Invention content
In view of this, it is an object of the invention to propose a kind of method that converged communication network is docked with main website, Neng Goushi
Existing converged communication network is docked with the safety of main website.
The method docked with main website based on above-mentioned purpose converged communication network provided by the invention includes:
Converged communication network acquires electricity consumption data information, and the identity of electricity consumption data information and converged communication network is believed
Breath is sent to main website fire wall;
Main website fire wall verifies the identity information of converged communication network, main if the identity information of converged communication network is effective
Electricity consumption data information is sent to main website by fire wall of standing;
Main website carries out analyzing processing to the data information that converged communication network is transmitted, and is sent out to corresponding converged communication network
Go out the identity information by control instruction and main website;
Converged communication network verifies the identity information of main website, if the identity information of main website is effective, converged communication network executes
The correspondence control instruction that main website is sent out.
Wherein, converged communication network include sequentially connected electric terminal, information acquisition module, local centralized processing device and
GPRS module, information acquisition module acquire the electricity consumption data information of electric terminal, and by the electricity consumption data information of electric terminal
In the local centralized processing device converged to, established and connected by GPRS module and GPRS network, by electricity consumption data information with merge
The identity information of communication network is sent to main website fire wall.
Also, local centralized processing device is additionally operable to verify the identity information of main website and execute the corresponding control that main website is sent out to refer to
It enables.
Also, electric terminal uses Internet of Things framework, in conjunction with internet of things structure and protocol specification, establishes power information transmission
With the layer structure data model of equipment room interconnection;It is essential information including the bottom, by all devices within the scope of Internet of Things
It receives and perceives, be the type of plant capacity, the ID of equipment and equipment;The second layer is extension information, is asked for electricity consumption
It asks, derives from user's operation or intelligent control, need to provide request signal, it is contemplated that time span and request rank are scheduled for journey
Sequence analyzing processing;Third layer is high-level information, is response message, derives from miscellaneous equipment;It is also provided with additional information layer, in addition to
The equipment is sent to outside the specific information of special equipment, is used for the application layer encryption and verification of information.
Specifically, local centralized processing device is integrated in the mixed-signal system grade microcontroller on chip, can be into line number
According to acquisition and communication control;Wherein, local centralized processing device data acquisition is to complete the acquisition to each channel data and storage,
For GPRS module data source is provided;The internal RAM for having 4352 bytes inside local centralized processing device, for storing nonce
According to;And it distributes 3900 bytes to store and transmit for data, which is divided into 13 pieces, every piece of 300 bytes, wherein 12 pieces of correspondences
In the sampled data for storing each channel;Since a power frequency period is sampled as 10 points, so the ephemeral data in RAM is protected always
The data in each channel nearest 30 periods are stayed.
Specifically, local centralized processing device communication control flow includes:System clock and port are initialized, and is arranged
RAM;Initialization timer generates 6000Hz Interruptions, and initializes serial ports;Start GPRS module, and establishes TCP companies
It connects;Order and the parsing of main website are received by GPRS module;Judge the command type after parsing, then if it is upload data command
The 6th step is executed, the 7th step is then executed if it is control command;It reads in RAM and needs the data uploaded, by what is acquired in the RAM
Data are sent to GPRS module, then send main website to by TCP connection;By control command be sent to corresponding control
The electric terminal of system.
Further, GPRS module realization protocol analysis and long-range connection under locally centralized processing device control, and according to
The multi-channel information of local centralized processing device acquisition is carried out data encapsulation by the request of main website, and additional mark code forms information frame hair
It is sent to GPRS network, and Internet is entered by GGSN gateways and is received by main website.
In a preferred embodiment, GPRS module includes a SIM card, and SIM card passes through SIM card interface with GPRS module
Circuit connects, and SIM card realizes authentication;A triple has been used in the subscriber authentication mechanism of GPRS module, including
One 128 random parameter RANDs calculate 64 of gained for the A3 arithmetic results SRES of user's checking and by A8 algorithms
Key Kc;In network side, this triple is obtained by SGSN from home location register and is stored in inside SGSN;Wherein, Ki
The subscriber authentication key being stored in SIM card and HLR, length are 128;First, electric terminal is tested to SGSN propositions
After SGSN receives request, a verification information is sent to HLR for card request;After HLR receives the information, occurred with random number
Device generates one in 0 and 2128128 random parameter RANDs between -1, and tested using the user of the random number and itself storage
Demonstrate,prove key Ki, result SRES is obtained using A3 algorithms, the key K of GPRS Encryption Algorithm is obtained using A8 algorithmsc, and by random number,
SRES、KcSGSN is sent back as a triple;Then, SGSN gets up triple storage, and random number therein is sent out
Give electric terminal;Electric terminal uses the random number and the authentication secret K being stored in itself SIM cardi, utilize A3 algorithms
It calculates result SRES and sends back SGSN;Finally, SGSN beams back the SRES in the triple of storage inside with user
SRES is compared, if the two is equal, electric terminal has passed through authentication, and subsequent SGSN will be made whether to need with terminal
Will be to negotiation and setting that data transmission is encrypted, and ensure to carry out while encrypting and decrypting between SGSN and electric terminal;
After negotiating successfully, authentication process itself terminates.
In a preferred embodiment, the case where main website is according to electric terminal is monitored, control behaviour is carried out to electric terminal
Work or transmission data upload request;The Transmission Control Protocol between main website and GPRS module is established, control command or data upload are asked
Order is asked to send GPRS module to;Wherein, main website establishes liaison with electric terminal, receives upload data and includes:The first step,
Judge whether that the Transmission Control Protocol between the main website and GPRS module has had been established, if second step is then directly carried out, if being otherwise arranged
Transmission Control Protocol between main website and GPRS module executes second step again;Second step starts socket and intercepts;Third walks, and judges whether
There is the connection request from GPRS module, if then receiving connection executes the 4th step, if otherwise returning to step second step;4th
Step, according to connection request, main website receive data.
The identity information of above-mentioned converged communication network includes the IP for the local centralized processing device that can be converged communication network
Address, converged communication network GRPS modules MAC Address in it is one or more;The identity information of main website can be main website
Static ip address.
From the above it can be seen that the method that a kind of converged communication network provided by the invention is docked with main website, by using
Main website fire wall is carried out the authentication of converged communication network and is tested using the bidirectional identification between main website and converged communication network
The technical solution of card effectively increases the safety that converged communication network is docked with main website.
Specific implementation mode
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with specific embodiment, and reference
Attached drawing, the present invention is described in more detail.
According to one embodiment of present invention, a kind of method that converged communication network is docked with main website is provided.
As shown in Figure 1, the converged communication network provided according to embodiments of the present invention includes with main website interconnection method:
Step S101, converged communication network acquire electricity consumption data information, and by electricity consumption data information and converged communication net
The identity information of network is sent to main website fire wall;
Step S103, main website fire wall verify the identity information of converged communication network, if the identity letter of converged communication network
Breath is effective, and electricity consumption data information is sent to main website by main website fire wall;
Step S105, the data information that main website transmits converged communication network carry out analyzing processing, and to corresponding fusion
Communication network sends out the identity information by control instruction and main website;
Step S107, converged communication network verify the identity information of main website, if the identity information of main website is effective, converged communication
Network executes the correspondence control instruction that main website is sent out.
Wherein, converged communication network include sequentially connected electric terminal, information acquisition module, local centralized processing device and
GPRS module, information acquisition module acquire the electricity consumption data information of electric terminal, and by the electricity consumption data information of electric terminal
In the local centralized processing device converged to, established and connected by GPRS module and GPRS network, by electricity consumption data information with merge
The identity information of communication network is sent to main website fire wall.
Also, local centralized processing device is additionally operable to verify the identity information of main website and execute the corresponding control that main website is sent out to refer to
It enables.
In one embodiment of the invention, electric terminal uses Internet of Things framework, as shown in Figure 2.Letter between object
Breath perception is the basis of Internet of Things, its main feature is that the Intellisense between object and automatic identification, accomplish plug and play.Electricity consumption is whole
End 101 is directly facing user, directly represents the service level of electric power networks, and large number of, complex management.Electricity consumption
It can be interconnected with Quick Response Code, RFID, sensor etc. by Sensor Network network layers between terminal 101.In embodiment,
Electric terminal 101 uses WIFI and is interconnected, i.e., is provided with WIFI module in each electric terminal 101.Then pass through biography
Defeated network layer realizes the transmission and calculating of data that is, by existing internet, Broadcasting Cable Network, communication network.
Preferably, in the communication information model construction of electric terminal 101, it is necessary to realize the equipment interconnections of plug and play
System establishes the data model of power information transmission and equipment room interconnection, realizes equipment in conjunction with internet of things structure and protocol specification
Perception, identity differentiate and control, defines the protocol analysis specification in facility information transmission process.In embodiment, electric terminal
101 information model such as following table:
101 information model of electric terminal has a typical layer structure, and the encryption of each layer information and transmission can be with
It accepts or rejects as needed.Wherein, the bottom is essential information, this is a kind of broadcast message, by all devices within the scope of Internet of Things
It receives and perceives.This partial information will periodically be sent and each equipment realizes the basis of plug and play.Meanwhile each equipment
Also the broadcast message for receiving miscellaneous equipment, understands the basal conditions for owning " online " equipment, you can be plant capacity, equipment
The type etc. of ID and equipment.The second layer is extension information, is mainly used for request for electricity, is probably derived from user's operation or intelligence
It can control, need to provide request signal, it is contemplated that time span and request rank are scheduled for program analyzing processing.Third layer is high
Grade information, usually response message, derive from miscellaneous equipment, the especially inquiry request of power consumption management equipment, which makes
It responds, sends the information such as current operating conditions, energy source, real-time rate.In addition, additional information layer is also provided with, in addition to this
Equipment is sent to outside the specific information of special equipment, is mainly used for the application layer encryption and verification of information, reinforces information transmission
Reliability.
Preferably, the WIFI module realizes the verification of data encryption and identity using WAPI encryption methods.In reality
It applies in example, using the two-way authentication based on digital certificate, mutual authentication scheme is established between electric terminal and wireless access point.Its
In, using the public key certificate system based on elliptic curve, wireless client and access point are double by certificate server progress
Differentiate to identity.For data encryption, using symmetric cryptographic algorithm the adding into row information of national commercial cipher administration committee
Decryption.
In one embodiment of the invention, local centralized processing device is integrated in the mixed-signal system on 1 piece of chip
Grade microcontroller has the microcontroller completely compatible with MCS-51 kernels and instruction.Other than the number with 8051 machine of standard
If being also integrated with common analog component and other digital peripherals and function part in acquisition and control system outside component, in piece
Part includes mainly Multipexer selector, programmable gain amplifier, ADC, DAC, voltage comparator, voltage reference, temperature biography
Sensor, SPI, programmable counter/Timer Array, timer, the ports I/O, supply monitor, is seen SMBus/I2C, UART
Door dog timer and clock oscillator etc., and this is locally focused on inside device with JTAG and debug circuit, is connect by JATG
Mouth can use the microcontroller being mounted in final application system product to carry out non-intruding, full speed and in system debug.
Local centralized processing device is mainly used for the data acquisition and preliminary treatment of front end monitoring signals, and is controlled using serial ports
WIFI module simultaneously realizes data transmission.Its main circuit includes:Clock circuit, reset circuit, JTAG artificial mouths circuit, serial interface
Mouth level shifting circuit, power circuit etc..Preferably, local centralized processing device is using C8051F020 microcontrollers.
Specifically, the power supply of local centralized processing device includes the digital power and analog power of 3.3V, by
LM2937IMP-3.3 is generated.LM2937 is three end low-dropout regulators of ON Semiconductor Corporation's production, has over current protection
The functions such as shield, overheating protection, the protection of adjustment pipe safety operation area, also add " anti-packed battery protection " function.
The peripheral circuit of local centralized processing device includes clock circuit, reset circuit and JTAG artificial mouth circuits.Clock is adopted
With 22.1184MHz without source crystal oscillator, reset circuit supports electrification reset and button to reset.Jtag interface circuit is using in microcontroller
The boundary scan test circuit pin in portion is constituted plus pull-up circuit, as shown in Figure 3.
The serial interface circuit of local centralized processing device realizes 232 level conversions, using P0.0, P0.1 of microcontroller,
P4.0, P4.1 realize serial line interface, realize that the Transistor-Transistor Logic level of microcontroller and 232 level turn using SP3223E electrical level transferring chips
It changes, as shown in Figure 4.
It should be noted that in one embodiment, the local major function for focusing on device includes that data acquire and lead to
Letter control two parts.Wherein, acquisition and storage to each channel data are completed in data acquisition, and number is provided for GPRS module
According to source.Since power frequency component is 50Hz, to consider data storage and transmission demand, every road signal is adopted with 500Hz and 8
Sample, then timer overflow frequency take 6000Hz, timer generate interruption when each channel is sampled in turn.Preferably, local collection
The internal RAM for having 4352 bytes inside middle processor can be used for storing ephemeral data.In addition, 3900 bytes of distribution are used for data
Storage and transmission.The space is divided into 13 pieces, every piece of 300 bytes, wherein 12 pieces correspond to the sampled data for storing each channel.Due to
One power frequency period is sampled as 10 points, so the ephemeral data in RAM remains the number in each channel nearest 30 periods always
According to.To each channel installation position pointer variable, for newly putting the covering to old point and to provide initial position when data transmission.Separately
One piece of 300 byte space is for sending buffering area, when GPRS module, which obtains request, needs transmission data, by the number of dedicated tunnel
It is medium to be sent according to buffering area is moved rapidly into, while mark is set during data shift, to prevent capped destruction data suitable
Sequence.
The communication control completes system initialization, establishes network connection, the request of main website 107 is parsed, by specified number
Data frame is constituted plus flag information and verification information and send according to source.As shown in figure 5, local communicate with focusing on implement body
Control flow includes:
S110 initializes system clock and port, and RAM is arranged.
In embodiment, the internal RAM for having 4352 bytes inside local centralized processing device, for storing ephemeral data.
Preferably, being provided with WatchDog Timer in local centralized processing device, needed first before carrying out step S110
Close WatchDog Timer.Wherein, WatchDog Timer is a kind of timer, make after software issue and program fleet occurs be
System restarting.WatchDog Timer counts automatically when working normally, and program circuit is periodically resetted clearing, if system exists
Somewhere is stuck or race flies, which will overflow, and will execute some in timer interruption into interruption and reset operation, is
System restores normal working condition, i.e., in program without during normal operation, it is selected to ensure to reset house dog as scheduled
Zero is overflowed in timing, and processor is made to restart.
S111, initialization timer generates 6000Hz Interruptions, and initializes serial ports.
S112 starts GPRS module, and establishes TCP connection.
S113 receives order and the parsing of main website by GPRS module.
S114 judges the command type after parsing, S115 is then executed if it is data command is uploaded, if it is control command
Then execute S116.
S115 reads in RAM and needs the data uploaded, the data acquired in the RAM is sent to GPRS module, then pass through
TCP connection sends main website to.
The control command is sent to the corresponding electric terminal controlled by S116.
As an embodiment of the present invention, GPRS module realizes protocol analysis and remote under locally centralized processing device control
Journey connects, and the multi-channel information of local centralized processing device acquisition is carried out data encapsulation, additional mark according to the request of main website
Code composition information frame is sent to GPRS network, and enters Internet by GGSN gateways and received by main website.GPRS module be
Increase GPRS service nodes (SGSN), GPRS gateway nodes (GGSN) and series of standards interface on the basis of GSM network to come
It realizes.
Preferably, GPRS module includes a SIM card, SIM card is connect with GPRS module by SIM card interface circuit, SIM
Card realizes authentication.Used a triple in the subscriber authentication mechanism of GPRS module, including one 128 with
Machine number RAND, 64 key K that gained is calculated for the A3 arithmetic results SRES (32) of user's checking and by A8 algorithmsc
(the GPRS Encryption Algorithm GEA that will be used in data transmission after for authentication).In network side, this triple by
SGSN is obtained at home location register (Home Location Register, HLR) and is stored in inside SGSN.It is specific
For, KiThe subscriber authentication key being stored in SIM card and HLR, length are 128.First, electric terminal is to SGSN
It proposes checking request, after SGSN receives request, a verification information is sent to HLR.After HLR receives the information, with random
Number generator generates one in 0 and 2128128 random parameter RANDs between -1, and the random number and itself is utilized to store
User's checking key Ki, result SRES is obtained using A3 algorithms, the key K of GPRS Encryption Algorithm (GEA) is obtained using A8 algorithmsc,
And by random number, SRES, KcSGSN is sent back as a triple.Then, SGSN gets up triple storage, and will wherein
Random number be sent to electric terminal.Electric terminal uses the random number and the authentication secret K being stored in itself SIM cardi,
Result SRES is calculated using A3 algorithms and sends back SGSN;Finally, SGSN is by the SRES and use in the triple of storage inside
The SRES that family is beamed back is compared, if the two is equal, electric terminal has passed through authentication.Then, SGSN will be with terminal
While being made whether the negotiation and setting that need that data transmission is encrypted, and ensure encrypting and decrypting between SGSN and terminal
It carries out.After negotiating successfully, authentication process itself terminates.
Preferably, GPRS module also carries out data encryption work after carrying out authentication success to the data being transmitted
Make.In GPRS network data transmission procedure, data and signaling are algorithm protections encrypted, are in logic link control
(LLC) layer.
In one embodiment, GPRS module uses MC52i wireless modules, is smallest size of double frequency GSM/GPRS moulds
Block.MC52i embeds ICP/IP protocol stack, is easily integrated, and user can develop GPRS wireless networking terminals within the short time,
It is widely used in the fields such as remote monitoring, Public CDMA WLL, car-mounted terminal, radio POS terminal.
The peripheral circuit of GPRS module includes power circuit, GPRS module enabling signal generation circuit, SIM card interface circuit
And level shifting circuit.Wherein, power circuit uses the positive integrated regulators of ASM1117, is carried for GPRS module interface card
For the digital power of 3.3V.Multiple capacitances are for being filtered input and output power supply, two light emitting diodes, wherein one
A supply state for being used to refer to power supply, another indicates the communications status of GPRS using the SYNC pins of GPRS, such as Fig. 6 institutes
Show.
The enabling signal IGT of GPRS module occurs electric router chip CAT1161 and generates, and is provided for the IGT pins of gsm module
One is more than 100ms and level declines the starting impulse signal that the duration is less than 1ms, enters work shape after so that it is powered up
State.SIM card interface circuit realizes the interface of GPRS module and SIM card.It will in addition, using SP207E in level shifting circuit
0~5V Transistor-Transistor Logic levels of GPRS module are converted to the RS232 level of -10~+10V, to be led to PC machine in debugging link
Letter, while can also be communicated with the SCM system of front.
The case where main website can be according to electric terminal be monitored carries out control operation to electric terminal or transmission data uploads
Request.The Transmission Control Protocol between main website and GPRS module is established, sends control command or data upload requests order to GPRS
Module.
Additionally as in an alternative embodiment of the invention, main website establishes liaison with electric terminal, receives and uploads number
According to specific implementation process it is as shown in Figure 7:
S130 judges whether that the Transmission Control Protocol between the main website and GPRS module has had been established, if then directly carrying out
S131, if the Transmission Control Protocol being otherwise arranged between main website and GPRS module executes S131 again.
Preferably, main website needs that IP address and port numbers are arranged, then to establish the server end of a network connection
Server calls method Listen enters blocked state, waits for the connection request from GPRS module.
S131 starts socket and intercepts.
S132 judges whether there is the connection request from GPRS module, if then receiving connection executes S133, if otherwise returning
Return to step S131.
Preferably, when the server of main website receives connection request, event ConnectionRequest is triggered.Such as clothes
Business device is ready offer service, then Accept methods can be called to receive connection.
S133, according to the connection request, the main website receives data.
Preferably, once main website connect foundation with GPRS module, according to the service in the request, the main website can make
The reception of data is carried out with GetData.When receiving data, event DataArrival will be triggered, and can carry out data and deposit
Storage, processing and the waveform by interface progress parameter are shown.
The identity information of above-mentioned converged communication network includes the IP for the local centralized processing device that can be converged communication network
Address, converged communication network GRPS modules MAC Address in it is one or more;The identity information of main website can be main website
Static ip address.
In conclusion the method docked with main website of converged communication network provided by the invention by using main website fire wall into
The authentication of row converged communication network simultaneously uses the technical side of the bidirectional identification verification between main website and converged communication network
Case effectively increases the safety that converged communication network is docked with main website;Meanwhile the present invention can solve electric terminal access
Security performance;Under existing wireless communications network environment, the remote transmission of information is realized;Finally, the entire power grid is whole
Hold communication system easy, compact, it is easy to accomplish.
Those of ordinary skills in the art should understand that:The above is only a specific embodiment of the present invention, and
It is not used in the limitation present invention, all within the spirits and principles of the present invention, any modification, equivalent substitution, improvement and etc. done,
It should be included within protection scope of the present invention.