JP2006171895A - Surveillance control system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To obtain a wide area distributed surveillance control system for protecting unauthorized access such as eavesdropping and tampering by securing the security of communication between a controller for controlling surveillance of objects for surveillance control and sensor nodes. <P>SOLUTION: The surveillance control system, in which the sensor nodes 22 and 24 acquire surveillance data of the objects 25 for surveillance control while the sensor node 22 transmits the surveillance data via a public network 21 to the controller 15. The sensor node 24 transmits the surveillance data via a radio network 23, to the controller 15. The controller 15 controls the objects 25 for surveillance control based on the surveillance data while a surveillance control data management system 13 stores the surveillance data in a data storage device 14. The controller 15 also transfers a control command from a surveillance control terminal 11 connected with a network 16 dedicated for surveillance control to the objects 25 for surveillance control. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

The present invention relates to a monitoring control system in which a controller for monitoring and controlling a monitoring control target, and sensor nodes for measuring the status of the monitoring control target equipment and the environmental state are distributed in a geographically or network wide area. It is.

In a conventional wide area distributed monitoring control system using a remote controller / sensor node, a remote controller that monitors and controls a remote monitoring control target, management of monitoring data from the remote controller, and control of the monitoring control target For communication via a public network with a host system that transmits control data to the controller, the communication data is encrypted or the communication data is filtered by the gateway device in order to ensure the safety of the communication. And so on.
In patent document 1, the subsystem which controls the installation which is the object of monitoring control, and the host system of the monitoring control system communicate via the Internet which is a public network,
In order to ensure the safety of this communication, what encrypts communication data is shown.

JP 2000-305621 A (pages 3 to 5, FIG. 1)

As described above, for communication between a remote controller as a subsystem of a monitoring control system that monitors and controls a remote monitoring control target, and a host system of the monitoring control system,
Although measures have been taken to ensure the safety of the communication, the safety of the communication between the controller and the sensor node has been insufficient.
In recent years, as the functionality of sensor nodes has increased, the role of the sensor nodes has become more advanced, and the sensor node alone has taken on more functions. In connection with this, it has become necessary to arrange sensor nodes in a wider range and perform more various measurements. In addition to this, the functions that the controller has been responsible for have been partially covered, such as data communication with other devices.
For this reason, communication between the sensor node and the controller is often impossible due to cost and physical use only with a dedicated network, and a public network such as the Internet or a wireless network is not available. There is a need to consider using it. For this reason, it is necessary to give sufficient consideration to the safety of the communication between the controller and the sensor node.

The present invention has been made in order to solve the above-described problems, and improves communication safety between a controller that monitors and controls a monitoring control target and a sensor node that measures the state of the monitoring control target. It is an object of the present invention to obtain a wide area distributed monitoring control system that prevents unauthorized access such as wiretapping or tampering of communication by securing the communication.

In the monitoring control system according to the present invention, a plurality of sensor nodes that acquire monitoring data from a monitoring control target, and monitoring data are transmitted from the sensor nodes via a wide area network, and monitoring control is performed based on the transmitted monitoring data. A controller that monitors and controls the target, and communication via a wide area network between the sensor node and the controller
This is done with encrypted data.

As described above, according to the present invention, a plurality of sensor nodes that acquire monitoring data from a monitoring control target, and monitoring data are transmitted from the sensor nodes via a wide area network, and monitoring control is performed based on the transmitted monitoring data. A controller for monitoring and controlling the target is provided, and communication via the wide area network between the sensor node and the controller is performed by encrypted data, so that the communication data can be prevented from being illegally accessed such as eavesdropping or falsification. .

Embodiment 1 FIG.
A first embodiment of the present invention will be described below with reference to FIG.
FIG. 1 is a block diagram showing a wide area distributed monitoring control system according to Embodiment 1 of the present invention.
In FIG. 1, the monitoring control terminal device 11 has a man-machine interface function of the monitoring control system 1. The operator transmits monitoring and control instructions of the monitoring control system to the system through the console 12 connected to the monitoring control terminal device 11. Monitoring control data management device 1
3 has a data storage device 14 that stores measurement data obtained from the equipment and environment to be monitored and controlled by the monitoring control system, engineering data necessary for monitoring control, various history data, and the like. And has a function of providing each data of the data storage device 14 in response to a request from the monitoring control terminal device 11 or the controller 15. The monitoring control data management device 13 also has a function of analyzing monitoring data and control data and extracting data useful for monitoring control in the monitoring control system.

The controller 15 has a function of controlling each facility by obtaining monitoring data from the facility / environment to be monitored and analyzing the data. Also, the function of collectively transmitting the data to the supervisory control data management device 13 and the control instruction given by the operator from the supervisory control terminal device 11 are received via the supervisory control data management device 13 and in accordance with the control instruction. Specific control is performed on the equipment to be controlled.
The monitoring control terminal device 11, the monitoring control data management device 13, and the controller 15 communicate via a monitoring control dedicated network 16. Since the monitoring control dedicated network 16 is not directly connected to an external network, measures such as encryption are not performed for communication within the monitoring control dedicated network 16. The controller 15 receives the monitoring data obtained from the equipment and environment of the monitoring control target 25 by the sensor nodes 22 and 24 arranged in a wide area geographically or network. In addition, the controller 15 transmits monitoring method instructions and the like to the sensor nodes 22 and 24 as data. The controller 15 and the sensor node 22 communicate with each other via a public network 21 that is a wide area network. The controller 15 and the sensor node 24 communicate with each other via a wireless network 23 that is a wireless wide area network.

Next, the operation will be described.
The controller 15 communicates with the sensor nodes 22 and 24 that are monitoring the monitoring control target 25 via the public network 22 or the wireless network 23.
Since this communication is easily accessible from the outside, there is a high risk of receiving unauthorized access such as eavesdropping and tampering. Therefore, even if an unauthorized access is received, the communication data is encrypted so that an eavesdropper cannot determine the communication content, and the data is transferred between the controller 15 and the sensor nodes 22 and 24. ing.
Further, even if the communication data is falsified, a certain numerical value is determined from the contents of the communication data between the controller 15 and the sensor nodes 22 and 24 so that it can be easily determined from the contents of the communication data. The communication data receiving side compares the communication data with the numerical data embedded in the communication data by deciding the method for deriving the data and embedding the numerical value in the determined position in the communication data. Therefore, it is possible to determine whether the data is correct.

According to the first embodiment, communication between the controller and the sensor node is encrypted, and numerical data is embedded in the communication data, which is verified on the receiving side to determine tampering. Can be prevented from unauthorized access such as eavesdropping and tampering.

Embodiment 2. FIG.
FIG. 2 is a block diagram showing a wide area distributed monitoring control system according to Embodiment 2 of the present invention.
In FIG. 2, reference numerals 1, 11 to 14, 16, 21 to 25 are the same as those in FIG. In FIG. 2, the remote controller 20 is connected to the node gateway 17 that connects the monitoring control dedicated network 16, the public network 21, and the wireless network 23 via the public network 21 and the wireless network 23.

In the first embodiment, the controller 15 is connected to the supervisory control terminal device 11 and the supervisory control data management device 13 which are higher-level devices of the supervisory control system 1 through the supervisory control dedicated network 16. As shown in FIG. 2, the remote controller 20 is installed geographically or network-separated from the higher-level device monitoring control terminal device 11 and the monitoring control data management device 13 of the monitoring control system 1. Is.
In this case, it is often rational for the remote controller 20 and the host device to communicate via the public network 21 or the wireless network 23 both in terms of cost and physically.
In this case, the remote controller 20 and the host device of the monitoring control system 1 communicate via the node gateway 17 connected to both the public network 21 or the wireless network 23 and the monitoring control dedicated network 16. Therefore, the node gateway 17
As for the communication between the remote controller 20 and the remote controller 20, communication with the same measure as that of the first embodiment is performed to ensure the safety of communication of the monitoring control system 1.

According to the second embodiment, the remote controller is installed in a geographically or network-separated place, connected to the monitoring and control dedicated network via the node gateway,
The communication between the remote controller and the node gateway is encrypted, and the numerical data is embedded in the communication data, which is verified on the receiving side to determine whether the tampering has occurred. However, it is possible to prevent unauthorized access such as wiretapping or falsification of communication data.

Embodiment 3 FIG.
FIG. 3 is a conceptual diagram showing data transmission in a wide area distributed monitoring and control system according to Embodiment 3 of the present invention.
In FIG. 3, the transmission side 40 changes the order of the original transmission data 401, and performs the data transmission 501 at a predetermined timing, for example, a fixed time interval, as the transmission data 402 whose transmission order is changed. In 60, the order of the received data 601 received is restored to obtain the received data 602 whose data order is restored.

In the supervisory control system 1 using the wide area distributed controller 15, the remote controller 20, and the sensor nodes 22, 24 of the first embodiment and the second embodiment, between the controller 15, the remote controller 20 and the sensor nodes 22, 24. In many cases, it is not necessary to communicate so frequently, and in this case, the amount of communication data is small.
In the third embodiment, in order to make use of this characteristic and make it difficult to wiretap or tamper with communication,
Measures as shown in FIG. 3 are taken. First, the transmission side 40 divides the encrypted communication data 401 into several pieces, and rearranges the divided transmission data according to a rule determined in advance by the transmission side 40 and the reception side 60. In this order, the transmitting side 40 transmits the divided data.
The transmission timing at this time is data transmission 501 at a timing determined in advance by the transmission side 40 and the reception side 60.
At the receiving side 60, only the data whose transmission time is determined in advance from the received data that has arrived first is adopted, and when all the received data 601 has been received, the data is returned to the original order. By rearranging the received data, the transmitted data is restored.
Can be obtained as

Since this communication method subdivides the communication data, the communication efficiency is reduced to some extent. However, in combination with the data subdivision and the data order being encrypted data, the eavesdropper Has the effect of making it more difficult to decipher. Furthermore, a predetermined timing,
For example, since communication is performed at regular time intervals, other communication data is also mixed between the time intervals, and it is difficult for anyone other than a valid receiver to decipher.

According to the third embodiment, the communication between the controller or the remote controller and the sensor node is performed by rearranging the data and transmitting the divided data sequentially at a predetermined timing. Furthermore, there is an effect that it is difficult for an eavesdropper to decipher.

Embodiment 4 FIG.
FIG. 4 is a diagram showing communication through a public network between a controller and a sensor node in a wide area distributed monitoring and control system according to Embodiment 4 of the present invention.
In FIG. 4, the controller 15 (including the remote controller 20, hereinafter the same) and the sensor node 22 communicate via the public network 21.
FIG. 5 is a diagram showing communication via a wireless network between a controller and sensor nodes in a wide area distributed monitoring and control system according to Embodiment 4 of the present invention.
In FIG. 5, the controller 15 and the sensor node 24 communicate via the wireless network 23.
FIG. 6 is a diagram showing a communication method between a controller and sensor nodes in a wide area distributed monitoring and control system according to Embodiment 4 of the present invention.

In the third embodiment, a measure for protecting communication data from unauthorized access by dividing the communication data has been described. However, in the fourth embodiment, as shown in FIGS. 4 and 5, the controller 15 and the sensor node 22 are protected. In the communication between 24, by using the communication path information,
It is intended to increase the safety of communication.
Communication between the controller 15 and the sensor nodes 22 and 24 usually takes a form of one-to-many communication. However, in the fourth embodiment, the communication between the controller 15 and the plurality of sensor nodes 22 and 24 is performed as one communication path. From the controller 15, each sensor node 22,
24, or a bucket relay type communication sequentially sent from the sensor nodes 22 and 24 to the controller 15 via the sensor nodes.
In this manner, communication data is transmitted by repeatedly performing one-to-one communication between the controller 15 and one sensor node. This communication method is shown in FIG.

In FIG. 6, when communication is performed from the controller 15 to each of the sensor nodes 22 and 24, first, the controller 15 first transmits transmission data (one set of the address of the sensor node that transmits data and the data that is transmitted to the sensor node). For example, transmission data 706) for the first sensor node 1 is generated for each sensor node, and the controller 15 arranges the transmission data for each sensor node in the order of the communication path, and adds the address 705 of the controller itself to the head. Thus, the data is transmitted to the first sensor node as a group of transmission data 701.
The first sensor node that has received the transmission data from the controller 15 analyzes the reception data 702, and if the communication path is confirmed to be a communication path instructed from the controller 15 in advance, the reception data 702 is received. And the transmission data 706 attached to the first sensor node in the reception data is acquired. Then, the first sensor node transmits transmission data 703 obtained by extracting transmission data 706 for the first sensor node from the received data to the second sensor node.
Subsequent sensor nodes repeat the same processing as the first sensor node, and transmit the transmission data from the controller 15 to the last sensor node n.
As a result, the reception data 704 is received.

The communication from the sensor nodes 22 and 24 to the controller 15 is reversed. First, at the last sensor node n of the communication path, the address of the sensor node representing the communication path, the address 805 of the controller 15, and the sensor node n is the controller 15. The data to be transmitted to is generated as a set of transmission data 804. At this time, the data to be transmitted to the controller 15 includes only the data of the last sensor node n in the communication path.
The data of other sensor nodes is sent when the transmission data arrives at that sensor node.
Inserted into transmission data. For example, when the transmission data to the controller 15 reaches the first sensor node, the reception data 803 is analyzed, and when it is confirmed that the communication path information is a communication path instructed from the controller 15 in advance. Data 806 to be transmitted to the controller 15 by the first sensor node is inserted into the transmission data, and the controller 1
5 is transmitted to the controller 15.

Communication between the sensor node and the controller 15 does not always need to be performed, and most of the communication is performed at a certain interval, and this communication method is based on this characteristic. In other words, the controller 15 only needs to transmit data to one sensor node at regular intervals, and since data from the sensor node is transmitted at regular intervals, a large number of communications can be performed simultaneously. There is an advantage that data transmission / reception processing is simplified without reaching.
Also, with this communication method, only data transmitted via a predetermined communication path is recognized as valid communication data, so even if invalid data is transmitted, it is recognized as valid data. This will improve the safety of communication.

According to the fourth embodiment, the controller only needs to transmit data to one sensor node at regular intervals, and the data from the sensor node is sent to the controller at regular intervals. Therefore, there is an advantage that a large number of communications do not arrive at the same time, and data transmission / reception processing is simplified.
In addition, since only data transmitted through a predetermined communication path is recognized as valid communication data, even if invalid data is transmitted, it is not recognized as valid data. Safety is improved.

BRIEF DESCRIPTION OF THE DRAWINGS It is a block diagram which shows the wide area distributed arrangement type | mold monitoring control system by Embodiment 1 of this invention. It is a block diagram which shows the wide area distributed arrangement type | mold monitoring control system by Embodiment 2 of this invention. It is a conceptual diagram which shows the data transmission of the wide area distributed arrangement type | mold supervisory control system by Embodiment 3 of this invention. It is a figure which shows the communication via the public network between the controller and sensor node of the wide area distributed arrangement type | mold monitoring control system by Embodiment 4 of this invention. It is a figure which shows the communication via the radio | wireless network between the controller and sensor node of the wide area distributed arrangement type | mold monitoring and control system by Embodiment 4 of this invention. It is a figure which shows the communication method between the controller and sensor node of the wide area distributed arrangement type monitoring control system by Embodiment 4 of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Monitoring control system 11 Monitoring control terminal device 12 Console 13 Monitoring control data management device 14 Data storage device 15 Controller 16 Monitoring control dedicated network 17 Node gateway 20 Remote controller 21 Public network 22 Sensor node 23 Wireless network 24 Sensor node 25 Monitoring control Target 40 Transmission side 60 Reception side

Claims (4)

A plurality of sensor nodes for acquiring monitoring data from the monitoring control target, and a controller for monitoring and controlling the monitoring control target based on the transmitted monitoring data, wherein the monitoring data is transmitted from the sensor node via the wide area network. The monitoring control system, wherein communication via the wide area network between the sensor node and the controller is performed by encrypted data. A supervisory control terminal device connected to a supervisory control network and having a man-machine interface; and a node gateway connected to connect the wide area network and the supervisory control network; the controller via the wide area network 2. The monitoring control system according to claim 1, wherein communication via the wide area network between the controller and the node gateway is performed by encrypted data while being connected to the node gateway. Communication between the sensor node and the controller via the wide area network is performed by dividing and rearranging the encrypted data on the transmission side and transmitting the rearranged divided data at a predetermined timing. The supervisory control system according to claim 1 or 2, wherein The data communicated between the sensor node and the controller via the wide area network includes route information that sequentially passes through the plurality of sensor nodes, and the data includes the sensor node according to the route information. The monitoring control system according to claim 1, wherein the monitoring control system is sequentially transmitted.

Images