stored in SIM card and HLR, length is 128; First, electric terminal proposes checking request to SGSN, after SGSN receives request, sends an authorization information to HLR; After HLR receives this information, produce one 0 and 2 with randomizer
128128 random parameter RANDs between-1, and the user rs authentication key K utilizing this random number and self store
i, use A3 algorithm to obtain result SRES, use A8 algorithm to obtain the key K of GPRS cryptographic algorithm
c, and by random number, SRES, K
csGSN is sent it back as a tlv triple; Then, tlv triple storage is got up by SGSN, and random number is wherein sent to electric terminal; The authentication secret K that electric terminal uses this random number and is stored in self SIM card
i, utilize A3 algorithm calculate result SRES and send it back SGSN; Finally, the SRES that SRES in the tlv triple of storage inside and user beam back compares by SGSN, if the two is equal, then electric terminal have passed authentication, SGSN is undertaken with terminal the need of data being transmitted to the negotiation and setting that are encrypted subsequently, and ensures to carry out while encrypting and decrypting between SGSN and electric terminal; Consult successfully, authentication process itself terminates.
In a preferred embodiment, main website, according to situation about monitoring electric terminal, carries out control operation to electric terminal or sends data upload requests; Namely set up the Transmission Control Protocol between main website and GPRS module, send control command or data upload requests order to GPRS module; Wherein, main website and electric terminal set up liaison, receive uploading data and comprise: the first step, judges whether to establish the Transmission Control Protocol between this main website and GPRS module, if then directly carry out second step, the Transmission Control Protocol then arranged between main website and GPRS module performs second step more if not; Second step, starts socket and intercepts; 3rd step, judges whether the connection request from GPRS module, if then accept to connect execution the 4th step, then turns back to step second step if not; 4th step, according to connection request, main website receive data.
The identity information of above-mentioned converged communication network comprise can be this locality of converged communication network focus in the MAC Address of the IP address of device, the GRPS module of converged communication network one or more; The identity information of main website can be the static ip address of main website.
As can be seen from the above, the method that a kind of converged communication network provided by the invention is docked with main website, by using main website fire compartment wall to carry out the authentication of converged communication network and the technical scheme using the bidirectional identification between main website and converged communication network to verify, effectively improve the fail safe that converged communication network is docked with main website.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly understand, below in conjunction with specific embodiment, and with reference to accompanying drawing, the present invention is described in more detail.
According to one embodiment of present invention, a kind of method that converged communication network is docked with main website is provided.
As shown in Figure 1, the converged communication network provided according to the embodiment of the present invention and main website docking calculation comprise:
Step S101, converged communication network gathers electricity consumption data message, and the identity information of electricity consumption data message and converged communication network is sent to main website fire compartment wall;
Step S103, the identity information of converged communication network examined by main website fire compartment wall, if the identity information of converged communication network is effective, electricity consumption data message is sent to main website by main website fire compartment wall;
Step S105, main website carries out analyzing and processing to the data message that converged communication network is transmitted, and sends the identity information by control command and main website to the converged communication network of correspondence;
Step S107, converged communication network examines the identity information of main website, if the identity information of main website is effective, converged communication network performs the corresponding control command that main website sends.
Wherein, converged communication network comprises electric terminal, information acquisition module, this locality of connecting successively and focuses on device and GPRS module, information acquisition module gathers the electricity consumption data message of electric terminal, and this locality that the electricity consumption data message of electric terminal converges to is focused in device, connected by GPRS module and GPRS network, the identity information of electricity consumption data message and converged communication network is sent to main website fire compartment wall.
Further, this locality focuses on device also for examining the identity information of main website and performing the corresponding control command that main website sends.
In one embodiment of the invention, electric terminal adopts Internet of Things framework, as shown in Figure 2.Information Perception between object is the basis of Internet of Things, is characterized in the Intellisense between object and identification automatically, accomplishes plug and play.Electric terminal 101 is directly user oriented, directly represent the service level of electric power networks, and One's name is legion, complex management.Can Sensor Network network layers be passed through between electric terminal 101, namely carry out interconnected with Quick Response Code, RFID, transducer etc.In an embodiment, electric terminal 101 have employed WIFI and carries out interconnected, namely in each electric terminal 101, is provided with WIFI module.Then by transport network layer, namely by existing the Internet, Broadcasting Cable Network, communication network, transmission and the calculating of data is realized.
Preferably, in the communication information model construction of electric terminal 101, the devices interconnect mechanism of plug and play must be realized, bond networking architecture and protocol specification, set up the data model that power information transmits and equipment room is interconnected, realize the perception of equipment, identity verify and control, the protocol analysis specification in define equipment message transmitting procedure.In an embodiment, the information model of electric terminal 101 is as following table:
Described electric terminal 101 information model has typical layer structure, and the encryption of each layer information can be accepted or rejected as required with transmission.Wherein, the bottom is essential information, and this is a kind of broadcast message, receive by all devices within the scope of Internet of Things and perception.This part information will timed sending, is also the basis that each equipment realizes plug and play.Meanwhile, each equipment also receives the broadcast message of miscellaneous equipment, and understanding the basal conditions of all " online " equipment, namely can be plant capacity, the ID of equipment and the type of equipment etc.The second layer is extend information, is mainly used in electricity consumption request, may derive from user operation or Based Intelligent Control, needs to provide request signal, and scheduled time length and request rank, for scheduler program analyzing and processing.Third layer is high-level information, is generally response message, derives from miscellaneous equipment, especially the inquiry request of management of power use equipment, and this equipment responds, and sends the information such as current operating conditions, energy source, in real time rate.In addition, be also provided with additional information layer, except this equipment sends to the specific information of special equipment, be mainly used in application layer encryption and the verification of information, strengthen the reliability of information transmission.
Preferably, described WIFI module uses WAPI encryption method to realize the checking of data encryption and identity.In an embodiment, utilize the two-way authentication based on digital certificate, between electric terminal and WAP (wireless access point), set up mutual authentication scheme.Wherein, adopt the public key certificate system based on elliptic curve, wireless client and access point carry out bidirectional identification discriminating by certificate server.For data encryption, the symmetric cryptographic algorithm of national commercial cipher administration committee is adopted to carry out the encryption and decryption of information.
In one embodiment of the invention, it is the mixed-signal system level single-chip microcomputer be integrated on 1 chip block that this locality focuses on device, has and MCS-51 kernel and the complete compatible microcontroller of instruction.Except there are the digital peripherals parts of standard 8051 machine, analog component conventional in acquisition and control system and other digital peripherals and functional part is also integrated with in sheet, mainly comprise Multipexer selector, programmable gain amplifier, ADC, DAC, voltage comparator, voltage reference, temperature sensor, SMBus/I2C, UART, SPI, programmable counter/Timer Array, timer, I/O port, supply monitor, WatchDog Timer and clock oscillator etc., and this this locality focuses on device inside has JTAG and debug circuit, the single-chip microcomputer be arranged on final application system product can be used to carry out non-intruding by JATG interface, at full speed and in system debug.
This locality focuses on data acquisition and the preliminary treatment that device is mainly used in front end monitor signal, and uses serial ports control WIFI module and realize transfer of data.Its main circuit comprises: clock circuit, reset circuit, JTAG artificial mouth circuit, serial line interface level shifting circuit, power circuit etc.Preferably, what this locality focused on device employing is C8051F020 single-chip microcomputer.
Specifically, the power supply that this locality focuses on device comprises digital power and the analog power of 3.3V, is produced by LM2937IMP-3.3.LM2937 is the three end low-dropout regulators that ON Semiconductor Corporation produces, and has the functions such as overcurrent protection, overtemperature protection, the protection of Correctional tube safety operation area, also add " anti-packed battery protection " function.
The peripheral circuit that this locality focuses on device comprises clock circuit, reset circuit and JTAG artificial mouth circuit.Clock adopts the passive crystal oscillator of 22.1184MHz, and reset circuit supports that electrification reset and button reset.Jtag interface circuit utilizes the boundary scan test circuit pin of single-chip microcomputer inside to add that pull-up circuit is formed, as shown in Figure 3.
The serial interface circuit that this locality focuses on device realizes 232 level conversion, adopts P0.0, P0.1, P4.0, P4.1 of single-chip microcomputer to realize serial line interface, adopts SP3223E level transferring chip to realize Transistor-Transistor Logic level and 232 level conversion of single-chip microcomputer, as shown in Figure 4.
It should be noted that, in one embodiment, the major function that this locality focuses on device comprises data acquisition and Control on Communication two parts.Wherein, described data acquisition completes collection to each channel data and storage, for GPRS module provides data source.Because power frequency component is 50Hz, store and transmission demand for considering data, to every road signal 500Hz and 8 sampling, then timer spilling frequency gets 6000Hz, samples in turn to each passage when timer produces and interrupts.Preferably, this locality focuses on the internal RAM that there are 4352 bytes device inside, can be used for depositing ephemeral data.In addition, distribute 3900 bytes to store and transmission for data.This space is divided into 13 pieces, every block 300 byte, and wherein 12 pieces corresponding to the sampled data depositing each passage.Because a power frequency period is sampled as 10 points, so the ephemeral data in RAM remains the data in each passage nearest 30 cycles all the time.To each channel setting position indicator pointer variable, for newly putting the covering of old point and providing original position for during transfer of data.Another block 300 byte space for sending buffering area, when GPRS module obtain request need transmission data time, the data of dedicated tunnel are moved rapidly into buffering area medium to be sent, simultaneously mark are set during data batchmove, to prevent from cappedly destroying data sequence.
Described Control on Communication completion system initialization, sets up network and connects, resolve the request of main website 107, specific data source is added flag information and authorization information composition data frame and sends.As shown in Figure 5, this locality focuses on implement body ground Control on Communication flow process and comprises:
S110, initialization system clock and port, and RAM is set.
In an embodiment, this locality focuses on the internal RAM that there are 4352 bytes device inside, for depositing ephemeral data.
Preferably, this locality focuses in device and is provided with WatchDog Timer, needs first to close WatchDog Timer before carrying out step S110.Wherein, WatchDog Timer is a kind of timer, after generation software issue and program fleet, make system restart.Auto-counting when WatchDog Timer normally works, program circuit is regularly resetted clearing, if system somewhere stuck or race flies, this timer will overflow, and will enter interrupt in timer interruption, perform some reset operations, be the normal operating state of System recover, namely there is no normal operation period in program, reset house dog is to ensure that zero is overflowed in selected timing as scheduled, and processor is restarted.
S111, initialize Timer produces 6000Hz Interruption, and initialization serial ports.
S112, starts GPRS module, and sets up TCP connection.
S113, receives the order of main website by GPRS module and resolves.
S114, judges the command type after resolving, if uploading data order then performs S115, if control command then performs S116.
S115, reads the data needing in RAM to upload, the data gathered in this RAM is sent to GPRS module, then sends main website to by TCP connection.
S116, sends to the corresponding electric terminal that will carry out controlling by described control command.
As one embodiment of the present of invention, GPRS module focuses under device controls in this locality and realizes protocol analysis and long-range connection, and carry out data encapsulation according to the multi-channel information that this locality to be focused on device collection by the request of main website, additional mark code composition information frame is sent to GPRS network, and enters Internet by GGSN gateway and received by main website.GPRS module on the basis of GSM network, increases GPRS service node (SGSN), GPRS gateway node (GGSN) and series of standards interface realize.
Preferably, GPRS module comprises a SIM card, and SIM card is connected by SIM card interface circuit with GPRS module, and SIM card realizes authentication.Employ a tlv triple in the subscriber authentication mechanism of GPRS module, comprise the random parameter RAND of 128, for the A3 arithmetic result SRES (32) of user rs authentication and 64 key K by A8 algorithm calculating gained
c(the GPRS cryptographic algorithm GEA by being used for authentication and terminating to use in rear transfer of data).At network side, this tlv triple is obtained by SGSN from attaching position register (Home Location Register, HLR) place and is stored in SGSN inside.Its specifically, K
ibe the subscriber authentication key be stored in SIM card and HLR, length is 128.First, electric terminal proposes checking request to SGSN, after SGSN receives request, sends an authorization information to HLR.After HLR receives this information, produce one 0 and 2 with randomizer
128128 random parameter RANDs between-1, and the user rs authentication key K utilizing this random number and self store
i, use A3 algorithm to obtain result SRES, use A8 algorithm to obtain the key K of GPRS cryptographic algorithm (GEA)
c, and by random number, SRES, K
csGSN is sent it back as a tlv triple.Then, tlv triple storage is got up by SGSN, and random number is wherein sent to electric terminal.The authentication secret K that electric terminal uses this random number and is stored in self SIM card
i, utilize A3 algorithm calculate result SRES and send it back SGSN; Finally, the SRES that the SRES in the tlv triple of storage inside and user beam back compares by SGSN, if the two is equal, then electric terminal have passed authentication.Subsequently, SGSN is undertaken with terminal the need of data being transmitted to the negotiation and setting that are encrypted, and ensures to carry out while encrypting and decrypting between SGSN and terminal.Consult successfully, authentication process itself terminates.
Preferably, GPRS module, after carrying out authentication success, also carries out data encryption work to the data transmitted.In GPRS network data transmission procedure, data and signaling, by cryptographic algorithm protection, are in logic link control (LLC) layer.
In one embodiment, GPRS module adopts MC52i wireless module, is the minimum double frequency GSM/GPRS module of size.The embedded ICP/IP protocol stack of MC52i, is easy to integrated, and user can develop GPRS wireless Internet access terminal within the short time, is widely used in the fields such as remote monitoring, Public CDMA WLL, car-mounted terminal, radio POS terminal.
The peripheral circuit of GPRS module comprises power circuit, GPRS module enabling signal circuit for generating, SIM card interface circuit and level shifting circuit.Wherein, power circuit adopts the positive integrated regulator of ASM1117, for GPRS module interface card provides the digital power of 3.3V.Multiple electric capacity is used for carrying out filtering process to input and output power supply, two light-emitting diodes, and one of them is used to refer to the supply condition of power supply, the communications status of the SYNC pin instruction GPRS of Another application GPRS, as shown in Figure 6.
The enabling signal IGT circuit for generating of GPRS module is produced by chip CAT1161, and the IGT pin for gsm module provides one and is greater than 100ms the duration is less than the starting impulse signal of 1ms and level declines, and enters operating state after making it power up.SIM card interface circuit realizes the interface of GPRS module and SIM card.In addition, in level shifting circuit, have employed the RS232 level that 0 ~ 5V Transistor-Transistor Logic level of GPRS module is converted to-10 ~+10V by SP207E, to communicate with PC in debugging link, also can communicate with Single Chip Microcomputer (SCM) system above simultaneously.
Main website according to situation about monitoring electric terminal, can carry out control operation to electric terminal or sends data upload requests.Namely set up the Transmission Control Protocol between main website and GPRS module, send control command or data upload requests order to GPRS module.
In addition as in an alternative embodiment of the invention, main website and electric terminal set up liaison, receive the specific implementation process of uploading data as shown in Figure 7:
S130, judges whether to establish the Transmission Control Protocol between this main website and GPRS module, if then directly carry out S131, the Transmission Control Protocol then arranged between main website and GPRS module performs S131 more if not.
Preferably, the server end that main website connects to set up a network, need to arrange IP address and port numbers, then server calls method Listen enters blocked state, waits for the connection request from GPRS module.
S131, starts socket and intercepts.
S132, judges whether the connection request from GPRS module, if then accepting to connect performs S133, then turns back to step S131 if not.
Preferably, when the server of main website receives connection request, event ConnectionRequest is triggered.As server is ready to provide service, then can call Accept method and accept connection.
S133, according to described connection request, described main website receives data.
Preferably, once main website and GPRS module connection establishment, according to the service in described request, described main website can use GetData to carry out the reception of data.When receiving data, event DataArrival will be triggered, can carry out data storage, process and by interface carry out parameter waveform display.
The identity information of above-mentioned converged communication network comprise can be this locality of converged communication network focus in the MAC Address of the IP address of device, the GRPS module of converged communication network one or more; The identity information of main website can be the static ip address of main website.
In sum, the converged communication network provided by the invention method of docking with main website carries out the authentication of converged communication network and the technical scheme using the bidirectional identification between main website and converged communication network to verify by using main website fire compartment wall, effectively improves the fail safe that converged communication network is docked with main website; Meanwhile, the present invention can solve the security performance of electric terminal access; Under existing wireless communications network environment, realize the remote transmission of information; Finally, whole described electric network terminal communication system is easy, compact, is easy to realize.
Those of ordinary skill in the field are to be understood that: the foregoing is only specific embodiments of the invention; be not limited to the present invention; within the spirit and principles in the present invention all, any amendment made, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.