CN112751929B - Method and system for communicating with remote PLC (programmable logic controller) equipment - Google Patents
Method and system for communicating with remote PLC (programmable logic controller) equipment Download PDFInfo
- Publication number
- CN112751929B CN112751929B CN202011606908.9A CN202011606908A CN112751929B CN 112751929 B CN112751929 B CN 112751929B CN 202011606908 A CN202011606908 A CN 202011606908A CN 112751929 B CN112751929 B CN 112751929B
- Authority
- CN
- China
- Prior art keywords
- communication
- client
- forwarding channel
- plc
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/146—Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
- Programmable Controllers (AREA)
Abstract
The invention provides a method and a system for communicating with remote PLC equipment, comprising a step S1 of responding to a communication request of a client user, and a server side acquiring request information of the client; s2, inquiring a preset user-equipment relation table, verifying whether the client user has the communication authority of the PLC equipment, and generating an inquiry result; when the query result is authorized, opening a forwarding channel; s3, the client determines whether the forwarding channel meets the requirement of the communication request according to a preset judgment rule; the PLC equipment determines whether the forwarding channel meets the requirement of a communication request or not according to a preset judgment rule; s4, the server determines whether the forwarding channel is established successfully, and if the forwarding channel is established successfully, a communication starting instruction is generated; if the establishment is not successful, the communication port called by the forwarding channel is closed. The invention provides high stability and high safety of communication between the client and the PLC equipment.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a method and a system for communicating with remote PLC equipment.
Background
In the industrial internet of things, one of the most central problems is how to establish a secure and stable communication channel between a client app (Application program) and a remote PLC (Programmable Logic Controller) device. Typically, the client app runs on a PC or a mobile terminal, and is not in the same lan as the PLC to be monitored. Telecommunications, there are still some risks in terms of stability and security. The technical status of remote network communication has the following problems:
the network instability phenomenon is wide: currently, short wave signals emitted from the network environment interfere with the smoothness of the network communication connector to some extent, resulting in unstable network connections. This condition is not favorable to the sustainability of communication work, has greatly influenced the result of use, simultaneously, has influenced user's network experience, has influenced the stability of current network environment.
The user data has a leakage risk: in the industrial control industry, a plurality of PLC programs and algorithms gather the insurance experience of users, and are the core technology secret. If someone maliciously monitors the communication data of the user by using an illegal means in the remote communication, the information such as the PLC password of the user can be stolen, and thus the risk of disclosure exists in the core program of the user. The reason for this problem is, in large part, the lack of knowledge of safety issues by PLC manufacturers.
Disclosure of Invention
The invention aims to provide a method and a system for communicating with remote PLC equipment, and solves the technical problems of poor stability and safety of the existing method.
In one aspect, a method of communicating with a remote PLC device is provided, comprising the steps of:
step S1, responding to a communication request of a client user, and acquiring request information of the client by a server; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication;
s2, the server side inquires a preset user and equipment relation table according to the received request information, verifies whether the client side user has the communication authority of the PLC equipment or not, and generates an inquiry result; when the query result is authorized, opening a forwarding channel; the server side transmits the information of the forwarding channel and the ID of the PLC equipment back to the client side through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises the authority or the no authority; the forwarding channel at least comprises a communication IP and a communication port;
s3, the client receives forwarding channel information and the ID of the PLC equipment, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a first judgment result, and sends the first judgment result to the server as a first confirmation packet when the first judgment result meets the requirement; the PLC equipment receives channel information and a client ID, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a second judgment result, and sends the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the first judgment result comprises coincidence or non-coincidence; the second judgment result comprises coincidence or non-coincidence;
s4, the server side determines whether the forwarding channel is successfully established according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is successfully established, a communication starting instruction is generated; if the establishment is not successful, closing the communication port called by the forwarding channel;
step S5, the client sends a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, if so, disconnecting the communication connection and restarting the communication request by the client.
Preferably, the step S2 includes: when the client or the user recorded in the received request information is inquired in the relation table of the user and the equipment, the inquiry result is generated as the authorized result;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, the inquiry result is generated as no authority;
and when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client.
Preferably, the step S3 includes: the client detects whether the received forwarding channel information and the ID of the PLC equipment meet the requirements, if the received ID of the PLC equipment is the same as the PLC equipment requiring communication and can communicate with the PLC equipment through the forwarding channel, the client judges that the received ID of the PLC equipment meets the requirements, and a first judgment result is generated as a first judgment result;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the PLC equipment can not communicate with the PLC equipment through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as non-conformity;
and when the first judgment result is that the communication requests do not conform to the preset communication time, outputting a communication restarting command, and re-initiating the communication request to the server side in response to the communication restarting command.
Preferably, the step S3 further includes: the PLC equipment detects whether the received forwarding channel information and the client ID meet the requirements, if the received client ID can be communicated with the PLC equipment, the requirement is judged to be met, and a second judgment result is generated to be met;
and if the received client ID can not be communicated with the PLC equipment, judging that the received client ID is not qualified, generating a second judgment result as non-conformity, and sending the second judgment result to the server.
Preferably, the step S4 includes: when the server receives the first acknowledgement packet and the second acknowledgement packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first acknowledgement packet or the second acknowledgement packet through the forwarding channel, judging that the forwarding channel is not established successfully.
Preferably, the step S5 includes: if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server in a plurality of continuous preset periods, judging that the communication state is overtime;
if the client does not receive the communication state maintaining packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
In another aspect, a system for communicating with a remote PLC device is further provided, so as to implement the method for communicating with a remote PLC device, including: the system comprises a client, a server and a PLC device which are connected in sequence;
the client is used for logging in by a user through an account password and outputting a communication request to the server;
the server is used for responding to a communication request of a client user to acquire request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication; inquiring a preset user-equipment relation table according to the received request information, verifying whether the client user has the communication authority to the PLC equipment, and generating an inquiry result; when the query result is authorized, opening a forwarding channel; and transmitting the forwarding channel information and the ID of the PLC equipment back to the client through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises the authority or the no authority; the forwarding channel at least comprises a communication IP and a communication port;
the PLC device is used for receiving channel information and a client ID, determining whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generating a second judgment result, and sending the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the second determination result comprises a match or a non-match;
the client is further used for receiving forwarding channel information and an ID of the PLC device, determining whether the forwarding channel meets the requirement of a communication request according to a preset determination rule, generating a first determination result, and sending the first determination result to the server as a first confirmation packet when the first determination result meets the requirement; the first judgment result comprises coincidence or non-coincidence;
the server is further used for determining whether the forwarding channel is established successfully or not according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is established successfully, generating a communication starting instruction; if the establishment is not successful, closing a communication port called by the forwarding channel;
the client is further used for sending a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction and according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client.
Preferably, the server is further configured to generate an inquiry result as authorized when the client or the user, which is recorded in the received request information and inquired in the user-device relationship table, has a communication right to the PLC device;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client;
when the server receives the first acknowledgement packet and the second acknowledgement packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first acknowledgement packet or the second acknowledgement packet through the forwarding channel, judging that the forwarding channel is not established successfully.
Preferably, the client is further configured to detect whether the received forwarding channel information and the ID of the PLC device meet requirements, and if the received ID of the PLC device is the same as the PLC device requesting communication and can communicate with the PLC device through the forwarding channel, determine that the received ID of the PLC device meets the requirements, and generate a first determination result as meeting the requirements;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the PLC equipment can not communicate with the PLC equipment through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as non-conformity;
when the first judgment result is not in accordance with the first judgment result, outputting a restart communication instruction, and re-initiating a communication request to the server end in response to the restart communication instruction;
if the client does not receive the communication state maintaining packet response result returned by the PLC equipment through the server in a plurality of continuous preset periods, judging that the communication state is overtime;
if the client does not receive the communication state maintaining packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
Preferably, the PLC device is further configured to detect whether the received forwarding channel information and the client ID meet requirements, and if the received client ID can communicate with the PLC device, determine that the received client ID meets the requirements, and generate a second determination result as a meeting;
and if the received client ID can not be communicated with the PLC equipment, judging that the received client ID is not qualified, generating a second judgment result as non-conformity, and sending the second judgment result to the server.
In summary, the embodiment of the invention has the following beneficial effects:
according to the method and the system for communicating with the remote PLC equipment, provided by the invention, multiple verification is carried out on the client and the PLC equipment through encryption communication, so that no error is caused between the equipment in communication connection, and meanwhile, a communication channel is detected to ensure high safety of communication; and the communication state is periodically detected, the abnormal state in the communication is timely found, and the high stability of the communication is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is within the scope of the present invention for those skilled in the art to obtain other drawings based on the drawings without inventive exercise.
Fig. 1 is a main flowchart of a method for communicating with a remote PLC device according to an embodiment of the present invention.
Fig. 2 is a logic diagram of a method of communicating with a remote PLC device in an embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a system for communicating with a remote PLC device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings.
Fig. 1 and 2 are schematic diagrams illustrating an embodiment of a method for communicating with a remote PLC device according to the present invention. In this embodiment, the method comprises the steps of:
step S1, responding to a communication request of a client user, and a server side acquires request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication; it can be understood that the client sends a request channel opening command to the server according to the instruction of the user, and the instruction also contains information of the PLC device which wants to communicate.
S2, the server side inquires a preset user and equipment relation table according to the received request information, verifies whether the client side user has the communication authority of the PLC equipment or not, and generates an inquiry result; when the query result is authorized, opening a forwarding channel; the server side transmits the information of the forwarding channel and the ID of the PLC equipment back to the client side through the opened forwarding channel; and outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises authority or no authority; the forwarding channel at least comprises a communication IP and a communication port; it can be understood that, the server inquires data from the relation table between the database user and the device, verifies whether the client has the right to the device, if not, replies a right error to the client; if yes, the server opens a pair of forwarding channels (communication IP + Port); and returning the forwarding channel IP + PORT and the communication key to the client; and sending the forwarding IP + PORT and the client ID to the equipment.
In a specific embodiment, when a client or a user recorded in the received request information is inquired in a relation table between the user and the equipment and has a communication right for the PLC equipment, an inquiry result is generated as having the right;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
and when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client.
S3, the client receives the forwarding channel information and the ID of the PLC equipment, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a first judgment result, and sends the first judgment result to the server as a first confirmation packet when the first judgment result meets the requirement; the PLC equipment receives channel information and a client ID, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a second judgment result, and sends the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the first judgment result comprises coincidence or non-coincidence; the second judgment result comprises coincidence or non-coincidence; it can be understood that the client sends a fixed-length acknowledgement packet of 10bytes to the forwarding IP + PORT; the server sends and transmits IP + PORT and client ID to the equipment; the device sends an acknowledgement packet of fixed length 10bytes to the forwarding IP + PORT.
In a specific embodiment, the client detects whether the received forwarding channel information and the ID of the PLC device meet requirements, and if the received ID of the PLC device is the same as the PLC device requesting communication and can communicate with the PLC device through the forwarding channel, it determines that the received ID of the PLC device meets the requirements, and generates a first determination result as a meeting;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the PLC equipment can not communicate with the PLC equipment through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as non-conformity;
and when the first judgment result is not in accordance with the first judgment result, outputting a restart communication instruction, and re-initiating a communication request to the server side in response to the restart communication instruction.
Specifically, the PLC device detects whether the received forwarding channel information and the client ID meet a requirement, and if the received client ID can communicate with the PLC device, determines that the received client ID meets the requirement, and generates a second determination result as a meeting;
and if the received client ID can not be communicated with the PLC equipment, judging that the received client ID is not qualified, generating a second judgment result as non-conformity, and sending the second judgment result to the server.
S4, the server side determines whether the forwarding channel is established successfully or not according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is established successfully, a communication starting instruction is generated; if the establishment is not successful, the communication port called by the forwarding channel is closed.
In a specific embodiment, when the server receives a first acknowledgement packet and a second acknowledgement packet through a forwarding channel, the server determines that the forwarding channel is successfully established;
and when the server side does not receive the first confirmation packet or the second confirmation packet through the forwarding channel, judging that the forwarding channel is not established successfully.
Step S5, the client sends a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client. It is understood that if the forwarding path is successful, the communication state maintaining packet (heartbeat packet) and the communication data start to be transmitted. The communication state is maintained for a timing interval of 9s, and is not retransmitted, if the heartbeat packet is not received for three times continuously, the equipment connection is disconnected, and the flow of establishing communication is restarted next time.
In a specific embodiment, if the client does not receive a communication state maintenance packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, the communication state is judged to be overtime;
if the client does not receive the communication state maintaining packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
Fig. 3 is a schematic diagram of an embodiment of a system for communicating with a remote PLC device according to the present invention. In this embodiment, the system is configured to implement the method for communicating with a remote PLC apparatus, and includes: the system comprises a client, a server and a PLC device which are connected in sequence;
the client is used for logging in by a user through an account password and outputting a communication request to the server;
the server is used for responding to a communication request of a client user to acquire request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication; inquiring a preset user-equipment relation table according to the received request information, verifying whether the client user has the communication authority to the PLC equipment, and generating an inquiry result; when the query result is authorized, opening a forwarding channel; and transmitting the forwarding channel information and the ID of the PLC equipment back to the client through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises the authority or the no authority; the forwarding channel at least comprises a communication IP and a communication port;
the PLC device is used for receiving channel information and a client ID, determining whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generating a second judgment result, and sending the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the second determination result comprises a coincidence or a non-coincidence;
the client is further used for receiving forwarding channel information and an ID of the PLC device, determining whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generating a first judgment result, and sending the first judgment result to the server as a first confirmation packet when the first judgment result meets the requirement; the first judgment result comprises coincidence or non-coincidence;
the server is further used for determining whether the forwarding channel is established successfully or not according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is established successfully, generating a communication starting instruction; if the establishment is not successful, closing the communication port called by the forwarding channel;
the client is further used for sending a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction and according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client.
In a specific embodiment, the server is further configured to generate a query result as authorized when the client or the user, which is recorded in the received request information and is queried in the user-device relationship table, has a communication right for the PLC device;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client;
when the server receives the first acknowledgement packet and the second acknowledgement packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first acknowledgement packet or the second acknowledgement packet through the forwarding channel, judging that the forwarding channel is not established successfully.
It can be understood that, for managing the registration and login of the client and the device, after the login is successful, the server will generate respective session passwords for the client and the device, and store the session passwords in the database. The server software is also responsible for processing communication data forwarding between the client and the PLC equipment. In order to solve the problem of data security, a communication data encryption algorithm is added in server software, a 128-bit secret key is used, the session secret key is obtained by adding a random number to a client ID and then performing MD5 calculation, and the communication data is subjected to AES encryption by the session secret key, so that the source data cannot be obtained even if the communication data is monitored in the communication process. In order to prevent the communication key from being cracked by man, the server updates the key every 2 hours, and the updated key is stored in the user/equipment information table on line with the database. The client and the PLC device re-handshake.
More specifically, the client is further configured to detect whether the received forwarding channel information and the ID of the PLC device meet requirements, and if the received ID of the PLC device is the same as the PLC device requesting communication and can communicate with the PLC device through the forwarding channel, determine that the received ID of the PLC device meets the requirements, and generate a first determination result as meeting the requirements;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the communication with the PLC equipment can not be carried out through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as that the received ID of the PLC equipment does not meet the requirement;
when the first judgment result is inconsistent, outputting a communication restarting instruction, and re-initiating a communication request to the server end in response to the communication restarting instruction;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server in a plurality of continuous preset periods, judging that the communication state is overtime;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
It will be appreciated that a customer operational interface is provided. The client software also integrates a 128-bit AES encryption algorithm, a session key is taken from the server during login, the subsequent communication data is encrypted by using the session key, and after the subsequent communication data is sent to the server, the server takes the session key of the user from a database table according to the user ID of the client to analyze the data packet, the analysis is successful, the data is processed, and a result is returned; if the analysis fails, an error code (the session key is updated) is returned to the client, the client sends a request for updating the session key to the server after receiving the error code, and the server returns a new key to the client.
More specifically, the PLC device is further configured to detect whether the received forwarding channel information and the client ID meet requirements, and if the received client ID can communicate with the PLC device, determine that the received client ID meets the requirements, and generate a second determination result as a meeting;
and if the received client ID can not be communicated with the PLC equipment, judging that the client ID is not in accordance with the requirement, generating a second judgment result as non-accordance, and sending the second judgment result to the server.
As will be appreciated, is a field control device. A128 bit AES encryption algorithm is also integrated in a remote function module of the PLC software, and the connection process with the server software is the same as that of the client software.
In summary, the embodiment of the invention has the following beneficial effects:
according to the method and the system for communicating with the remote PLC equipment, provided by the invention, multiple verification is carried out on the client and the PLC equipment through encryption communication, so that no error is caused between the equipment in communication connection, and meanwhile, a communication channel is detected to ensure high safety of communication; and the communication state is periodically detected, the abnormal state in the communication is timely found, and the high stability of the communication is ensured.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.
Claims (10)
1. A method of communicating with a remote PLC device, comprising the steps of:
step S1, responding to a communication request of a client user, and a server side acquires request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication;
s2, the server side inquires a preset user and equipment relation table according to the received request information, verifies whether the client side user has the communication authority of the PLC equipment or not, and generates an inquiry result; when the query result is authorized, opening a forwarding channel; the server side transmits the forwarding channel information and the ID of the PLC device back to the client side through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises the authority or the no authority; the forwarding channel at least comprises a communication IP and a communication port;
s3, the client receives forwarding channel information and the ID of the PLC equipment, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a first judgment result, and sends the first judgment result to the server as a first confirmation packet when the first judgment result meets the requirement; the PLC equipment receives channel information and a client ID, determines whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generates a second judgment result, and sends the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the first judgment result comprises coincidence or non-coincidence; the second judgment result comprises coincidence or non-coincidence;
s4, the server side determines whether the forwarding channel is successfully established according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is successfully established, a communication starting instruction is generated; if the establishment is not successful, closing the communication port called by the forwarding channel;
step S5, the client sends a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client.
2. The method of claim 1, wherein the step S2 comprises:
when the client or the user recorded in the received request information is inquired in the relation table of the user and the equipment, the inquiry result is generated as the authorized result;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
and when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client.
3. The method of claim 2, wherein the step S3 comprises:
the client detects whether the received forwarding channel information and the ID of the PLC equipment meet the requirements, if the received ID of the PLC equipment is the same as the PLC equipment requiring communication and can communicate with the PLC equipment through the forwarding channel, the requirement is judged to be met, and a first judgment result is generated to be met;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the communication with the PLC equipment can not be carried out through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as that the received ID of the PLC equipment does not meet the requirement;
and when the first judgment result is that the communication requests do not conform to the preset communication time, outputting a communication restarting command, and re-initiating the communication request to the server side in response to the communication restarting command.
4. The method of claim 3, wherein the step S3 further comprises:
the PLC equipment detects whether the received forwarding channel information and the client ID meet the requirements or not, if the received client ID can be communicated with the PLC equipment, the requirement is judged to be met, and a second judgment result is generated to be met;
and if the received client ID can not be communicated with the PLC equipment, judging that the received client ID is not qualified, generating a second judgment result as non-conformity, and sending the second judgment result to the server.
5. The method of claim 4, wherein the step S4 comprises:
when the server receives the first confirmation packet and the second confirmation packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first confirmation packet or the second confirmation packet through the forwarding channel, judging that the forwarding channel is not established successfully.
6. The method of claim 5, wherein the step S5 comprises:
if the client does not receive a communication state maintaining packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is overtime;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
7. A system for communicating with a remote PLC device for implementing the method of any of claims 1-6, comprising: the system comprises a client, a server and a PLC device which are connected in sequence;
the client is used for logging in by a user through an account password and outputting a communication request to the server;
the server is used for responding to a communication request of a client user to acquire request information of the client; the request information at least comprises client information, user information and PLC (programmable logic controller) equipment information requesting communication; inquiring a preset user-equipment relation table according to the received request information, verifying whether the client user has the communication authority to the PLC equipment, and generating an inquiry result; when the query result is authorized, opening a forwarding channel; and transmitting the forwarding channel information and the ID of the PLC equipment back to the client through the opened forwarding channel; outputting the forwarding channel information and the client ID to the PLC equipment; wherein the query result comprises authority or no authority; the forwarding channel at least comprises a communication IP and a communication port;
the PLC device is used for receiving channel information and a client ID, determining whether the forwarding channel meets the requirement of a communication request according to a preset judgment rule, generating a second judgment result, and sending the second judgment result to the server as a second confirmation packet when the second judgment result meets the requirement; wherein the second determination result comprises a coincidence or a non-coincidence;
the client is further used for receiving forwarding channel information and an ID of the PLC device, determining whether the forwarding channel meets the requirement of a communication request according to a preset determination rule, generating a first determination result, and sending the first determination result to the server as a first confirmation packet when the first determination result meets the requirement; the first judgment result comprises coincidence or non-coincidence;
the server is further used for determining whether the forwarding channel is established successfully or not according to the received first confirmation packet and the received second confirmation packet, and if the forwarding channel is established successfully, generating a communication starting instruction; if the establishment is not successful, closing the communication port called by the forwarding channel;
the client is further used for sending a communication state maintaining packet and communication data to the PLC equipment through the server according to the received communication starting instruction and according to a preset period; receiving a communication state maintenance packet response result and a communication data response result returned by the PLC equipment through the server; and judging whether the communication state between the client and the PLC equipment is overtime according to the communication state maintaining packet response result and the communication data response result, and if the communication state is overtime, disconnecting the communication connection and restarting the communication request by the client.
8. The system of claim 7, wherein the server is further configured to generate a query result as authorized when the client or the user, which is recorded in the received request information and is queried in the user-device relationship table, has a communication right for the PLC device;
when the client or the user recorded in the received request information is not inquired in the relation table of the user and the equipment, generating an inquiry result as no authority;
when the generated query result is not authorized, outputting error information for prompting that no communication authorization exists to the client;
when the server receives the first confirmation packet and the second confirmation packet through the forwarding channel, the server judges that the forwarding channel is successfully established;
and when the server side does not receive the first acknowledgement packet or the second acknowledgement packet through the forwarding channel, judging that the forwarding channel is not established successfully.
9. The system of claim 8, wherein the client is further configured to detect whether the received forwarding channel information and the ID of the PLC device meet requirements, and if the received ID of the PLC device is the same as the PLC device requesting communication and can communicate with the PLC device through the forwarding channel, determine that the received ID of the PLC device meets the requirements, and generate a first determination result as meeting the requirements;
if the received ID of the PLC equipment is different from the PLC equipment requesting communication or the communication with the PLC equipment can not be carried out through the forwarding channel, judging that the received ID of the PLC equipment does not meet the requirement, and generating a first judgment result as that the received ID of the PLC equipment does not meet the requirement;
when the first judgment result is not in accordance with the first judgment result, outputting a restart communication instruction, and re-initiating a communication request to the server end in response to the restart communication instruction;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server in a plurality of continuous preset periods, judging that the communication state is overtime;
and if the client does not receive the communication state maintenance packet response result returned by the PLC equipment through the server within a plurality of continuous preset periods, judging that the communication state is not overtime.
10. The system of claim 9, wherein the PLC device is further configured to detect whether the received forwarding channel information and the client ID meet requirements, and if the received client ID can communicate with the PLC device, determine that the received forwarding channel information and the client ID meet requirements, and generate a second determination result as meeting requirements;
and if the received client ID can not be communicated with the PLC equipment, judging that the client ID is not in accordance with the requirement, generating a second judgment result as non-accordance, and sending the second judgment result to the server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011606908.9A CN112751929B (en) | 2020-12-28 | 2020-12-28 | Method and system for communicating with remote PLC (programmable logic controller) equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011606908.9A CN112751929B (en) | 2020-12-28 | 2020-12-28 | Method and system for communicating with remote PLC (programmable logic controller) equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112751929A CN112751929A (en) | 2021-05-04 |
CN112751929B true CN112751929B (en) | 2023-03-14 |
Family
ID=75649380
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011606908.9A Active CN112751929B (en) | 2020-12-28 | 2020-12-28 | Method and system for communicating with remote PLC (programmable logic controller) equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112751929B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113985793A (en) * | 2021-11-22 | 2022-01-28 | 深圳供电局有限公司 | Intelligent equipment remote interaction method and system based on middle layer |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7590710B1 (en) * | 2004-06-17 | 2009-09-15 | Wavetrix, Inc. | Method and system for extending a communication port via a general purpose network |
CN102053584A (en) * | 2009-11-06 | 2011-05-11 | 中石油北京天然气管道有限公司 | Remote maintenance authorization management method for automatic control intelligent equipment of oil gas pipeline |
CN106412062A (en) * | 2016-09-29 | 2017-02-15 | 深圳市科创思科技有限公司 | Method and system for remotely loading engineering to device and monitoring operation state of engineering |
CN107786647A (en) * | 2017-10-16 | 2018-03-09 | 深圳市合信自动化技术有限公司 | A kind of PLC remote device managements method, apparatus and system based on social attribute |
CN109640326A (en) * | 2018-11-16 | 2019-04-16 | 深圳绿米联创科技有限公司 | Right management method, device, system and mobile terminal |
CN110225054A (en) * | 2019-06-20 | 2019-09-10 | 腾讯科技(深圳)有限公司 | Remote assistance connects method for building up, device, server and storage medium |
CN110691110A (en) * | 2018-07-06 | 2020-01-14 | 中移(杭州)信息技术有限公司 | Communication method, device, system, terminal, equipment and medium |
CN111245699A (en) * | 2020-01-15 | 2020-06-05 | 广州华多网络科技有限公司 | Remote communication service control method, server and client |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120331156A1 (en) * | 2011-06-21 | 2012-12-27 | Colpitts Cameron | Wireless control system, methods and apparatus |
-
2020
- 2020-12-28 CN CN202011606908.9A patent/CN112751929B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7590710B1 (en) * | 2004-06-17 | 2009-09-15 | Wavetrix, Inc. | Method and system for extending a communication port via a general purpose network |
CN102053584A (en) * | 2009-11-06 | 2011-05-11 | 中石油北京天然气管道有限公司 | Remote maintenance authorization management method for automatic control intelligent equipment of oil gas pipeline |
CN106412062A (en) * | 2016-09-29 | 2017-02-15 | 深圳市科创思科技有限公司 | Method and system for remotely loading engineering to device and monitoring operation state of engineering |
CN107786647A (en) * | 2017-10-16 | 2018-03-09 | 深圳市合信自动化技术有限公司 | A kind of PLC remote device managements method, apparatus and system based on social attribute |
CN110691110A (en) * | 2018-07-06 | 2020-01-14 | 中移(杭州)信息技术有限公司 | Communication method, device, system, terminal, equipment and medium |
CN109640326A (en) * | 2018-11-16 | 2019-04-16 | 深圳绿米联创科技有限公司 | Right management method, device, system and mobile terminal |
CN110225054A (en) * | 2019-06-20 | 2019-09-10 | 腾讯科技(深圳)有限公司 | Remote assistance connects method for building up, device, server and storage medium |
CN111245699A (en) * | 2020-01-15 | 2020-06-05 | 广州华多网络科技有限公司 | Remote communication service control method, server and client |
Non-Patent Citations (1)
Title |
---|
基于改进心跳包机制的整流远程监控系统;胡志坤等;《计算机应用》;20080215(第02期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN112751929A (en) | 2021-05-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4638339B2 (en) | Bluetooth device and method for providing a service determined by a Bluetooth PIN | |
US7093127B2 (en) | System and method for computer storage security | |
US6499108B1 (en) | Secure electronic mail system | |
US6064736A (en) | Systems, methods and computer program products that use an encrypted session for additional password verification | |
US7681037B2 (en) | Network connection system | |
US8762726B2 (en) | System and method for secure access | |
CN111783068B (en) | Device authentication method, system, electronic device and storage medium | |
JP2020080530A (en) | Data processing method, device, terminal, and access point computer | |
US20070165582A1 (en) | System and method for authenticating a wireless computing device | |
CN112738030B (en) | Data acquisition and sharing working method for agricultural technicians through big data analysis | |
CN109257387A (en) | Method and apparatus for disconnection reconnecting | |
CN112751929B (en) | Method and system for communicating with remote PLC (programmable logic controller) equipment | |
CN113037702B (en) | Agricultural worker login system safe working method based on big data analysis | |
JPH10242957A (en) | User authentication method, system therefor and storage medium for user authentication | |
CN115473655B (en) | Terminal authentication method, device and storage medium for access network | |
KR101506223B1 (en) | Automatic Reconnection System For Virtualization Service | |
CN106851634B (en) | Method for managing online state of equipment in Portal environment | |
CN113992387B (en) | Resource management method, device, system, electronic equipment and readable storage medium | |
CN106972928B (en) | Bastion machine private key management method, device and system | |
CN113660285A (en) | Multimedia conference on-line terminal control method, device, equipment and storage medium | |
CN113539523A (en) | Internet of things equipment identity authentication method based on domestic commercial cryptographic algorithm | |
CN115379008B (en) | Data transfer station system based on network server | |
EP3907967A1 (en) | Method for preventing sip device from being attacked, calling device, and called device | |
CN110086800B (en) | Method and device for secret communication | |
CN114039735A (en) | Method and device for transmitting data between devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |