CN112751929B - Method and system for communicating with remote PLC (programmable logic controller) equipment - Google Patents

Method and system for communicating with remote PLC (programmable logic controller) equipment Download PDF

Info

Publication number
CN112751929B
CN112751929B CN202011606908.9A CN202011606908A CN112751929B CN 112751929 B CN112751929 B CN 112751929B CN 202011606908 A CN202011606908 A CN 202011606908A CN 112751929 B CN112751929 B CN 112751929B
Authority
CN
China
Prior art keywords
communication
client
forwarding channel
plc
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011606908.9A
Other languages
Chinese (zh)
Other versions
CN112751929A (en
Inventor
刘胜红
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Kechuangsi Technology Co ltd
Original Assignee
Shenzhen Kechuangsi Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Kechuangsi Technology Co ltd filed Critical Shenzhen Kechuangsi Technology Co ltd
Priority to CN202011606908.9A priority Critical patent/CN112751929B/en
Publication of CN112751929A publication Critical patent/CN112751929A/en
Application granted granted Critical
Publication of CN112751929B publication Critical patent/CN112751929B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Programmable Controllers (AREA)

Abstract

The invention provides a method and a system for communicating with remote PLC equipment, comprising a step S1 of responding to a communication request of a client user, and a server side acquiring request information of the client; s2, inquiring a preset user-equipment relation table, verifying whether the client user has the communication authority of the PLC equipment, and generating an inquiry result; when the query result is authorized, opening a forwarding channel; s3, the client determines whether the forwarding channel meets the requirement of the communication request according to a preset judgment rule; the PLC equipment determines whether the forwarding channel meets the requirement of a communication request or not according to a preset judgment rule; s4, the server determines whether the forwarding channel is established successfully, and if the forwarding channel is established successfully, a communication starting instruction is generated; if the establishment is not successful, the communication port called by the forwarding channel is closed. The invention provides high stability and high safety of communication between the client and the PLC equipment.

Description

Method and system for communicating with remote PLC (programmable logic controller) equipment
Technical Field
The invention relates to the technical field of communication, in particular to a method and a system for communicating with remote PLC equipment.
Background
In the industrial internet of things, one of the most central problems is how to establish a secure and stable communication channel between a client app (Application program) and a remote PLC (Programmable Logic Controller) device. Typically, the client app runs on a PC or a mobile terminal, and is not in the same lan as the PLC to be monitored. Telecommunications, there are still some risks in terms of stability and security. The technical status of remote network communication has the following problems:
the network instability phenomenon is wide: currently, short wave signals emitted from the network environment interfere with the smoothness of the network communication connector to some extent, resulting in unstable network connections. This condition is not favorable to the sustainability of communication work, has greatly influenced the result of use, simultaneously, has influenced user's network experience, has influenced the stability of current network environment.
The user data has a leakage risk: in the industrial control industry, a plurality of PLC programs and algorithms gather the insurance experience of users, and are the core technology secret. If someone maliciously monitors the communication data of the user by using an illegal means in the remote communication, the information such as the PLC password of the user can be stolen, and thus the risk of disclosure exists in the core program of the user. The reason for this problem is, in large part, the lack of knowledge of safety issues by PLC manufacturers.
Disclosure of Invention
The invention aims to provide a method and a system for communicating with remote PLC equipment, and solves the technical problems of poor stability and safety of the existing method.
In one aspect, a method of communicating with a remote PLC device is provided, comprising the steps of:
step S1, responding to a communication request of a client user, and acquiring request information of the client by a server; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication;
s2, the server side inquires a preset user and equipment relation table according to the received request information, verifies whether the client side user has the communication authority of the PLC equipment or not, and generates an inquiry result; when the query result is authorized, opening a forwarding channel; the server side transmits the information of the forwarding channel and the ID of the PLC equipment back to the client side through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises the authority or the no authority; the forwarding channel at least comprises a communication IP and a communication port;
s3, the client receives forwarding channel information and the ID of the PLC equipment, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a first judgment result, and sends the first judgment result to the server as a first confirmation packet when the first judgment result meets the requirement; the PLC equipment receives channel information and a client ID, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a second judgment result, and sends the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the first judgment result comprises coincidence or non-coincidence; the second judgment result comprises coincidence or non-coincidence;
s4, the server side determines whether the forwarding channel is successfully established according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is successfully established, a communication starting instruction is generated; if the establishment is not successful, closing the communication port called by the forwarding channel;
step S5, the client sends a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, if so, disconnecting the communication connection and restarting the communication request by the client.
Preferably, the step S2 includes: when the client or the user recorded in the received request information is inquired in the relation table of the user and the equipment, the inquiry result is generated as the authorized result;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, the inquiry result is generated as no authority;
and when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client.
Preferably, the step S3 includes: the client detects whether the received forwarding channel information and the ID of the PLC equipment meet the requirements, if the received ID of the PLC equipment is the same as the PLC equipment requiring communication and can communicate with the PLC equipment through the forwarding channel, the client judges that the received ID of the PLC equipment meets the requirements, and a first judgment result is generated as a first judgment result;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the PLC equipment can not communicate with the PLC equipment through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as non-conformity;
and when the first judgment result is that the communication requests do not conform to the preset communication time, outputting a communication restarting command, and re-initiating the communication request to the server side in response to the communication restarting command.
Preferably, the step S3 further includes: the PLC equipment detects whether the received forwarding channel information and the client ID meet the requirements, if the received client ID can be communicated with the PLC equipment, the requirement is judged to be met, and a second judgment result is generated to be met;
and if the received client ID can not be communicated with the PLC equipment, judging that the received client ID is not qualified, generating a second judgment result as non-conformity, and sending the second judgment result to the server.
Preferably, the step S4 includes: when the server receives the first acknowledgement packet and the second acknowledgement packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first acknowledgement packet or the second acknowledgement packet through the forwarding channel, judging that the forwarding channel is not established successfully.
Preferably, the step S5 includes: if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server in a plurality of continuous preset periods, judging that the communication state is overtime;
if the client does not receive the communication state maintaining packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
In another aspect, a system for communicating with a remote PLC device is further provided, so as to implement the method for communicating with a remote PLC device, including: the system comprises a client, a server and a PLC device which are connected in sequence;
the client is used for logging in by a user through an account password and outputting a communication request to the server;
the server is used for responding to a communication request of a client user to acquire request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication; inquiring a preset user-equipment relation table according to the received request information, verifying whether the client user has the communication authority to the PLC equipment, and generating an inquiry result; when the query result is authorized, opening a forwarding channel; and transmitting the forwarding channel information and the ID of the PLC equipment back to the client through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises the authority or the no authority; the forwarding channel at least comprises a communication IP and a communication port;
the PLC device is used for receiving channel information and a client ID, determining whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generating a second judgment result, and sending the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the second determination result comprises a match or a non-match;
the client is further used for receiving forwarding channel information and an ID of the PLC device, determining whether the forwarding channel meets the requirement of a communication request according to a preset determination rule, generating a first determination result, and sending the first determination result to the server as a first confirmation packet when the first determination result meets the requirement; the first judgment result comprises coincidence or non-coincidence;
the server is further used for determining whether the forwarding channel is established successfully or not according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is established successfully, generating a communication starting instruction; if the establishment is not successful, closing a communication port called by the forwarding channel;
the client is further used for sending a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction and according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client.
Preferably, the server is further configured to generate an inquiry result as authorized when the client or the user, which is recorded in the received request information and inquired in the user-device relationship table, has a communication right to the PLC device;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client;
when the server receives the first acknowledgement packet and the second acknowledgement packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first acknowledgement packet or the second acknowledgement packet through the forwarding channel, judging that the forwarding channel is not established successfully.
Preferably, the client is further configured to detect whether the received forwarding channel information and the ID of the PLC device meet requirements, and if the received ID of the PLC device is the same as the PLC device requesting communication and can communicate with the PLC device through the forwarding channel, determine that the received ID of the PLC device meets the requirements, and generate a first determination result as meeting the requirements;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the PLC equipment can not communicate with the PLC equipment through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as non-conformity;
when the first judgment result is not in accordance with the first judgment result, outputting a restart communication instruction, and re-initiating a communication request to the server end in response to the restart communication instruction;
if the client does not receive the communication state maintaining packet response result returned by the PLC equipment through the server in a plurality of continuous preset periods, judging that the communication state is overtime;
if the client does not receive the communication state maintaining packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
Preferably, the PLC device is further configured to detect whether the received forwarding channel information and the client ID meet requirements, and if the received client ID can communicate with the PLC device, determine that the received client ID meets the requirements, and generate a second determination result as a meeting;
and if the received client ID can not be communicated with the PLC equipment, judging that the received client ID is not qualified, generating a second judgment result as non-conformity, and sending the second judgment result to the server.
In summary, the embodiment of the invention has the following beneficial effects:
according to the method and the system for communicating with the remote PLC equipment, provided by the invention, multiple verification is carried out on the client and the PLC equipment through encryption communication, so that no error is caused between the equipment in communication connection, and meanwhile, a communication channel is detected to ensure high safety of communication; and the communication state is periodically detected, the abnormal state in the communication is timely found, and the high stability of the communication is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is within the scope of the present invention for those skilled in the art to obtain other drawings based on the drawings without inventive exercise.
Fig. 1 is a main flowchart of a method for communicating with a remote PLC device according to an embodiment of the present invention.
Fig. 2 is a logic diagram of a method of communicating with a remote PLC device in an embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a system for communicating with a remote PLC device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings.
Fig. 1 and 2 are schematic diagrams illustrating an embodiment of a method for communicating with a remote PLC device according to the present invention. In this embodiment, the method comprises the steps of:
step S1, responding to a communication request of a client user, and a server side acquires request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication; it can be understood that the client sends a request channel opening command to the server according to the instruction of the user, and the instruction also contains information of the PLC device which wants to communicate.
S2, the server side inquires a preset user and equipment relation table according to the received request information, verifies whether the client side user has the communication authority of the PLC equipment or not, and generates an inquiry result; when the query result is authorized, opening a forwarding channel; the server side transmits the information of the forwarding channel and the ID of the PLC equipment back to the client side through the opened forwarding channel; and outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises authority or no authority; the forwarding channel at least comprises a communication IP and a communication port; it can be understood that, the server inquires data from the relation table between the database user and the device, verifies whether the client has the right to the device, if not, replies a right error to the client; if yes, the server opens a pair of forwarding channels (communication IP + Port); and returning the forwarding channel IP + PORT and the communication key to the client; and sending the forwarding IP + PORT and the client ID to the equipment.
In a specific embodiment, when a client or a user recorded in the received request information is inquired in a relation table between the user and the equipment and has a communication right for the PLC equipment, an inquiry result is generated as having the right;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
and when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client.
S3, the client receives the forwarding channel information and the ID of the PLC equipment, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a first judgment result, and sends the first judgment result to the server as a first confirmation packet when the first judgment result meets the requirement; the PLC equipment receives channel information and a client ID, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a second judgment result, and sends the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the first judgment result comprises coincidence or non-coincidence; the second judgment result comprises coincidence or non-coincidence; it can be understood that the client sends a fixed-length acknowledgement packet of 10bytes to the forwarding IP + PORT; the server sends and transmits IP + PORT and client ID to the equipment; the device sends an acknowledgement packet of fixed length 10bytes to the forwarding IP + PORT.
In a specific embodiment, the client detects whether the received forwarding channel information and the ID of the PLC device meet requirements, and if the received ID of the PLC device is the same as the PLC device requesting communication and can communicate with the PLC device through the forwarding channel, it determines that the received ID of the PLC device meets the requirements, and generates a first determination result as a meeting;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the PLC equipment can not communicate with the PLC equipment through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as non-conformity;
and when the first judgment result is not in accordance with the first judgment result, outputting a restart communication instruction, and re-initiating a communication request to the server side in response to the restart communication instruction.
Specifically, the PLC device detects whether the received forwarding channel information and the client ID meet a requirement, and if the received client ID can communicate with the PLC device, determines that the received client ID meets the requirement, and generates a second determination result as a meeting;
and if the received client ID can not be communicated with the PLC equipment, judging that the received client ID is not qualified, generating a second judgment result as non-conformity, and sending the second judgment result to the server.
S4, the server side determines whether the forwarding channel is established successfully or not according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is established successfully, a communication starting instruction is generated; if the establishment is not successful, the communication port called by the forwarding channel is closed.
In a specific embodiment, when the server receives a first acknowledgement packet and a second acknowledgement packet through a forwarding channel, the server determines that the forwarding channel is successfully established;
and when the server side does not receive the first confirmation packet or the second confirmation packet through the forwarding channel, judging that the forwarding channel is not established successfully.
Step S5, the client sends a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client. It is understood that if the forwarding path is successful, the communication state maintaining packet (heartbeat packet) and the communication data start to be transmitted. The communication state is maintained for a timing interval of 9s, and is not retransmitted, if the heartbeat packet is not received for three times continuously, the equipment connection is disconnected, and the flow of establishing communication is restarted next time.
In a specific embodiment, if the client does not receive a communication state maintenance packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, the communication state is judged to be overtime;
if the client does not receive the communication state maintaining packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
Fig. 3 is a schematic diagram of an embodiment of a system for communicating with a remote PLC device according to the present invention. In this embodiment, the system is configured to implement the method for communicating with a remote PLC apparatus, and includes: the system comprises a client, a server and a PLC device which are connected in sequence;
the client is used for logging in by a user through an account password and outputting a communication request to the server;
the server is used for responding to a communication request of a client user to acquire request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication; inquiring a preset user-equipment relation table according to the received request information, verifying whether the client user has the communication authority to the PLC equipment, and generating an inquiry result; when the query result is authorized, opening a forwarding channel; and transmitting the forwarding channel information and the ID of the PLC equipment back to the client through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises the authority or the no authority; the forwarding channel at least comprises a communication IP and a communication port;
the PLC device is used for receiving channel information and a client ID, determining whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generating a second judgment result, and sending the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the second determination result comprises a coincidence or a non-coincidence;
the client is further used for receiving forwarding channel information and an ID of the PLC device, determining whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generating a first judgment result, and sending the first judgment result to the server as a first confirmation packet when the first judgment result meets the requirement; the first judgment result comprises coincidence or non-coincidence;
the server is further used for determining whether the forwarding channel is established successfully or not according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is established successfully, generating a communication starting instruction; if the establishment is not successful, closing the communication port called by the forwarding channel;
the client is further used for sending a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction and according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client.
In a specific embodiment, the server is further configured to generate a query result as authorized when the client or the user, which is recorded in the received request information and is queried in the user-device relationship table, has a communication right for the PLC device;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client;
when the server receives the first acknowledgement packet and the second acknowledgement packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first acknowledgement packet or the second acknowledgement packet through the forwarding channel, judging that the forwarding channel is not established successfully.
It can be understood that, for managing the registration and login of the client and the device, after the login is successful, the server will generate respective session passwords for the client and the device, and store the session passwords in the database. The server software is also responsible for processing communication data forwarding between the client and the PLC equipment. In order to solve the problem of data security, a communication data encryption algorithm is added in server software, a 128-bit secret key is used, the session secret key is obtained by adding a random number to a client ID and then performing MD5 calculation, and the communication data is subjected to AES encryption by the session secret key, so that the source data cannot be obtained even if the communication data is monitored in the communication process. In order to prevent the communication key from being cracked by man, the server updates the key every 2 hours, and the updated key is stored in the user/equipment information table on line with the database. The client and the PLC device re-handshake.
More specifically, the client is further configured to detect whether the received forwarding channel information and the ID of the PLC device meet requirements, and if the received ID of the PLC device is the same as the PLC device requesting communication and can communicate with the PLC device through the forwarding channel, determine that the received ID of the PLC device meets the requirements, and generate a first determination result as meeting the requirements;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the communication with the PLC equipment can not be carried out through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as that the received ID of the PLC equipment does not meet the requirement;
when the first judgment result is inconsistent, outputting a communication restarting instruction, and re-initiating a communication request to the server end in response to the communication restarting instruction;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server in a plurality of continuous preset periods, judging that the communication state is overtime;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
It will be appreciated that a customer operational interface is provided. The client software also integrates a 128-bit AES encryption algorithm, a session key is taken from the server during login, the subsequent communication data is encrypted by using the session key, and after the subsequent communication data is sent to the server, the server takes the session key of the user from a database table according to the user ID of the client to analyze the data packet, the analysis is successful, the data is processed, and a result is returned; if the analysis fails, an error code (the session key is updated) is returned to the client, the client sends a request for updating the session key to the server after receiving the error code, and the server returns a new key to the client.
More specifically, the PLC device is further configured to detect whether the received forwarding channel information and the client ID meet requirements, and if the received client ID can communicate with the PLC device, determine that the received client ID meets the requirements, and generate a second determination result as a meeting;
and if the received client ID can not be communicated with the PLC equipment, judging that the client ID is not in accordance with the requirement, generating a second judgment result as non-accordance, and sending the second judgment result to the server.
As will be appreciated, is a field control device. A128 bit AES encryption algorithm is also integrated in a remote function module of the PLC software, and the connection process with the server software is the same as that of the client software.
In summary, the embodiment of the invention has the following beneficial effects:
according to the method and the system for communicating with the remote PLC equipment, provided by the invention, multiple verification is carried out on the client and the PLC equipment through encryption communication, so that no error is caused between the equipment in communication connection, and meanwhile, a communication channel is detected to ensure high safety of communication; and the communication state is periodically detected, the abnormal state in the communication is timely found, and the high stability of the communication is ensured.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.

Claims (10)

1. A method of communicating with a remote PLC device, comprising the steps of:
step S1, responding to a communication request of a client user, and a server side acquires request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication;
s2, the server side inquires a preset user and equipment relation table according to the received request information, verifies whether the client side user has the communication authority of the PLC equipment or not, and generates an inquiry result; when the query result is authorized, opening a forwarding channel; the server side transmits the forwarding channel information and the ID of the PLC device back to the client side through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises the authority or the no authority; the forwarding channel at least comprises a communication IP and a communication port;
s3, the client receives forwarding channel information and the ID of the PLC equipment, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a first judgment result, and sends the first judgment result to the server as a first confirmation packet when the first judgment result meets the requirement; the PLC equipment receives channel information and a client ID, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a second judgment result, and sends the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the first judgment result comprises coincidence or non-coincidence; the second judgment result comprises coincidence or non-coincidence;
s4, the server side determines whether the forwarding channel is successfully established according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is successfully established, a communication starting instruction is generated; if the establishment is not successful, closing the communication port called by the forwarding channel;
step S5, the client sends a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client.
2. The method of claim 1, wherein the step S2 comprises:
when the client or the user recorded in the received request information is inquired in the relation table of the user and the equipment, the inquiry result is generated as the authorized result;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
and when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client.
3. The method of claim 2, wherein the step S3 comprises:
the client detects whether the received forwarding channel information and the ID of the PLC equipment meet the requirements, if the received ID of the PLC equipment is the same as the PLC equipment requiring communication and can communicate with the PLC equipment through the forwarding channel, the requirement is judged to be met, and a first judgment result is generated to be met;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the communication with the PLC equipment can not be carried out through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as that the received ID of the PLC equipment does not meet the requirement;
and when the first judgment result is that the communication requests do not conform to the preset communication time, outputting a communication restarting command, and re-initiating the communication request to the server side in response to the communication restarting command.
4. The method of claim 3, wherein the step S3 further comprises:
the PLC equipment detects whether the received forwarding channel information and the client ID meet the requirements or not, if the received client ID can be communicated with the PLC equipment, the requirement is judged to be met, and a second judgment result is generated to be met;
and if the received client ID can not be communicated with the PLC equipment, judging that the received client ID is not qualified, generating a second judgment result as non-conformity, and sending the second judgment result to the server.
5. The method of claim 4, wherein the step S4 comprises:
when the server receives the first confirmation packet and the second confirmation packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first confirmation packet or the second confirmation packet through the forwarding channel, judging that the forwarding channel is not established successfully.
6. The method of claim 5, wherein the step S5 comprises:
if the client does not receive a communication state maintaining packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is overtime;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
7. A system for communicating with a remote PLC device for implementing the method of any of claims 1-6, comprising: the system comprises a client, a server and a PLC device which are connected in sequence;
the client is used for logging in by a user through an account password and outputting a communication request to the server;
the server is used for responding to a communication request of a client user to acquire request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication; inquiring a preset user-equipment relation table according to the received request information, verifying whether the client user has the communication authority to the PLC equipment, and generating an inquiry result; when the query result is authorized, opening a forwarding channel; and transmitting the forwarding channel information and the ID of the PLC equipment back to the client through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises authority or no authority; the forwarding channel at least comprises a communication IP and a communication port;
the PLC device is used for receiving channel information and a client ID, determining whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generating a second judgment result, and sending the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the second determination result comprises a coincidence or a non-coincidence;
the client is further used for receiving forwarding channel information and an ID of the PLC device, determining whether the forwarding channel meets the requirement of a communication request according to a preset determination rule, generating a first determination result, and sending the first determination result to the server as a first confirmation packet when the first determination result meets the requirement; the first judgment result comprises coincidence or non-coincidence;
the server is further used for determining whether the forwarding channel is established successfully or not according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is established successfully, generating a communication starting instruction; if the establishment is not successful, closing the communication port called by the forwarding channel;
the client is further used for sending a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction and according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client.
8. The system of claim 7, wherein the server is further configured to generate a query result as authorized when the client or the user, which is recorded in the received request information and is queried in the user-device relationship table, has a communication right for the PLC device;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client;
when the server receives the first confirmation packet and the second confirmation packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first acknowledgement packet or the second acknowledgement packet through the forwarding channel, judging that the forwarding channel is not established successfully.
9. The system of claim 8, wherein the client is further configured to detect whether the received forwarding channel information and the ID of the PLC device meet requirements, and if the received ID of the PLC device is the same as the PLC device requesting communication and can communicate with the PLC device through the forwarding channel, determine that the received ID of the PLC device meets the requirements, and generate a first determination result as meeting the requirements;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the communication with the PLC equipment can not be carried out through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as that the received ID of the PLC equipment does not meet the requirement;
when the first judgment result is not in accordance with the first judgment result, outputting a restart communication instruction, and re-initiating a communication request to the server end in response to the restart communication instruction;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server in a plurality of continuous preset periods, judging that the communication state is overtime;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
10. The system of claim 9, wherein the PLC device is further configured to detect whether the received forwarding channel information and the client ID meet requirements, and if the received client ID can communicate with the PLC device, determine that the received forwarding channel information and the client ID meet requirements, and generate a second determination result as meeting requirements;
and if the received client ID can not be communicated with the PLC equipment, judging that the client ID is not in accordance with the requirement, generating a second judgment result as non-accordance, and sending the second judgment result to the server.
CN202011606908.9A 2020-12-28 2020-12-28 Method and system for communicating with remote PLC (programmable logic controller) equipment Active CN112751929B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011606908.9A CN112751929B (en) 2020-12-28 2020-12-28 Method and system for communicating with remote PLC (programmable logic controller) equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011606908.9A CN112751929B (en) 2020-12-28 2020-12-28 Method and system for communicating with remote PLC (programmable logic controller) equipment

Publications (2)

Publication Number Publication Date
CN112751929A CN112751929A (en) 2021-05-04
CN112751929B true CN112751929B (en) 2023-03-14

Family

ID=75649380

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011606908.9A Active CN112751929B (en) 2020-12-28 2020-12-28 Method and system for communicating with remote PLC (programmable logic controller) equipment

Country Status (1)

Country Link
CN (1) CN112751929B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113985793A (en) * 2021-11-22 2022-01-28 深圳供电局有限公司 Intelligent equipment remote interaction method and system based on middle layer

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7590710B1 (en) * 2004-06-17 2009-09-15 Wavetrix, Inc. Method and system for extending a communication port via a general purpose network
CN102053584A (en) * 2009-11-06 2011-05-11 中石油北京天然气管道有限公司 Remote maintenance authorization management method for automatic control intelligent equipment of oil gas pipeline
CN106412062A (en) * 2016-09-29 2017-02-15 深圳市科创思科技有限公司 Method and system for remotely loading engineering to device and monitoring operation state of engineering
CN107786647A (en) * 2017-10-16 2018-03-09 深圳市合信自动化技术有限公司 A kind of PLC remote device managements method, apparatus and system based on social attribute
CN109640326A (en) * 2018-11-16 2019-04-16 深圳绿米联创科技有限公司 Right management method, device, system and mobile terminal
CN110225054A (en) * 2019-06-20 2019-09-10 腾讯科技(深圳)有限公司 Remote assistance connects method for building up, device, server and storage medium
CN110691110A (en) * 2018-07-06 2020-01-14 中移(杭州)信息技术有限公司 Communication method, device, system, terminal, equipment and medium
CN111245699A (en) * 2020-01-15 2020-06-05 广州华多网络科技有限公司 Remote communication service control method, server and client

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120331156A1 (en) * 2011-06-21 2012-12-27 Colpitts Cameron Wireless control system, methods and apparatus

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7590710B1 (en) * 2004-06-17 2009-09-15 Wavetrix, Inc. Method and system for extending a communication port via a general purpose network
CN102053584A (en) * 2009-11-06 2011-05-11 中石油北京天然气管道有限公司 Remote maintenance authorization management method for automatic control intelligent equipment of oil gas pipeline
CN106412062A (en) * 2016-09-29 2017-02-15 深圳市科创思科技有限公司 Method and system for remotely loading engineering to device and monitoring operation state of engineering
CN107786647A (en) * 2017-10-16 2018-03-09 深圳市合信自动化技术有限公司 A kind of PLC remote device managements method, apparatus and system based on social attribute
CN110691110A (en) * 2018-07-06 2020-01-14 中移(杭州)信息技术有限公司 Communication method, device, system, terminal, equipment and medium
CN109640326A (en) * 2018-11-16 2019-04-16 深圳绿米联创科技有限公司 Right management method, device, system and mobile terminal
CN110225054A (en) * 2019-06-20 2019-09-10 腾讯科技(深圳)有限公司 Remote assistance connects method for building up, device, server and storage medium
CN111245699A (en) * 2020-01-15 2020-06-05 广州华多网络科技有限公司 Remote communication service control method, server and client

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于改进心跳包机制的整流远程监控系统;胡志坤等;《计算机应用》;20080215(第02期);全文 *

Also Published As

Publication number Publication date
CN112751929A (en) 2021-05-04

Similar Documents

Publication Publication Date Title
JP4638339B2 (en) Bluetooth device and method for providing a service determined by a Bluetooth PIN
US7093127B2 (en) System and method for computer storage security
US6499108B1 (en) Secure electronic mail system
US6064736A (en) Systems, methods and computer program products that use an encrypted session for additional password verification
US7681037B2 (en) Network connection system
US8762726B2 (en) System and method for secure access
CN111783068B (en) Device authentication method, system, electronic device and storage medium
JP2020080530A (en) Data processing method, device, terminal, and access point computer
US20070165582A1 (en) System and method for authenticating a wireless computing device
CN112738030B (en) Data acquisition and sharing working method for agricultural technicians through big data analysis
CN109257387A (en) Method and apparatus for disconnection reconnecting
CN112751929B (en) Method and system for communicating with remote PLC (programmable logic controller) equipment
CN113037702B (en) Agricultural worker login system safe working method based on big data analysis
JPH10242957A (en) User authentication method, system therefor and storage medium for user authentication
CN115473655B (en) Terminal authentication method, device and storage medium for access network
KR101506223B1 (en) Automatic Reconnection System For Virtualization Service
CN106851634B (en) Method for managing online state of equipment in Portal environment
CN113992387B (en) Resource management method, device, system, electronic equipment and readable storage medium
CN106972928B (en) Bastion machine private key management method, device and system
CN113660285A (en) Multimedia conference on-line terminal control method, device, equipment and storage medium
CN113539523A (en) Internet of things equipment identity authentication method based on domestic commercial cryptographic algorithm
CN115379008B (en) Data transfer station system based on network server
EP3907967A1 (en) Method for preventing sip device from being attacked, calling device, and called device
CN110086800B (en) Method and device for secret communication
CN114039735A (en) Method and device for transmitting data between devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant