CN114244719A - Centralized control power station communication topological structure suitable for public network and application method thereof - Google Patents
Centralized control power station communication topological structure suitable for public network and application method thereof Download PDFInfo
- Publication number
- CN114244719A CN114244719A CN202111430211.5A CN202111430211A CN114244719A CN 114244719 A CN114244719 A CN 114244719A CN 202111430211 A CN202111430211 A CN 202111430211A CN 114244719 A CN114244719 A CN 114244719A
- Authority
- CN
- China
- Prior art keywords
- power station
- data
- centralized control
- area
- production area
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000006854 communication Effects 0.000 title claims abstract description 98
- 238000004891 communication Methods 0.000 title claims abstract description 96
- 238000000034 method Methods 0.000 title claims abstract description 77
- 238000004519 manufacturing process Methods 0.000 claims abstract description 112
- 230000005540 biological transmission Effects 0.000 claims abstract description 14
- 238000012545 processing Methods 0.000 claims abstract description 10
- 238000002955 isolation Methods 0.000 claims description 61
- 230000008569 process Effects 0.000 claims description 34
- 238000004422 calculation algorithm Methods 0.000 claims description 18
- 230000003993 interaction Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 239000000203 mixture Substances 0.000 claims 1
- 239000002994 raw material Substances 0.000 claims 1
- 238000012360 testing method Methods 0.000 description 6
- 238000004590 computer program Methods 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 5
- 238000004088 simulation Methods 0.000 description 5
- 238000011217 control strategy Methods 0.000 description 4
- 238000007796 conventional method Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000013528 artificial neural network Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000003384 imaging method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000002245 particle Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a communication topological structure of a centralized control power station suitable for a public network and an application method thereof, wherein the communication topological structure comprises the following steps: the production area comprises an intranet production area server serving as a communication master station and used for transmitting the downlink data of the master station to the access area, processing the uplink data and writing the uplink data into a local production area system; the access area is used for receiving and processing the downlink data of the production area, transmitting the processed downlink data through the communication channel, processing the uplink data and transmitting the processed uplink data to the production area; and a communication channel as a transmission channel between the access areas. The communication topological structure and the application method of the centralized control power station provided by the invention can not only increase the reliability of the communication of the centralized control power station, but also meet the network safety protection requirement.
Description
Technical Field
The invention relates to the technical field of power station communication, in particular to a centralized control power station communication topological structure suitable for a public network and an application method thereof.
Background
In recent years, according to the requirements of the general safety protection scheme of the national energy agency on the printing and sending power monitoring system for a safety access area, if individual service systems or function modules thereof in a production control area need to use a public communication network, a wireless communication network, network equipment and terminals in an uncontrollable state for communication, and the safety protection level is lower than that of other systems in the production control area, the safety access area is set and is not an independent subarea, and when the safety access area is connected with the production control area, a transverse unidirectional safety isolation device special for power is adopted for centralized interconnection.
Disclosure of Invention
This section is for the purpose of summarizing some aspects of embodiments of the invention and to briefly introduce some preferred embodiments. In this section, as well as in the abstract and the title of the invention of this application, simplifications or omissions may be made to avoid obscuring the purpose of the section, the abstract and the title, and such simplifications or omissions are not intended to limit the scope of the invention.
In view of the existing problems, a communication topology structure of a centralized control power station suitable for a public network and an application method thereof are provided.
Therefore, the technical problem solved by the invention is as follows: the existing communication topological structure can not only meet the safety protection requirement of a public communication network, but also ensure the normal production requirement.
In order to solve the technical problems, the invention provides the following technical scheme: the production area comprises an intranet production area server serving as a communication master station and used for transmitting the downlink data of the master station to the access area, processing the uplink data and writing the uplink data into a local production area system; the access area is used for receiving and processing the downlink data of the production area, transmitting the processed downlink data through the communication channel, processing the uplink data and transmitting the processed uplink data to the production area; and a communication channel as a transmission channel between the access areas.
As an optimal scheme of the communication topology structure of the centralized control power station applicable to the public network, the invention comprises the following steps: the production area comprises a centralized control side production area and a power station side production area, and the access area comprises a centralized control side access area and a power station side access area; the centralized control side production area transmits the main station downlink data to the centralized control side access area, the centralized control side access area receives the main station downlink data, processes the main station downlink data and transmits the main station downlink data to the power station side access area through a communication channel, the centralized control side access area receives the uplink data of the power station side access area, processes the uplink data and transmits the uplink data to the centralized control side production area, and the centralized control side production area receives the uplink data, processes the uplink data and writes the uplink data into a local production area system.
As an optimal scheme of the communication topology structure of the centralized control power station applicable to the public network, the invention comprises the following steps: the power station side production area transmits uplink data to the power station side access area, the power station side access area receives the uplink data of the power station side production area, processes the uplink data and transmits the uplink data to the centralized control side access area through the communication channel, and the power station side access area receives the downlink data of the centralized control side access area and processes and responds the downlink data.
As an optimal scheme of the communication topology structure of the centralized control power station applicable to the public network, the invention comprises the following steps: the device also comprises an isolation device, a first isolation device and a second isolation device, wherein the isolation device is used for isolating the production area from the access area; the centralized control side production area and the centralized control side access area are isolated by a first isolation device, and the power station side production area and the power station side access area are isolated by a second isolation device; the first isolating device comprises a first forward isolating device and a reverse isolating device, and the second isolating device comprises a second forward isolating device.
As an optimal scheme of the communication topology structure of the centralized control power station applicable to the public network, the invention comprises the following steps: the isolation device is further used for data transmission, the centralized control side production area transmits downlink data of the main station to the centralized control side access area through the first forward isolation device, the centralized control side access area transmits uplink data of the received power station side access area to the centralized control side production area through the reverse isolation device, the power station side production area transmits the uplink data to the power station side access area through the second forward isolation device, and the power station side access area transmits the downlink data of the received centralized control side access area to the power station side production area through the second reverse isolation device.
As an optimal scheme of the communication topology structure of the centralized control power station applicable to the public network, the invention comprises the following steps: the centralized control side production area and the power station side production area both comprise two servers, the two servers are mutually master and standby, the two servers in the centralized control side production area serve as a communication master station, and the two servers in the power station side production area serve as a power station data acquisition terminal.
As an optimal scheme of the communication topology structure of the centralized control power station applicable to the public network, the invention comprises the following steps: the communication channel is a satellite public network and is provided with a longitudinal encryption device, a router and a switch.
As an optimized scheme of the application method of the communication topology structure of the centralized control power station applicable to the public network, the method comprises the following steps: the method comprises the steps of collecting power station data by using a production area server; the access area processes the data collected by the production area, and transmits the processed data to the production area based on the communication channel and the isolation device, so as to realize the interaction of uplink and downlink data at the centralized control side.
As an optimized scheme of the application method of the communication topology structure of the centralized control power station applicable to the public network, the method comprises the following steps: encrypting communication data by using an encryption algorithm in the communication process of the communication channel and the isolation device, wherein the encryption algorithm comprises a first key, a second key and a third key for obtaining the encryption algorithm; encrypting the power station data to be transmitted through the first key to generate first encrypted data; decrypting the first encrypted data through the second key to generate second encrypted data; and encrypting the second encrypted data through the third key to generate encrypted power station data.
As an optimized scheme of the application method of the communication topology structure of the centralized control power station applicable to the public network, the method comprises the following steps: and carrying out integrity verification on the encrypted power station data by using a data integrity algorithm, and if the encrypted power station data is incomplete, forbidding the transmission of the power station data.
The invention has the beneficial effects that: on the basis of the original special line and special network communication, the satellite public network communication is added as a standby channel, the special line and special network communication is preferentially carried out, the communication fault of the special line and special network communication is automatically switched to the satellite public network channel, the special line and special network channel is recovered and automatically switched back, a safety access area is arranged aiming at the satellite public network channel, and forward and reverse isolation equipment is used for isolating a public network from an internal network to ensure the safety protection requirement.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise. Wherein:
fig. 1 is a basic flowchart of a communication topology structure of a centralized control power station suitable for a public network and an application method thereof according to an embodiment of the present invention;
fig. 2 is a schematic block diagram of a communication topology structure of a centralized control power station suitable for a public network and an application method thereof according to an embodiment of the present invention.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, specific embodiments accompanied with figures are described in detail below, and it is apparent that the described embodiments are a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making creative efforts based on the embodiments of the present invention, shall fall within the protection scope of the present invention.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, but the present invention may be practiced in other ways than those specifically described and will be readily apparent to those of ordinary skill in the art without departing from the spirit of the present invention, and therefore the present invention is not limited to the specific embodiments disclosed below.
Furthermore, reference herein to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one implementation of the invention. The appearances of the phrase "in one embodiment" in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments.
The present invention will be described in detail with reference to the drawings, wherein the cross-sectional views illustrating the structure of the device are not enlarged partially in general scale for convenience of illustration, and the drawings are only exemplary and should not be construed as limiting the scope of the present invention. In addition, the three-dimensional dimensions of length, width and depth should be included in the actual fabrication.
Meanwhile, in the description of the present invention, it should be noted that the terms "upper, lower, inner and outer" and the like indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of describing the present invention and simplifying the description, but do not indicate or imply that the referred device or element must have a specific orientation, be constructed in a specific orientation and operate, and thus, cannot be construed as limiting the present invention. Furthermore, the terms first, second, or third are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
The terms "mounted, connected and connected" in the present invention are to be understood broadly, unless otherwise explicitly specified or limited, for example: can be fixedly connected, detachably connected or integrally connected; they may be mechanically, electrically, or directly connected, or indirectly connected through intervening media, or may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Example 1
Referring to fig. 1, an embodiment of the present invention provides an application method of a communication topology structure of a centralized control power station applicable to a public network, including:
s1: collecting power station data by using a production area 100 server;
s2: the access area 200 processes the data collected by the production area 100, and transmits the processed data to the production area 100 based on the communication channel 300 and the isolation device 400, so as to realize the interaction of uplink and downlink data at the centralized control side.
It should be noted that, during the communication process between the communication channel 300 and the isolation device 400, the communication data is encrypted by using an encryption algorithm, where the encryption algorithm includes:
acquiring a first key, a second key and a third key of an encryption algorithm;
encrypting power station data to be transmitted through a first secret key to generate first encrypted data;
decrypting the first encrypted data through the second key to generate second encrypted data;
and encrypting the second encrypted data through a third key to generate encrypted power station data.
Wherein, the 3DES encryption process is as follows: c ═ Ek3(Dk2(Ek1(P))), and the 3DES decryption process is: p ═ Dk1(EK2(Dk3 (C)));
ek () and Dk () are defined to represent the encryption and decryption processes of the DES algorithm, K represents the key used by the DES algorithm, P represents the plaintext, and C represents the ciphertext.
The partial code used to implement the algorithm is as follows:
uses asymmetric encryption algorithm to realize identity authentication and key exchange,
the asymmetric encryption is that the encryption and decryption use different keys: only one public key-private key pair can normally encrypt and decrypt, and part of codes for realizing the algorithm are as follows:
further, integrity verification is carried out on the encrypted power station data by using a data integrity algorithm, and if the encrypted power station data is incomplete, transmission of the power station data is forbidden.
Wherein, the data integrity algorithm is as follows:
wherein corr is the data integrity test result, m and n are vector constants, A is the number of bytes of the encrypted production access area power station data, and B is the production access area power station data.
When the output result is greater than 0.85, the data is complete.
In order to verify and explain the technical effects adopted in the method, the invention selects the plaintext transmission of the traditional method and adopts the method to carry out comparison test, and compares the test results by means of scientific demonstration to verify the real effect of the method.
The traditional technical scheme is as follows: the communication reliability of the centralized control power station is low, the requirement of network safety protection cannot be met, the data transmission nodes are easy to monitor, attack and even tamper, and in order to verify that the method has higher safety compared with the traditional method, the attack and tamper success rate of the communication data of the centralized control power station is measured and compared in real time by adopting the traditional method and the method.
And (3) testing environment: the transmission of the communication data of the centralized control power station is simulated on the simulation platform, the traditional method and the method are respectively adopted, the automatic test equipment is started, MATLB software programming is used for realizing simulation test of the two methods, monitoring, attacking and malicious tampering on a protocol on a simulation network are simulated, and simulation data are obtained according to an experimental result. In each method, 500 groups of data are tested, the data transmission result of each group is obtained through calculation, the error is calculated by comparing with the actual centralized control power station communication data input through simulation, and the result is shown in table 1.
Table 1: the experimental results are shown in a comparison table.
| Experimental sample | |
The method of the invention |
| Success rate of tampering | 65% | 1.2% |
As can be seen from the above table, the method of the present invention has high safety compared to the conventional method.
Example 2
Referring to fig. 2, another embodiment of the present invention is different from the first embodiment in that a communication topology of a centralized control power station suitable for a public network is provided, and the communication topology includes:
a production area 100, which includes an intranet production area server as a communication station, and is used to transmit downlink/uplink data of the master station to the access area 200 and process the uplink data and write the uplink data into a local production area system;
an access area 200, configured to receive and process downlink/uplink data of the production area 100, transmit the processed downlink/uplink data through the communication channel 300, process the downlink/uplink data, and transmit the processed downlink/uplink data to the production area 100; and the number of the first and second groups,
the communication channel 300 is used as a transmission channel between the access areas 200, wherein the communication channel 300 is a satellite public network and is configured with a vertical encryption device 301, a router 302 and a switch 303.
The isolation device 400 includes a first isolation device 401 and a second isolation device 402, and the isolation device 400 is used for isolating the production area 100 from the access area 200.
The production area 100 comprises a centralized control side production area 101 and a power station side production area 102, and the access area 200 comprises a centralized control side access area 201 and a power station side access area 202;
the central control side production area 101 transmits the main station downlink data to the central control side access area 201, the central control side access area 201 receives the main station downlink data, processes the main station downlink data and transmits the main station downlink data to the power station side access area 202 through the communication channel 300, the central control side access area 201 receives the uplink data of the power station side access area 202, processes the uplink data and transmits the uplink data to the central control side production area 101, and the central control side production area 101 receives the uplink data, processes the uplink data and writes the uplink data into a local production area system.
The station side production area 102 transmits the uplink data to the station side access area 202, the station side access area 202 receives the uplink data of the station side production area 102, processes the uplink data and transmits the uplink data to the centralized control side access area 201 through a communication channel, the station side access area 202 receives the downlink data of the centralized control side access area 201, processes the downlink data and transmits the downlink data to the station side production area 102, and the station side production area 102 receives the downlink data, processes the downlink data and writes the downlink data into a local production area system.
Further, the centralized control side production area 101 and the centralized control side access area 201 are isolated by a first isolation device 401, and the power station side production area 102 and the power station side access area 202 are isolated by a second isolation device 402;
wherein, the first isolation device 401 comprises a first forward isolation device 401-a and a reverse isolation device 401-b, and the second isolation device 402 comprises a second forward isolation device 402-a and a second reverse isolation device.
Furthermore, the isolation device 400 is also used for data transmission, the central control side production area 101 transmits the main station downlink data to the central control side access area 201 through the first forward isolation device 401-a, the central control side access area 201 transmits the received uplink data of the station side access area 202 to the central control side production area 101 through the reverse isolation device 401-b, the station side production area 102 transmits the uplink data to the station side access area 202 through the second forward isolation device 402-a, and the station side access area 202 transmits the received downlink data of the central control side access area 202 to the station side production area 102 through the second reverse isolation device 402-b.
The centralized control side production area 101 and the power station side production area 201 both comprise two servers, the two servers respectively comprise a master server and a slave server, the two servers of the centralized control side production area 101 serve as a communication master station, and the two servers of the power station side production area 201 serve as power station data acquisition terminals.
The network topology structure is specifically as follows:
(1) the centralized control side is divided into a centralized control side intranet production area and a centralized control side safety access area, and the two parts are separated by a forward and reverse isolation device;
(2) the power station side is divided into a power station side intranet production area and a power station side safety access area, and the power station side intranet production area and the power station side safety access area are separated by a forward isolation device;
(3) and a channel between the centralized control side safety access area and the power station side safety access area is a satellite public network.
Wherein:
(1) the centralized control side hardware configuration is as follows:
2 multi-network card servers, namely jkmain1 and jkmain2, which are used as centralized control side intranet production area servers;
the system comprises a forward isolation device 1, a central control side safety access area and a central control side safety access area, wherein the forward isolation device is used as the central control side intranet production area to be isolated from the central control side safety access area;
the reverse isolation device 1 is used as an internal network production area of a centralized control side and is isolated from a safety access area of the centralized control side;
a secure access area system 1.
(2) The station side hardware configuration is as follows:
2 multi-network card servers, namely dzmain1 and dzmain2, are used as intranet production area servers of the power station side;
the system comprises a forward isolation device 1, a power station side safety access area and a power station side safety access area, wherein the forward isolation device is used as an inner network production area of the power station side and is isolated from the power station side safety access area;
a secure access area system 1.
(3) And a channel between the safety access area at the centralized control side and the safety access area at the power station side is a satellite public network, and equipment such as a longitudinal encryption device, a router, a switch and the like is configured according to the boundary protection requirement.
The working process comprises the following steps:
(1) two servers jkmain1 and jkmain2 in the centralized control side intranet production area are mutually active and standby and serve as communication master stations, and downlink data of the master stations are transmitted to the centralized control side security access area through forward isolation devices by the two servers.
(2) And the centralized control side safety access area system receives downlink data of the centralized control side intranet production area, processes the downlink data and transmits the downlink data to the power station side safety access area through the satellite channel.
(3) And the centralized control side safety access area system receives the uplink data of the power station side safety access area, processes the uplink data and transmits the uplink data to the centralized control intranet production area through the reverse isolation device.
(4) And the centralized control side intranet production area server processes and writes the uplink data into the local production area system after receiving the uplink data of the centralized control side security access area system.
(5) The data processing work flow of the power station side is opposite to the flow direction of the centralized control side.
Furthermore, the communication topological structure of the centralized control power station is characterized in that satellite public network communication is used as a standby channel and is connected with the existing special line private network communication, and when the communication fault of the special line private network is automatically switched to the satellite public network channel, the special line private network channel is recovered and automatically switched back.
Specifically, the operating state data of the private network communication is analyzed by utilizing the deep neural network, the operating state of the private network communication is predicted in advance for at least 100 ms-220 ms, according to the predicted operating state, when the private network communication possibly fails, the time duration t of the starting time range s of the standby channel under different failure conditions is divided into 3 ranges, and each time range corresponds to different failure types respectively:
t≤100ms;
100ms<t≤220ms;
t>220ms。
if t is less than or equal to 100ms, defining a control strategy as starting a standby channel, continuously monitoring the availability of the private network communication within 7-8 h (h) when the standby channel is started for more than 8-12 h (h), and immediately closing the standby channel and switching to the private network communication if the standby channel is available;
if t is more than 100ms and less than or equal to 100ms, defining a control strategy that the standby channel is opened for a short time of 2-8 h, continuously monitoring the availability of the private network communication within 1-2 h, and if the standby channel is available, immediately closing the standby channel and switching to the private network communication;
if t is more than 220ms, defining a control strategy that the opening time of the standby channel is less than 2h, continuously monitoring the availability of the private network communication within 2h, and if the standby channel is available, immediately closing the standby channel and switching to the private network communication;
if the related technicians send out a standby channel opening instruction, the time range of the special line private network communication fault type is judged, different control strategies are selected according to the time range, and the adopted corresponding strategies are determined.
It should be recognized that embodiments of the present invention can be realized and implemented by computer hardware, a combination of hardware and software, or by computer instructions stored in a non-transitory computer readable memory. The methods may be implemented in a computer program using standard programming techniques, including a non-transitory computer-readable storage medium configured with the computer program, where the storage medium so configured causes a computer to operate in a specific and predefined manner, according to the methods and figures described in the detailed description. Each program may be implemented in a high level procedural or object oriented programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Furthermore, the program can be run on a programmed application specific integrated circuit for this purpose.
Further, the operations of processes described herein can be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The processes described herein (or variations and/or combinations thereof) may be performed under the control of one or more computer systems configured with executable instructions, and may be implemented as code (e.g., executable instructions, one or more computer programs, or one or more applications) collectively executed on one or more processors, by hardware, or combinations thereof. The computer program includes a plurality of instructions executable by one or more processors.
Further, the method may be implemented in any type of computing platform operatively connected to a suitable interface, including but not limited to a personal computer, mini computer, mainframe, workstation, networked or distributed computing environment, separate or integrated computer platform, or in communication with a charged particle tool or other imaging device, and the like. Aspects of the invention may be embodied in machine-readable code stored on a non-transitory storage medium or device, whether removable or integrated into a computing platform, such as a hard disk, optically read and/or write storage medium, RAM, ROM, or the like, such that it may be read by a programmable computer, which when read by the storage medium or device, is operative to configure and operate the computer to perform the procedures described herein. Further, the machine-readable code, or portions thereof, may be transmitted over a wired or wireless network. The invention described herein includes these and other different types of non-transitory computer-readable storage media when such media include instructions or programs that implement the steps described above in conjunction with a microprocessor or other data processor. The invention also includes the computer itself when programmed according to the methods and techniques described herein. A computer program can be applied to input data to perform the functions described herein to transform the input data to generate output data that is stored to non-volatile memory. The output information may also be applied to one or more output devices, such as a display. In a preferred embodiment of the invention, the transformed data represents physical and tangible objects, including particular visual depictions of physical and tangible objects produced on a display.
As used in this application, the terms "component," "module," "system," and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and software, or software in execution. For example, a component may be, but is not limited to being: a process running on a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of example, both an application running on a computing device and the computing device can be a component. One or more components can reside within a process and/or thread of execution and a component can be localized on one computer and/or distributed between two or more computers. In addition, these components can execute from various computer readable media having various data structures thereon. The components may communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data from one component interacting with another component in a local system, distributed system, and/or across a network such as the internet with other systems by way of the signal).
It should be noted that the above-mentioned embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention, which should be covered by the claims of the present invention.
Claims (10)
1. The utility model provides a centralized control power station communication topological structure suitable for public network which characterized in that includes:
the production area (100) comprises an intranet production area server which is used as a communication master station and is used for transmitting the downlink data of the master station to the access area (200) and processing the uplink data and writing the uplink data into a local production area system;
the access area (200) is used for receiving and processing the downlink data of the production area (100), transmitting the processed downlink data through the communication channel (300), processing the uplink data and transmitting the processed uplink data to the production area (100); and the number of the first and second groups,
a communication channel (300) is used as a transmission channel between the access areas (200).
2. A centralized control plant communication topology suitable for public networks, according to claim 1, characterized in that: the production area (100) comprises a centralized control side production area (101) and a power station side production area (102), and the access area (200) comprises a centralized control side access area (201) and a power station side access area (202);
the centralized control side production area (101) transmits the main station downlink data to the centralized control side access area (201), the centralized control side access area (201) receives the main station downlink data, processes the main station downlink data and transmits the main station downlink data to the power station side access area (202) through the communication channel (300), the centralized control side access area (201) receives the uplink data of the power station side access area (202), processes the uplink data and transmits the uplink data to the centralized control side production area (101), and the centralized control side production area (101) receives the uplink data, processes the uplink data and writes the uplink data into a local production area system.
3. A centralized control plant communication topology applicable to public networks as claimed in claim 1 or 2, characterized in that: the power station side production area (102) transmits uplink data to the power station side access area (202), the power station side access area (202) receives the uplink data of the power station side production area (102), processes the uplink data and transmits the uplink data to the centralized control side access area (201) through a communication channel, and the power station side access area (202) receives the downlink data of the centralized control side access area (201) and then processes and responds the downlink data.
4. A centralized control plant communication topology suitable for public networks as defined in claim 3, wherein: the device further comprises an isolation device (400) comprising a first isolation device (401) and a second isolation device (402), wherein the isolation device (400) is used for isolating the production area (100) from the access area (200);
the centralized control side production area (101) is isolated from the centralized control side access area (201) through a first isolation device (401), and the power station side production area (102) is isolated from the power station side access area (202) through a second isolation device (402);
the first isolation device (401) comprises a first forward isolation device (401-a), a reverse isolation device (401-b), and the second isolation device (402) comprises a second forward isolation device (402-a).
5. A centralized control plant communication topology suitable for public networks, according to claim 4, characterized in that: the isolation device (400) is further used for data transmission, the central control side production area (101) transmits the downlink data of the main station to the central control side access area (201) through the first forward isolation device (401-a), the central control side access area (201) transmits the received uplink data of the power station side access area (202) to the central control side production area (101) through the reverse isolation device (401-b), the power station side production area (102) transmits the uplink data to the power station side access area (202) through the second forward isolation device (402-a), and the power station side access area (202) transmits the received downlink data of the central control side access area (201) to the power station side production area (102) through the reverse isolation device (402-b).
6. A centralized control plant communication topology suitable for public networks, according to claim 5, characterized in that: the centralized control side production area (101) and the power station side production area (201) both comprise two servers, the two servers are mutually master and standby, the two servers of the centralized control side production area (101) serve as a communication master station, and the two servers of the power station side production area (201) serve as power station data acquisition terminals.
7. The communication topology of a centralized control power station for a public network as set forth in claim 6, wherein: the communication channel (300) is a satellite public network and is provided with a longitudinal encryption device (301), a router (302) and a switch (303).
8. The method of claim 1 for applying a communication topology of a centralized control plant for public networks, wherein the method comprises the following steps: comprises the steps of (a) preparing a mixture of a plurality of raw materials,
collecting station data with the production area (100) server;
the access area (200) processes the data collected by the production area (100), and transmits the processed data to the production area (100) based on the communication channel (300) and the isolation device (400), so that the interaction of uplink and downlink data on the centralized control side is realized.
9. The method of claim 8, wherein the method comprises: encrypting communication data during communication between said communication channel (300) and said isolation device (400) using an encryption algorithm, said encryption algorithm comprising,
acquiring a first key, a second key and a third key of the encryption algorithm;
encrypting the power station data to be transmitted through the first key to generate first encrypted data;
decrypting the first encrypted data through the second key to generate second encrypted data;
and encrypting the second encrypted data through the third key to generate encrypted power station data.
10. The method of claim 9 for applying a communication topology of a centralized control plant for public networks, wherein the method comprises the steps of: and carrying out integrity verification on the encrypted power station data by using a data integrity algorithm, and if the encrypted power station data is incomplete, forbidding the transmission of the power station data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111430211.5A CN114244719B (en) | 2021-11-29 | 2021-11-29 | Centralized control power station communication topological structure suitable for public network and application method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111430211.5A CN114244719B (en) | 2021-11-29 | 2021-11-29 | Centralized control power station communication topological structure suitable for public network and application method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114244719A true CN114244719A (en) | 2022-03-25 |
| CN114244719B CN114244719B (en) | 2023-11-28 |
Family
ID=80751669
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111430211.5A Active CN114244719B (en) | 2021-11-29 | 2021-11-29 | Centralized control power station communication topological structure suitable for public network and application method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114244719B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040223617A1 (en) * | 2003-05-08 | 2004-11-11 | Corcoran Kevin F. | Power line communication device and method of using the same |
| CN102778874A (en) * | 2012-07-12 | 2012-11-14 | 贵州乌江水电开发有限责任公司 | Joint optimization regulation system for cascade hydropower stations |
| CN104135740A (en) * | 2014-07-28 | 2014-11-05 | 国家电网公司 | Distribution automation wireless communication fault locating method |
| CN106850573A (en) * | 2016-12-30 | 2017-06-13 | 南京天谷电气科技有限公司 | A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission |
| WO2017219816A1 (en) * | 2016-06-22 | 2017-12-28 | 中兴通讯股份有限公司 | Data transmission method and network address translation device |
| CN107947357A (en) * | 2017-10-20 | 2018-04-20 | 国电南瑞科技股份有限公司 | A kind of power distribution automation data acquisition device and method based on secure accessing area |
| CN208190679U (en) * | 2018-04-29 | 2018-12-04 | 云南电网有限责任公司 | Electric power data public network safe communication system |
| WO2019029665A1 (en) * | 2017-08-11 | 2019-02-14 | 华为技术有限公司 | Communication method, access network device and terminal |
| CN110912872A (en) * | 2019-11-04 | 2020-03-24 | 国网思极神往位置服务(北京)有限公司 | New energy power plant dispatching data acquisition system based on Beidou electric power application |
| US20200162330A1 (en) * | 2018-11-20 | 2020-05-21 | Cisco Technology, Inc. | Extending center cluster membership to additional compute resources |
| CN111541698A (en) * | 2020-04-24 | 2020-08-14 | 广东纬德信息科技股份有限公司 | Data acquisition system and data acquisition method based on power distribution |
| CN112787836A (en) * | 2019-11-07 | 2021-05-11 | 比亚迪股份有限公司 | Information security network topology and method for implementing information security |
-
2021
- 2021-11-29 CN CN202111430211.5A patent/CN114244719B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040223617A1 (en) * | 2003-05-08 | 2004-11-11 | Corcoran Kevin F. | Power line communication device and method of using the same |
| CN102778874A (en) * | 2012-07-12 | 2012-11-14 | 贵州乌江水电开发有限责任公司 | Joint optimization regulation system for cascade hydropower stations |
| CN104135740A (en) * | 2014-07-28 | 2014-11-05 | 国家电网公司 | Distribution automation wireless communication fault locating method |
| WO2017219816A1 (en) * | 2016-06-22 | 2017-12-28 | 中兴通讯股份有限公司 | Data transmission method and network address translation device |
| CN106850573A (en) * | 2016-12-30 | 2017-06-13 | 南京天谷电气科技有限公司 | A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission |
| WO2019029665A1 (en) * | 2017-08-11 | 2019-02-14 | 华为技术有限公司 | Communication method, access network device and terminal |
| CN107947357A (en) * | 2017-10-20 | 2018-04-20 | 国电南瑞科技股份有限公司 | A kind of power distribution automation data acquisition device and method based on secure accessing area |
| CN208190679U (en) * | 2018-04-29 | 2018-12-04 | 云南电网有限责任公司 | Electric power data public network safe communication system |
| US20200162330A1 (en) * | 2018-11-20 | 2020-05-21 | Cisco Technology, Inc. | Extending center cluster membership to additional compute resources |
| CN110912872A (en) * | 2019-11-04 | 2020-03-24 | 国网思极神往位置服务(北京)有限公司 | New energy power plant dispatching data acquisition system based on Beidou electric power application |
| CN112787836A (en) * | 2019-11-07 | 2021-05-11 | 比亚迪股份有限公司 | Information security network topology and method for implementing information security |
| CN111541698A (en) * | 2020-04-24 | 2020-08-14 | 广东纬德信息科技股份有限公司 | Data acquisition system and data acquisition method based on power distribution |
Non-Patent Citations (1)
| Title |
|---|
| 程琦;黄太贵;: "基于无线公网VPN的电力监控系统安全接入区研究", 电气自动化, no. 05 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114244719B (en) | 2023-11-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109257327B (en) | Communication message safety interaction method and device for power distribution automation system | |
| CN106789015B (en) | Intelligent power distribution network communication safety system | |
| CN106708489A (en) | Debugging method and system of equipment | |
| CN102111265A (en) | Method for encrypting embedded secure access module (ESAM) of power system acquisition terminal | |
| CN102348205A (en) | Relay device, wireless communications device, network system, program storage medium, and method | |
| CN106302550A (en) | A kind of information security method for intelligent substation automatization and system | |
| CN110300108A (en) | A kind of power distribution automation message encryption transmission method, system, terminal and storage medium | |
| CN104319874A (en) | On-line monitoring system and method for status of power transmission line of intelligent power grid | |
| CN108881327A (en) | A kind of computer internet information safety control system based on cloud computing | |
| CN104506500A (en) | GOOSE message authentication method based on transformer substation | |
| CN112270020B (en) | Terminal equipment safety encryption device based on safety chip | |
| CN110912877A (en) | Data transmitting and receiving method and device based on IEC61850 model in transformer substation | |
| CN104853354A (en) | Bluetooth authentication method and system thereof | |
| CN108650096A (en) | A kind of industrial field bus control system | |
| CN104821879B (en) | A kind of encryption method in electric power system data transfer | |
| CN113987525A (en) | System data protection method based on block cipher algorithm | |
| CN106506764B (en) | multi-mobile-phone remote control system and method | |
| CN109547303A (en) | Control method and relevant device | |
| CN110278077B (en) | Method, device, equipment and storage medium for acquiring data information of electric energy meter | |
| CN112087301A (en) | Gas meter safety certification system based on state cryptographic algorithm | |
| CN114244719A (en) | Centralized control power station communication topological structure suitable for public network and application method thereof | |
| CN107888598B (en) | Nuclear power station electrical secondary system information safety risk evaluation system and method | |
| WO2022078058A1 (en) | Decryption method, server and storage medium | |
| CN114500064B (en) | Communication security verification method and device, storage medium and electronic equipment | |
| CN111953685A (en) | Dynamic electric power monitoring network security analysis system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |