CN209765723U - Safety certification system for power line carrier - Google Patents
Safety certification system for power line carrier Download PDFInfo
- Publication number
- CN209765723U CN209765723U CN201920539762.7U CN201920539762U CN209765723U CN 209765723 U CN209765723 U CN 209765723U CN 201920539762 U CN201920539762 U CN 201920539762U CN 209765723 U CN209765723 U CN 209765723U
- Authority
- CN
- China
- Prior art keywords
- module
- concentrator
- authentication
- carrier
- main control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000006854 communication Effects 0.000 claims abstract description 27
- 230000005611 electricity Effects 0.000 claims description 22
- 238000004891 communication Methods 0.000 claims description 15
- 230000005540 biological transmission Effects 0.000 claims description 11
- 239000000835 fiber Substances 0.000 claims description 4
- 238000000034 method Methods 0.000 abstract description 7
- 238000012545 processing Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000005265 energy consumption Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 239000000969 carrier Substances 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000007935 neutral effect Effects 0.000 description 1
- 230000008054 signal transmission Effects 0.000 description 1
Landscapes
- Cable Transmission Systems, Equalization Of Radio And Reduction Of Echo (AREA)
Abstract
The application relates to a safety certification system of power line carrier, the system includes: the system comprises a main station, a concentrator authentication module and an ammeter authentication module; the ammeter authentication module and the master station are both connected with the concentrator authentication module; the concentrator authentication module comprises a concentrator, and the electric meter authentication module comprises an electric meter; the concentrator authentication module also comprises a network module and a concentrator carrier module; the electric meter authentication module further comprises an electric meter carrier module. In the working process of the safety authentication system of the power carrier, after the equipment identity authentication among the master station, the concentrator authentication module and the ammeter authentication module is passed, the concentrator authentication module and the ammeter authentication module perform key agreement, and a session key used for encrypting the sensitive data communicated by the concentrator authentication module and the ammeter authentication module is determined, so that the sensitive data is prevented from being tampered, hijacked or leaked in the power carrier communication process, and the safety degree of the power carrier communication process is further improved.
Description
Technical Field
The present application relates to the field of power communication technologies, and in particular, to a security authentication system for power line carriers.
Background
Power Line Communication (PLC) is short for Power line Communication. The power carrier communication is a communication method specific to a power system, and is a technology for transmitting an analog or digital signal at a high speed by a carrier method using an existing power line. The method has the greatest characteristic that data transmission can be carried out only by wires without erecting a network again.
However, in the existing power line carrier communication process, security protection on transmitted data is often lacked, which also makes the power line carrier communication process vulnerable or sensitive data easily leaked, thereby affecting the data security of the power system.
therefore, the problem of low safety degree exists in the existing power carrier communication process.
disclosure of Invention
In view of the above, it is desirable to provide a security authentication system for a power carrier that can improve the security of power carrier communication.
A system for secure authentication of a power carrier, the system comprising: the system comprises a main station, a concentrator authentication module and an ammeter authentication module; the ammeter authentication module and the master station are both connected with the concentrator authentication module; the concentrator authentication module comprises a concentrator, and the electric meter authentication module comprises an electric meter;
The concentrator authentication module also comprises a network module and a concentrator carrier module; one end of the network module is in network communication connection with the master station; the other end of the network module is connected with one end of the concentrator; the other end of the concentrator is connected with the concentrator carrier module; the concentrator carrier module consists of a first main control submodule and a concentrator authentication submodule; the first main control sub-module is connected with the concentrator authentication sub-module; the first main control sub-module is provided with a first data interface and a first power interface; the other end of the concentrator is connected with a first data interface of the concentrator carrier module;
The ammeter authentication module also comprises an ammeter carrier module; the ammeter carrier module consists of a second main control sub-module and an ammeter authentication sub-module; the second main control sub-module is connected with the ammeter authentication sub-module; the second main control sub-module is provided with a second data interface and a second power interface; the second power interface of the ammeter carrier module is connected with the first power interface of the concentrator carrier module; and a second data interface of the electric meter carrier module is connected with a data end of the electric meter.
In the working process of the safety authentication system of the power carrier, before sensitive data transmission is carried out, the master station and the concentrator authentication module carry out first-pass equipment identity authentication, and when the first-pass equipment identity authentication is passed, the concentrator authentication module and the ammeter authentication module carry out second-pass equipment identity authentication; realizing the step-by-step transmission of the trust chain; after the equipment identity authentication among the master station, the concentrator authentication module and the electric meter authentication module is passed, the concentrator authentication module and the electric meter authentication module perform key agreement to determine sensitive data for communicating the concentrator authentication module and the electric meter authentication module, such as user electricity consumption data, and an encrypted session key, so that the sensitive data is prevented from being tampered, hijacked or leaked in the power carrier communication process, and the safety degree of the power carrier communication process is improved.
In one embodiment, the concentrator authentication sub-module is a first security chip; the first main control sub-module comprises: the device comprises a first carrier acquisition element and a first main control chip; the first carrier acquisition element and the first security chip are both connected with the first main control chip.
In one embodiment, the electric meter authentication sub-module is a second security chip; the second main control sub-module comprises: the second carrier acquisition element and the second main control chip; the second carrier acquisition element and the second security chip are both connected with the second main control chip.
in one embodiment, the first security chip is CSGDX-SEC-201701 in model number.
In one embodiment, the network module comprises: at least one of a GPRS module, a 4G module, an Ethernet module and a fiber optic module.
In one embodiment, the second power interface of the electricity meter carrier module is connected with the first power interface of the concentrator carrier module through a power line.
In one embodiment, the first power interface: comprises a zero line interface and a live line interface.
In one embodiment, the concentrator and the concentrator carrier module adopt a communication mode of UART (universal asynchronous receiver/transistor) connection with TTL (transistor-transistor logic) or RS 485.
In one embodiment, the first secure chip is configured to store a storage device authentication key, a session key, a certificate file, and sensitive data.
In one embodiment, the electric meter authentication sub-module is used for performing asymmetric encryption transmission on the user electricity consumption data generated by the electric meter.
Drawings
Fig. 1 is a diagram illustrating an application environment of a security authentication system for a power line carrier according to an embodiment;
Fig. 2 is a schematic structural diagram of a security authentication system of a power carrier in an embodiment.
Detailed Description
In order to make the above objects, features and advantages of the present invention more comprehensible, embodiments of the present invention are described in detail below with reference to the accompanying drawings. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein, as those skilled in the art will be able to make similar modifications without departing from the spirit and scope of the present invention.
In the description of the present invention, it is to be understood that the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implying any number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "a plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
In the description of the present invention, it is to be understood that when an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present. In contrast, when an element is referred to as being "directly connected" to another element, there are no intervening elements present.
The power carrier security authentication system provided by the application can be applied to the application environment shown in fig. 1. The monitoring master station 110 is connected to the concentrator authentication module 120 through a network; the concentrator authentication module 120 and the electricity meter authentication module 130 are connected through a power line.
A system for secure authentication of a power carrier, as shown in fig. 2, the system comprising: a main station 110, a concentrator authentication module 120, and an electricity meter authentication module 130; the electric meter authentication module 130 and the main station 110 are both connected with the concentrator authentication module 120; the concentrator authentication module 120 includes a concentrator 220, and the electricity meter authentication module 130 includes an electricity meter 270;
the concentrator authentication module 120 further includes a network module 210 and a concentrator carrier module 230; one end of the network module 210 is in network communication connection with the master station 110; the other end of the network module 210 is connected to one end of the concentrator 220; the other end of the concentrator 220 is connected to a concentrator carrier module 230; the concentrator carrier module 230 is composed of a first main control sub-module 240 and a concentrator authentication sub-module 243; the first main control sub-module 240 is connected with the concentrator authentication sub-module 243; the first main control sub-module 240 is provided with a first data interface and a first power interface; the other end of the concentrator is connected with a first data interface of the concentrator carrier module;
The electric meter authentication module 130 further comprises an electric meter carrier module 250; the electric meter carrier module 250 consists of a second main control sub-module 260 and an electric meter authentication sub-module 253; the second main control sub-module 260 is connected with the electric meter authentication sub-module 253; the second main control sub-module 260 is provided with a second data interface and a second power interface; the second power interface of the electricity meter carrier module 250 is connected with the first power interface of the concentrator carrier module 230; the second data interface of the electric meter carrier module 250 is connected with the data end of the electric meter 270.
Further, the concentrator authentication module 120 further includes a network module 210 and a concentrator carrier module 230; one end of the network module 210 is in communication connection with the master station 110 through a network, for example, a cellular network, an ethernet network, etc.; the other end of the network module 210 is electrically connected to one end of the concentrator 220; the other end of the concentrator 220 is electrically connected to the concentrator carrier module 230; the concentrator carrier module 230 is composed of a first main control sub-module 240 and a concentrator authentication sub-module 243; the first main control sub-module 240 is electrically connected to the concentrator authentication sub-module 243; the first main control sub-module 240 is provided with a first data interface and a first power interface; the other end of the concentrator is electrically connected with a first data interface of the concentrator carrier module;
the electric meter authentication module 130 further comprises an electric meter carrier module 250; the electric meter carrier module 250 consists of a second main control sub-module 260 and an electric meter authentication sub-module 253; the second main control sub-module 260 is electrically connected with the electric meter authentication sub-module 253; the second main control sub-module 260 is provided with a second data interface and a second power interface; the second power interface of the electric meter carrier module 250 is electrically connected to the first power interface of the concentrator carrier module 230; the second data interface of the electric meter carrier module 250 is electrically connected with the data terminal of the electric meter 270.
In the working process of the safety authentication system of the power carrier, before sensitive data transmission is carried out, the master station and the concentrator authentication module carry out first-pass equipment identity authentication, and when the first-pass equipment identity authentication is passed, the concentrator authentication module and the ammeter authentication module carry out second-pass equipment identity authentication; realizing the step-by-step transmission of the trust chain; after the equipment identity authentication among the master station, the concentrator authentication module and the electric meter authentication module is passed, the concentrator authentication module and the electric meter authentication module perform key agreement to determine sensitive data for communicating the concentrator authentication module and the electric meter authentication module, such as user electricity consumption data, and an encrypted session key, so that the sensitive data is prevented from being tampered, hijacked or leaked in the power carrier communication process, and the safety degree of the power carrier communication process is improved.
in another embodiment, the concentrator authentication sub-module 243 is a first security chip; the first main control sub-module 240 includes: a first carrier collection element 241 and a first master control chip 242; the first carrier acquisition element 241 and the first security chip are both connected to the first main control chip 242.
Further, the concentrator authentication sub-module 243 is a first security chip; the first main control sub-module 240 includes: a first carrier collection element 241 and a first master control chip 242; the first carrier collection element 241 and the first security chip are electrically connected to the first main control chip 242. The first main control chip 242 may be an embedded chip or a single chip or other low-power-consumption high-performance processing chip, so that the concentrator authentication sub-module 243 has the advantages of high-speed data processing capability and low energy consumption.
In another embodiment, the electric meter authentication sub-module 253 is a second security chip; the second main control sub-module 260 includes: a second carrier collection element 251 and a second main control chip 251; the second carrier acquisition element 251 and the second security chip are both connected to the second main control chip 252.
Further, the electric meter authentication sub-module 253 is a second security chip; the second main control sub-module 260 includes: a second carrier collection element 251 and a second main control chip 251; the second carrier collection element 251 and the second security chip are electrically connected to the second main control chip 252. The second main control chip 251 may be an embedded chip or a single chip or other low-power-consumption high-performance processing chip, so that the electric meter authentication sub-module 253 has the advantages of high-speed data processing capability and low energy consumption.
in another embodiment, the first security chip is model number CSGDX-SEC-201701.
Furthermore, the CSGDX-SEC-201701 adopts a state cipher algorithm, so that the security function of encryption and decryption of the equipment identity authentication data is realized, the attack of known and unknown malicious codes can be resisted, and the security degree of the power carrier communication process can be further improved by using the CSGDX-SEC-201701 as a security chip.
In addition, the second security chip 252 has a model number of CSGDX-SEC-201701.
In another embodiment, the network module 210 includes: at least one of a GPRS module, a 4G module, an Ethernet module and a fiber optic module.
Further, the network module 210 may be at least one of a GPRS module, a 4G module, an ethernet module, and a fiber optic module. Realize the master station
In another embodiment, the second power interface of the electricity meter carrier module 250 is connected to the first power interface of the concentrator carrier module 230 via a power line.
Further, the second power interface of the electricity meter carrier module 250 is connected with the first power interface of the concentrator carrier module 230 through a power line. The technology of carrying out high-speed transmission on analog or digital signals in the ammeter carrier module 250 and the concentrator carrier module 230 in a carrier mode by using the existing power line. The method has the greatest characteristic that data transmission can be carried out only by wires without erecting a network again.
In another embodiment, the first power interface: comprises a zero line interface and a live line interface.
Further, the power line interface module 221 includes a neutral line interface and a live line interface. Therefore, the power carrier system can be directly connected with a zero line power line and a live line power line in a power supply network through the power line interface module 221, and power carrier communication is realized.
In another embodiment, the concentrator 220 and the concentrator carrier module 230 communicate via UART interface TTL or RS 485.
Further, the concentrator 220 and the concentrator carrier module 230 adopt a communication mode of UART connection to TTL level (an asynchronous transceiving mode) or RS485 (an intelligent instrument interface), so as to realize efficient signal transmission between the concentrator 220 and the concentrator carrier module 230.
In another embodiment, the first secure chip is configured to store a storage device authentication key, a session key, a certificate file, and sensitive data.
Furthermore, the first security chip is used for storing secret-related data of the storage device in the power carrier communication transmission process, such as an authentication key, a session key, a certificate file, sensitive data and the like, so that the security degree of the power carrier communication process is improved.
In another embodiment, the electric meter authentication sub-module 253 is used for performing asymmetric encryption transmission on the user electricity consumption data generated by the electric meter.
Further, after the user electricity consumption data generated by the electricity meter, the electricity meter authentication sub-module 253 asymmetrically encrypts the user electricity consumption data and transmits the user electricity consumption data to the concentrator authentication module through the power line, and finally the concentrator authentication module transmits the encrypted user electricity consumption data to the main station 110, so that the user electricity consumption data is prevented from being leaked or tampered, and the safety degree of the power carrier communication process is further improved.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only represent some embodiments of the present invention, and the description thereof is specific and detailed, but not to be construed as limiting the scope of the present invention. It should be noted that, for those skilled in the art, without departing from the spirit of the present invention, several variations and modifications can be made, which are within the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the appended claims.
Claims (10)
1. a system for secure authentication of a power carrier, the system comprising: the system comprises a main station, a concentrator authentication module and an ammeter authentication module; the ammeter authentication module and the master station are both connected with the concentrator authentication module; the concentrator authentication module comprises a concentrator, and the electric meter authentication module comprises an electric meter;
The concentrator authentication module also comprises a network module and a concentrator carrier module; one end of the network module is in network communication connection with the master station; the other end of the network module is connected with one end of the concentrator; the other end of the concentrator is connected with the concentrator carrier module; the concentrator carrier module consists of a first main control submodule and a concentrator authentication submodule; the first main control sub-module is connected with the concentrator authentication sub-module; the first main control sub-module is provided with a first data interface and a first power interface; the other end of the concentrator is connected with a first data interface of the concentrator carrier module;
The ammeter authentication module also comprises an ammeter carrier module; the ammeter carrier module consists of a second main control sub-module and an ammeter authentication sub-module; the second main control sub-module is connected with the ammeter authentication sub-module; the second main control sub-module is provided with a second data interface and a second power interface; the second power interface of the ammeter carrier module is connected with the first power interface of the concentrator carrier module; and a second data interface of the electric meter carrier module is connected with a data end of the electric meter.
2. The system according to claim 1, wherein the concentrator authentication sub-module is a first security chip; the first main control sub-module comprises: the device comprises a first carrier acquisition element and a first main control chip; the first carrier acquisition element and the first security chip are both connected with the first main control chip.
3. The power carrier safety certification system according to claim 1, wherein the electric meter certification submodule is a second safety chip; the second main control sub-module comprises: the second carrier acquisition element and the second main control chip; the second carrier acquisition element and the second security chip are both connected with the second main control chip.
4. The system according to claim 2, wherein the first security chip has a model number of CSGDX-SEC-201701.
5. The system according to claim 1, wherein the network module comprises: at least one of a GPRS module, a 4G module, an Ethernet module and a fiber optic module.
6. The system according to claim 1, wherein the second power interface of the electricity meter carrier module is connected to the first power interface of the concentrator carrier module via a power line.
7. The system according to claim 1, wherein the first power interface: comprises a zero line interface and a live line interface.
8. The system of claim 1, wherein the concentrator and the concentrator carrier module use UART-to-TTL or RS485 communication.
9. The system of claim 2, wherein the first security chip is configured to store a device authentication key, a session key, a credential file, and sensitive data.
10. The system of claim 1, wherein the meter authentication sub-module is configured to perform asymmetric encrypted transmission of the user electricity data generated by the electricity meter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201920539762.7U CN209765723U (en) | 2019-04-19 | 2019-04-19 | Safety certification system for power line carrier |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201920539762.7U CN209765723U (en) | 2019-04-19 | 2019-04-19 | Safety certification system for power line carrier |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN209765723U true CN209765723U (en) | 2019-12-10 |
Family
ID=68759909
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201920539762.7U Active CN209765723U (en) | 2019-04-19 | 2019-04-19 | Safety certification system for power line carrier |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN209765723U (en) |
-
2019
- 2019-04-19 CN CN201920539762.7U patent/CN209765723U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN205792618U (en) | Optical OFDM system based on one-dimensional chaos sequence mapping encrypting | |
| CN208539929U (en) | A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm | |
| CN113114460B (en) | Quantum encryption-based power distribution network information secure transmission method | |
| CN108683665A (en) | Data ciphering method, system in fiber optic communication and data transmitting equipment | |
| CN110401530A (en) | A kind of safety communicating method of gas meter, flow meter, system, equipment and storage medium | |
| CN109194701B (en) | Data processing method and device | |
| CN113542428B (en) | Vehicle data uploading method and device, vehicle, system and storage medium | |
| CN101360101A (en) | Data transmission method for remote meter reading system | |
| KR102135710B1 (en) | Hardware secure module | |
| CN103338111A (en) | Electronic equipment, electronic equipment pairing system and electronic equipment pairing method | |
| CN112398894A (en) | Safety verification method and device for vehicle | |
| CN110049045B (en) | Safety certification system for power line carrier | |
| CN105847001A (en) | Device, system and method for digital microwave communication based on quantum encryption | |
| CN109412797B (en) | Key negotiation method and client based on bit error rate decision state base | |
| CN110855312A (en) | Be applied to quality of water intellectual detection system wireless communication module | |
| CN109525560A (en) | Information transferring method and client based on the negated mapping of ciphertext | |
| CN209765723U (en) | Safety certification system for power line carrier | |
| CN110278077B (en) | Method, device, equipment and storage medium for acquiring data information of electric energy meter | |
| CN110278068B (en) | LoRa communication encryption system based on chaos sequence | |
| CN109413644B (en) | LoRa encryption authentication communication method, storage medium and electronic terminal | |
| CN208707655U (en) | A kind of power distribution automation key agreement system | |
| CN113795023B (en) | Bluetooth data transmission encryption method based on chaotic sequence and packet encryption | |
| CN106487761A (en) | A kind of method for message transmission and the network equipment | |
| CN109495167A (en) | Client and Integrity Key machinery of consultation based on the bit error rate | |
| CN114362997A (en) | Data transmission method and device for intelligent equipment of transformer substation, intelligent equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 510000 No. 11 Kexiang Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee after: CHINA SOUTHERN POWER GRID Co.,Ltd. Country or region after: China Patentee after: Southern Power Grid Digital Grid Research Institute Co.,Ltd. Address before: 510000 No. 11 Kexiang Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee before: CHINA SOUTHERN POWER GRID Co.,Ltd. Country or region before: China Patentee before: Southern Power Grid Digital Grid Research Institute Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240313 Address after: 518101, 3rd Floor, Building 40, Baotian Industrial Zone, Chentian Community, Xixiang Street, Bao'an District, Shenzhen City, Guangdong Province Patentee after: China Southern Power Grid Digital Platform Technology (Guangdong) Co.,Ltd. Country or region after: China Address before: 510000 No. 11 Kexiang Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee before: CHINA SOUTHERN POWER GRID Co.,Ltd. Country or region before: China Patentee before: Southern Power Grid Digital Grid Research Institute Co.,Ltd. |
|
| TR01 | Transfer of patent right |