CN106205090A - A kind of electric power network real-time monitoring system and control method thereof - Google Patents
A kind of electric power network real-time monitoring system and control method thereof Download PDFInfo
- Publication number
- CN106205090A CN106205090A CN201610579141.2A CN201610579141A CN106205090A CN 106205090 A CN106205090 A CN 106205090A CN 201610579141 A CN201610579141 A CN 201610579141A CN 106205090 A CN106205090 A CN 106205090A
- Authority
- CN
- China
- Prior art keywords
- acquisition terminal
- wireless data
- data acquisition
- control centre
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000012544 monitoring process Methods 0.000 title claims abstract description 25
- 230000008569 process Effects 0.000 claims abstract description 36
- 230000005540 biological transmission Effects 0.000 claims abstract description 19
- 238000012546 transfer Methods 0.000 claims abstract description 15
- 238000004891 communication Methods 0.000 claims description 27
- 238000003860 storage Methods 0.000 claims description 16
- 230000006870 function Effects 0.000 claims description 12
- 238000012795 verification Methods 0.000 claims description 11
- 238000004364 calculation method Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 8
- 230000008859 change Effects 0.000 claims description 6
- 238000013480 data collection Methods 0.000 claims description 5
- 238000013500 data storage Methods 0.000 claims description 5
- 230000008676 import Effects 0.000 claims description 5
- 230000009977 dual effect Effects 0.000 claims description 3
- 238000005194 fractionation Methods 0.000 claims description 3
- 230000003993 interaction Effects 0.000 claims description 3
- 230000037361 pathway Effects 0.000 claims description 3
- 230000006798 recombination Effects 0.000 claims description 3
- 238000005215 recombination Methods 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 230000026676 system process Effects 0.000 claims description 3
- 238000001514 detection method Methods 0.000 abstract description 4
- 238000006467 substitution reaction Methods 0.000 description 9
- 238000013461 design Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 8
- PCTMTFRHKVHKIS-BMFZQQSSSA-N (1s,3r,4e,6e,8e,10e,12e,14e,16e,18s,19r,20r,21s,25r,27r,30r,31r,33s,35r,37s,38r)-3-[(2r,3s,4s,5s,6r)-4-amino-3,5-dihydroxy-6-methyloxan-2-yl]oxy-19,25,27,30,31,33,35,37-octahydroxy-18,20,21-trimethyl-23-oxo-22,39-dioxabicyclo[33.3.1]nonatriaconta-4,6,8,10 Chemical compound C1C=C2C[C@@H](OS(O)(=O)=O)CC[C@]2(C)[C@@H]2[C@@H]1[C@@H]1CC[C@H]([C@H](C)CCCC(C)C)[C@@]1(C)CC2.O[C@H]1[C@@H](N)[C@H](O)[C@@H](C)O[C@H]1O[C@H]1/C=C/C=C/C=C/C=C/C=C/C=C/C=C/[C@H](C)[C@@H](O)[C@@H](C)[C@H](C)OC(=O)C[C@H](O)C[C@H](O)CC[C@@H](O)[C@H](O)C[C@H](O)C[C@](O)(C[C@H](O)[C@H]2C(O)=O)O[C@H]2C1 PCTMTFRHKVHKIS-BMFZQQSSSA-N 0.000 description 5
- 241001269238 Data Species 0.000 description 4
- 101100321992 Drosophila melanogaster ABCD gene Proteins 0.000 description 4
- 238000006243 chemical reaction Methods 0.000 description 4
- 238000009826 distribution Methods 0.000 description 4
- 230000008034 disappearance Effects 0.000 description 3
- 230000005611 electricity Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000018109 developmental process Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 239000002184 metal Substances 0.000 description 2
- 238000012913 prioritisation Methods 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- OCUSNPIJIZCRSZ-ZTZWCFDHSA-N (2s)-2-amino-3-methylbutanoic acid;(2s)-2-amino-4-methylpentanoic acid;(2s,3s)-2-amino-3-methylpentanoic acid Chemical compound CC(C)[C@H](N)C(O)=O.CC[C@H](C)[C@H](N)C(O)=O.CC(C)C[C@H](N)C(O)=O OCUSNPIJIZCRSZ-ZTZWCFDHSA-N 0.000 description 1
- 102100040225 Gamma-interferon-inducible lysosomal thiol reductase Human genes 0.000 description 1
- 101001037132 Homo sapiens Gamma-interferon-inducible lysosomal thiol reductase Proteins 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000012271 agricultural production Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000012938 design process Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 230000005059 dormancy Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000000630 rising effect Effects 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
- 238000010572 single replacement reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G08—SIGNALLING
- G08C—TRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
- G08C17/00—Arrangements for transmitting signals characterised by the use of a wireless electrical link
- G08C17/02—Arrangements for transmitting signals characterised by the use of a wireless electrical link using a radio link
-
- H02J13/0075—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02E—REDUCTION OF GREENHOUSE GAS [GHG] EMISSIONS, RELATED TO ENERGY GENERATION, TRANSMISSION OR DISTRIBUTION
- Y02E60/00—Enabling technologies; Technologies with a potential or indirect contribution to GHG emissions mitigation
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/12—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them characterised by data transport means between the monitoring, controlling or managing units and monitored, controlled or operated electrical equipment
- Y04S40/126—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them characterised by data transport means between the monitoring, controlling or managing units and monitored, controlled or operated electrical equipment using wireless data transmission
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of electric power network real-time monitoring system and control method thereof, including: wireless sensor network node, it is used for detecting and gather smart power grid user client information;Supervising device, processes for the operation and data controlling whole system;Wireless data transfer module, the user data for wireless sensor network node collection radios to supervising device;Described wireless sensor network node includes multiple sensor node and wireless data acquisition terminal;Wherein, the wireless data acquisition terminal of described wireless sensor network node and supervising device are by wireless data transfer module wireless connections.This system can realize radio detection and the transmission of the power information to smart power grid user, it is possible to ensures the detection seriality of user power utilization data and accuracy, and can greatly ensure confidentiality and safety that power information transmits.
Description
Technical field
The present invention relates to data test and collection field, is specifically related to a kind of electric power network real-time monitoring system and control thereof
Method.
Background technology
Intelligent grid, is also called knowledge type electrical network or modern power network, is by modern advanced sensing and measurement technology, letter
The novel power grid that message communication technology, control technology and original power transmission and distribution infrastructure are highly integrated and are formed.Intelligent distribution network
Opening make a large amount of collecting terminal and mobile terminal extensively apply and access, data in intelligent distribution network are just passed by this
Defeated integrity, confidentiality, the problem such as attack tolerant and secret protection proposes new challenge.Intelligent electric energy meter is Intelligent electric
The intelligent terminal of net, it is not the most traditional electric energy meter, and intelligent electric energy meter is used substantially except possessing traditional electric energy meter
Beyond the function of measuring of electricity, in order to adapt to intelligent grid and new forms of energy use it also have two-way multiple rate metering merit
Energy, user side control the intelligentized merits such as function, the bidirectional data communication function of plurality of data transmission modes, anti-stealing electricity function
Can, intelligent electric energy meter represents the developing direction of following energy-conserving intelligent electrical network end user's intelligent terminal.
In recent years, along with sensor, computer, radio communication and the development of the technology such as micro electronmechanical and mutually merge, produce
Wireless sensor network (WSN).Wireless sensor network is supervised the most in real time by all kinds of integrated microsensors
Survey, perception and the various environment of collection or the information of monitored object, be widely used in environmental monitoring, health care, military defense, anti-
Fear the every field such as the disaster relief.Wireless sensor network is considered as 21st century one of most important technology, is the most embedded
The focus of area research, has the boundless market space and researching value.Wireless sensor network is increasingly becoming intelligence
Topmost user side data collecting system in power distribution network.
At present, the integrity to wireless sensor network data transmission both at home and abroad, confidentiality, the problem such as attack tolerant is carried out
Certain research, it is proposed that various different Broadcast authentication protocols.One is μ TESLA Broadcast authentication protocols, and this agreement exists
When the initiation parameter of broadcast authentication is allocated, it is to utilize the shared key between base station and node, by the side of clean culture
Formula completes.By postponing transmission certification key and judging that delay duration determines the integrity of sent packet.Should
Solution security is preferable, but message authentication has time delay, this time delay can cause the generation that DOS attacks.Researcher was to μ later
TESLA has carried out a series of improvement, it is proposed that multistage μ TESLA scheme, the μ TESLA scheme of many base stations, for certification float
The μ TESLA prioritization scheme moved and μ TESLA certificate scheme based on message-driven etc..These prioritization schemes are all at base
The improvement carried out on the basis of this μ TESLA, its essential idea does not change, and therefore time delay is the problem always existed, they
Still can not resist DOS to attack.Other researcheres propose the certificate scheme of a kind of once signed in intelligent grid, but
The program wants to reach good safety will consume the biggest signature and certification expense.Later researcher propose again based on
The Broadcast authentication protocols of Merkle tree, this agreement uses the method for direct certification, does not postpone, efficiently solves DOS and attack
The problem hit, is simultaneously achieved the certification together of multiple node, the function being mutually authenticated.But will result in when number of nodes is excessive
Node storage overhead and the most excessive problem of communication-cost.Therefore researcher proposes again on the basis of basic Merkle tree
The broadcast strategy of a kind of classification Merkle tree, the method designs for great deal of nodes, substantially reduces the storage of node and leads to
Letter expense.Recent study persons propose the scheme that Merkle authentication tree agreement applies to intelligent grid, by this agreement
Apply to the secure communication of user and community portal improves the safety of communication.But user data is not carried out effectively
Secret protection, assailant intercepts the information of user's transmission can also interpret useful data.The power information of user and
The event causing the harm people's lives safety such as burglary is occurred by revealing of the privacies such as electricity consumption rule.
Summary of the invention
Goal of the invention: the invention aims to solve deficiency of the prior art, it is provided that a kind of electric power network is real
Time monitoring system and control method thereof, this device can realize radio detection and the transmission of the power information to smart power grid user,
Ensure that detection seriality and the accuracy of user power utilization data, and the secrecy that power information is transmitted can greatly be ensured
Property and safety.
Technical scheme: a kind of electric power network radio transmitting device of the present invention, including:
Wireless sensor network node, is used for detecting and gather smart power grid user client information;
Supervising device, processes for the operation and data controlling whole system;
Wireless data transfer module, the user data for wireless sensor network node collection radios to supervising device;
Described wireless sensor network node includes multiple sensor node and wireless data acquisition terminal;
Wherein, the wireless data acquisition terminal of described wireless sensor network node and supervising device are by wireless data transmission mould
Block wireless connections;Described wireless data acquisition terminal is provided with FWSM, wireless data acquisition terminal and wireless data and passes
It is each provided with an encrypting module in sending module, Wireless data transmission module is additionally provided with an authentication module, data
Separate dual pathways link block it is provided with between delivery module and FWSM;
Described wireless data acquisition terminal includes: the output of MCU, analog input unit, On-off signal unit, relay is single
Unit, digital output unit, SRAM unit, RTC unit, watchdog unit, RS232/RS485/RS422 unit, wireless list
Unit and power subsystem;
Wherein analog input unit, On-off signal unit are connected with MCU, MCU and relay output unit, digital quantity
Output module unit, MCU is also mono-with SRAM unit, RTC unit, watchdog unit, RS232/RS485/RS422 simultaneously
Unit, radio-cell and LED indicator unit;RS232/RS485/RS422 unit is connected with user interface circuit, wireless
Unit connects ZigBee transmission antenna and adapter circuit.
Further, described wireless data transfer module includes that ZigBee reception antenna, adapter circuit and data are total
Line, is used for receiving data collection station wireless signal, and gives described data processing module via data bus transmission.
Further, described wireless sensor network node includes air temperature sensor, air humidity sensor, voltage
One or both and above combination in sensor, current sensor, meritorious sensor, idle sensor.
Further, described supervising device includes: data monitoring and processing module, control centre, client control module
And display terminal.
The control method of above-mentioned a kind of electric power network real-time monitoring system, it is characterised in that: comprise the steps:
(1) communication system including control centre, wireless data acquisition terminal and wireless data transfer module is built,
Wireless data acquisition terminal can send to described wireless data transfer module and receive data;
(2) setting up secured communication channel, be bi-directionally connected wireless data acquisition terminal and control centre, control centre is to described entrance
The data of the wireless data acquisition terminal of system process and control;
(3) control centre completes the safety verification of wireless data acquisition terminal by secured communication channel, if acquisition terminal is not
Safety, then stop this wireless data acquisition terminal to enter system and carry out data encryption storage and exchange, if acquisition terminal safety,
This acquisition terminal is then allowed to carry out data encryption storage and exchange.
Further, in the middle foundation using following steps to complete secured communication channel of step (2):
(1) when wireless data acquisition terminal sends connection application to control centre, first wireless data acquisition terminal is inquired about and is
The no session connection information cached with control centre, is then to use the digest algorithm of caching in session connection information close to session
Key carries out digest calculations, it will words number and summary result write in session id and the session cipher key digest field of connection application bag
;Inquire about buffer control center certificate the most again, be the control that then certificate serial number of control centre is write connection application bag
In center certificate sequence-number field, then the serial number of wireless data acquisition terminal certificate is write wireless data acquisition terminal certificate
In sequence-number field;Fill in asymmetric encryption and Digital Signature Algorithm Assembly Listing, and send connection application to control centre;
(2), after control centre receives the connection application packet that wireless data acquisition terminal sends, according to session number inquiry it is
The no session connection information being cached with correspondence, is to use the digest algorithm of caching in session connection information to carry out session key
Digest calculations, the summary data of session key result of calculation sent with wireless data acquisition terminal is compared;If it is right
More consistent than result, then using session key and symmetry algorithm as the key of data protection in secured communication channel and algorithm, go forward side by side
Enter next step;
(3) control centre to terminal send consult terminate order, terminal receive control centre send negotiation terminate order after,
Escape way is set up and is terminated.
Further, in step (2) if in comparing result inconsistent, then perform following step flow process:
(A) control centre reads the serial number of control centre's certificate that wireless data acquisition terminal sends, if used with local terminal
Certificate serial number consistent, the most do not send the certificate of control centre to wireless data acquisition terminal, and perform next step flow process;
(B) control centre reads the serial number of the wireless data acquisition terminal certificate that wireless data acquisition terminal sends, according to this
Serial number inquiry has cached wireless data acquisition terminal certificate the most;It is to need not wireless data acquisition terminal in controlling
The heart sends the certificate of wireless data acquisition terminal, and performs following workflow:
A () control centre reads the algorithm combination list that wireless data acquisition terminal sends, select a group encryption intensity the highest
Algorithm combination, as the AES combination used in below scheme, sends to wireless data acquisition terminal, and performs next step
Flow process;
B () control centre generates one group of interim unsymmetrical key pair, use the private key of control centre and described step (a)
Selected in algorithm combination in asymmetric arithmetic temporary public key is digitally signed, will signature result and temporary public key group
Bag, sends cipher key interaction packet to terminal;
C () sends connection application end data packet to wireless data acquisition terminal;
D () wireless data acquisition terminal receives the connection application response data packet that control centre sends, cache key negotiation algorithm
Combination and session number;If wireless data acquisition terminal receives control centre's certificate data bag that control centre sends, to control
Center certificate carries out legitimate verification, is proved to be successful, then use the serial number in certificate as mark, the number at buffer control center
Word certificate;Authentication failed, then exit this flow process, disconnect;If wireless data acquisition terminal receives control centre and sends
Application wireless data acquisition terminal certificate request for data bag, then the certificate group of local terminal is bundled into certificate data bag, to control
Center sends;Wireless data acquisition terminal receives the key agreement packet that control centre sends, then use in the control of caching
PKI in heart certificate and the asymmetric arithmetic in the cipher key agreement algorithm combination of described caching, the temporary public key to control centre
Signing messages is verified, if unsuccessful, exits flow process, and break link;If success, perform next step;
E one session key of () wireless data acquisition terminal stochastic generation, as the key of data protection in escape way, uses
Symmetry algorithm in algorithm combination is as protection algorism;Use session number as mark, it will talk about key, symmetry algorithm and pluck
Algorithm is wanted to cache;Use asymmetric arithmetic that session key is encrypted, and use asymmetric arithmetic to the meeting after encryption
Words key carries out numeral label;By the session key after encryption and digital signature group bag, send key agreement number to control centre
According to bag;
F () sends to control centre and consults to terminate order;
If g () control centre receives wireless data acquisition terminal certificate data bag, wireless data acquisition terminal certificate is carried out
Legitimate verification, if be proved to be successful, uses the serial number in certificate as mark, the digital certificate at buffer control center;As
Really authentication failed, then exit this flow process, disconnect;
H () control centre receives the key agreement packet that wireless data acquisition terminal sends after, use data acquisition eventually
Signed data is signed by the PKI in end certificate and the asymmetric arithmetic in the algorithm combination selected in step S22
Checking, if unsuccessful, exits flow process, and break link;If success, local terminal private key is used to decipher with asymmetric arithmetic
Session key, and use the session number produced in step S22 as mark, it will words key, symmetry algorithm and digest algorithm
Cache;And using session key and symmetry algorithm name as the key of data protection in secured communication channel and algorithm;Hold
Row step (3).
Further, described control centre to through safety certification and the entering of wireless data acquisition terminal of the system of entrance
The detailed process of row data encryption storage and exchange is: S31 imports source data, S32 data intercept, and S33 system is changed,
The steps such as S34 character transcoding, S35 data recombination, S36 character string replacement and S37 shortage of data storage have formed, and remove
Outside step S31 and step S32, other procedural order can change.
Further, in step S32, in the function intercepting character, need three elements, character the most to be intercepted, cut
The figure place taken and the original position of intercepting, source data is character to be intercepted, and the length intercepted is to specify, the original position of intercepting
Value be by user input password, machine code, or server end return data split into several after all add 1, fractionation
The group number of the source data that number needs with plan imports is identical.
Beneficial effect: the present invention has the following advantages and beneficial effect:
(1) wireless sensor network node can realize in real time to the ambient temperature of smart power grid user, humidity, voltage, electric current,
The collection of the information such as meritorious and idle;
(2) use wirelessly carries out networking, greatly reduces the stock number occupied in data transmission procedure, reduces and implements
Cost, and be easily installed, safeguard, carry out the power information of the multiple smart power grid user of unified monitoring at control room, improve
Monitoring efficiency, has saved human cost;
(3) data collection station improved and data processing module can ensure that monitoring seriality and the accuracy of climatic data,
Accurately guiding agricultural production;
(4) by setting up secured communication channel, to the storage of intrasystem data and exchange process, all it is encrypted, can protect
The safety and reliability of card system communication, it is to avoid user power utilization information leakage.
Accompanying drawing explanation
Fig. 1 is the system architecture diagram of the real-time monitoring system of the present invention;
Fig. 2 is the control method schematic flow sheet of the present invention.
Detailed description of the invention
A kind of electric power network real-time monitoring system as shown in Figure 1, including:
Wireless sensor network node 1, is used for detecting and gather smart power grid user client information;Supervising device 3, is used for controlling
The operation of whole system processed and data process;Wireless data transfer module 2, the use gathered for wireless sensor network node
User data radios to supervising device;Described wireless sensor network node 1 includes multiple sensor node 11 and nothing
Line data collection station 12;Wherein, the wireless data acquisition terminal 12 of described wireless sensor network node 1 and monitoring
Device leads to 3 crosses wireless data transfer module 2 wireless connections.
Described supervising device 3 includes: data monitoring and processing module 31, control centre 32, client control module
33 and display terminal 34.Preferably, described control centre 32 is low-power scm, it is preferred to use MSP430F149 is mono-
Sheet machine, can also use other single-chip microcomputer, such as ARM single-chip microcomputer or AVR single-chip microcomputer certainly.
Described data monitoring and processing module 31 and wireless data transfer module 2 can jointly build secure communication and lead to
Road, is bi-directionally connected wireless data acquisition terminal 12 and control centre 32, and control centre 32 is to described entrance supervising device 3
Data process and control.
Control centre 32 completes the safety verification to wireless data acquisition terminal by secured communication channel, if gathered
Terminal is dangerous, then stop this acquisition terminal 12 to enter supervising device 3 and carry out data storage and exchange, if acquisition terminal
12 safety, then allow this wireless data acquisition terminal 12 to carry out data storage and exchange.
The storage of data all in system and exchange process can be encrypted by control centre 32.
Described client control module 34, can be sent out the control instruction of control centre 32 by the form being wirelessly transferred
Give wireless data acquisition terminal 12, to control the data acquisition of wireless data acquisition terminal 12.
Control centre 32 is provided with monitoring software and is configured with backstage real-time data base, and described monitoring software has monitoring
Function and software format can be stored data as.Middle control module installs the monitoring software of customized development, it is achieved to monitoring data
Continuous acquisition, check and preserve.This software has multiple control function, and such as monitoring in real time, real-time curve shows, history curve shows
Show, warning etc..Software arrangements backstage real-time data base, can store gathered data according to the actual requirements, such as timing storage, becomes
Change storage etc.;Software support stores data as the popular software forms such as Excel simultaneously, it is simple to the follow-up use to data.
Described wireless data acquisition terminal 12 is provided with FWSM, wireless data acquisition terminal 12 and wireless number
According to being each provided with an encrypting module in delivery module 2, Wireless data transmission module is additionally provided with an authentication mould
Block, is provided with separate dual pathways link block between data transmitting module and FWSM.
Described wireless data acquisition terminal 12 includes: include MCU, analog input unit, On-off signal unit,
Relay output unit, digital output unit, SRAM unit, RTC unit, watchdog unit, RS232/RS485/RS422
Unit, radio-cell and power subsystem;Wherein analog input unit, On-off signal unit are connected with MCU, MCU
With relay output unit, digital output modular unit, MCU is also with SRAM unit, RTC unit, house dog singly simultaneously
Unit, RS232/RS485/RS422 unit, radio-cell and LED indicator unit;RS232/RS485/RS422 unit
Being connected with user interface circuit, radio-cell connects ZigBee transmission antenna and adapter circuit.
Described wireless data transfer module 2 includes ZigBee reception antenna, adapter circuit and data/address bus, is used for
Receive data collection station wireless signal, and give described data processing module via data bus transmission.
Described sensor node 11 comprise the steps that include air temperature sensor, air humidity sensor, voltage sensor,
One or both and above combination in current sensor, meritorious sensor, idle sensor.
Described wireless data acquisition terminal 12 uses High performance industrial level wireless module, High performance industrial level 32 logical
Letter processor, supports multistage dormancy and awakening mode, reduces power consumption, built-in real-time clock (RTC) to greatest extent, supports timing
Switching on and shutting down.Preferably employ metal shell, protection class IP30, metal shell and security of system isolation, be particularly suitable for industry control existing
The application of field.Described wireless data acquisition terminal uses the design of WDT house dog, it is ensured that system stability, uses complete anti-lost
Line mechanism, it is ensured that data terminal is always online, S232/RS485 interface built-in 15KV ESD protects, and antennal interface lightning protection is protected
Protect.
Fig. 2 shows the control method of a kind of electric power network real-time monitoring system of the present invention.The method is specifically wrapped
Include following steps:
S1. a communication system including control centre, wireless data acquisition terminal and wireless data transfer module is built
System, wireless data acquisition terminal can send to described wireless data transfer module and receive data;
S2. set up secured communication channel, be bi-directionally connected wireless data acquisition terminal and control centre, control centre to described enter
The data of the wireless data acquisition terminal entering system process and control;
S3. control centre completes the safety verification of wireless data acquisition terminal by secured communication channel, if acquisition terminal is not
Safety, then stop this wireless data acquisition terminal to enter system and carry out data encryption storage and exchange, if acquisition terminal safety,
This acquisition terminal is then allowed to carry out data encryption storage and exchange.
Following steps are used to complete the foundation of secured communication channel in S2:
S21., when wireless data acquisition terminal sends connection application to control centre, first wireless data acquisition terminal is inquired about
The most cache the session connection information with control centre, be then to use the digest algorithm cached in session connection information to session
Key carries out digest calculations, it will words number and summary result write session id and the session cipher key digest field of connection application bag
In;Inquire about buffer control center certificate the most again, be the control that then certificate serial number of control centre is write connection application bag
In center certificate sequence-number field processed, then the serial number of wireless data acquisition terminal certificate is write wireless data acquisition terminal card
In book sequence-number field;Fill in asymmetric encryption and Digital Signature Algorithm Assembly Listing, and send connection application to control centre
;
S22., after control centre receives the connection application packet that wireless data acquisition terminal sends, inquire about according to session number
Whether it is cached with the session connection information of correspondence, is, use the digest algorithm of caching in session connection information that session key is entered
Row digest calculations, the summary data of session key result of calculation sent with wireless data acquisition terminal is compared;If
Comparing result is consistent, then using session key and symmetry algorithm as the key of data protection in secured communication channel and algorithm, and
Enter next step;
S23. control centre to terminal send consult terminate order, terminal receive control centre send negotiation terminate order after,
Escape way is set up and is terminated.
In S22, if comparing result is inconsistent, then execution following step flow process:
S221. control centre reads the serial number of control centre's certificate that wireless data acquisition terminal sends, if made with local terminal
Certificate serial number consistent, the most do not send the certificate of control centre to wireless data acquisition terminal, and perform next step flow process
;
S222. control centre reads the serial number of the wireless data acquisition terminal certificate that wireless data acquisition terminal sends, according to
The inquiry of this serial number has cached wireless data acquisition terminal certificate the most;It is to need not wireless data acquisition terminal to control
Center sends the certificate of wireless data acquisition terminal, and performs following workflow:
S2221. control centre reads the algorithm combination list that wireless data acquisition terminal sends, and selects a group encryption intensity
High algorithm combination, as the AES combination used in below scheme, sends to wireless data acquisition terminal, and under execution
One step flow process;
S2222. control centre generates one group of interim unsymmetrical key pair, uses the private key of control centre and described step
Temporary public key is digitally signed by the asymmetric arithmetic in algorithm combination selected in S2221, and result of signing is with interim
PKI group bag, sends cipher key interaction packet to terminal;
S2223. connection application end data packet is sent to wireless data acquisition terminal;
S2224. wireless data acquisition terminal receives the connection application response data packet that control centre sends, and cache key is consulted
Algorithm combination and session number;If wireless data acquisition terminal receives control centre's certificate data bag that control centre sends, right
Control centre's certificate carries out legitimate verification, is proved to be successful, then use the serial number in certificate as mark, buffer control center
Digital certificate;Authentication failed, then exit this flow process, disconnect;If wireless data acquisition terminal receives control centre
The request for data bag of the application wireless data acquisition terminal certificate sent, then be bundled into certificate data bag by the certificate group of local terminal, to
Control centre sends;Wireless data acquisition terminal receives the key agreement packet that control centre sends, then use the control of caching
Asymmetric arithmetic in the cipher key agreement algorithm combination of the PKI in center certificate processed and described caching, interim to control centre
Public key signature information is verified, if unsuccessful, exits flow process, and break link;If success, perform next step;
S2225. one session key of wireless data acquisition terminal stochastic generation, as the key of data protection in escape way,
Use the symmetry algorithm in algorithm combination as protection algorism;Use session number as mark, it will words key, symmetry algorithm
Cache with digest algorithm;Use asymmetric arithmetic session key is encrypted, and use asymmetric arithmetic to encryption after
Session key carry out numeral label;By the session key after encryption and digital signature group bag, send key association to control centre
Quotient data bag;
S2226. send to control centre and consult to terminate order;
If S2227. control centre receives wireless data acquisition terminal certificate data bag, to wireless data acquisition terminal certificate
Carrying out legitimate verification, if be proved to be successful, using the serial number in certificate as mark, the digital certificate at buffer control center
;If authentication failed, then exit this flow process, disconnect;
S2228., after control centre receives the key agreement packet that wireless data acquisition terminal sends, wireless data is used to adopt
Signed data is carried out by the PKI in collection terminal certificate and the asymmetric arithmetic in the algorithm combination selected in step S22
Signature verification, if unsuccessful, exits flow process, and break link;If success, use local terminal private key and asymmetric arithmetic
Decrypted session key, and use the session number produced in step S22 as mark, it will words key, symmetry algorithm and summary
Algorithm caches;And using session key and symmetry algorithm name as the key of data protection in secured communication channel and algorithm
;Perform step S23.
Preferably, in described step S221, without caching wireless data acquisition terminal certificate, then in described step
Below scheme is increased: control centre sends to wireless data acquisition terminal in controlling between S2221 and described step S2222
Heart certificate;Control centre sends and obtains the request of wireless data acquisition terminal certificate to wireless data acquisition terminal.
Preferably, in step S3, described control centre to through safety certification and enter system wireless data
The detailed process carrying out data encryption storage and exchange of acquisition terminal is imported source data, S32 data intercept, S33 by S31
The step groups such as system conversion, S34 character transcoding, S35 data recombination, S36 character string replacement and S37 shortage of data storage
One-tenth completes, and in addition to step S31 and step S32, other procedural order can change.
Preferably, in step S32, in the function intercepting character, need three elements, character the most to be intercepted, intercept
Figure place and the original position of intercepting, source data is character to be intercepted, and the length intercepted be specify, the original position value of intercepting
Be by user input password, machine code, or server end return data split into several after all add 1, the number of fractionation
Need identical with the group number of the source data that plan imports.
As a example by being intercepted by bank card password with MID (text, start_num, num_chars) function, wherein text
Representing character to be intercepted i.e. source data, num_chars represents the figure place of intercepting, and start_num i.e. represents rising of intercepting
Beginning position, num_chars can specify, when needing upgrading, it is only necessary to source data figure place is changed, and reassigns num_
Chars value, such as, be designated as 20 by num_chars value by 10, then the character intercepted is become 20 by 10
Position, here it is expand algorithm, and 6 numerals that bank card can be inputted password by start_num value decouple, by it
The value split adds 1, intercepts character as start_num value, and method for splitting is the most, example MID (password,
1,1), MID (password, 2,1), MID (password, 3,1), MID (password, 4,1), MID (password, 5,1),
MID (password, 6,1), 6 password values will become 6 single characters, such as, source data
In 6 groups, first group is designated as text1, utilizes MID (text1, MID (password, 1,1)+1,20), it is possible to password
The position that first bit digital of password adds 1 starts to intercept text1, intercepts 20, and the purpose intercepting character is by letter
Forms data is mingled in complex data, such as, in the design process of bank card password, by this step, be mingled in by password
In source data, after introducing 6 groups of source datas, text value is exactly source data, and start_num value is exactly MID
(password, A, 1)+1 value, A is the position of code characters, in this manner it is possible to achieve 6 groups of new datas, they are to intercept
The data of the num_chars value length that the units from the 1st to the 10th starts, such as, password splits
After data be 6, mean that from the 7th start intercept, num_chars value is 20, means that the figure place of intercepting is 20,
In a simple password 000000 and complicated password 658973, the meaning of the two represents that the former is from 6 source numbers respectively
According to the 1st start to intercept, and the latter represents from the 7th of 6 source datas the, the 6th, the 9th, the 10th
Position, the 8th, the 4th starts to intercept, unrelated with the complexity of password, as long as hardware is not carried by Password Input personnel
Supply others, and allow others see Password Input action simultaneously, when only the password from storage cracks, the two crack difficulty
Degree is as broad as long, and during this step, each source data exists 10 subdatas, and namely password combination number increases
1,000,000 times are added.
Preferably, in step S33 system is changed, if it is desirable, any data can be converted into another
Plant the data of system, during low binary data is converted into high binary data, owing to high binary data needs more base
This element representation, basic element here is exactly 0 to 9 these 10 numerals of similar 10 systems, can be by the simplest
Single data become complicated data, shorten data length simultaneously, and for example pure digi-tal data become numeral and letter mixing
Data, sometimes, need complex data becomes simple data or non-numeric data is converted into numerical data.
For example machine code is usually numeral and letter blended data, and Chinese character is non-numeric data, marks at GB2312
In standard, can directly quote the region-position code of Chinese character, convert thereof into numerical data, or GB2312 normative text is understood
Become the numeral (7445 comprise non-chinese symbol) of 7445 systems, Chinese document is encrypted or is applied to numeral card accordingly
Book, is understood as 7445 systems by Chinese text, is converted into 10 systems, and its data are surprisingly huge, as a example by 5 figure places, and conversion
Becoming 10 systems, figure place reaches 20, and peak is 2.2873E+19, and reconvert becomes 62 binary data, is namely converted into number
Word and letter blended data, encryption does not use negative data, and therefore, carry is the same with 10 binary data, is also system
The first power of number, quadratic power, cube etc. is incremented by successively, and the data bits after conversion does not reaches the figure place that programming needs
Time, supply seniority top digit with 0, such as 10 binary data after changing are 123, and the figure place needed is 5, just in a high position
On add 0 and be 00123 and supply 5, most people contact English alphabet and numeral is the most, and example is 62 systems and 10
System is changed, and represents that 0 to 9, small letter a to the z of letter represent 10 to 35 with Arabic numerals 0 to 9, letter
Capitalization A to Z represent 36 to 61, can also have other specified scheme, numeral that aft section is told about or letter
This bit code, transcoding algorithm is also in compliance with same rule, and such as 62 binary data A6bJ9 being converted into 10 binary data is
36*624+6*623+11*622+45*62+9=533423147, are 9 figure places.
Preferably, the character transcoding in step S34 utilizes character transcoding algorithm to realize, with a character or
The method that group character obtains another character or one group of character by transcoding algorithm is exactly character transcoding, and the most single character is also
Being one group of character, transcoding is all transcoding one by one, and simply the latter is to change several character simultaneously, and the transcoding meaning of single character is not
Big, so being that character group carries out transcoding, character group transcoding needs transcoding algorithm instruction set and transcoding table jointly to realize.
Example is the transcoding algorithm of four kinds of numerals of design and letter, and named ABCD algorithm, transcoding algorithm is followed following
Rule:
1: after the algorithm conversion that different source codes is identical, result can not be identical;
2: the transformation result of several algorithms of same source code mutually can not be identical;
3: the result of transcoding can not be identical with source code;
4: transcoding to arrange several transcoding algorithm, to strengthen the combinatorial complexity of password,
Example is that condition carries out changing based on this bit code of numeral and letter, and one's own department or unit code division of numeral 0 to 9 is not
Numeral 0 to 9, one's own department or unit code division of lower case a to z is not numeral 10 to 35;The basis of capitalization A to Z
Bit code is numeral 36 to 61 respectively.
In ABCD algorithm, wherein the 1st algorithm, the 2nd algorithm, the 3rd algorithm is to carry out based on this bit code
Mathematical operation, but the 4th algorithm is through manually adjusting, and does not has what algorithm rule,
1st algorithm: the 2nd odd number after this digital or alphabetical bit code adds this this bit code is exactly that this is digital or alphabetical
Transcoding algorithm, result >=62, just subtract 62, record numeral corresponding to its this bit code or letter;
2nd algorithm: after this digital or alphabetical bit code adds this this bit code, the 13rd odd number is exactly this digital or alphabetical B
Transcoding algorithm, result >=62, just subtract 62, record numeral corresponding to its this bit code or letter;
3rd algorithm: it is exactly this digital or alphabetical transcoding algorithm that this bit code digital or alphabetical adds 30, result >=62
, just subtract 62, record numeral corresponding to its this bit code or letter;
4th algorithm: the 4th algorithm part is followed this bit code of numeral or letter and just added the 3rd even number after this this bit code
It is this digital or alphabetical transcoding algorithm, result >=62, just subtract 62, in order to prevent data homogeny conflict, done part
Position adjustment, records numeral corresponding to its this bit code or letter, from its design principle it is recognised that each before and after transcoding
Numeral is with letter all without identical, and this is a most basic designing points, when calling, the 1st algorithm, the 2nd algorithm, and the 3rd
Algorithm can directly use tables of data to call, it is possible to use mathematical operation converts, but, the 4th algorithm have passed through manually
Adjust, need to use tables of data to call, it is also possible to designing other transcoding algorithm, the transcoding algorithm of example make use of similar field
Carry out the ABCD sequence of algorithm.
Transcoding algorithm instruction set: treat that each character of transcoding, as source code, needs to instruct transcoding direction and could obtain correctly
Result, the data of instruction set and treat that the data of transcoding exist corresponding relation, i.e. one corresponding one of instruction character treats transcoding word
Symbol, is converted into another one character through instruction rule, and such as, instruction set data are BACC, treat that transcoded data is 1234, just
It is that four data of 1234 are performed B algorithm, A algorithm, C algorithm, C algorithm respectively.
Preferably, substituting character string in step S36 is the one substituted with other character by the partial character in character
Encryption technology, replacement can be single replacement, it is also possible to be that character string substitutes, and preferably design is that character string substitutes, and replaces
In generation, utilizes character substitution tables to complete, and character substitution tables data are divided into record number and substitute character string, the word that record number occurs
Symbol is exactly the character needing to substitute.
There are 5, A, b, 6 in such as record number, it is simply that in the data that will substitute, all of 5, A, b, 6 character is all taken out
Taking out, be grouped, the character figure place after packet needs consistent with record number figure place, and last group does not has corresponding figure place
Time, can abandon substituting or specifying increasing figure place, such as, specify first character to be added to and meet figure place, search character substitution tables
In corresponding record number, determine replacement character string, owing to the several character original positions extracted differ, need
On position to be determined, method more typically is that the several characters extracted are converted into 10 binary data, utilizes remainder
Function determines, such as, it is several that remainder adds 1, and just the original position at which character inserts, and is removed in the space of other characters,
Obtaining new data, the record number design of character substitution tables it is noted that record number needs to enumerate all groups being likely to occur
Close, be otherwise likely to occur operation mistake, during 3 replacements, need 27 groups, namely the cube of 3, during 4 replacements, note
Record numbering be accomplished by 256 groups, be 4 powers of 4, if 5 be exactly 55 powers, the most up to 3125
Group, so the number of characters substituted needs moderate, data table data is the hugest and the least the most appropriate, and alternate data should be not oversize,
The most likely being found character substitution tables by long data, during 4 replacements, alternate data has only to 256 groups, big with English
When lower case sum word table shows, one and two is sufficient to, and the shortest data substitute, and just have no idea to be replaced by lookup
Reversely finding character substitution tables for character string, do not allow ciphering process or the non-existent character of encryption data occur, this is also
In order to prevent by replacement string searching to character substitution tables, reason is very simple, if certain character is only in certain tables of data
Middle appearance, the most just can find, as long as the character that ciphering process or encryption data exist can serve as substituting character,
Even the former data character substituted can also occur, such as, these four characters of 5, A, b, 6 are replaced, then, in alternate data
Still allow appearance 5, A, b, 6, due to the character figure place substituted, so the figure place of final password is uncertain, substitute
Character can use superposition encryption method repeatedly to encrypt, and designs many parts of character substitution tables, connects data by multiple variablees and completes
Repeatedly encrypt, such as variable data 2356,6987,3075,9837,8863,5534,6 groups of data are respectively divided by character and replace
The sum represented, the tables of data being connected to correspondence is sequentially completed replacement, namely first passes through 2356 data being connected to correspondence
Table completes to substitute, and again using the data after replacement as source data, completes to replace to corresponding tables of data with the 2nd group of data cube computation
Generation, the like, character substitution tables and homogeneous data table have some difference, it is simply that different table record numberings can be different
, refer to that record number figure place can also be same, such as, table 1 is replacement 5, A, b, 6, and table 2 is to substitute c, 8, H, k, or
Table 1 completes 3 characters and substitutes, and what table 2 completed is that 4 characters substitute, because program is to design by retrieval record
The figure place of numbering and character, determine character and the packet figure place of replacement, in programming, character transcoding, and system is changed and cut
Taking character to be preferred with the data obtaining regular length, and after character has substituted, data length is uncertain, this gives and resets character bit
The authorized strength work of the character length contingency table putting this step ciphering process brings difficulty, the uncertain length of character length contingency table
Although value value is relatively more random, but negative value can not occurs, namely other determine that the sum of length value can not be more than data
Figure place, needs after other steps to this end, character substitutes this step, before shortage of data preserves, is otherwise designed with difficulty.
Preferably, the disappearance algorithm in step S37, link variable, when introducing source data, link variable often has several
Group, link variable is divided into several groups, and the corresponding source data introduced also has several groups, and very little, password easily cracks link variable group number,
If link variable fails record completely, then, according to the codomain of these data, the value that namely these data are likely to occur, successively
Encryption, also can obtain the value consistent with encrypted result, and calculate may needs number of times and the value of disappearance number relevant, lack
When being worth the most, it may be necessary to calculation times the most.
Such as, lacking one group of data ABCD, the span of ABCD is all 0 to 9, then, from 0000 to
9999, matching value can be found all the time, if source data is 6639, then from 0000 computing to 6639, knot will be obtained
Really, in this process, 10000 computings are at most needed, and for the result of encryption, if data record is not the most complete,
But the most complete this Data Position can by computing time obtain, successively encryption compare time, the result quilt actually encrypted
These the most full Character segmentation have become several sections, and the result of computing needs and these several segment datas are all coincide, if after Jia Mi
Data bits is the longest, then, occur that the probability of same password is the most very little, due to data incomplete recording, close from record
Code carries out cracking almost without possible, and the missing values of disappearance algorithm can not be the most complicated, the most slowly obtains less than result, lacks algorithm
Shortcoming be the same with asymmetric arithmetic the most time-consuming, it is not necessary that, can not use.
As mentioned above, although the embodiment and the accompanying drawing that are limited according to embodiment are illustrated, but to the art
Various amendment and deformation can be carried out from above-mentioned record for there is the technical staff of general knowledge.Such as, according to explanation
Technology in the mutually different order of illustrated method carry out, and/or according to the system of explanation, structure, device, circuit
The form mutually different etc. the method illustrated by element is combined or combines, or enters according to other elements or equipollent
Row is replaced or displacement also can reach suitable effect.For general technical staff of the technical field of the invention, not
On the premise of departing from present inventive concept, make some equivalents and substitute or obvious modification, and performance or purposes are identical, all should regard
For belonging to protection scope of the present invention.
Claims (9)
1. an electric power network real-time monitoring system, it is characterised in that: including:
Wireless sensor network node, is used for detecting and gather smart power grid user client information;
Supervising device, processes for the operation and data controlling whole system;
Wireless data transfer module, the user data for wireless sensor network node collection radios to supervising device;
Described wireless sensor network node includes multiple sensor node and wireless data acquisition terminal;
Wherein, the wireless data acquisition terminal of described wireless sensor network node and supervising device are by wireless data transmission mould
Block wireless connections;Described wireless data acquisition terminal is provided with FWSM, wireless data acquisition terminal and wireless data and passes
It is each provided with an encrypting module in sending module, Wireless data transmission module is additionally provided with an authentication module, data
Separate dual pathways link block it is provided with between delivery module and FWSM;
Described wireless data acquisition terminal includes: the output of MCU, analog input unit, On-off signal unit, relay is single
Unit, digital output unit, SRAM unit, RTC unit, watchdog unit, RS232/RS485/RS422 unit, wireless list
Unit and power subsystem;
Wherein analog input unit, On-off signal unit are connected with MCU, MCU and relay output unit, digital quantity
Output module unit, MCU is also mono-with SRAM unit, RTC unit, watchdog unit, RS232/RS485/RS422 simultaneously
Unit, radio-cell and LED indicator unit;RS232/RS485/RS422 unit is connected with user interface circuit, wireless
Unit connects ZigBee transmission antenna and adapter circuit.
A kind of electric power network real-time monitoring system the most according to claim 1, it is characterised in that: described wireless data passes
Defeated module includes ZigBee reception antenna, adapter circuit and data/address bus, is used for receiving data collection station wireless signal,
And give described data processing module via data bus transmission.
A kind of electric power network real-time monitoring system the most according to claim 1, it is characterised in that: described wireless senser
Network node includes air temperature sensor, air humidity sensor, voltage sensor, current sensor, meritorious sensor, nothing
One or both and above combination in merit sensor.
A kind of electric power network real-time monitoring system the most according to claim 1, it is characterised in that: described supervising device bag
Include: data monitoring and processing module, control centre, client control module and display terminal.
5., according to the control method of a kind of electric power network real-time monitoring system described in claim 1-4 any one, it is special
Levy and be: comprise the steps:
(1) communication system including control centre, wireless data acquisition terminal and wireless data transfer module is built,
Wireless data acquisition terminal can send to described wireless data transfer module and receive data;
(2) setting up secured communication channel, be bi-directionally connected wireless data acquisition terminal and control centre, control centre is to described entrance
The data of the wireless data acquisition terminal of system process and control;
(3) control centre completes the safety verification of wireless data acquisition terminal by secured communication channel, if acquisition terminal is not
Safety, then stop this wireless data acquisition terminal to enter system and carry out data encryption storage and exchange, if acquisition terminal safety,
This acquisition terminal is then allowed to carry out data encryption storage and exchange.
A kind of control method the most according to claim 5, it is characterised in that: use following steps to complete in step (2)
The foundation of secured communication channel:
(1) when wireless data acquisition terminal sends connection application to control centre, first wireless data acquisition terminal is inquired about and is
The no session connection information cached with control centre, is then to use the digest algorithm of caching in session connection information close to session
Key carries out digest calculations, it will words number and summary result write in session id and the session cipher key digest field of connection application bag
;Inquire about buffer control center certificate the most again, be the control that then certificate serial number of control centre is write connection application bag
In center certificate sequence-number field, then the serial number of wireless data acquisition terminal certificate is write wireless data acquisition terminal certificate
In sequence-number field;Fill in asymmetric encryption and Digital Signature Algorithm Assembly Listing, and send connection application to control centre;
(2), after control centre receives the connection application packet that wireless data acquisition terminal sends, according to session number inquiry it is
The no session connection information being cached with correspondence, is to use the digest algorithm of caching in session connection information to carry out session key
Digest calculations, the summary data of session key result of calculation sent with wireless data acquisition terminal is compared;If it is right
More consistent than result, then using session key and symmetry algorithm as the key of data protection in secured communication channel and algorithm, go forward side by side
Enter next step;
(3) control centre to terminal send consult terminate order, terminal receive control centre send negotiation terminate order after,
Escape way is set up and is terminated.
A kind of control method the most according to claim 6, it is characterised in that: in step (2) if in comparing result differ
Cause, then execution following step flow process:
(A) control centre reads the serial number of control centre's certificate that wireless data acquisition terminal sends, if used with local terminal
Certificate serial number consistent, the most do not send the certificate of control centre to wireless data acquisition terminal, and perform next step flow process;
(B) control centre reads the serial number of the wireless data acquisition terminal certificate that wireless data acquisition terminal sends, according to this
Serial number inquiry has cached wireless data acquisition terminal certificate the most;It is to need not wireless data acquisition terminal in controlling
The heart sends the certificate of wireless data acquisition terminal, and performs following workflow:
A () control centre reads the algorithm combination list that wireless data acquisition terminal sends, select a group encryption intensity the highest
Algorithm combination, as the AES combination used in below scheme, sends to wireless data acquisition terminal, and performs next step
Flow process;
B () control centre generates one group of interim unsymmetrical key pair, use the private key of control centre and described step (a)
Selected in algorithm combination in asymmetric arithmetic temporary public key is digitally signed, will signature result and temporary public key group
Bag, sends cipher key interaction packet to terminal;
C () sends connection application end data packet to wireless data acquisition terminal;
D () wireless data acquisition terminal receives the connection application response data packet that control centre sends, cache key negotiation algorithm
Combination and session number;If wireless data acquisition terminal receives control centre's certificate data bag that control centre sends, to control
Center certificate carries out legitimate verification, is proved to be successful, then use the serial number in certificate as mark, the number at buffer control center
Word certificate;Authentication failed, then exit this flow process, disconnect;If wireless data acquisition terminal receives control centre and sends
Application wireless data acquisition terminal certificate request for data bag, then the certificate group of local terminal is bundled into certificate data bag, to control
Center sends;Wireless data acquisition terminal receives the key agreement packet that control centre sends, then use in the control of caching
PKI in heart certificate and the asymmetric arithmetic in the cipher key agreement algorithm combination of described caching, the temporary public key to control centre
Signing messages is verified, if unsuccessful, exits flow process, and break link;If success, perform next step;
E one session key of () wireless data acquisition terminal stochastic generation, as the key of data protection in escape way, uses
Symmetry algorithm in algorithm combination is as protection algorism;Use session number as mark, it will talk about key, symmetry algorithm and pluck
Algorithm is wanted to cache;Use asymmetric arithmetic that session key is encrypted, and use asymmetric arithmetic to the meeting after encryption
Words key carries out numeral label;By the session key after encryption and digital signature group bag, send key agreement number to control centre
According to bag;
F () sends to control centre and consults to terminate order;
If g () control centre receives wireless data acquisition terminal certificate data bag, wireless data acquisition terminal certificate is carried out
Legitimate verification, if be proved to be successful, uses the serial number in certificate as mark, the digital certificate at buffer control center;As
Really authentication failed, then exit this flow process, disconnect;
H () control centre receives the key agreement packet that wireless data acquisition terminal sends after, use data acquisition eventually
Signed data is signed by the PKI in end certificate and the asymmetric arithmetic in the algorithm combination selected in step S22
Checking, if unsuccessful, exits flow process, and break link;If success, local terminal private key is used to decipher with asymmetric arithmetic
Session key, and use the session number produced in step S22 as mark, it will words key, symmetry algorithm and digest algorithm
Cache;And using session key and symmetry algorithm name as the key of data protection in secured communication channel and algorithm;Hold
Row step (3).
A kind of control method the most according to claim 5, it is characterised in that: in step (3), described control centre is to logical
The detailed process carrying out data encryption storage and exchange of cross safety certification and the system of entrance wireless data acquisition terminal is:
S31 imports source data, S32 data intercept, and S33 system is changed, S34 character transcoding, S35 data recombination, S36 character string
The steps such as replacement and S37 shortage of data storage have formed, and in addition to step S31 and step S32, other process is suitable
Sequence can change.
A kind of control method the most according to claim 8, it is characterised in that: in step S32, at the function intercepting character
In, needing three elements, character the most to be intercepted, the figure place of intercepting and the original position of intercepting, source data is character to be intercepted, and
The length intercepted is to specify, and the original position value of intercepting is the number that password user inputted, machine code, or server end return
According to split into several after all add 1, the group number of the source data that the number of fractionation needs with plan imports is identical.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610579141.2A CN106205090A (en) | 2016-07-22 | 2016-07-22 | A kind of electric power network real-time monitoring system and control method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610579141.2A CN106205090A (en) | 2016-07-22 | 2016-07-22 | A kind of electric power network real-time monitoring system and control method thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106205090A true CN106205090A (en) | 2016-12-07 |
Family
ID=57492222
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610579141.2A Pending CN106205090A (en) | 2016-07-22 | 2016-07-22 | A kind of electric power network real-time monitoring system and control method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106205090A (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107094155A (en) * | 2017-06-14 | 2017-08-25 | 广东工业大学 | A kind of secure storage method of data and device based on alliance's block chain |
CN107146166A (en) * | 2017-04-24 | 2017-09-08 | 国网江西省电力公司经济技术研究院 | Accessory system is planned in a kind of distribution |
CN109429195A (en) * | 2017-08-21 | 2019-03-05 | 北京机械设备研究所 | The managing device and system of instrument and equipment |
CN110264689A (en) * | 2019-05-13 | 2019-09-20 | 广西职业技术学院 | A method of circuit is monitored using big data |
CN114629803A (en) * | 2022-02-21 | 2022-06-14 | 厦门网为股份有限公司 | Zero-trust data monitoring architecture and method based on security key |
CN115589070A (en) * | 2022-11-11 | 2023-01-10 | 贵州电网有限责任公司 | Power grid risk early warning method and system based on cloud computing processing |
CN116647775A (en) * | 2023-07-27 | 2023-08-25 | 哈尔滨凯纳科技股份有限公司 | Remote data transmission terminal for secondary water supply pump station |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104683359A (en) * | 2015-03-27 | 2015-06-03 | 成都三零瑞通移动通信有限公司 | Safety channel establishment method, and data protection method and safety channel key updating method thereof |
CN105281432A (en) * | 2015-09-15 | 2016-01-27 | 成都华兴智造科技有限公司 | Monitoring device of wireless testing and data transmission system |
CN105305615A (en) * | 2015-09-15 | 2016-02-03 | 成都华兴智造科技有限公司 | Wireless test and data transmission system monitoring method |
CN105430017A (en) * | 2015-12-31 | 2016-03-23 | 国网山东临朐县供电公司 | Data secure communication method |
CN105915347A (en) * | 2016-04-19 | 2016-08-31 | 梅照付 | Control method for power electric wireless transmission device |
-
2016
- 2016-07-22 CN CN201610579141.2A patent/CN106205090A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104683359A (en) * | 2015-03-27 | 2015-06-03 | 成都三零瑞通移动通信有限公司 | Safety channel establishment method, and data protection method and safety channel key updating method thereof |
CN105281432A (en) * | 2015-09-15 | 2016-01-27 | 成都华兴智造科技有限公司 | Monitoring device of wireless testing and data transmission system |
CN105305615A (en) * | 2015-09-15 | 2016-02-03 | 成都华兴智造科技有限公司 | Wireless test and data transmission system monitoring method |
CN105430017A (en) * | 2015-12-31 | 2016-03-23 | 国网山东临朐县供电公司 | Data secure communication method |
CN105915347A (en) * | 2016-04-19 | 2016-08-31 | 梅照付 | Control method for power electric wireless transmission device |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107146166A (en) * | 2017-04-24 | 2017-09-08 | 国网江西省电力公司经济技术研究院 | Accessory system is planned in a kind of distribution |
CN107146166B (en) * | 2017-04-24 | 2020-12-01 | 国网江西省电力公司经济技术研究院 | Distribution network planning auxiliary system |
CN107094155A (en) * | 2017-06-14 | 2017-08-25 | 广东工业大学 | A kind of secure storage method of data and device based on alliance's block chain |
CN107094155B (en) * | 2017-06-14 | 2020-03-10 | 广东工业大学 | Data security storage method and device based on alliance block chain |
CN109429195A (en) * | 2017-08-21 | 2019-03-05 | 北京机械设备研究所 | The managing device and system of instrument and equipment |
CN110264689A (en) * | 2019-05-13 | 2019-09-20 | 广西职业技术学院 | A method of circuit is monitored using big data |
CN114629803A (en) * | 2022-02-21 | 2022-06-14 | 厦门网为股份有限公司 | Zero-trust data monitoring architecture and method based on security key |
CN115589070A (en) * | 2022-11-11 | 2023-01-10 | 贵州电网有限责任公司 | Power grid risk early warning method and system based on cloud computing processing |
CN115589070B (en) * | 2022-11-11 | 2023-07-18 | 贵州电网有限责任公司 | Power grid risk early warning method and system based on cloud computing processing |
CN116647775A (en) * | 2023-07-27 | 2023-08-25 | 哈尔滨凯纳科技股份有限公司 | Remote data transmission terminal for secondary water supply pump station |
CN116647775B (en) * | 2023-07-27 | 2023-10-20 | 哈尔滨凯纳科技股份有限公司 | Remote data transmission terminal for secondary water supply pump station |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106205090A (en) | A kind of electric power network real-time monitoring system and control method thereof | |
CN105305615B (en) | A kind of monitoring method of wireless test and data transmission system | |
CN105072636B (en) | A kind of wireless test and data transmission system | |
CN105281432B (en) | A kind of supervising device of wireless test and data transmission system | |
CN101282213B (en) | Method and system for secure data aggregation in wireless sensor networks | |
CN101753312B (en) | Security certification method and security certification device for power grid equipment and negative control terminal | |
CN106789015B (en) | Intelligent power distribution network communication safety system | |
CN105530263A (en) | Ultra-lightweight RFID bidirectional authentication method based on label ID | |
CN105915347A (en) | Control method for power electric wireless transmission device | |
CN108306896A (en) | A kind of substation's condition monitoring system and method with data protection function | |
CN106549502B (en) | A kind of safe distribution of electric power protecting, monitoring system | |
CN104717644B (en) | A kind of two layers of sensor network range query method that can verify that secret protection | |
CN209265678U (en) | Power information acquiring and transmission system based on quantum cryptography | |
CN115277040B (en) | Medical health data storage and sharing method and system based on blockchain technology | |
CN109525391A (en) | A kind of method that server is synchronous with lockset information security | |
CN201898525U (en) | IOT (Internet of Things) network architecture with safety system | |
CN105847009A (en) | RFID bidirectional authentication method meeting requirement on backward security | |
Jiao et al. | A blockchain-based trusted upload scheme for the internet of things nodes | |
CN105959258A (en) | Wireless transmitting device of power grid | |
CN103024745A (en) | Replication node detection method of wireless sensor network | |
CN112311553A (en) | Equipment authentication method based on challenge response | |
CN113256470A (en) | Weapon equipment management system and method based on block chain | |
CN104599046A (en) | Data security management method for intelligent power grid | |
CN116319365A (en) | Equipment monitoring information cross-safety-zone transmission and automatic modeling system | |
CN115694871A (en) | Safe transmission method for power distribution network state data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161207 |