Summary of the invention
One of purpose of the present invention is at above-mentioned deficiency, a kind of Internet of Things intelligent electric energy meter information security management module is provided, information security management with various types of Internet of Things intelligent electric energy meters and management system thereof in the expectation solution prior art can not get problems such as assurance, thereby eliminates the risk of information security management in Utilities Electric Co.'s operation.
For solving above-mentioned technical problem, the present invention by the following technical solutions:
A kind of Internet of Things intelligent electric energy meter information security management module provided by the present invention, described information security management module comprises processor, first data-interface, second data-interface and FLASH memory, described processor inserts first data-interface, second data-interface and FLASH memory respectively, wherein:
Described first data-interface be used for to be carried out the Internet of Things intelligent electric energy meter and is communicated by letter with the unique data of data transmission module, and transmits it to processor when coming from the external data that data transmission module receives from Internet of Things receiving;
Described FLASH memory is used for control and the documentor of storage information security management module;
Described second data-interface is used for carrying out the data communication between processor and the Internet of Things intelligent electric energy meter terminal master controller, and described Internet of Things intelligent electric energy meter terminal master controller is used for carrying out the operation of corresponding table end according to the instruction of processor;
Described processor is used for when receiving the external data that comes from first data-interface, the Internet of Things remote control terminal that sends external data is carried out authentication, judge whether to obtain the encrypted packets in this external data, and send corresponding operational order by second data-interface to Internet of Things intelligent electric energy meter terminal master controller according to the affairs that comprise in the data.
As preferably, further technical scheme is: described processor is used for when receiving the external data that comes from first data-interface, according to external data the Internet of Things remote control terminal is carried out authentication, when authentication result is judged as when legal, then encrypted packets is decrypted and completeness check, on the contrary the initial condition that then resets;
After data integrity verifying passes through, the validity of data is verified, on the contrary the initial condition that then resets;
After Validation of Data is passed through, the affairs that comprise in the data are carried out preliminary treatment, and from Internet of Things intelligent electric energy meter terminal master controller, obtain corresponding return information by second data-interface, described return information is encrypted the back return to data transmission module by first data-interface, after effectively being confirmed, then the preliminary treatment result is approved and stored relevant operation information, and instructed to the transmit operation of Internet of Things intelligent electric energy meter terminal master controller; Otherwise then abandon the preliminary treatment result or make caching process.
Further technical scheme is: preset protocols limit condition and a plurality of different cipher key procedures in the described FLASH memory, be used in the information security management module respectively when different Internet of Things remote control terminal carries out exchanges data, processor is compared according to a plurality of cipher key procedures that preset in the encryption key of external data and the FLASH memory, thereby the identity of authentication Internet of Things remote control terminal, and after encrypted packets deciphering and completeness check pass through, according to the validity of protocols limit condition verification msg under current identity, judge whether the affairs in the data are carried out preliminary treatment;
Described first data-interface also inserts the IC-card information exchange module, be used for transmitting it to when receiving the external data that comes from the IC-card information exchange module processor, processor is carried out the verification identical with the external data that comes from data transmission module to described external data.
Further technical scheme is: also comprise eeprom memory in the described information security management module, described eeprom memory also inserts processor, be used for storage of processor to the associative operation information of Internet of Things intelligent electric energy meter terminal master controller, and processor is to the preliminary treatment result of affairs in the external data.
Further technical scheme is: described processor is for carrying out central processing unit or the single-chip microcomputer of cryptographic algorithm; Described data transmission module is network communication module or bus communication module.
Further technical scheme is: described first data-interface is network communication interface or bus interface.
Further technical scheme is: described network communication interface is at least any one in the middle of RF module interface, Zigbee module interface, WiFi module interface, bluetooth module interface or Optical Fiber Transmission interface, data wire coffret, the power line transmission interface; Described bus interface is at least any one in the middle of the Mbus bus interface, RS485 bus interface, CAN bus interface.
Further technical scheme is: described second data-interface is at least any one in the middle of USART serial line interface, SPI serial line interface or the I2C serial line interface.
Further technical scheme is: described information security management module also comprises encrypting module, described encrypting module inserts processor, be used for the multistage encryption and decryption to information security management module and Internet of Things remote control terminal, Internet of Things intelligent electric energy meter terminal master controller exchanges data, and the data encryption key that auxiliary processor obtains the Internet of Things remote control terminal carries out authentication.
Further technical scheme is: described encrypting module is by the Advanced Encryption Standard in the AES(cryptography, the abbreviation of English Advanced Encryption Standard) or the triple DEAs of 3DES(, mode English Triple Data Encryption Algorithm) is carried out data encrypting and deciphering.
Compared with prior art, one of beneficial effect of the present invention is: the information security management module is carried out authentication when carrying out exchanges data by data transmission module and Internet of Things remote control terminal, guaranteed the legitimacy of both communication, Internet of Things intelligent electric energy meter terminal master controller must could communicate with the outside by the information security management module; Utilize different keys can realize the authority setting of Utilities Electric Co.'s differentiated control, and adopt 3DES/AES multi-level encryption mode, make that the fail safe of key is higher, and upgrading key can download cause for gossip by the program on the information security management module time, avoid key to leak the risk of bringing; By built-in data verifying program, guarantee that the data of transmission are true, accurate, complete.A kind of Internet of Things intelligent electric energy meter information security management modular structure provided by the present invention is simple simultaneously, can embed in various types of Internet of Things intelligent electric energy meters, by multiple communication transmission technology and the compatible Internet of Things intelligent electric energy meter of bus interface terminal master controller, there is no and sew up into the power supply management system, realize that the Internet of Things intelligent electric energy meter disperses to make, unified management, range of application is wide, and guarantee the independence of Utilities Electric Co. in electric energy meter control, and be not subjected to extraneous restriction.
Embodiment
The present invention is further elaborated below in conjunction with accompanying drawing.
With reference to shown in Figure 1, one embodiment of the present of invention are a kind of Internet of Things intelligent electric energy meter information security management modules, described information security management module comprises processor, first data-interface, second data-interface and FLASH memory, described processor inserts first data-interface, second data-interface and FLASH memory respectively, wherein:
The effect of above-mentioned first data-interface is to carry out the Internet of Things intelligent electric energy meter to communicate by letter with the unique data of data transmission module, and transmits it to processor when coming from the external data that data transmission module receives from Internet of Things receiving;
The effect of above-mentioned FLASH memory is control and the documentor in the storage information security management module;
With reference to shown in Figure 2, the effect of above-mentioned second data-interface is the data communication of carrying out between processor and the Internet of Things intelligent electric energy meter terminal master controller, and the effect of Internet of Things intelligent electric energy meter terminal master controller is to carry out the operation of respective table end according to the instruction of processor;
The effect of above-mentioned processor is when receiving the external data that comes from first data-interface, the Internet of Things remote control terminal that sends external data is carried out authentication, judge whether to obtain encrypted packets in this external data, and send corresponding operational order by second data-interface to Internet of Things intelligent electric energy meter terminal master controller according to the affairs that comprise in the data.
According to above-mentioned technical scheme as can be known, the technical problem that present embodiment solves is the information security management module by above-mentioned composition structure, carrying out data between multistage transmission equipment in Internet of Things intelligent electric energy meter terminal master controller and Internet of Things, the Internet of Things remote control terminal transmits, and when transmitting, authenticated and encryption and decryption, thereby cooperate Utilities Electric Co. that the intelligent electric energy meter of terminal is managed, to eliminate the risk of information security management in Utilities Electric Co.'s operation.
And the information security management module of the Oscillator module shown in Fig. 1 and pin XIN, XOUT provides clock signal; The RAM memory is used for the operating ephemeral data of memory module; VCC and VSS two pins provide working power for the information security management module, and this power supply should be continued power and can not being provided by Internet of Things intelligent electric energy meter terminal master controller pin.
Again with reference to shown in Figure 1, be used for the embodiment that the technical solution problem is more preferably in the present invention, the concrete mode of a kind of above-mentioned processor to the authentication of Internet of Things remote control terminal and affairs execution is provided, namely when processor receives the external data that comes from first data-interface, according to external data the Internet of Things remote control terminal is carried out authentication, when authentication result is judged as when legal, then encrypted packets is decrypted and completeness check, on the contrary the initial condition that then resets;
After data integrity verifying passes through, the validity of data is verified, on the contrary the initial condition that then resets;
After Validation of Data is passed through, the affairs that comprise in the data are carried out preliminary treatment, and from Internet of Things intelligent electric energy meter terminal master controller, obtain corresponding return information by second data-interface, described return information is encrypted the back return to data transmission module by first data-interface, after effectively being confirmed, then the preliminary treatment result is approved and stored relevant operation information, and instructed to the transmit operation of Internet of Things intelligent electric energy meter terminal master controller; Otherwise then abandon the preliminary treatment result or make caching process, namely do not receive the affirmation result of data transmission module in the predefined time, for example do not receive the affirmation information of data transmission module in three minutes, initial condition then resets; Aforesaid caching process refers to the preliminary treatment object command is kept in, and when processor is waken up and receives the affirmation information of data transmission module again, then instructs to the transmit operation of Internet of Things intelligent electric energy meter terminal master controller in the same way.
The affairs from the authentication of Internet of Things remote control terminal to external data of external data in the present embodiment have also been comprised in the above-mentioned technical scheme by the performed whole flow process of processor, by the program setting of above-mentioned flow process, further strengthened in the information security management module receiving the fail safe of information and executing.And the above-mentioned processor reset initial condition of repeatedly mentioning, be the state of resetting processor before carrying out above-mentioned any one operation, for example to carry out the state of authentication before receiving external data be resting state to processor, when receiving that external data is waken up by resting state, but the authentication of Internet of Things remote control terminal is judged as when illegal, processor then recovers resting state, do not carry out any operation, the situation of processor reset also substantially as hereinbefore in other step, when authentication failed, processor can be stored operation note.The above-mentioned Internet of Things remote control terminal of mentioning is various communication object in the Internet of Things simultaneously, and different communication objects finally is connected to management system for selling power.
And it is same, in another embodiment of the present invention, for realizing the information security management module being managed by different rights, need in above-mentioned FLASH memory, to preset protocols limit condition and a plurality of different cipher key procedures, it act as in the information security management module respectively when different Internet of Things remote control terminal carries out exchanges data, processor is compared according to a plurality of cipher key procedures that preset in the encryption key of external data and the FLASH memory, thereby the identity of authentication Internet of Things remote control terminal, and after encrypted packets deciphering and completeness check pass through, according to the validity of protocols limit condition verification msg under current identity, judge whether the affairs in the data are carried out preliminary treatment;
With reference to shown in Figure 2, for satisfying at present the internal structure of Internet of Things electric energy meter mostly, above-mentioned first data-interface also inserts the IC-card information exchange module, be used for transmitting it to when receiving the external data that comes from the IC-card information exchange module processor, processor is carried out the verification identical with the external data that comes from data transmission module to described external data.
According to another embodiment of the present invention, mention as above-mentioned, buffer memory for ease of processor preliminary treatment result, in the information security management module, also relatively independent eeprom memory can be set, and eeprom memory also inserted processor, be used for storage of processor to the associative operation information of Internet of Things intelligent electric energy meter terminal master controller, processor is to the preliminary treatment result of affairs in the external data, and the failure record of processor checking, and in the FLASH memory, also be provided with other program that to be utilized by processor, after in a single day be processor be stored in the eeprom memory to the associative operation information of Internet of Things intelligent electric energy meter terminal master controller, with unsuppressible-suppression and modification, in order to make the running status of information security management module stay complete record.
Again with reference to shown in Figure 2, Internet of Things intelligent electric energy meter information security management module in above-described embodiment in actual applications, insert between Internet of Things intelligent electric meter terminal master controller and the data transmission module, and the internal structure of ammeter and existing Internet of Things intelligent electric meter are as good as, the Internet of Things intelligent electric meter itself contains multiple functional module, as pulse counter module, memory module, display module, relay control module, surplus reminding module etc., these modules are by being connected with Internet of Things intelligent electric meter terminal master controller, finish the correlation function of Internet of Things intelligent electric meter, measure as finish power consumption with pulse counter module, display module shows power consumption and dump energy, relay control module is as the power on/off switch, the surplus reminding module should be purchased electricity operation etc. as early as possible by buzzer prompting prompting user before purchasing electric weight is about to use up.
And according to above-mentioned principle, this Internet of Things intelligent electric meter information security management module is integrated being applied in the conventional Internet of Things intelligent electric meter directly, by upper strata multistage communication device and the networkings of Internet of Things remote control terminal constituent such as data acquisition unit, data concentrators, multistage dividing data zone, and then by carrying out the signal distribution and integrate in the Internet, guarantee the stability of signal transmission in the Internet of Things; And in addition, the improvement of going back adaptability is applied to other carries out telemanagement by electronic information metering device.
The processor that above-described embodiment is mentioned is the core of information security management module, be used for carrying out corresponding program and data encryption, in another embodiment of the present invention, above-mentioned processor is for directly adopting central processing unit or the single-chip microcomputer that can carry out cryptographic algorithm in the prior art, for example EFM32 etc.
Based on data communication mode required in above-described embodiment, the inventor is with reference to prior art, selected for use the transmission technology of part in the prior art to realize communicating by letter between processor and the interface, wherein data transmission module can adopt network communication module or bus communication module, and corresponding with aforesaid data transmission module, be used for carrying out unique first data-interface of communicating by letter with data transmission module in above-described embodiment and can adopt network communication interface or bus interface.
Further, above-mentioned network communication interface can adopt wireless or wired form, radio network interface can adopt one or more in the middle of RF module interface, Zigbee module interface, WiFi module interface and the bluetooth module interface, and wired network interface can adopt one or more in the middle of Optical Fiber Transmission interface, data wire coffret and the power line transmission interface; In the middle of the above-mentioned bus interface Mbus bus interface, RS485 bus interface, CAN bus interface one or more.
And it is corresponding, second data-interface that processor and Internet of Things intelligent electric energy meter terminal master controller communicate in above-described embodiment preferably is complementary with conventional master controller, serial line interfaces such as USART interface, SPI interface or I2C interface for example, with increase the information security management module integrated with intelligent electric energy meter on compatibility.
Again with reference to shown in Figure 1, fail safe for data encryption and deciphering in the administration module that further ensures information security, be preferably in its inside independently encrypting module is set, and with this independently encrypting module insert processor, be used for information security management module and Internet of Things remote control terminal, the multistage encryption and decryption of Internet of Things intelligent electric energy meter terminal master controller exchanges data, and the data encryption key that auxiliary processor obtains the Internet of Things remote control terminal carries out authentication, and with reference to the higher cipher mode of fail safe in the prior art, the preferred Advanced Encryption Standard that adopts in the AES(cryptography, the abbreviation of English Advanced Encryption Standard) or the triple DEAs of 3DES(, English Triple Data Encryption Algorithm) data of coming and going in the information security management module are carried out encryption and decryption.
Again with reference to shown in Figure 3, after the integrated above-mentioned information security management module of Internet of Things intelligent electric energy meter that a plurality of different vendors produce, outside all communication datas of electric energy meter are all by transmitting after the information security management module encryption and decryption, and the internal processes of information security management module is unique, therefore management system for selling power can be considered as terminal with the information security management module, by Internet of Things management intelligent electric energy meter, namely with the compatible various brands of a management system for selling power, the intelligent electric energy meter of type is managed concentratedly, effectively reduces Utilities Electric Co. to different brands in the zone, the difficulty of the intelligent electric energy meter integration management of type.As shown in Figure 3, the exchanges data path of Internet of Things intelligent electric energy meter and management system for selling power is: data by Internet network (the Internet), arrive management system for selling power by the upper strata multistage communication device.And table end equipment user is by Internet access to netwoks intelligent electric energy meter total management system.
Except above-mentioned, also need to prove " embodiment ", " another embodiment " that speak of in this manual, " embodiment " etc., refer to concrete feature, structure or the characteristics described in conjunction with this embodiment and be included among at least one embodiment that the application's generality describes.A plurality of local appearance statement of the same race is not necessarily to refer to same embodiment in specification.Furthermore, when describing a concrete feature, structure or characteristics in conjunction with arbitrary embodiment, what advocate is to realize that in conjunction with other embodiment this feature, structure or characteristics also fall within the scope of the invention.
Although invention has been described with reference to a plurality of explanatory embodiment of the present invention here, but, should be appreciated that those skilled in the art can design a lot of other modification and execution modes, these are revised and execution mode will drop within the disclosed principle scope and spirit of the application.More particularly, in the scope of, accompanying drawing open in the application and claim, can carry out multiple modification and improvement to building block and/or the layout of subject combination layout.Except modification that building block and/or layout are carried out with improving, to those skilled in the art, other purposes also will be tangible.