CN105978731A - Method and device suitable for information security protection for industrial intelligent instruments - Google Patents
Method and device suitable for information security protection for industrial intelligent instruments Download PDFInfo
- Publication number
- CN105978731A CN105978731A CN201610461576.7A CN201610461576A CN105978731A CN 105978731 A CN105978731 A CN 105978731A CN 201610461576 A CN201610461576 A CN 201610461576A CN 105978731 A CN105978731 A CN 105978731A
- Authority
- CN
- China
- Prior art keywords
- industrial intelligent
- industrial
- intelligent instrument
- instrument
- information security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0866—Checking the configuration
- H04L41/0869—Validating the configuration within one network element
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
Abstract
The invention discloses a method and a device suitable for information security protection for industrial intelligent instruments, relates to the technical field of industrial control, and aims at filling up the defect of absence of an information security protection function in the existing industrial instrument management. A technical scheme adopted by the invention is as follows, the method comprises steps: a step 1: building communication with the industrial intelligent instrument; a step 2: sending a data packet reading instruction to the industrial intelligent instrument; a step 3: receiving data packets returned back by the industrial intelligent instrument; a step 4: analyzing the data packets, and extracting a production ID number and configuration information of the industrial intelligent instrument from the data packets; and a step 5: comparing the configuration information with pre-stored configuration default information of the industrial intelligent instrument, and giving an alarm when the comparison result is that the configuration information is different from the configuration default information.
Description
Technical field
The present invention relates to technical field of industrial control, a kind of method being applicable to industrial intelligent meter information security protection.
Background technology
" China's intelligence makes 2025 " development outline along with " industry 4.0 " concepts in 2013 and China's proposition in 2015, industrial intelligent instrument based on information physical system is more and more applied in industrial control system, the most most popular intelligence instrument being to use Hart agreement, the almost all kinds of Industry Control field instrument such as including pressure transmitter, effusion meter, temperature transmitter and radar level gauge.
Hart agreement is to use frequency shift keying technology based on Bell202 communication standard, and on instrument standard analog signal output, one frequency signal of superposition realizes digital communication.Analogue signal then provides other meter information such as calibration, configuration, diagnosis to industrial control system transmitting procedure variable, digital signal.
At present, the method for industrial intelligent instrument detection has a following two kinds:
(1) DCS system (industrial control system in industrial control network) is accessed with analog signal form;
(2) DCS system is accessed with digital signal form.
Wherein, industrial intelligent instrument uses analog quantity mode to access the principle of DCS system to be: industrial intelligent instrument has signal to be connected with Hart handheld operation utensil, industrial intelligent instrument also with DCS system communication.As shown in Figure 1.
Hart handheld operation device is that traditional function and the HART communication function of multifunctional check are combined, the normal procedure intelligent instrument check including voltage, electric current, thermocouple, pressure can be completed, can be provided for and all main flow HART intelligence instrument communications, for the industrial intelligent instrument of maintenance support Hart communication protocol, and complete all meter locale verification debugging efforts.
Hart handheld operation device is used for being corrected the output of industrial intelligent instrument, industrial intelligent instrument semaphore after DCS system output calibration.
The principle that industrial intelligent instrument uses digital signal to access DCS system is, industrial intelligent instrument is connected with the server that can store data in DCS system, both communicate with Hart communication protocol, and output signal is exported to DCS system by industrial intelligent instrument with the form of digital signal.Be connected with server also has engineer station's (PC etc.), it is simple to engineer reads the data of industrial intelligent instrument and is analyzed and manages.As shown in Figure 2.
There is not protecting information safety function in visible existing industrial intelligent instrument management.
Summary of the invention
The technical problem to be solved is: for the problem of above-mentioned existence, it is provided that a kind of method being applicable to industrial intelligent meter information security protection.
The technical solution used in the present invention is as follows, including:
Step 1: set up with industrial intelligent instrument and communicate;
Step 2: send read data packet instruction to industrial intelligent instrument;
Step 3: receive the packet that industrial intelligent instrument returns;
Step 4: resolve described packet, extracts No. ID and the configuration information of dispatching from the factory of industrial intelligent instrument therein;
Step 5: by the allocating default information comparison of described configuration information with this industrial intelligent instrument prestored, when comparison result is not for being simultaneously emitted by reporting to the police.
Further, described industrial intelligent instrument supports Hart communication protocol;
In step 1, communicate according to Hart communication protocol with industrial intelligent instrument;
In step 4, resolve described packet according to Hart communication protocol.
Further, in described step 5, when comparison result is difference, the information security state of intelligence instrument is sent to management work station.
Further, described industrial intelligent instrument has signal with the industrial control unit (ICU) in industrial control network and is connected.
Further, described industrial intelligent instrument also has signal with Hart handheld manipulator and is connected.
Present invention also offers a kind of and said method step floppy disk system one to one.Comprising:
Communication unit, communicates for setting up with industrial intelligent instrument;
Data packet request unit, for sending read data packet instruction to industrial intelligent instrument;
Packet receives unit, for receiving the packet that industrial intelligent instrument returns;
Configuration information acquiring unit, is used for resolving described packet, extracts No. ID and the configuration information of dispatching from the factory of industrial intelligent instrument therein;
Safe condition detector unit, for by the allocating default information comparison of described configuration information with this industrial intelligent instrument prestored, when comparison result is not for being simultaneously emitted by reporting to the police.
Further, described industrial intelligent instrument supports Hart communication protocol;
Communication unit is for communicating according to Hart communication protocol with industrial intelligent instrument;
Configuration information acquiring unit is for resolving described packet according to Hart communication protocol.
Further, safe condition detector unit is additionally operable to when comparison result is difference the information security state of intelligence instrument is sent to management work station.
In sum, owing to have employed technique scheme, the invention has the beneficial effects as follows:
The present invention is applicable to put into the protecting information safety of industrial intelligence instrument, the Hart information data of correlate meter can be resolved, it is applicable to a large amount of industrial intelligent instrument, realize functions such as the on-the-spot online acquisition of Hart intelligence instrument information, meter information safety state analysis, analyze intelligence instrument information security state, thering is provided intelligence instrument protecting information safety function, reduce field instrument maintenance cost, safety improves the safety and reliability of industrial intelligent instrument.
Accompanying drawing explanation
Examples of the present invention will be described by way of reference to the accompanying drawings, wherein:
Fig. 1 is that in prior art, industrial intelligent instrument uses analog quantity mode to access the theory diagram of DCS system.
Fig. 2 is that in prior art, industrial intelligent instrument uses digital quantity mode to access the theory diagram of DCS system.
Fig. 3 is the inventive method flow chart.
Detailed description of the invention
All features disclosed in this specification, or disclosed all methods or during step, in addition to mutually exclusive feature and/or step, all can combine by any way.
Any feature disclosed in this specification, unless specifically stated otherwise, all can be by other equivalences or there is the alternative features of similar purpose replaced.I.e., unless specifically stated otherwise, an example during each feature is a series of equivalence or similar characteristics.
As it is shown on figure 3, the inventive method may operate on a mobile intelligent terminal, such as panel computer, notebook computer etc., an embodiment include:
Step 1: the inventive method is run terminal and communicates with the foundation of industrial intelligent instrument;
Step 2: send read data packet instruction to industrial intelligent instrument;
Step 3: receive the packet that industrial intelligent instrument returns;
Step 4: resolve described packet, extracts No. ID and the configuration information of dispatching from the factory of industrial intelligent instrument therein.For industrial intelligent instrument, unique No. ID of the Shi Douyou that dispatches from the factory, and some configuration informations, these configuration informations will not be modified under normal circumstances, and when occurring that the network information security is attacked, these configuration informations can be modified.The present invention is through detecting the configuration information information security state that detect this instrument the most different from factory-default in industrial intelligent instrument.
Step 5: terminal local storage has No. ID and the configuration information default value of correspondence of on-the-spot each industrial intelligent instrument.When after the configuration information extracting a certain industrial intelligent instrument, by its allocating default information comparison with this industrial intelligent instrument prestored, when comparison result is not for being simultaneously emitted by reporting to the police.
In a preferred embodiment, industrial intelligent instrument supports Hart communication protocol, and most industry intelligence instrument is all to support Hart communication protocol actually at present.
In the step 1 of the present embodiment, terminal communicates according to Hart communication protocol with industrial intelligent instrument;
In step 4, resolve described packet according to Hart communication protocol.
In another embodiment, step 5 also includes, when comparison result is difference, the information security state of intelligence instrument is sent to management work station.
Above-mentioned industrial intelligent instrument has signal with the industrial control unit (ICU) DCS in industrial control network and is connected, and is used for transferring data to DCS system.In general, industrial intelligent instrument also has signal to be connected with Hart handheld operation utensil.Industrial intelligent instrumented data can be calibrated by Hart handheld operation device, and the data that such industrial intelligent instrument exports to DCS system are more accurate.
The invention is not limited in aforesaid detailed description of the invention.The present invention expands to any new feature disclosed in this manual or any new combination, and the arbitrary new method that discloses or the step of process or any new combination.
Claims (10)
1. the method being applicable to industrial intelligent meter information security protection, it is characterised in that including:
Step 1: set up with industrial intelligent instrument and communicate;
Step 2: send read data packet instruction to industrial intelligent instrument;
Step 3: receive the packet that industrial intelligent instrument returns;
Step 4: resolve described packet, extracts No. ID and the configuration information of dispatching from the factory of industrial intelligent instrument therein;
Step 5: by the allocating default information comparison of described configuration information with this industrial intelligent instrument prestored, when comparison result is not for being simultaneously emitted by reporting to the police.
A kind of method being applicable to industrial intelligent meter information security protection the most according to claim 1, it is characterised in that described industrial intelligent instrument supports Hart communication protocol;
In step 1, communicate according to Hart communication protocol with industrial intelligent instrument;
In step 4, resolve described packet according to Hart communication protocol.
A kind of method being applicable to industrial intelligent meter information security protection the most according to claim 1, it is characterised in that in described step 5, is sent to management work station when comparison result is difference by the information security state of intelligence instrument.
A kind of method being applicable to industrial intelligent meter information security protection the most according to claim 1, it is characterised in that described industrial intelligent instrument has signal with the industrial control unit (ICU) in industrial control network and is connected.
A kind of method being applicable to industrial intelligent meter information security protection the most according to claim 1, it is characterised in that described industrial intelligent instrument also has signal with Hart handheld manipulator and is connected.
6. the device being applicable to industrial intelligent meter information security protection, it is characterised in that including:
Communication unit, communicates for setting up with industrial intelligent instrument;
Data packet request unit, for sending read data packet instruction to industrial intelligent instrument;
Packet receives unit, for receiving the packet that industrial intelligent instrument returns;
Configuration information acquiring unit, is used for resolving described packet, extracts No. ID and the configuration information of dispatching from the factory of industrial intelligent instrument therein;
Safe condition detector unit, for by the allocating default information comparison of described configuration information with this industrial intelligent instrument prestored, when comparison result is not for being simultaneously emitted by reporting to the police.
A kind of device being applicable to industrial intelligent meter information security protection the most according to claim 6, it is characterised in that described industrial intelligent instrument supports Hart communication protocol;
Communication unit is for communicating according to Hart communication protocol with industrial intelligent instrument;
Configuration information acquiring unit is for resolving described packet according to Hart communication protocol.
A kind of device being applicable to industrial intelligent meter information security protection the most according to claim 6, it is characterised in that safe condition detector unit is additionally operable to when comparison result is difference the information security state of intelligence instrument is sent to management work station.
A kind of device being applicable to industrial intelligent meter information security protection the most according to claim 6, it is characterised in that described industrial intelligent instrument has signal with the industrial control unit (ICU) in industrial control network and is connected.
A kind of device being applicable to industrial intelligent meter information security protection the most according to claim 6, it is characterised in that described industrial intelligent instrument also has signal with Hart handheld manipulator and is connected.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610461576.7A CN105978731B (en) | 2016-06-23 | 2016-06-23 | A kind of method and device suitable for industrial intelligent meter information security protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610461576.7A CN105978731B (en) | 2016-06-23 | 2016-06-23 | A kind of method and device suitable for industrial intelligent meter information security protection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105978731A true CN105978731A (en) | 2016-09-28 |
| CN105978731B CN105978731B (en) | 2018-12-21 |
Family
ID=57022279
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610461576.7A Active CN105978731B (en) | 2016-06-23 | 2016-06-23 | A kind of method and device suitable for industrial intelligent meter information security protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105978731B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102223403A (en) * | 2011-06-03 | 2011-10-19 | 常州大学 | Intelligent instrument online-diagnosis and management system based on wireless HART (Highway Addressable Remote Transducer) protocol |
| CN103970100A (en) * | 2014-05-08 | 2014-08-06 | 浙江中烟工业有限责任公司 | Multi-protocol reconfigurable bus-based instrument experiment system |
| CN103986570A (en) * | 2014-04-10 | 2014-08-13 | 深圳清华大学研究院 | Safe data transmission method of smart instrument system |
-
2016
- 2016-06-23 CN CN201610461576.7A patent/CN105978731B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102223403A (en) * | 2011-06-03 | 2011-10-19 | 常州大学 | Intelligent instrument online-diagnosis and management system based on wireless HART (Highway Addressable Remote Transducer) protocol |
| CN103986570A (en) * | 2014-04-10 | 2014-08-13 | 深圳清华大学研究院 | Safe data transmission method of smart instrument system |
| CN103970100A (en) * | 2014-05-08 | 2014-08-06 | 浙江中烟工业有限责任公司 | Multi-protocol reconfigurable bus-based instrument experiment system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105978731B (en) | 2018-12-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2017000424A1 (en) | Protocol detection method and apparatus | |
| CN106597947A (en) | Substation equipment test method and system, server and tester | |
| WO2015149596A1 (en) | Iec61850-based communication simulation method for leakage current on-line monitoring device | |
| CN103401930A (en) | Web Service-based industrial monitoring method and device | |
| CN106301624A (en) | A kind of distribution terminal GPRS wireless data transmission time delay automatic test approach | |
| WO2015149595A1 (en) | Iec61850-based communication simulation method for insulation on-line monitoring device | |
| CN102780592A (en) | Methods and systems for detecting compatibility issues within an electrical grid control system | |
| CN103595706A (en) | Temperature sensing data universal server and communication method of temperature sensing data universal server | |
| CN110535972B (en) | Centralized control and communication system, equipment and readable storage medium for platform gas detection equipment | |
| CN104765024A (en) | Onboard radar jamming automatic detection system | |
| CN105978731A (en) | Method and device suitable for information security protection for industrial intelligent instruments | |
| KR20210092452A (en) | Test device for MODBUS RTU system | |
| CN202931564U (en) | Mobile internet technology based terminal of Internet of Things | |
| CN103530681B (en) | System and method for detecting mining product information | |
| CN110572296A (en) | Internet of things terminal equipment communication protocol consistency safety detection method | |
| CN109862511A (en) | Fence area monitoring method, device and computer readable storage medium | |
| CN115576831A (en) | Test case recommendation method, device, equipment and storage medium | |
| CN112612663B (en) | Method for reversely solving 1553B bus ICD | |
| CN204231030U (en) | A kind of transmission fault detector and automation system for the power network dispatching | |
| CN103413416A (en) | Intelligent meter reading system and method | |
| CN111026726A (en) | Method and system for comparing different versions of SCD file of intelligent substation and storage medium | |
| CN112882915A (en) | Object binding-based monitoring measuring point misconnection automatic detection method | |
| CN112187946A (en) | Internet of things sensing equipment evaluation system and method | |
| CN106021649A (en) | A model configuration detector used for a virtual circuit verifying platform and a control method | |
| CN105228138A (en) | A kind of safety detecting method of Wireless Communication Equipment and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |