CN101621430A - Portable electric power communication protocol detector and detection method thereof - Google Patents

Portable electric power communication protocol detector and detection method thereof Download PDF

Info

Publication number
CN101621430A
CN101621430A CN200910184018A CN200910184018A CN101621430A CN 101621430 A CN101621430 A CN 101621430A CN 200910184018 A CN200910184018 A CN 200910184018A CN 200910184018 A CN200910184018 A CN 200910184018A CN 101621430 A CN101621430 A CN 101621430A
Authority
CN
China
Prior art keywords
message
analysis
protocol
power communication
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN200910184018A
Other languages
Chinese (zh)
Other versions
CN101621430B (en
Inventor
汪彦
胡永春
程华明
朱重阳
黄飏鲲
张世平
金乃正
许伟国
王金岩
车浩军
安建锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NANJING TUOWEI ELECTRIC POWER TECHNOLOGY DEVELOPMENT Co Ltd
SHAOXING ELECTRIC POWER COMPLETE EQUIPMENT CO
Shaoxing Electric Power Bureau
State Grid Corp of China SGCC
Original Assignee
SHAOXING ELECTRIC POWER COMPLETE EQUIPMENT CO
NANJING TUOWEI ELECTRIC POWER TECHNOLOGY DEVELOPMENT Co Ltd
Shaoxing Electric Power Bureau
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHAOXING ELECTRIC POWER COMPLETE EQUIPMENT CO, NANJING TUOWEI ELECTRIC POWER TECHNOLOGY DEVELOPMENT Co Ltd, Shaoxing Electric Power Bureau filed Critical SHAOXING ELECTRIC POWER COMPLETE EQUIPMENT CO
Priority to CN2009101840180A priority Critical patent/CN101621430B/en
Publication of CN101621430A publication Critical patent/CN101621430A/en
Application granted granted Critical
Publication of CN101621430B publication Critical patent/CN101621430B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Maintenance And Management Of Digital Transmission (AREA)

Abstract

本发明涉及一种便携式电力通信规约检测仪,同时涉及该检测仪的检测方法,属于电力系统通信检测技术领域。该检测仪包括安置在一便携机箱内含有报文侦听器和并行转串行处理器的采集装置和含有CPU、分析系统、分别与CPU连接的输入器和显示器的分析装置;报文侦听器输入端接入电力通信链路,其输出端并行连接于并行转串行处理器输入端;并行转串行处理器输出端串行连接于CPU,报文侦听器和并行转串行处理器的控制端分别连接CPU。该检测方法在对该检测仪配置参数和系统文件后进行分析系统的初始化,然后将侦听到的电力通信链路的报文经过实时网络分析和规约分析后得出分析结果并显示。本发明可以杜绝检测电力通信时丢失报文,从而对电力通信实现真正有效的检测。

Figure 200910184018

The invention relates to a portable power communication protocol detector and a detection method of the detector, belonging to the technical field of power system communication detection. The detector includes an acquisition device containing a message interceptor and a parallel-to-serial processor arranged in a portable case, and an analysis device containing a CPU, an analysis system, an input device and a display respectively connected to the CPU; message interception The input terminal of the device is connected to the power communication link, and its output terminal is connected in parallel to the input terminal of the parallel-to-serial processor; the output terminal of the parallel-to-serial processor is serially connected to the CPU, the message listener and the parallel-to-serial processor The control terminals of the controllers are respectively connected to the CPU. The detection method initializes the analysis system after configuring the parameters and system files of the detector, and then obtains and displays the analysis results after real-time network analysis and protocol analysis of the intercepted messages of the power communication link. The invention can prevent message loss when detecting electric power communication, so as to realize real and effective detection for electric power communication.

Figure 200910184018

Description

便携式电力通信规约检测仪及其检测方法 Portable Power Communication Protocol Detector and Its Detecting Method

技术领域 technical field

本发明涉及一种对电力系统通信及其过程进行实时检测的仪器,同时涉及该检测仪的检测方法,属于电力系统通信检测技术领域。The invention relates to an instrument for real-time detection of power system communication and its process, as well as a detection method of the detector, belonging to the technical field of power system communication detection.

背景技术 Background technique

当前电力系统已普遍采用自动化系统进行监视、控制和调度工作,如能量管理系统EMS、变电站综合自动化系统SCADA等。这些系统的信息来源和控制都依赖网络通信,而且随着基于IEC61850通信体系的数字化变电站的实施和大面积推广,传统的通过电缆连接方式传递测控计量电流电压、断路器和隔离刀闸的控制联闭锁、继电保护跳合闸、启动、闭锁等信号,也已改为通过网络通信方式实现。因此,电力自动化系统的网络通信的正确传送就尤为重要。The current power system has generally adopted automation systems for monitoring, control and scheduling, such as energy management system EMS, substation integrated automation system SCADA, etc. The information source and control of these systems all rely on network communication, and with the implementation and large-scale promotion of digital substations based on the IEC61850 communication system, the traditional control connection of measuring, controlling, measuring current and voltage, circuit breakers and isolating switches through cable connections Blocking, relay protection tripping and closing, starting, blocking and other signals have also been changed to realize through network communication. Therefore, the correct transmission of the network communication of the power automation system is particularly important.

通过近几年对电力自动化系统运行缺陷统计分析发现,因网络通信缺陷导致电力自动化系统运行异常呈上升趋势。这是由于:目前电力自动化系统中的各子系统往往采用多个厂家的不同产品,各厂家对通信规约的理解存在不一致,而且出于某些目的对规约进行修改和扩充的现象也非常普遍;各个厂家在通信规约的实现能力上参差不齐,导致在工程现场修改程序的现象比较平凡,使得产品缺乏足够严格的测试过程以保证通信的可靠性。据发明人所知,荷兰的KEMA咨询公司为国际上标准一致性测试权威机构,但其是实验室测试,无法在工程现场进行测试,也不具备系统健壮性测试,同时,其测试用例与工程现场也不完全一致,而且产品还有在工程现场修改的可能,因此,KEMA的测试结果不足以保证通信的可靠性。Through the statistical analysis of the operation defects of the power automation system in recent years, it is found that the abnormal operation of the power automation system due to network communication defects is on the rise. This is because: at present, each subsystem in the power automation system often uses different products from multiple manufacturers, and the understanding of the communication protocol by each manufacturer is inconsistent, and the phenomenon of modifying and expanding the protocol for certain purposes is also very common; The ability of each manufacturer to realize the communication protocol is uneven, which leads to the relatively ordinary phenomenon of modifying the program on the project site, and makes the product lack a sufficiently strict testing process to ensure the reliability of communication. As far as the inventor knows, KEMA Consulting Company in the Netherlands is an international authority on standard conformance testing, but it is a laboratory test, which cannot be tested on the engineering site, nor does it have system robustness testing. At the same time, its test cases and engineering The site is not completely consistent, and the product may be modified at the engineering site. Therefore, the test results of KEMA are not enough to guarantee the reliability of communication.

现有电力自动化系统在实际运行中的通信故障较多,这些通信故障主要体现在以下几个方面:后台监控事故时动作事件记录不完整,保护测控装置因通信问题引起自复位,通信单元或后台监控功能异常或死机,调度和无人值班集控中心自动化系统收到的数据(报文)不全甚至全部丢失,遥测数据异常跃变,遥信数据异常变位,测控装置防误操作联闭锁故障以及计算机网络遭病毒攻击等等。由于缺乏有效的技术手段,目前维护人员往往只能对这些通信故障进行定性分析,因此不利于综合自动化系统的安全运行。There are many communication failures in the actual operation of the existing power automation system. These communication failures are mainly reflected in the following aspects: the action event record is incomplete during the background monitoring accident, the protection measurement and control device is self-resetting due to communication problems, the communication unit or the background The monitoring function is abnormal or crashes, the data (messages) received by the automation system of the dispatching and unattended centralized control center are incomplete or even lost, the telemetry data changes abnormally, the remote signaling data changes abnormally, and the interlocking failure of the measurement and control device prevents misoperation And the computer network is attacked by viruses and so on. Due to the lack of effective technical means, maintenance personnel can only conduct qualitative analysis on these communication faults, which is not conducive to the safe operation of the integrated automation system.

经检索发现,申请号200610098252.8的中国专利《通讯规约记录分析装置及其分析方法》公开了一种分体式通讯规约记录分析装置,该装置的主要技术方案是一个分布式结构,由分配在各个通信节点的通信记录仪和一个分析管理机组成,通信记录仪和分析管理机之间用单独的以太网连接;在规约记录仪中,串口接入模块、以太网接入模块、CAN网接入模块、LONWORK模块、GPS模块的输出端分别与CPU模块的输入端连接,CPU模块的输出端接装置异常输出模块、大容量存储模块的输入端,键盘显示模块与CPU模块相连接;规约记录装置的输出端接规约分析装置的输入端将记录的内容供规约分析管理机分析。该装置的分析方法主要步骤是:1)通信记录仪的通信记录模块根据通信配置文件对每个需要记录的通信端口的报文经捕捉,并每10分钟保存一个通信端口的原始通信报文,产生一个记录文件;2)通信记录仪的通信记录模块每产生一个记录文件后通知上行通信模块,上行通信模块将主动和分析管理机的下行通信模块通信,将该记录文件上传到分析管理机;3)分析管理机的下行通信模块在完整接收一个记录文件后依据通信配置文件对记录文件进行分类统一存储,此时并不对记录文件进行分析,而是等待用户的选择再进行分析;4)当用户选择分析某个通信端口的某个时间段的通信报文时,分析管理机在进行报文分析时利用通信配置文件取得相应的通信参数信息和规约信息,自动调用相应的规约分析模块来分析记录文件,产生分析结果,并对分析结果经格式化显示;5)规约分析模块的分析方法是,依据规约中报文的格式从记录文件中读取原始报文,然后依据规约对原始报文按照字节和字节组合顺序进行分析,再依据规约对报文和报文之间的关系进行分析。After searching, it is found that the Chinese patent "Communication Protocol Record Analysis Device and Its Analysis Method" with application number 200610098252.8 discloses a split type communication protocol record analysis device. The communication recorder of the node is composed of an analysis management machine, and a separate Ethernet connection is used between the communication recorder and the analysis management machine; in the protocol recorder, the serial port access module, the Ethernet access module, and the CAN network access module The output terminals of the LONWORK module and the GPS module are respectively connected to the input terminals of the CPU module, the output terminal of the CPU module is connected to the abnormal output module of the device, the input terminal of the large-capacity storage module, and the keyboard display module is connected to the CPU module; The output end is connected to the input end of the protocol analysis device, and the recorded content is analyzed by the protocol analysis management machine. The main steps of the analysis method of the device are: 1) the communication recording module of the communication recorder captures the message of each communication port that needs to be recorded according to the communication configuration file, and saves the original communication message of a communication port every 10 minutes, Produce a recording file; 2) the communication recording module of the communication recorder notifies the uplink communication module after every producing a record file, the uplink communication module will actively communicate with the downlink communication module of the analysis management machine, and upload the record file to the analysis management machine; 3) The downlink communication module of the analysis management machine classifies and stores the record files according to the communication configuration file after receiving a record file completely, and does not analyze the record files at this time, but waits for the user's selection to analyze; 4) when When the user chooses to analyze the communication messages of a certain time period of a certain communication port, the analysis management machine uses the communication configuration file to obtain the corresponding communication parameter information and protocol information when analyzing the message, and automatically calls the corresponding protocol analysis module to analyze Record files, generate analysis results, and format and display the analysis results; 5) The analysis method of the protocol analysis module is to read the original message from the record file according to the format of the message in the protocol, and then analyze the original message according to the protocol. Analyze according to the sequence of bytes and byte combinations, and then analyze the relationship between the message and the message according to the protocol.

上述通讯规约记录分析装置及分析方法存在以下问题:The above-mentioned communication protocol record analysis device and analysis method have the following problems:

1)该装置的记录仪所述的各接入模块和存储器并行与CPU模块连接,众所周知,CPU是串行工作方式,当多个接入模块同时高速传送报文到CPU模块时会造成报文丢失。同时CPU模块将多个接入模块传送来的报文传送给存储器进行报文存储,而存储器的数据吞吐量远小于接入模块的速率,又会造成存储时的报文丢失。一旦报文丢失,记录存储的报文就不完整,等出了故障后调阅这些不完整的报文进行分析时就会出错,甚至根本找不到报文产生故障的原因,从而无法进一步查找和排除相应的电网故障,进而造成较大的事故。1) The access modules and memory described in the recorder of the device are connected to the CPU module in parallel. As we all know, the CPU works in serial mode. When multiple access modules transmit messages to the CPU module at high speed at the same time, it will cause message lost. At the same time, the CPU module transmits the messages sent by multiple access modules to the memory for message storage, but the data throughput of the memory is much lower than the rate of the access modules, which will cause message loss during storage. Once the message is lost, the recorded and stored messages will be incomplete, and errors will occur when these incomplete messages are retrieved for analysis after a fault occurs, and the cause of the fault in the message cannot be found at all, so further searches cannot be made And eliminate the corresponding power grid faults, and then cause larger accidents.

2)该装置中所述的某些模块(如CAN网接入模块、LONWORK模块等)只有笼统的名词,没有相关的电路图和实现机制,不知道具体结构是什么,本领域技术人员无法依据专利文件进行制作。2) Some modules described in the device (such as CAN network access module, LONWORK module, etc.) only have general terms, without relevant circuit diagrams and implementation mechanisms, and do not know what the specific structure is, and those skilled in the art cannot rely on the patent file to be produced.

3)该装置是分体式固定装置,需要在各输变电站综合自动化系统种布置多台,成本巨大,不便移动和携带。3) The device is a split-type fixed device, and multiple sets need to be arranged in the comprehensive automation system of each transmission and substation, which is costly and inconvenient to move and carry.

4)该装置是先记录并存储各报文,等出了故障后再调阅存储的历史报文记录来分析报文故障原因,不能实时在线分析报文,难以快速及时地发现导致事故隐患的网络通信故障并找出故障原因,从而实际上对因隐藏的网络通信存在故障所导致的实时电网故障的排除和避免扩大无所作为。4) The device first records and stores each message, and then consults the stored historical message records to analyze the cause of the message failure after a fault occurs. It cannot analyze the message online in real time, and it is difficult to quickly and timely discover the hidden dangers of the accident. Network communication failure and find out the cause of the failure, so in fact, it does nothing to eliminate and avoid the expansion of the real-time power grid failure caused by the hidden network communication failure.

5)该装置的分析管理机所述的分析方法描述模糊不清楚,该分析方法“依据规约对报文按照字节和字节组合顺序进行分析,再依据规约对报文与报文之间的关系进行分析”,非常不全面,没有字节与字节或字节组合之间的关系、字节分支等等;没有环境关联分析、规约符合性分析等。其大部分内容为其所分析的对象和分析的结果,本领域技术人员难以按照该分析方法对记录的报文实现有效的分析。5) The description of the analysis method described by the analysis management machine of the device is vague and unclear. The analysis method "analyzes the message according to the byte and byte combination sequence according to the protocol, and then analyzes the information between the message and the message according to the protocol. It is very incomplete, there is no relationship between bytes and bytes or byte combinations, byte branches, etc.; there is no environmental correlation analysis, protocol compliance analysis, etc. Most of its content is the object to be analyzed and the result of the analysis, and it is difficult for those skilled in the art to effectively analyze the recorded messages according to this analysis method.

发明内容 Contents of the invention

本发明要解决的技术问题是:提出一种真正能对现行电力自动化系统内的所有通信数据进行完整采集和分析的便携式电力通信规约检测仪及其检测方法;利用该检测仪及其检测方法应当能对电力自动化系统的所有报文进行完整采集并分析确定各报文故障的原因及报文故障的地点,从而方便维护人员及时排除与报文故障相应的电网故障和安全隐患,进而提高电力自动化系统运行的安全稳定性。The technical problem to be solved by the present invention is to propose a portable power communication protocol detector and its detection method that can truly collect and analyze all communication data in the current power automation system; using the detector and its detection method should It can completely collect and analyze all the messages of the power automation system to determine the cause of each message failure and the location of the message failure, so as to facilitate the maintenance personnel to eliminate the grid failure and potential safety hazards corresponding to the message failure in time, thereby improving power automation. The safety and stability of system operation.

为了解决上述技术问题,本发明提出的技术方案之一是:一种便携式电力通信规约检测仪,包括安置在一便携机箱内的采集装置和分析装置,所述采集装置含有报文侦听器和并行转串行处理器,所述分析装置含有CPU、分析系统、分别与CPU连接的输入器和显示器;所述报文侦听器的输入端接入电力通信链路,其输出端并行连接于并行转串行处理器的输入端;所述并行转串行处理器的输出端串行连接于CPU,所述报文侦听器和并行转串行处理器的控制端分别连接CPU,所述分析系统含有用于从并行转串行处理器读取所述电力通信链路的报文的采集模块、用于对所述报文进行网络分析的网络分析模块、用于对经网络分析后的报文的应用层进行规约分析的规约分析模块和用于调度和管理所述模块的调度管理模块。In order to solve the above technical problems, one of the technical solutions proposed by the present invention is: a portable power communication protocol detector, including a collection device and an analysis device arranged in a portable case, the collection device contains a message listener and Parallel-to-serial processor, the analysis device contains a CPU, an analysis system, an input device and a display connected to the CPU respectively; the input end of the message listener is connected to the power communication link, and its output end is connected in parallel to the Parallel to the input of the serial processor; the output of the parallel to serial processor is serially connected to the CPU, and the control end of the message listener and the parallel to serial processor are respectively connected to the CPU, the described The analysis system includes an acquisition module for reading the messages of the power communication link from the parallel-to-serial processor, a network analysis module for network analysis of the messages, and a network analysis module for network-analyzed A protocol analysis module for protocol analysis at the application layer of the message, and a scheduling management module for scheduling and managing the modules.

实践表明,由于对电力通信规约的检测是完成对整个电力通信网络数据的侦听,故侦听网口必须工作在混杂模式下,即侦听网口要接受所有通过它的数据流,不管是什么格式,什么地址的。如果采用传统的CPU直接接收数据的方式进行设计,由于CPU对中断处理的限制,在网络数据量较大,特别是小包大量传输的过程中,系统必然产生丢包,且数据包时标无法准确标记。而本发明的检测仪出乎意料地采用并行转串行处理器与各报文侦听器的输出端口并行连接,使得报文输入CPU之前得以缓冲;因此即使侦听的各通信链路报文流量很大,各报文在到达CPU之前也不会存在丢失的可能。同时,又由于本发明检测仪的报文是先经过规约分析模块进行实时规约分析后再存储,因此,即使存储速率较慢时丢失部分报文,也不会影响发现和分析报文故障。Practice has shown that since the detection of the power communication protocol is to complete the interception of the data of the entire power communication network, the listening network port must work in the promiscuous mode, that is, the listening network port must accept all data streams passing through it, whether it is What format, what address. If the traditional method of directly receiving data by the CPU is used for design, due to the limitation of the CPU on interrupt processing, the system will inevitably lose packets when the amount of network data is large, especially when a large number of small packets are transmitted, and the time stamp of the data packets cannot be accurate. mark. And the detector of the present invention unexpectedly adopts the parallel-to-serial processor to be connected in parallel with the output port of each message listener, so that the message can be buffered before the CPU is input; The traffic is very large, and there is no possibility of loss of each packet before reaching the CPU. At the same time, since the messages of the detector of the present invention are stored after the real-time protocol analysis by the protocol analysis module, even if some messages are lost when the storage rate is slow, the detection and analysis of message faults will not be affected.

为了解决上述技术问题,本发明提出的技术方案之二是:一种便携式电力通信规约检测仪的检测方法,包括以下步骤:In order to solve the above-mentioned technical problems, the second technical solution proposed by the present invention is: a detection method of a portable power communication protocol detector, comprising the following steps:

1)启动所述检测仪,通过所述输入器配置待检测电力通信链路的参数和特定规约关联指定并形成系统配置文件;1) Start the detector, configure the parameters of the power communication link to be detected through the input device and specify in association with a specific protocol and form a system configuration file;

2)所述分析系统进行初始化,即所述CPU首先加载调度管理模块、网络分析模块和采集模块,所述调度管理模块依据所述系统配置文件再加载规约分析模块;2) The analysis system is initialized, that is, the CPU first loads a scheduling management module, a network analysis module and an acquisition module, and the scheduling management module loads a protocol analysis module according to the system configuration file;

3)所述报文侦听器通过侦听电力通信链路的报文,并将该报文并行传送至并行转串行处理器,所述并行转串行处理器对并行接收来的报文加入时间戳,并将加入时间戳后的报文进行缓存;3) The message listener listens to the message of the power communication link, and transmits the message to the parallel-to-serial processor in parallel, and the parallel-to-serial processor receives the message in parallel Add a timestamp, and cache the message after adding the timestamp;

4)所述采集模块从并行转串行处理器读取缓存的报文,并将该报文送入网络分析模块;4) the acquisition module reads the cached message from the parallel-to-serial processor, and sends the message to the network analysis module;

5)所述网络分析模块依据OSI模型各协议层语法和语义对送入网络分析模块的报文进行网络语法和语义分析直至该报文的应用层,并将应用层的报文送入规约分析模块,并将网络语法和语义分析结果送往显示界面;5) The network analysis module carries out network syntax and semantic analysis to the message sent into the network analysis module according to the syntax and semantics of each protocol layer of the OSI model until the application layer of the message, and sends the message of the application layer into the protocol analysis module, and send the network syntax and semantic analysis results to the display interface;

6)所述规约分析模块依据规约的语法和语义对所述应用层的报文进行规约语法和语义分析,并将规约语法和语义分析结果送往显示界面。6) The protocol analysis module performs protocol syntax and semantic analysis on the message of the application layer according to the protocol syntax and semantics, and sends the protocol syntax and semantic analysis results to the display interface.

本发明的便携式电力通信规约检测仪按照上述检测方法可以在线实时检测多个待检测的电力通信链路,当发现报文故障后,可以第一时间发现通信故障原因和地点,为及时排除通信故障提供了可能,从而可以避免事故的进一步扩大,减少通信故障对电网正常运行带来的影响。The portable power communication protocol detector of the present invention can detect multiple power communication links to be detected online in real time according to the above detection method. When a message fault is found, the cause and location of the communication fault can be found at the first time, in order to eliminate the communication fault in time It provides the possibility to avoid the further expansion of the accident and reduce the impact of communication failure on the normal operation of the power grid.

综上,本发明的便携式电力通信规约检测仪及其检测方法,不仅改变了现有通讯规约记录分析装置及其分析方法所采用的先记录后分析的状况,从而可以在线实时对各电力通信链路的报文进行分析,并及时捕捉报文故障;而且彻底解决了现有通讯规约记录分析装置存在的丢失报文的问题,从而真正实现对电力通信链路的报文进行完整有效的分析。To sum up, the portable electric power communication protocol detector and its detection method of the present invention not only change the situation of first recording and then analysis adopted by the existing communication protocol recording and analysis device and its analysis method, so that it can perform online real-time analysis of each electric power communication chain. Analyze the messages of the power communication link, and capture the message failure in time; and completely solve the problem of missing messages in the existing communication protocol recording and analysis device, so as to truly realize the complete and effective analysis of the messages of the power communication link.

上述技术方案之一的改进是:所述并行转串行处理器是FPGA处理器或多个协同工作的单片机。An improvement of one of the above technical solutions is: the parallel-to-serial processor is an FPGA processor or a plurality of single-chip computers working together.

上述技术方案之一的进一步改进之一是:所述报文侦听器是交换机端口镜像信号报文侦听器、网络信号报文侦听器、串口信号报文侦听器和MODEM载波信号报文侦听器之一,所述报文侦听器的输入端接入交换机通信链路、网络通信链路、串口电力通信链路和载波电力通信链路之一。One of the further improvements of one of the above technical solutions is: the message listener is a switch port image signal message listener, a network signal message listener, a serial port signal message listener and a MODEM carrier signal message listener One of the message listeners, the input end of the message listener is connected to one of the switch communication link, the network communication link, the serial port power communication link and the carrier power communication link.

上述技术方案之一的进一步改进之二是:所述报文侦听器是交换机端口镜像信号报文侦听器、网络信号报文侦听器、串口信号报文侦听器和MODEM载波信号报文侦听器,该四个报文侦听器的各自输入端分别接入串口电力通信链路、交换机通信链路、网络通信链路和载波电力通信链路。The further improvement two of one of the above technical solutions is: the message listener is a switch port image signal message listener, a network signal message listener, a serial port signal message listener and a MODEM carrier signal message listener. A text listener, the respective input terminals of the four message listeners are respectively connected to the serial port power communication link, the switch communication link, the network communication link and the carrier power communication link.

上述技术方案之一的更进一步改进是:还包括存储器,所述分析系统还含有用于将采集模块读取的报文经过分析系统分析后传送至存储器存储的记录模块。这样,在报文经过分析系统分析后对报文进行保存,以便在事故追忆和反演过程中提供宝贵的现场运行信息,可以起到举一反三的作用。A further improvement of one of the above technical solutions is: it also includes a memory, and the analysis system also includes a recording module for transferring the message read by the acquisition module to the memory for storage after being analyzed by the analysis system. In this way, after the message is analyzed by the analysis system, the message is saved, so as to provide valuable on-site operation information in the process of accident recall and inversion, which can play the role of drawing inferences from one instance.

上述技术方案之一的再进一步改进是:所述分析系统还含有用于对网络分析模块和规约分析模块产生的分析结果进行二次统计分析的统计分析模块。这样,可以使分析结果更加直观化,并可以直观地观察到需要在长期监视并形成值序列后才能发现存在问题。A further improvement of one of the above technical solutions is: the analysis system also includes a statistical analysis module for performing secondary statistical analysis on the analysis results generated by the network analysis module and the protocol analysis module. In this way, the analysis results can be made more intuitive, and it can be observed intuitively that problems can only be discovered after long-term monitoring and formation of value sequences.

上述技术方案之一的又进一步改进是:所述FPGA处理器主要含有型号为ALTERA EP3C25Q240的芯片,该芯片通过千兆的以太网口连接CPU;所述串口报文侦听器是分别提供RS485、RS422和RS232三种通信接口的三合一串口报文侦听器;所述MODEM载波信号报文侦听器含有用于侦听一路MODEM载波电力通信链路的二路MODEM载波接收接口,其二路接收接口分别并接到MODEM载波电力通信链路的一对收、发线上;所述CPU是型号为MPC837的嵌入式处理器。A further improvement of one of the above-mentioned technical solutions is: the FPGA processor mainly contains a chip of ALTERA EP3C25Q240, which is connected to the CPU through a Gigabit Ethernet port; the serial port message listener provides RS485, The three-in-one serial port message listener of RS422 and RS232 three kinds of communication interfaces; Described MODEM carrier signal message listener contains the two-way MODEM carrier receiving interface that is used to listen to one modem carrier power communication link, its two The road receiving interface is respectively connected to a pair of receiving and sending lines of the MODEM carrier power communication link; the CPU is an embedded processor whose model is MPC837.

上述技术方案之一的继续改进是:所述输入器采用键盘、鼠标或触摸屏幕输入器,所述显示器是通用CRT或液晶显示器,所述存储器是通用SSD硬盘;所述报文侦听器的接口总带宽是400Mbps;所述存储器的写盘速度为640Mbps-800Mbps。The continuous improvement of one of the above technical solutions is: the input device adopts keyboard, mouse or touch screen input device, the display is a general CRT or liquid crystal display, and the memory is a general SSD hard disk; The total bandwidth of the interface is 400Mbps; the writing speed of the storage is 640Mbps-800Mbps.

上述技术方案之二的改进之一是:One of the improvements of the above-mentioned technical scheme two is:

----所述第1)步中的特定规约关联指定是选择与待检测电力通信链路的特定规约相应的语法模型文件和语义模型文件;----Specific protocol association designation in step 1) is to select the grammar model file and semantic model file corresponding to the specific protocol of the power communication link to be detected;

----所述第2)步中的规约分析模块是通过语法模型文件和语义模型文件形成特定规约的语法和语义环境并对该特定规约进行语法和语义分析的通用模块;加载规约分析模块是依据系统配置文件中指定的语法模型文件和语义模型文件进行初始化,即生成针对特定规约的协议层、语法分析器、会话通道管理器、语义分析器,随后将协议层组织为协议栈,接着为每个协议层配备相应的语法分析器和会话通道管理器,然后为每个会话通道管理器配置语义分析器;----The protocol analysis module in the 2nd) step is a general module that forms the grammatical and semantic environment of a specific statute through the grammatical model file and the semantic model file and performs grammatical and semantic analysis on the specific statute; loads the statute analysis module It is initialized according to the syntax model file and semantic model file specified in the system configuration file, that is, the protocol layer, syntax analyzer, session channel manager, and semantic analyzer for a specific protocol are generated, and then the protocol layer is organized into a protocol stack, and then Equip each protocol layer with a corresponding syntax analyzer and session channel manager, and then configure a semantic analyzer for each session channel manager;

----所述第6)步中的规约语法和语义分析是,从所述协议栈的底层向上依次在每个协议层对所述应用层的报文使用语法分析器进行语法分析,并将获得的语法分析树传递给会话管理器,由会话管理器将语法分析树分发给会话管理器接收和发送两端的语义分析器进行语义分析,语法分析器和语义分析器分别将剩余应用层的报文和语义分析结果向所述协议栈的上一层传递,由上一层再次进行上述过程,直到到达协议栈的顶端,获得所述应用层报文的分析结果。----The grammatical and semantic analysis of the protocol in the 6th) step is to use a grammatical analyzer to perform grammatical analysis on the message of the application layer in each protocol layer from the bottom layer of the protocol stack upwards, and Pass the obtained syntax analysis tree to the session manager, and the session manager distributes the syntax analysis tree to the semantic analyzers at the receiving and sending ends of the session manager for semantic analysis. The syntax analyzer and the semantic analyzer respectively convert the remaining application layer The message and semantic analysis results are delivered to the upper layer of the protocol stack, and the above process is carried out again by the upper layer until reaching the top of the protocol stack to obtain the analysis result of the application layer message.

上述技术方案之二的改进之二是:The second improvement of the above-mentioned technical scheme two is:

----所述第1)步中的关联指定是选择与待检测电力通信链路的特定规约相应的规约分析模块;----The association designation in the first step) is to select the protocol analysis module corresponding to the specific protocol of the power communication link to be detected;

----所述第2)步中的加载规约分析模块是依据系统配置文件中指定的与特定规约相应的规约分析模块;所述规约分析模块是通过程序设计形成特定规约的语法和语义环境并对特定规约进行语法与语义分析的非通用模块;----The loading protocol analysis module in the step 2) is based on the protocol analysis module corresponding to the specific protocol specified in the system configuration file; the protocol analysis module forms the syntax and semantic environment of the specific protocol through program design A non-generic module that performs grammatical and semantic analysis of specific protocols;

----所述第6)步中的规约语法和语义分析是,所述应用层报文按照字节的bit位、字节的bit位组合、字节或字节组合形成单元报文结构,然后单元报文结构又组合成复合报文结构,再对所述报文结构之间的关系进行语法分析并形成语法分析结果,然后从语法分析结果中提取与上下文环境相关报文结构的值进行语义分析并形成语义分析结果,获得所述应用层报文的分析结果。----The statute syntax and semantic analysis in the step 6) is that the application layer message forms a unit message structure according to the bit of the byte, the bit combination of the byte, the byte or the combination of the byte , then the unit message structure is combined into a compound message structure, and then the relationship between the message structures is parsed to form a parse result, and then the value of the context-related message structure is extracted from the parse result Perform semantic analysis and form a semantic analysis result to obtain the analysis result of the application layer message.

上述技术方案之二的进一步改进是:The further improvement of the above-mentioned technical scheme two is:

----所述第2)步中的加载网络分析模块是,生成针对OSI模型的协议层、语法分析器、会话通道管理器、语义分析器,随后将协议层按照OSI七层模型组织为协议栈,接着为每个协议层配备相应的语法分析器和会话通道管理器,然后为每个会话通道管理器配置语义分析器;----The loading network analysis module in the step 2) is to generate protocol layers, syntax analyzers, session channel managers, and semantic analyzers for the OSI model, and then organize the protocol layers according to the OSI seven-layer model into Protocol stack, then equip each protocol layer with a corresponding syntax analyzer and session channel manager, and then configure a semantic analyzer for each session channel manager;

----所述第5)步中的网络语法和语义分析是,从所述协议栈的底层向上依次在每个协议层使用语法分析器对送入网络分析模块的报文进行语法分析,并将获得的语法分析树传递给会话管理器,由会话管理器将语法分析树分发给会话管理器接收和发送两端的语义分析器进行语义分析,语法分析器和语义分析器分别将剩余的报文和语义分析结果向所述协议栈的上一层传递,由上一层再次进行上述过程,直到到达协议栈的应用层,将应用层报文送入所述规约分析模块进行规约分析,同时获得对送入网络分析模块的报文的分析结果。----The network syntax and semantic analysis in the 5th) step is to use a syntax analyzer at each protocol layer from the bottom layer of the protocol stack up to perform syntax analysis on the message sent to the network analysis module, And pass the obtained syntax analysis tree to the session manager, and the session manager distributes the syntax analysis tree to the semantic analyzers at the receiving and sending ends of the session manager for semantic analysis, and the syntax analyzer and the semantic analyzer respectively convert the remaining report The text and semantic analysis results are delivered to the upper layer of the protocol stack, and the above process is carried out again by the upper layer until the application layer of the protocol stack is reached, and the application layer message is sent to the protocol analysis module for protocol analysis, and at the same time Obtain the analysis result of the message sent to the network analysis module.

上述技术方案之二的更进一步改进是:所述第2)步中分析系统进行初始化时,还加载统计分析模块;还包括有第7)步骤,所述网络分析模块和规约分析模块将分析结果送给统计分析模块进行统计分析,所述统计分析是将分析结果中的部分报文结构的值提取出来形成图表,在至少两帧报文后将提取出来的值进行运算和比较并形成统计结果,将统计结果送往显示界面。这样,用户可以直观地观察到需要在长期监视并形成值序列后才能发现存在问题。The further improvement of the above-mentioned technical solution two is: when the analysis system in the 2nd step is initialized, the statistical analysis module is also loaded; the 7th) step is also included, and the network analysis module and the protocol analysis module will analyze the results Send it to the statistical analysis module for statistical analysis. The statistical analysis is to extract the values of part of the message structure in the analysis results to form a chart. After at least two frames of messages, the extracted values are calculated and compared to form a statistical result , and send the statistical results to the display interface. In this way, the user can intuitively observe that it takes a long time to monitor and form a sequence of values before discovering that there is a problem.

上述技术方案之二的再进一步改进是:所述语法分析模型文件和语义分析模型文件是预设或现场通过输入器导入所述规约分析模块内。The further improvement of the second technical solution is: the syntax analysis model file and the semantic analysis model file are preset or imported into the protocol analysis module through an input device on site.

上述技术方案之二的又进一步改进是:所述第2)步中分析系统进行初始化时,还加载记录模块;所述步骤4)中,所述记录模块将采集模块读取的报文经过分析系统分析后传送至存储器存储。The further improvement of the above-mentioned technical solution two is: when the analysis system is initialized in the 2nd step, the recording module is also loaded; in the step 4), the recording module analyzes the message read by the acquisition module After system analysis, it is transferred to the memory for storage.

上述技术方案之二的完善是:所述调度管理模块依据所述系统配置文件对报文侦听器和并行转串行处理器的工作参数进行设置。The improvement of the second technical solution is: the scheduling management module sets the working parameters of the message listener and the parallel-to-serial processor according to the system configuration file.

附图说明Description of drawings

下面结合附图对本发明的便携式电力通信规约检测仪作进一步说明。The portable power communication protocol detector of the present invention will be further described below in conjunction with the accompanying drawings.

图1是本发明实施例便携式电力通信规约检测仪的结构框图。Fig. 1 is a structural block diagram of a portable power communication protocol detector according to an embodiment of the present invention.

图2是图1中控制系统的结构框图。Fig. 2 is a structural block diagram of the control system in Fig. 1 .

图3是图1中FPGA处理器的电路原理图之一。FIG. 3 is one of circuit schematic diagrams of the FPGA processor in FIG. 1 .

图4是图1中FPGA处理器的电路原理图之二。FIG. 4 is the second circuit schematic diagram of the FPGA processor in FIG. 1 .

图5是图1中交换机端口镜像信号报文侦听器的电路原理图。FIG. 5 is a schematic circuit diagram of a mirroring signal packet listener at a switch port in FIG. 1 .

图6是图1中网络信号报文侦听器的电路原理图。FIG. 6 is a schematic circuit diagram of the network signal packet listener in FIG. 1 .

图7是图1中串口信号报文侦听器的电路原理图。Fig. 7 is a schematic circuit diagram of the serial port signal message listener in Fig. 1 .

图8是图1中MODEM载波信号报文侦听器的电路原理图之一。FIG. 8 is one of the schematic circuit diagrams of the MODEM carrier signal message listener in FIG. 1 .

图9是图1中MODEM载波信号报文侦听器的电路原理图之二。FIG. 9 is the second schematic diagram of the circuit of the MODEM carrier signal message listener in FIG. 1 .

图10是本发明实施例便携式电力通信规约检测仪的检测方法的流程图。Fig. 10 is a flow chart of the detection method of the portable power communication protocol detector according to the embodiment of the present invention.

具体实施方式 Detailed ways

实施例一Embodiment one

本实施例的便携式电力通信规约检测仪如图1和图2所示,包括安置于一手持机箱内的采集装置1和分析装置2。采集装置1含有报文侦听器和并行转串行处理器;其中,报文侦听器由交换机端口镜像信号报文侦听器4、网络信号报文侦听器5、串口信号报文侦听器6和MODEM载波信号报文侦听器7四个报文侦听器构成,并行转串行处理器由FPGA处理器3构成。分析装置含有CPU8、分析系统11、分别与CPU8连接的输入器9和显示器10;其中,CPU8采用嵌入式处理器(型号是MPC8377),输入器9采用键盘、鼠标或触摸屏幕输入器等,显示器10采用通用CRT或液晶显示器。上述四个报文侦听器的各自输入端分别接入交换机通信链路13、网络通信链路14、串口电力通信链路15和载波电力通信链路16,该四个报文侦听器的各自输出端并行连接于FPGA处理器3的输入端。FPGA处理器3的输出端通过千兆网口串行连接于CPU8,上述四个报文侦听器和FPGA处理器3的各自控制端分别连接CPU8。As shown in Figure 1 and Figure 2, the portable power communication protocol detector of this embodiment includes a collection device 1 and an analysis device 2 arranged in a hand-held case. Acquisition device 1 contains message listener and parallel-to-serial processor; Listener 6 and MODEM carrier signal message listener 7 are composed of four message listeners, and the parallel-to-serial processor is composed of FPGA processor 3. Analysis device contains CPU8, analysis system 11, input device 9 and display 10 connected with CPU8 respectively; Wherein, CPU8 adopts embedded processor (model is MPC8377), input device 9 adopts keyboard, mouse or touch screen input device etc., display 10 adopt general CRT or liquid crystal display. The respective input terminals of the above four message listeners are respectively connected to the exchange communication link 13, the network communication link 14, the serial port power communication link 15 and the carrier power communication link 16, the four message listeners The respective output ends are connected to the input ends of the FPGA processor 3 in parallel. The output end of the FPGA processor 3 is serially connected to the CPU 8 through the gigabit network port, and the respective control ends of the above four message listeners and the FPGA processor 3 are connected to the CPU 8 respectively.

由于上述四个报文侦听器的输出端分别并行连接于FPGA处理器3的输入端,四个报文侦听器的输出速率一般是十兆或百兆,FPGA处理器3的千兆网口输出端速率远高于从四个报文侦听器输入的速率,加之四个报文侦听器传输的报文在FPGA处理器经过缓存后输出,因此可以保证四个报文侦听器所采集的所有报文能够完整传输给CPU8而不会丢失。Because the output ends of the above-mentioned four message listeners are respectively connected in parallel to the input ends of the FPGA processor 3, the output rates of the four message listeners are generally ten megabytes or hundreds of megabytes, and the Gigabit network of the FPGA processor 3 The output rate of the port is much higher than the input rate from the four message listeners, and the messages transmitted by the four message listeners are output after being buffered by the FPGA processor, so the four message listeners can be guaranteed All the collected messages can be completely transmitted to the CPU 8 without being lost.

如图2所示,分析系统11含有:用于从FPGA处理器3读取电力通信链路的报文的采集模块17、用于对采集的报文进行网络分析的网络分析模块18、用于对经网络分析后的报文的应用层进行规约分析的规约分析模块19和用于负责各模块间的调度和管理的调度管理模块20。As shown in Figure 2, the analysis system 11 contains: a collection module 17 for reading the message of the power communication link from the FPGA processor 3, a network analysis module 18 for network analysis of the collected message, and a network analysis module 18 for A protocol analysis module 19 that performs protocol analysis on the application layer of the message after network analysis, and a scheduling management module 20 that is responsible for the scheduling and management among the modules.

本实施例的便携式电力通信规约检测仪还包括连接CPU8的存储器21,存储器21采用SSD硬盘(solid state disk固态硬盘)。分析系统11还含有用于将采集模块17读取的报文经过分析系统分析后传送至存储器存储的记录模块22、用于对网络分析模块18和规约分析模块19的分析结果进行统计分析的统计分析模块23。The portable power communication protocol detector of the present embodiment also includes a memory 21 connected to the CPU 8, and the memory 21 adopts an SSD hard disk (solid state disk). The analysis system 11 also includes a record module 22 for analyzing the messages read by the acquisition module 17 and then transferring them to the memory for storage, and a statistics tool for performing statistical analysis on the analysis results of the network analysis module 18 and the protocol analysis module 19. Analysis module 23.

如图3和图4所示,FPGA处理器3主要含有型号为ALTERAEP3C25Q240的芯片U1,该芯片U1内将交换机端口镜像信号报文侦听器4、网络信号报文侦听器5、串口信号报文侦听器6和MODEM载波信号报文侦听器7四个报文侦听器采集到的数据在其内部进行处理后,通过千兆的以太网口传输给CPU8,其中芯片U1的千兆网口是其在内部形成了一个千兆MAC软核。该千兆MAC软核再通过其RGMII接口(93脚到120脚)先连接到芯片U6(型号是VSC8601)的千兆PHY上,在PHY上实现以太网物理层的转换,然后通过第一网络隔离变压器T1和第一双连RJ45接口J1的A端口(如图5所示)与CPU8相连实现物理链路上的连接。As shown in Figure 3 and Figure 4, FPGA processor 3 mainly contains the chip U1 that model is ALTERAEP3C25Q240, in this chip U1, switch port image signal message listener 4, network signal message listener 5, serial port signal report After the data collected by text listener 6 and MODEM carrier signal message listener 7 four message listeners is processed inside it, it is transmitted to CPU8 through Gigabit Ethernet port, wherein the Gigabit port of chip U1 The network port is a Gigabit MAC soft core formed internally. The Gigabit MAC soft core is first connected to the Gigabit PHY of the chip U6 (model VSC8601) through its RGMII interface (93 pins to 120 pins), and the conversion of the Ethernet physical layer is realized on the PHY, and then through the first network The isolation transformer T1 and the A port of the first double-connected RJ45 interface J1 (as shown in FIG. 5 ) are connected to the CPU 8 to realize the connection on the physical link.

交换机端口镜像信号报文侦听器4如图5所示,外部交换机的镜像端口(交换机通信链路14)通过第一双连RJ45插座J1的B端口经第二网络隔离变压器T2连接到芯片U5(型号KS8721BL)的100MPHY上,在芯片U5上实现以太网物理层转换后将接收到的数据以标准的RMII口传送给FPGA处理器3进行处理。FPGA处理器3在其内部的BANK3上实现一个100M MAC,然后通过RMII口(芯片U1的63-80脚)与芯片U5(如图5所示)的PHY对接。Switch port image signal message listener 4 as shown in Figure 5, the mirror port (switch communication link 14) of external switch is connected to chip U5 through the second network isolation transformer T2 through the B port of the first double-connected RJ45 socket J1 (Model KS8721BL) on the 100MPHY, after the Ethernet physical layer conversion is realized on the chip U5, the received data is transmitted to the FPGA processor 3 through the standard RMII port for processing. The FPGA processor 3 implements a 100M MAC on its internal BANK3, and then interfaces with the PHY of the chip U5 (as shown in Figure 5) through the RMII port (63-80 pins of the chip U1).

网络报文侦听器如图6示,第二双连RJ45插座J2的A、B端口分别作为外部网络(网络通信链路15)信号的输入、输出口,A、B两端口在内部实现了物理上的直连,可以保证侦听时不对外部网络的正常通信造成破坏。外部网络的收发两路信号分别通过第三、第四网络隔离变压器T3、T4分别传送到两个芯片U3和U4(型号KS8721BL)的100M PHY上,在两个芯片U3和U4实现以太网物理层转换后,再通过RMII口传输给FPGA处理器3进行处理。FPGA处理器3在其内部的BANK1和BANK2上实现两个100M MAC,并分别通过RMII口(芯片U1得4-22脚和38-57脚)与两个PHY芯片U3和U4(如图6示)实现对接。As shown in Figure 6 of the network message listener, the A and B ports of the second double-connected RJ45 socket J2 are respectively used as the input and output ports of the external network (network communication link 15) signal, and the A and B two ports are implemented internally. The physical direct connection can ensure that the normal communication of the external network will not be damaged when listening. The two signals of sending and receiving of the external network are respectively transmitted to the 100M PHY of two chips U3 and U4 (model KS8721BL) through the third and fourth network isolation transformers T3 and T4, and the Ethernet physical layer is realized on the two chips U3 and U4 After the conversion, it is transmitted to the FPGA processor 3 through the RMII port for processing. FPGA processor 3 implements two 100M MACs on its internal BANK1 and BANK2, and communicates with two PHY chips U3 and U4 (as shown in Figure 6) through RMII ports (chip U1 gets 4-22 pins and 38-57 pins) respectively. ) to achieve docking.

如图7示,串口报文侦听器6是三合一串口报文侦听器,分别提供RS485、RS422和RS232三种通信接口,其主要功能是实现几种串行数字接口之间电平转化与驱动,并将接收到串口电力通信链路13的信号转化成统一TTL电平的UART信号送给FPGA处理器3进行处理。当需要侦听的串口电力通信链路13是RS485通信方式时,外部串口设备的RS485接口的A(RX+)、B(RX-)分别并到芯片U8、U9、U10或U14(型号ADM485AR)的6、7两个引脚上。芯片U8、U9、U10或U14完成RS485电平到TTL电平转换后通过其上引脚1把接收到的数据输出到FPGA处理器3的串口数据接收端(芯片U1的145、139、214、226引脚上);在RS485侦听模式下,串口报文侦听器6能同时侦听4路RS485串口。当需要侦听的串口电力通信链路13是RS422通信方式时,用两路RS485口去侦听一路外部目标RS422链路。一路RS485连接到外部目标RS422发送链路的Y(TX+)、Z(TX-)两根线上,另一路RS485的连接到RS422接收链路的A(RX+)、B(RX-)两根线上。当需要侦听的串口电力通信链路13是RS232通信方式时,串口报文侦听器6则用两路RS232接收来侦听一路外部目标RS232链路的收发两根线。外部目标RS232链路的接收端或者发送端并接到芯片U11或U12、U13、U15(型号SP3223EEY)的16引脚上,芯片U11或U12、U13、U15完成RS232电平到TTL电平转换后,通过其上15引脚把接收到的数据输出到FPGA处理器3的串口数据接收端(芯片U1的144、142、216、230引脚上)。As shown in Figure 7, the serial port message listener 6 is a three-in-one serial port message listener, which provides three kinds of communication interfaces of RS485, RS422 and RS232 respectively, and its main function is to realize the voltage level between several serial digital interfaces. Convert and drive, and convert the signal received from the serial port power communication link 13 into a UART signal of uniform TTL level and send it to the FPGA processor 3 for processing. When the serial power communication link 13 that needs to be monitored is the RS485 communication mode, A (RX+) and B (RX-) of the RS485 interface of the external serial device are connected to the chip U8, U9, U10 or U14 (model ADM485AR) respectively. 6, 7 two pins. Chip U8, U9, U10 or U14 outputs the received data to the serial port data receiving end of FPGA processor 3 through its upper pin 1 after completing the RS485 level to TTL level conversion (145, 139, 214, 145, 139, 214, 226 pins); in the RS485 listening mode, the serial port message listener 6 can listen to 4 RS485 serial ports at the same time. When the serial port power communication link 13 to be monitored is in the RS422 communication mode, use two RS485 ports to monitor one external target RS422 link. One RS485 is connected to the two lines Y (TX+) and Z (TX-) of the external target RS422 sending link, and the other RS485 is connected to the two lines A (RX+) and B (RX-) of the RS422 receiving link superior. When the serial port power communication link 13 that needs to be intercepted is in the RS232 communication mode, the serial port message listener 6 uses two RS232 receivers to monitor the two wires for sending and receiving of an external target RS232 link. The receiving end or sending end of the external target RS232 link is connected to the 16-pin of the chip U11 or U12, U13, U15 (model SP3223EEY), after the chip U11 or U12, U13, U15 completes the RS232 level to TTL level conversion , output the received data to the serial port data receiving end of the FPGA processor 3 (on the 144, 142, 216, 230 pins of the chip U1) through the 15 pins on it.

MODEM载波信号报文侦听器7如图8和图9所示,MODEM载波信号报文侦听器7提供二路MODEM载波接收接口,可用来侦听一路MODEM通信的目标链路(载波电力通信链路16)。MODEM载波信号报文侦听器7的两路接收接口分别并接到该目标链路的一对收、发线上。载波模拟信号通过第五、第六隔离变压器T5、BT5耦合输出到调制解调芯片U16、U17(型号MC145503)上进行解调,然后通过芯片U18、U19(型号74HC299)进行串并转换后,并行数据再送到单片机U20、U21(型号STC89c51Rc)上进行解码,解码后的数据通过单片机U20、U21上的各自11脚以TTL电平串行信号方式再传送给FPGA处理器3进行数据处理。MODEM carrier signal message listener 7 as shown in Figure 8 and Figure 9, MODEM carrier signal message listener 7 provides two-way MODEM carrier receiving interface, can be used for listening to the target link (carrier power communication) of one modem communication link 16). The two receiving interfaces of the MODEM carrier signal message listener 7 are respectively connected to a pair of receiving and sending lines of the target link. Carrier analog signals are coupled and output to modem chips U16 and U17 (model MC145503) through the fifth and sixth isolation transformers T5 and BT5 for demodulation, and then serial-to-parallel conversion is performed through chips U18 and U19 (model 74HC299). The data is then sent to the single-chip microcomputers U20 and U21 (model STC89c51Rc) for decoding, and the decoded data is sent to the FPGA processor 3 for data processing through the respective 11 pins on the single-chip microcomputers U20 and U21 in the form of TTL level serial signals.

本实施例的便携式电力通信规约检测仪采用FPGA处理器3直接在MAC层实现数据记录并缓存,并通过网线与CPU8进行数据交换,其中有三个重要的带宽指标,一是侦听接口的总带宽,二是硬盘的写盘速度,三是网线带宽。要实现完整有效检测,侦听接口的总带宽应小于硬盘写盘速度,网线带宽应大于侦听网口总带宽与硬盘写盘速度之和,并留有余度。本实施例检测仪设计的带宽指标是:每个报文侦听器的接口带宽是100Mbps(网络风暴时),则四个报文侦听器的接口总带宽=4×100Mbps=400Mbps;现在一般的SSD硬盘的写盘速度为80MB/s-100MB/s,即640Mbps-800Mbps;网线带宽是千兆带宽。由此可见,本实施例检测仪的设计带宽可以满足检测时不丢失数据的需求。The portable power communication protocol detector of this embodiment adopts the FPGA processor 3 to directly realize data recording and buffering at the MAC layer, and exchange data with the CPU 8 through the network cable. There are three important bandwidth indicators, one is the total bandwidth of the listening interface , the second is the writing speed of the hard disk, and the third is the bandwidth of the network cable. To achieve complete and effective detection, the total bandwidth of the listening interface should be smaller than the writing speed of the hard disk, and the bandwidth of the network cable should be greater than the sum of the total bandwidth of the listening network port and the writing speed of the hard disk, with a margin. The bandwidth indicator that present embodiment detector design is: the interface bandwidth of each message listener is 100Mbps (in the time of network storm), then the total interface bandwidth=4*100Mbps=400Mbps of four message listeners; The write speed of the SSD hard disk is 80MB/s-100MB/s, that is, 640Mbps-800Mbps; the network cable bandwidth is Gigabit bandwidth. It can be seen that the designed bandwidth of the detector in this embodiment can meet the requirement of not losing data during detection.

显然,上述本实施例的便携式电力通信规约检测仪可以精简和变化的方案有:1)交换机端口镜像信号报文侦听器4、网络信号报文侦听器5、串口信号报文侦听器6和MODEM载波信号报文侦听器7四个报文侦听器也可以只保留其中之一、之二或之三,或者再增加其他通信方式的报文侦听器;2)FPGA处理器3以及四个报文侦听器的具体电路构成不局限本实施例的电路结构;3)FPGA处理器3的输出端也可以通过PCI总线或其他连接方式与CPU8串行连接;4)存储器21以及记录模块22也可以省去,本实施例的检测仪只进行实时检测分析而不记录;5)FPGA处理器3也可以由多个协同工作的单片机或其他并行转串行处理器代替。Obviously, the above-mentioned portable power communication protocol detector of this embodiment can be simplified and changed: 1) switch port image signal message listener 4, network signal message listener 5, serial port signal message listener 6 and MODEM carrier signal message listener 7 four message listeners also can only keep one of them, two or three, or increase the message listener of other communication modes; 2) FPGA processor 3 and the concrete circuit configuration of four message listeners are not limited to the circuit structure of the present embodiment; 3) the output end of FPGA processor 3 can also be serially connected with CPU8 by PCI bus or other connection modes; 4) memory 21 And the recording module 22 can also be omitted, and the detector of the present embodiment only performs real-time detection and analysis without recording; 5) the FPGA processor 3 can also be replaced by a plurality of cooperative single-chip microcomputers or other parallel-to-serial processors.

本实施例的便携式电力通信规约检测仪的检测方法,如图10所示,包括以下步骤:The detection method of the portable power communication protocol detector of this embodiment, as shown in Figure 10, includes the following steps:

1)启动检测仪,通过输入器9配置待检测电力通信链路的参数和对特定规约进行关联指定并形成系统配置文件,1) Start the tester, configure the parameters of the power communication link to be tested through the input device 9 and associate and designate specific protocols to form a system configuration file,

----特定关联指定是选择与待检测电力通信链路的特定规约相应的语法模型文件和语义模型文件,---- Specific association designation is to select the syntax model file and semantic model file corresponding to the specific protocol of the power communication link to be tested,

----语法分析模型文件和语义分析模型文件通过预设或现场通过输入器9导入检测仪内,----Syntactic analysis model files and semantic analysis model files are imported into the tester through preset or on-site input device 9,

----调度管理模块20依据系统配置文件对交换机端口镜像信号报文侦听器4、网络信号报文侦听器5、串口信号报文侦听器6和MODEM载波信号报文侦听器7四个报文侦听器以及FPGA处理器3的工作参数进行设置;----Scheduling management module 20 according to the system configuration file to switch port image signal message listener 4, network signal message listener 5, serial port signal message listener 6 and MODEM carrier signal message listener 7. The operating parameters of four message listeners and the FPGA processor 3 are set;

2)分析系统进行初始化,即CPU8首先加载调度管理模块20、网络分析模块18和采集模块17、记录模块22和统计分析模块23,调度管理模块20依据系统配置文件再加载规约分析模块19,2) The analysis system is initialized, that is, the CPU 8 first loads the scheduling management module 20, the network analysis module 18 and the acquisition module 17, the recording module 22 and the statistical analysis module 23, and the scheduling management module 20 loads the protocol analysis module 19 according to the system configuration file,

----规约分析模块19是通过语法模型文件和语义模型文件形成特定规约的语法和语义环境并对该特定规约进行语法和语义分析的通用模块,即分析系统内部只有一个规约分析模块,不同的规约通过语法模型文件和语义模型文件来标识,----The specification analysis module 19 is a general module that forms the grammatical and semantic environment of a specific statute through the grammatical model file and the semantic model file and performs grammatical and semantic analysis on the specific statute, that is, there is only one statute analysis module inside the analysis system, different The specification is identified by a syntax model file and a semantic model file,

----加载网络分析模块18是,生成针对OSI(Open SystemInterconnection开放系统互联)模型的协议层、语法分析器、会话通道管理器、语义分析器,随后将协议层组织为协议栈,接着为每个协议层配备相应的语法分析器和会话通道管理器,然后为每个会话通道管理器配置语义分析器----loading the network analysis module 18 is to generate protocol layers, syntax analyzers, session channel managers, and semantic analyzers for the OSI (Open System Interconnection) model, and then the protocol layers are organized into protocol stacks, followed by Each protocol layer is equipped with a corresponding syntax analyzer and a session channel manager, and then a semantic analyzer is configured for each session channel manager

----加载规约分析模块19是依据系统配置文件中指定的语法模型文件和语义模型文件进行初始化,即生成针对特定规约的协议层、语法分析器、会话通道管理器、语义分析器,随后将协议层组织为协议栈,接着为每个协议层配备相应的语法分析器和会话通道管理器,然后为每个会话通道管理器配置语义分析器;---- Loading the protocol analysis module 19 is to initialize according to the syntax model file and semantic model file specified in the system configuration file, that is, to generate the protocol layer, syntax analyzer, session channel manager, and semantic analyzer for the specific protocol, and then Organize the protocol layers into a protocol stack, then equip each protocol layer with a corresponding syntax analyzer and a session channel manager, and then configure a semantic analyzer for each session channel manager;

3)交换机端口镜像信号报文侦听器4、网络信号报文侦听器5、串口信号报文侦听器6和MODEM载波信号报文侦听器7四个报文侦听器通过电力通信链路侦听电力通信链路的报文,其中串口信号报文侦听器6和MODEM载波信号报文侦听器7(非以太网电力通信链路报文侦听器)首先产生一帧以太网UDP报文,然后将侦听的报文作为UDP报文的应用层,接下来四个报文侦听器将直接侦听的以太网报文并行传送至FPGA处理器3,FPGA处理器3对并行接收来的报文加入时间戳,并将加入时间戳后的报文进行缓存,四个报文侦听器传送的报文分别进行缓存;3) switch port image signal message listener 4, network signal message listener 5, serial port signal message listener 6 and MODEM carrier signal message listener 7 four message listeners communicate through power The link listens to the message of the power communication link, wherein the serial port signal message listener 6 and the MODEM carrier signal message listener 7 (non-Ethernet power communication link message listener) first generate a frame of ether network UDP message, and then use the intercepted message as the application layer of the UDP message, and then the next four message listeners transmit the Ethernet message directly monitored to the FPGA processor 3 in parallel, and the FPGA processor 3 Add time stamps to the messages received in parallel, and cache the messages after adding the time stamps, and cache the messages transmitted by the four message listeners respectively;

4)采集模块17从FPGA处理器3读取缓存的报文,并将该报文送入网络分析模块18,采集模块17在该报文完成分析后将该报文送入纪录模块22,记录模块22再将该报文传送至存储器21存储;4) collection module 17 reads the message of cache from FPGA processor 3, and this message is sent into network analysis module 18, and collection module 17 sends this message into recording module 22 after this message finishes analyzing, records The module 22 transmits the message to the memory 21 for storage;

5)网络分析模块18依据0SI模型各协议层语法和语义对送入网络分析模块的报文进行网络语法和语义分析直至该报文的应用层,并将应用层的报文送入规约分析模块,5) The network analysis module 18 performs network syntax and semantic analysis on the message sent into the network analysis module according to the syntax and semantics of each protocol layer of the OSI model until the application layer of the message, and sends the message of the application layer into the protocol analysis module ,

----网络语法和语义分析是,从协议栈的底层向上依次在每个协议层使用语法分析器对送入网络分析模块18的报文进行语法分析,并将获得的语法分析树传递给会话管理器,由会话管理器将语法分析树分发给会话管理器接收和发送两端的语义分析器进行语义分析,语法分析器和语义分析器分别将剩余应用层的报文和语义分析结果向协议栈的上一层传递,由上一层再次进行上述过程,直到到达协议栈的应用层、协议栈的顶端或报文结尾时)获得对送入网络分析模块18的报文的网络分析结果,----Network syntax and semantic analysis is to use a syntax analyzer at each protocol layer to perform syntax analysis on the message sent to the network analysis module 18 from the bottom layer of the protocol stack upwards, and pass the obtained syntax analysis tree to Session manager, the session manager distributes the syntax analysis tree to the semantic analyzer at the receiving and sending ends of the session manager for semantic analysis, and the syntax analyzer and semantic analyzer respectively send the remaining application layer messages and semantic analysis results to The upper layer of the stack is delivered, and the above process is carried out again by the upper layer until the application layer of the protocol stack, the top of the protocol stack or the end of the message) is obtained to the network analysis result of the message sent into the network analysis module 18,

----将应用层报文送入规约分析模块19进行规约分析,将网络分析结果送入统计分析模块23进行统计并显示;---- Send the application layer message into the protocol analysis module 19 for protocol analysis, and send the network analysis results into the statistical analysis module 23 for statistics and display;

6)规约分析模块19依据规约的语法和语义对应用层的报文进行规约语法和语义分析,6) The protocol analysis module 19 analyzes the syntax and semantics of the protocol on the message of the application layer according to the syntax and semantics of the protocol,

----规约语法和语义分析是,从协议栈的底层向上依次在每个协议层对应用层的报文使用语法分析器进行语法分析,并将获得的语法分析树传递给会话管理器,由会话管理器将语法分析树分发给会话管理器接收和发送两端的语义分析器进行语义分析,语法分析器和语义分析器分别将剩余应用层的报文和语义分析结果向所述协议栈的上一层传递,由上一层再次进行上述过程,直到到达协议栈的顶端或报文结尾时,获得应用层报文的规约分析结果,并将规约分析结果送往统计分析模块进行统计并显示,----The syntax and semantic analysis of the protocol is to use the syntax analyzer to perform syntax analysis on the message of the application layer in each protocol layer from the bottom layer of the protocol stack upwards, and pass the obtained syntax analysis tree to the session manager. The syntax analysis tree is distributed by the session manager to the semantic analyzers at the receiving and sending ends of the session manager for semantic analysis, and the syntax analyzer and the semantic analyzer send the messages and semantic analysis results of the remaining application layers to the protocol stack The upper layer transmits the above process again until it reaches the top of the protocol stack or the end of the message, obtains the protocol analysis result of the application layer message, and sends the protocol analysis result to the statistical analysis module for statistics and display ,

7)网络分析模块18和规约分析模块19将各自的分析结果送给统计分析模块23进行统计分析,即将分析结果中的部分报文结构的值提取出来制成图表,在至少两帧报文后将提取出来的值进行运算和比较并形成统计结果,再将统计结果送往显示界面。7) The network analysis module 18 and the protocol analysis module 19 send their respective analysis results to the statistical analysis module 23 for statistical analysis, that is, to extract the value of some message structures in the analysis results and make a chart, after at least two frames of messages Calculate and compare the extracted values to form statistical results, and then send the statistical results to the display interface.

实施例二Embodiment two

本实施例的便携式电力通信规约检测仪与实施例一基本相同,所不同的是,FPGA处理器3由多个协同工作的单片机代替。The portable power communication protocol detector of this embodiment is basically the same as that of Embodiment 1, the difference is that the FPGA processor 3 is replaced by a plurality of single-chip microcomputers working together.

本实施例的检测方法与实施例一稍有不同,除相同步骤以外所不同的是:The detection method of the present embodiment is slightly different from the first embodiment, and the difference except the same steps is:

1、第1)步中的特定关联指定是选择与待检测电力通信链路的特定规约相应的规约分析模块19;1. The specific association designation in step 1) is to select the protocol analysis module 19 corresponding to the specific protocol of the power communication link to be detected;

2、第2)步中的规约分析模块19是通过程序设计形成特定规约的语法和语义环境并对特定规约进行语法与语义分析的非通用模块,即分析系统内部有多个规约分析模块,不同的规约由不同的规约分析模块来标识,2. The protocol analysis module 19 in step 2 is a non-universal module that forms the grammatical and semantic environment of a specific statute through program design and performs grammatical and semantic analysis on a specific statute, that is, there are multiple statute analysis modules inside the analysis system, different The specifications of are identified by different specification analysis modules,

3、第2)步中的加载规约分析模块19是依据系统配置文件中指定的与特定规约相应的规约分析模块;3. The loading protocol analysis module 19 in the second) step is based on the protocol analysis module specified in the system configuration file corresponding to the specific protocol;

4、第6)步中的规约语法和语义分析是,应用层的报文按照字节的bit位、字节的bit位组合、字节或字节组合形成单元报文结构,然后单元报文结构又组合成复合报文结构,再对各报文结构之间关系进行语法分析并形成语法分析结果,然后从语法分析结果中提取与上下文环境相关报文结构的值进行语义分析并形成语义分析结果,获得应用层报文的分析结果。4. The syntax and semantic analysis of the protocol in step 6) is that the message of the application layer forms a unit message structure according to the bit of the byte, the combination of the bit of the byte, the byte or the combination of the byte, and then the unit message The structure is combined into a compound message structure, and then the relationship between each message structure is grammatically analyzed to form a grammatical analysis result, and then the value of the message structure related to the context is extracted from the grammatical analysis result for semantic analysis and forms a semantic analysis As a result, an analysis result of the application layer packet is obtained.

上述各实施例便携式电力通信规约检测仪的检测方法,既可以适用于在线实时分析,也可以适用于离线后的分析。当进行在线实时分析时,由于从FPGA处理器3传来的报文直接进行分析,因此可以第一时间发现并迅捷通过规约分析查找出报文故障原因和地点;同时由于报文是先经过规约分析模块19进行实时规约分析后再存储,因此,即使存储速率较慢时而丢失部分报文,也不会影响发现和分析报文故障。The detection methods of the portable power communication protocol detectors in the above embodiments can be applied to both online real-time analysis and offline analysis. When performing online real-time analysis, because the message transmitted from the FPGA processor 3 is directly analyzed, it can be found at the first time and quickly find out the cause and location of the message failure through protocol analysis; The analysis module 19 performs real-time protocol analysis and then stores them. Therefore, even if some messages are lost when the storage rate is slow, it will not affect the discovery and analysis of message failures.

总之,按照上述各实施例便携式电力通信规约检测仪及其检测方法,可以对现有各种电力通信链路的报文进行毫无遗漏地的检测,从而能够真正有效地检测出所有可能产生的报文故障及其原因和地点,进而为及时排除电力设施故障提供保障。In a word, according to the above-mentioned embodiments, the portable power communication protocol detector and its detection method can detect the messages of various existing power communication links without omission, so that it can truly and effectively detect all possible Message faults and their causes and locations, thereby providing guarantee for timely troubleshooting of power facility faults.

本发明的便携式电力通信规约检测仪及其检测方法不局限于上述实施例所述的具体技术方案,比如1)规约分析模块的规约语法和语义分析也可以是将规约所有可能的报文组合以及所有可能的上下文环境进行罗列,然后将报文与所罗列的报文组合以及上下文环境进行比较来进行语法和语义分析;2)也可以将报文存储后再进行分析;3)非以太网电力通信链路报文侦听器(串口信号报文侦听器6和MODEM载波信号报文侦听器7)的报文也可以不网络化;等等。凡采用等同替换形成的技术方案均为本发明要求的保护范围。The portable power communication protocol detector and its detection method of the present invention are not limited to the specific technical solutions described in the above embodiments, for example, 1) the protocol syntax and semantic analysis of the protocol analysis module can also combine all possible message combinations of the protocol and All possible contexts are listed, and then the message is compared with the listed message combination and context for syntax and semantic analysis; 2) the message can also be stored and then analyzed; 3) non-Ethernet power The message of communication link message listener (serial port signal message listener 6 and MODEM carrier signal message listener 7) also can not be networked; etc. All technical solutions formed by equivalent replacement are within the scope of protection required by the present invention.

Claims (18)

1. portable electric power communication protocol detector, it is characterized in that: comprise the harvester and the analytical equipment that are placed in the portable cabinet, described harvester contains message detectaphone and the parallel serial processor of changeing, and described analytical equipment contains CPU, analytical system, the loader that is connected with CPU respectively and display; The input of described message detectaphone inserts the power communication link, the parallel input that is connected in parallel commentaries on classics serial processor of its output; The output of described parallel commentaries on classics serial processor is connected in series in CPU, described message detectaphone is connected CPU respectively with the parallel control end that changes serial processor, described analytical system contain be useful on from parallelly change acquisition module that serial processor reads the message of described power communication link, be used for to described message carry out network analysis nework analysis module, be used for the application layer of the message behind network analysis is carried out the protocol analysis module of protocol analysis and is used to dispatch and manage the dispatching management module of described module.
2. according to the described portable electric power communication protocol detector of claim 1, it is characterized in that: the single-chip microcomputer that described parallel commentaries on classics serial processor is FPGA processor or a plurality of collaborative works.
3. according to the described portable electric power communication protocol detector of claim 2, it is characterized in that: described message detectaphone is one of switch ports themselves image signal message detectaphone, network signal message detectaphone, rs 232 serial interface signal message detectaphone and MODEM carrier signal message detectaphone, one of the input access switch communication link of described message detectaphone, network communication link, serial ports power communication link and carrier wave power communication link.
4. according to the described portable electric power communication protocol detector of claim 2, it is characterized in that: described message detectaphone is switch ports themselves image signal message detectaphone, network signal message detectaphone, rs 232 serial interface signal message detectaphone and MODEM carrier signal message detectaphone, and the input separately of these four message detectaphones inserts serial ports power communication link, switch communication link, network communication link and carrier wave power communication link respectively.
5. according to the described portable electric power communication protocol detector of claim 4, it is characterized in that: also comprise memory, described analytical system also contains and is useful on the logging modle that message that acquisition module is read is sent to memory stores by analysis after the network analysis.
6. according to the described portable electric power communication protocol detector of claim 5, it is characterized in that: described analytical system also contains and is useful on the statistical analysis module that analysis result that nework analysis module and protocol analysis module are produced carries out the secondary statistical analysis.
7. according to the described portable electric power communication protocol detector of claim 6, it is characterized in that: described FPGA processor mainly contains the chip that model is ALTERA EP3C25Q240, and this chip connects CPU by the Ethernet interface of gigabit; Described serial ports message detectaphone is the three-in-one serial ports message detectaphone that RS485, RS422 and three kinds of communication interfaces of RS232 are provided respectively; Described MODEM carrier signal message detectaphone contains and is useful on two road MODEM carrier wave receiving interfaces of intercepting one road MODEM carrier wave power communication link, and its two road receiving interface respectively and receive on a pair of sending and receiving line of MODEM carrier wave power communication link; Described CPU is that model is the flush bonding processor of MPC837.
8. according to the described portable electric power communication protocol detector of claim 7, it is characterized in that: described loader adopts keyboard, mouse or touch screen loader, and described display is general CRT or LCD, and described memory is general SSD hard disk; The interface total bandwidth of described message detectaphone is 400Mbps; The dish speed of writing of described memory is 640Mbps-800Mbps.
9. detection method according to the described portable electric power communication protocol detector of claim 1 is characterized in that: may further comprise the steps:
1) starts described detector, dispose the related appointment of parameter of power communication link to be detected by described loader and form CONFIG.SYS with specific stipulations;
2) described analytical system is carried out initialization, and promptly described CPU at first loads dispatching management module, nework analysis module and acquisition module, and described dispatching management module reloads the protocol analysis module according to described CONFIG.SYS;
3) described message detectaphone is by intercepting the message of power communication link, and this message is passed in parallel to the parallel serial processor of changeing, described parallel commentaries on classics serial processor was stabbed the message joining day that parallel receive comes, and the message after will stabbing the joining day carries out buffer memory;
4) described acquisition module changes the message that serial processor reads buffer memory from parallel, and this message is sent into nework analysis module;
5) described nework analysis module carries out net grammar and the semantic analysis application layer until this message according to osi model protocal layers syntax and semantics to the message of sending into nework analysis module, and the message of application layer sent into the protocol analysis module, and net grammar and semantic analysis result are sent to display interface;
6) described protocol analysis module is carried out the analysis of stipulations syntax and semantics according to the syntax and semantics of stipulations to the message of described application layer, and stipulations syntax and semantics analysis result is sent to display interface.
10. according to the detection method of the described portable electric power communication protocol detector of claim 9, it is characterized in that:
----the described the 1st) the related appointment of the specific stipulations in the step is the corresponding syntactic model file of specific stipulations and the semantic model file of selection and power communication link to be detected;
----the described the 2nd) the protocol analysis module in the step is to form the syntax and semantics environment of specific stipulations and these specific stipulations are carried out the general module that syntax and semantics is analyzed by syntactic model file and semantic model file; The syntactic model file and the semantic model file that load the protocol analysis module and be according to appointment in the CONFIG.SYS carry out initialization, promptly generate protocol layer, syntax analyzer, session channel manager, semantic analyzer at specific stipulations, subsequently protocol layer is organized as protocol stack,, be each session channel manager configuration semantic analyzer then then for each protocol layer is equipped with corresponding syntax analyzer and session channel manager;
----the described the 6th) the stipulations syntax and semantics analysis in the step is, upwards use syntax analyzer to carry out syntactic analysis at each protocol layer to the message of described application layer successively from the bottom of described protocol stack, and the parse tree that obtains passed to session manager, by session manager the semantic analyzer that parse tree is distributed to session manager reception and transmission two ends is carried out semantic analysis, syntax analyzer and semantic analyzer will remain the last layer transmission to described protocol stack of the message of application layer and semantic analysis result respectively, carry out said process once more by last layer, when top that arrives protocol stack or end of message, obtain the analysis result of described application layer message.
11. the detection method according to the described portable electric power communication protocol detector of claim 9 is characterized in that:
----the described the 1st) appointment of the association in the step is the corresponding protocol analysis module of specific stipulations of selection and power communication link to be detected;
----the described the 2nd) step in loading protocol analysis module be according to appointment in the CONFIG.SYS with the corresponding protocol analysis module of specific stipulations; Described protocol analysis module is to form the syntax and semantics environment of specific stipulations and the non-general module that specific stipulations is carried out grammer and semantic analysis by programming;
----the described the 6th) the stipulations syntax and semantics analysis in the step is, described application layer message forms the unit message structure according to the bit position of byte, bit bit combination, byte or the combination of bytes of byte, the unit message structure is combined into compound message structure again then, again the relation between the described message structure is carried out syntactic analysis and formed the syntactic analysis result, from the syntactic analysis result, extract with the value of context environmental association message structure then and carry out semantic analysis and form semantic analysis result, obtain the analysis result of described application layer message.
12. the detection method according to claim 10 or 11 described portable electric power communication protocol detectors is characterized in that:
----the described the 2nd) the load networks analysis module in the step is, generation is at protocol layer, syntax analyzer, session channel manager, the semantic analyzer of osi model, subsequently protocol layer is organized as protocol stack according to the OSI seven layer model,, be each session channel manager configuration semantic analyzer then then for each protocol layer is equipped with corresponding syntax analyzer and session channel manager;
----the described the 5th) net grammar and the semantic analysis in the step is, upwards use syntax analyzer that the message of sending into nework analysis module is carried out syntactic analysis at each protocol layer successively from the bottom of described protocol stack, and the parse tree that obtains passed to session manager, by session manager the semantic analyzer that parse tree is distributed to session manager reception and transmission two ends is carried out semantic analysis, syntax analyzer and semantic analyzer are respectively with the last layer transmission to described protocol stack of remaining message and semantic analysis result, carry out said process once more by last layer, up to the application layer that arrives protocol stack, when the top of protocol stack or end of message, the application layer message is sent into described protocol analysis module carry out protocol analysis, obtain analysis result simultaneously the message of sending into nework analysis module.
13. the detection method according to the described portable electric power communication protocol detector of claim 12 is characterized in that: when the described the 2nd) analytical system is carried out initialization in the step, also load statistical analysis module; Also include the 7th) step, described nework analysis module and protocol analysis module are given statistical analysis module with analysis result and are carried out statistical analysis, described statistical analysis is that the value with the part message structure in the analysis result extracts the formation chart, the value that will extract behind at least two frame messages is carried out computing and relatively and form statistics, and statistics is sent to display interface.
14. the detection method according to the described portable electric power communication protocol detector of claim 13 is characterized in that: described syntactic analysis model file and semantic analysis model file are pre-if the scene imports in the described protocol analysis module by loader.
15. the detection method according to the described portable electric power communication protocol detector of claim 14 is characterized in that: when the described the 2nd) analytical system is carried out initialization in the step, also load logging modle; In the described step 4), described logging modle is sent to memory stores after the network analysis by analysis with the message that acquisition module reads.
16. the detection method according to the described portable electric power communication protocol detector of claim 15 is characterized in that: described dispatching management module is provided with message detectaphone and the parallel running parameter that changes serial processor according to described CONFIG.SYS.
17. detection method according to the described portable electric power communication protocol detector of claim 10, it is characterized in that: described general module is that described analytical system inside has only a protocol analysis module, and different stipulations identify by syntactic model file and semantic model file.
18 detection methods according to the described portable electric power communication protocol detector of claim 11 is characterized in that: described non-general module is that described analytical system inside has a plurality of protocol analysis modules, and different stipulations are identified by different protocol analysis modules.
19. detection method according to the described portable electric power communication protocol detector of claim 16, it is characterized in that: when described message detectaphone is non-Ethernet power communication link packet detectaphone, at first produce a frame Ethernet UDP message, then with the message of intercepting application layer as the UDP message.
CN2009101840180A 2009-07-31 2009-07-31 Portable Power Communication Protocol Detector and Its Detecting Method Expired - Fee Related CN101621430B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009101840180A CN101621430B (en) 2009-07-31 2009-07-31 Portable Power Communication Protocol Detector and Its Detecting Method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009101840180A CN101621430B (en) 2009-07-31 2009-07-31 Portable Power Communication Protocol Detector and Its Detecting Method

Publications (2)

Publication Number Publication Date
CN101621430A true CN101621430A (en) 2010-01-06
CN101621430B CN101621430B (en) 2011-11-23

Family

ID=41514487

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009101840180A Expired - Fee Related CN101621430B (en) 2009-07-31 2009-07-31 Portable Power Communication Protocol Detector and Its Detecting Method

Country Status (1)

Country Link
CN (1) CN101621430B (en)

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102394786A (en) * 2011-12-14 2012-03-28 武汉钢铁(集团)公司 Hand-held network protocol and threat analyzer
CN102636733A (en) * 2012-04-24 2012-08-15 珠海市鸿瑞软件技术有限公司 Portable network record analyzer
CN102710459A (en) * 2012-05-11 2012-10-03 许继集团有限公司 Site joint debugging system of automated system
CN103746459A (en) * 2014-01-21 2014-04-23 国家电网公司 Intelligent comparison method for main channel information and standby channel information of power dispatching automation system
CN104753734A (en) * 2013-12-31 2015-07-01 国网浙江省电力公司衢州供电公司 Method for automatically diagnosing remote-signaling data transmission failure of power grid energy manage system
CN105306262A (en) * 2015-09-30 2016-02-03 国网湖北省电力公司 Anomaly detection method based on power system protocol
CN105334777A (en) * 2015-11-26 2016-02-17 国网辽宁省电力有限公司大连供电公司 Serial port code message signal testing terminal strip
CN105354120A (en) * 2015-12-11 2016-02-24 国网安徽省电力公司淮北供电公司 SCD file document check device for intelligent substation
CN105842572A (en) * 2016-06-12 2016-08-10 重庆金美通信有限责任公司 Portable general comprehensive detector
CN106130994A (en) * 2016-07-01 2016-11-16 国网山东省电力公司博兴县供电公司 A kind of based on transformer station's hand-held source code translation all-in-one
CN106506207A (en) * 2016-10-27 2017-03-15 国网安徽省电力公司亳州供电公司 Power communication protocol monitor analysis method and system based on tree
CN106790035A (en) * 2016-12-15 2017-05-31 郑州云海信息技术有限公司 A kind of protocol analysis device, method and system
CN107171886A (en) * 2017-05-03 2017-09-15 广州供电局有限公司 The detection device and detection method of network storm
CN107508706A (en) * 2017-08-23 2017-12-22 国网安徽省电力公司蚌埠供电公司 A kind of portable power equipment communication lane testing flat-plate special computer
CN108964278A (en) * 2018-07-27 2018-12-07 贵州电网有限责任公司六盘水供电局 A kind of telemechanical apparatus intelligent regulator analyzer
CN109309600A (en) * 2018-09-29 2019-02-05 广东电网有限责任公司 A detection device and method for network communication fault in substation
CN109510785A (en) * 2018-12-27 2019-03-22 杭州迪普科技股份有限公司 A kind of method and apparatus of mirror image message
CN110266104A (en) * 2019-06-10 2019-09-20 许昌许继软件技术有限公司 An Embedded Power System Intelligent Integrated Terminal
CN110377554A (en) * 2019-07-27 2019-10-25 北京永佳消防技术有限公司 A kind of multi-protocol data integral communication device and method based on serial communication
CN110426971A (en) * 2019-06-26 2019-11-08 北京全路通信信号研究设计院集团有限公司 Rail transit control network data acquisition and management method and system
CN113794278A (en) * 2021-08-27 2021-12-14 国网上海市电力公司 A distribution automation message monitoring device

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102394786A (en) * 2011-12-14 2012-03-28 武汉钢铁(集团)公司 Hand-held network protocol and threat analyzer
CN102636733A (en) * 2012-04-24 2012-08-15 珠海市鸿瑞软件技术有限公司 Portable network record analyzer
CN102710459A (en) * 2012-05-11 2012-10-03 许继集团有限公司 Site joint debugging system of automated system
CN102710459B (en) * 2012-05-11 2015-03-25 许继电气股份有限公司 Site joint debugging system of automated system
CN104753734A (en) * 2013-12-31 2015-07-01 国网浙江省电力公司衢州供电公司 Method for automatically diagnosing remote-signaling data transmission failure of power grid energy manage system
CN104753734B (en) * 2013-12-31 2019-08-30 国网浙江省电力公司衢州供电公司 A method for automatically diagnosing remote signaling data transmission faults in EMS systems of power grids
CN103746459A (en) * 2014-01-21 2014-04-23 国家电网公司 Intelligent comparison method for main channel information and standby channel information of power dispatching automation system
CN103746459B (en) * 2014-01-21 2015-10-28 国家电网公司 Electric power scheduling automatization system primary channel information intelligent comparison method
CN105306262A (en) * 2015-09-30 2016-02-03 国网湖北省电力公司 Anomaly detection method based on power system protocol
CN105334777A (en) * 2015-11-26 2016-02-17 国网辽宁省电力有限公司大连供电公司 Serial port code message signal testing terminal strip
CN105354120A (en) * 2015-12-11 2016-02-24 国网安徽省电力公司淮北供电公司 SCD file document check device for intelligent substation
CN105842572B (en) * 2016-06-12 2019-02-05 重庆金美通信有限责任公司 Portable general comprehensive detector
CN105842572A (en) * 2016-06-12 2016-08-10 重庆金美通信有限责任公司 Portable general comprehensive detector
CN106130994A (en) * 2016-07-01 2016-11-16 国网山东省电力公司博兴县供电公司 A kind of based on transformer station's hand-held source code translation all-in-one
CN106506207A (en) * 2016-10-27 2017-03-15 国网安徽省电力公司亳州供电公司 Power communication protocol monitor analysis method and system based on tree
CN106790035A (en) * 2016-12-15 2017-05-31 郑州云海信息技术有限公司 A kind of protocol analysis device, method and system
CN107171886A (en) * 2017-05-03 2017-09-15 广州供电局有限公司 The detection device and detection method of network storm
CN107508706A (en) * 2017-08-23 2017-12-22 国网安徽省电力公司蚌埠供电公司 A kind of portable power equipment communication lane testing flat-plate special computer
CN108964278A (en) * 2018-07-27 2018-12-07 贵州电网有限责任公司六盘水供电局 A kind of telemechanical apparatus intelligent regulator analyzer
CN109309600A (en) * 2018-09-29 2019-02-05 广东电网有限责任公司 A detection device and method for network communication fault in substation
CN109510785A (en) * 2018-12-27 2019-03-22 杭州迪普科技股份有限公司 A kind of method and apparatus of mirror image message
CN110266104A (en) * 2019-06-10 2019-09-20 许昌许继软件技术有限公司 An Embedded Power System Intelligent Integrated Terminal
CN110426971A (en) * 2019-06-26 2019-11-08 北京全路通信信号研究设计院集团有限公司 Rail transit control network data acquisition and management method and system
CN110426971B (en) * 2019-06-26 2021-07-20 北京全路通信信号研究设计院集团有限公司 Rail transit control network data acquisition and management method and system
CN110377554A (en) * 2019-07-27 2019-10-25 北京永佳消防技术有限公司 A kind of multi-protocol data integral communication device and method based on serial communication
CN113794278A (en) * 2021-08-27 2021-12-14 国网上海市电力公司 A distribution automation message monitoring device

Also Published As

Publication number Publication date
CN101621430B (en) 2011-11-23

Similar Documents

Publication Publication Date Title
CN101621430A (en) Portable electric power communication protocol detector and detection method thereof
CN102164058A (en) IEC61850 standard transformer substation based communication network and system test method
CN102142720B (en) Network communication recorder and network communication record analysis system
CN102901881B (en) On-site debugging method for digital substation
CN102288879B (en) Ultrasonic detection device for partial discharge of switchgear based on wireless network
CN105553110A (en) Intelligent substation portable fault recording and message detecting device
CN106953749B (en) Intelligent substation process level network real-time monitoring method
CN104979908B (en) Substation network online failure analysis method
WO2015024497A1 (en) Intelligent substation network sampling and control link self-diagnosis method
WO2014090025A1 (en) On-line and off-line integrated analysis and testing method for smart substation
CN113507436B (en) Power grid embedded terminal fuzzy test method aiming at GOOSE protocol
CN103312037A (en) Device and method for testing pressure of intelligent substation
CN105262210A (en) System and method for analysis and early warning of substation network security
CN108683578B (en) In-place device ring network communication test method and test system
CN104038383A (en) Switch based process level network message analysis method
CN104502753A (en) Networked on-line real-time analysis system for electric power fault recording device and application of system
CN102325036A (en) Fault diagnosis method for network system, system and device
CN106921522B (en) Intelligent substation network message recording and analysis device Networking information model detection device
CN110275509A (en) A kind of energy-accumulating power station test of supervisor method and system
CN110174564A (en) The filed detection system and its detection method of equipment for monitoring power quality access main website
CN107241241A (en) A kind of Network records analytical equipment performance test methods
CN201504122U (en) Portable power communication protocol detector
CN112543123B (en) Industrial automatic control system safety protection and early warning system
CN109361267A (en) Fault recording network system
CN112737878A (en) Station control layer switch testing system and testing method of hybrid communication capability and port mirror image bearing capacity thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C53 Correction of patent for invention or patent application
CB03 Change of inventor or designer information

Inventor after: Wang Yan

Inventor after: Che Haojun

Inventor after: An Jianfeng

Inventor after: Hu Yongchun

Inventor after: Qiu Jianzhou

Inventor after: Zhu Zhongyang

Inventor after: Huang Yangkun

Inventor after: Zhang Shiping

Inventor after: Jin Naizheng

Inventor after: Xu Weiguo

Inventor after: Wang Jinyan

Inventor before: Wang Yan

Inventor before: Che Haojun

Inventor before: An Jianfeng

Inventor before: Hu Yongchun

Inventor before: Cheng Huaming

Inventor before: Zhu Zhongyang

Inventor before: Huang Yangkun

Inventor before: Zhang Shiping

Inventor before: Jin Naizheng

Inventor before: Xu Weiguo

Inventor before: Wang Jinyan

COR Change of bibliographic data

Free format text: CORRECT: INVENTOR; FROM: WANG YAN HU YONGCHUN CHENG HUAMING ZHU ZHONGYANG HUANG YANG KUN ZHANG SHIPING JIN NAIZHENG XU WEIGUO WANG JINYAN CHE HAOJUN AN JIANFENG TO: WANG YAN HU YONGCHUN QIU JIANZHOU ZHU ZHONGYANG HUANG YANG KUN ZHANG SHIPING JIN NAIZHENG XU WEIGUO WANG JINYAN CHE HAOJUN AN JIANFENG

C14 Grant of patent or utility model
GR01 Patent grant
EE01 Entry into force of recordation of patent licensing contract

Assignee: China Power New Energy Smart Grid Technology Co., Ltd.

Assignor: Nanjing Billiton Electric Power Technology Development Co., Ltd.|Shaoxing Power Bureau|Shaoxing power equipment company

Contract record no.: 2012320000728

Denomination of invention: Portable electric power communication protocol detector and detection method thereof

Granted publication date: 20111123

License type: Exclusive License

Open date: 20100106

Record date: 20120607

ASS Succession or assignment of patent right

Owner name: SHAOXING POWER BUREAU SHAOXING ELECTRIC POWER COMP

Free format text: FORMER OWNER: SHAOXING POWER BUREAU SHAOXING ELECTRIC POWER COMPLETE EQUIPMENT CO.

Effective date: 20130104

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20130104

Address after: Xuanwu District of Nanjing City, Jiangsu province 210000 Houzaimen Buddha Bridge No. 37

Patentee after: Nanjing Tuowei Electric Power Technology Development Co., Ltd.

Patentee after: Shaoxing Power Bureau

Patentee after: Shaoxing Electric Power Complete Equipment Co.

Patentee after: State Grid Corporation of China

Address before: Xuanwu District of Nanjing City, Jiangsu province 210000 Houzaimen Buddha Bridge No. 37

Patentee before: Nanjing Tuowei Electric Power Technology Development Co., Ltd.

Patentee before: Shaoxing Power Bureau

Patentee before: Shaoxing Electric Power Complete Equipment Co.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20111123

Termination date: 20170731