CN106685702A - Big data acquisition method based on industrial control system security protection equipment - Google Patents
Big data acquisition method based on industrial control system security protection equipment Download PDFInfo
- Publication number
- CN106685702A CN106685702A CN201611119801.5A CN201611119801A CN106685702A CN 106685702 A CN106685702 A CN 106685702A CN 201611119801 A CN201611119801 A CN 201611119801A CN 106685702 A CN106685702 A CN 106685702A
- Authority
- CN
- China
- Prior art keywords
- protection equipment
- control system
- industrial control
- safety protection
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Abstract
The invention provides a big data acquisition method based on industrial control system security protection equipment characterized by comprising three steps: a) controlling the mapping relationship between the protocol data and the real operation data through the configuration of the industrial control system security protection equipment; b) analyzing by the industrial control system security protection equipment the control protocol instruction and data so as to obtain the real operation data of industrial production; recording and saving the analyzed real operation data in the industrial control system security protection equipment; and c) transmitting the real operation data saved in the industrial control system security protection equipment to a big data platform. The big data acquisition method proposed by the invention utilizes the currently available industrial control system security protection equipment to reinforce and reorganize the software modules under the condition that no new hardware is added so as to provide a piece of industrial big data acquisition equipment on the basis of the original equipment information security protection.
Description
Technical field
It is more particularly to a kind of anti-safely based on industrial control system the present invention relates to field of industrial control safety technical field
The big data acquisition method of shield equipment.
Background technology
Industrial big data is the core technology and motive force of intelligence manufacture, and visible asking is understood and solved using data
Topic;Sightless problem is analyzed and predicted using data;New knowledge is excavated from data, recycles knowledge to go to redefine
Problem so that visible or sightless problem can be avoided in manufacture system.Therefore the excavation of industrial big data is big number
According to the basis of analysis.
Requirement due to industrial control system to real-time is very high, if requiring that control device is remembered while normal operating
Configuration, computational load and storage pressure that all of operating process can bring complexity to control device are recorded, gather and report, these
Cause the negative effect of the real-time to whole control system.But the optimization of Industry Control flow needs actual motion to operate again
Specific data whole industrial control system is optimized totally, in particular for the very first time find system operation occur appoint
What problem and potential information security hidden danger are required for the service data of full and accurate production process.
As standard network and Internet technology are in the extensive use of industrial control system, the safe prestige of industrial control system
The side of body just increasingly sharpens, and many industrial control systems have installed safety protection equipment additional to solve increasingly serious safety problem, this kind of peace
Full protection equipment possesses the function of access control, state-detection and depth Packet analyzing.The security protection of these safety protection equipments
, it is necessary to one has efficacious prescriptions using what industrial control system safety protection equipment carried out industrial big data collection on the basis of function
Method.
The content of the invention
Therefore, the invention provides the big data acquisition method that a kind of place is based on industrial control system safety protection equipment,
For solving on the premise of former industrial control system practical operation and security protection system normal work is ensured, it is right to realize
The problems such as big data of industrial control system is gathered safely.
To reach above-mentioned purpose, the technical proposal of the invention is realized in this way:
A kind of method of the big data collection based on industrial control system safety protection equipment, it is man-machine in industrial control system
Interface, host computer, safety protection equipment and slave computer are connected with router, while slave computer is connected with field apparatus, peace
Full protection equipment is connected with big data system and display device, the big data based on industrial control system safety protection equipment
Acquisition method includes following three step:
A. control protocol data are configured by industrial control system safety protection equipment to be closed with the mapping of practical operation data
System;
B. industrial control system safety protection equipment is parsed to control protocol order and data so as to obtain industrial life
The practical operation data of product, and by the practical operation data record after parsing and storage set to industrial control system security protection
It is standby;
C. by industrial control system safety protection equipment store practical operation data transfer is to big data system and deposits
Storage is in big data system.
Industrial control system safety protection equipment access industrial network, and the information of each network element network Nei is obtained, including:
IP address, MAC Address and tcp port information.
Industrial control system safety protection equipment is analyzed between host computer, slave computer in network by tcp port
Control protocol order, and packet to control protocol order parses, parsing obtains the network element as host computer and conduct
The network element of slave computer.
Industrial control system safety protection equipment can also configure the customized information of output report, customized information be according to
The information of family demand customization includes:The next machine information, temporal information, device parameter information, exectorial record information.
Industrial control system safety protection equipment obtains the packet of the control protocol order between host computer and slave computer
Afterwards, according to protocol rule, the control protocol order for receiving and data are parsed, obtains the number of original control protocol order
According to.
Industrial control system safety protection equipment is according to the control protocol order being pre-configured with and data and practical operation number
According to mapping relations, control protocol order and data are converted into practical operation data, while being recorded and stored in Industry Control
In system safety protection equipment.
Industrial control system safety protection equipment will be stored in industrial control system safety protection equipment according to customized information
Practical operation data genaration chart and/or list file, and as requested output to designated equipment, including display device
And/or printing device.
Industrial control system safety protection equipment according to customized information or interim customized information, storage in Industry Control system
Practical operation data genaration data sheet or packet in system safety protection equipment.
Industrial control system safety protection equipment is transferred to the data sheet or packet of generation greatly by network system
Data system is simultaneously stored in big data system.
Beneficial effects of the present invention:The present invention can utilize existing industrial control system safety protection equipment, not increase
On the premise of stiffened part, software module is strengthened again and is integrated, make its complete existing equipment protecting information safety while
Collecting device as industrial big data.
Brief description of the drawings
Fig. 1 is the network structure of safety protection equipment gathered data of the present invention based on industrial control system,
Fig. 2 is industrial control system safety protection equipment composition schematic diagram,
Fig. 3 is the schematic diagram of the mapping relations of control protocol data and practical operation data,
Fig. 4 is the schematic diagram that safety protection equipment exports practical operation data,
Fig. 5 is the flow of IP/MAC addresses, tcp port and the data flow of network element device in industrial control system,
Fig. 6 is the flow chart for extracting control protocol data and being converted into practical operation data,
Fig. 7 is output control protocol data or practical operation data drawing list and/or the flow chart of report.
Reference:
100- industrial control systems, 102- slave computers,
104- host computers, 106- man-machine interfaces,
108- field apparatus, 110- routers,
112- safety protection equipments, 202- big data system equipments,
204- display devices, 304- processors,
306- users circle mouthful, 402- processors,
404- network element address, port analysis module,
406- resolve packet modules, 408- data/report generation module,
410- data management interfaces, 412- memory cell,
414- display interfaces, 510-TCP/IP protocol suites,
The interface of 602- safety protection equipments and industrial big data equipment,
The interface of 604- safety protection equipments and display device.
Specific embodiment
Presently preferred embodiments of the present invention is described in detail below in conjunction with the accompanying drawings, reference number refers to the group in the present invention
Part, technology, realize to be easier to be understood under appropriate circumstances so as to advantages and features of the invention.Following description is right
The materialization of claim of the present invention, and other related to claim do not clearly state implement the power of falling within
The scope that profit is required.
In Fig. 1 represents industrial control system 100, host computer 104 (is respectively comprising multiple slave computers with slave computer 102
102-1~102-n) between communicated by communication interface according to industrial control protocols;Slave computer 102 and man-machine interface 106
Between communicated by communication interface in the presence of an application programming interfaces, for various parameters management, download program install etc.
Operation;Slave computer 102 (102-1~102-n) issues control association by output interface to field apparatus 108 (108-1~108-m)
View order, field apparatus 108 (108-1~108-m) is by input interface to slave computer 102 (102-1~102-n) feed back on-site
Metrical information, such as including temperature, pressure, rotating speed etc. information;Safety protection equipment 112 is based on ICP/IP protocol and passes through network
Communication interface is connected with the network router 110 in industrial control system;Safety protection equipment 112 is based on application program API again
It is connected with big data system by router;Safety protection equipment 112 is connected by display interface device with display device 204.
The figure of safety protection equipment 112 is as shown in Fig. 2 safety protection equipment 112 includes that network communication interface is used to externally lead to
Letter;Safety means processor 402 is used for the calculating and management of modules in safety protection equipment 112;Network element address, port point
Analysis module 404 is used for network element IP/MAC Address, tcp port and data flow scanning analysis;Resolve packet module 406 is used to control
Protocol command processed and resolve packet and data conversion;Data/report generation module 408 is used for data drawing list and report generation;
Data management interface 410 is used to pre-define control protocol order and the configuration of practical operation data mapping relations and data pipe
Reason;Memory cell 412 be used for store initial data, intermediate conversion data and other need data storage,.
Realizing that the big data gatherer process based on industrial control system safety protection equipment of the invention is:First have to lead to
Cross safety protection equipment 112 mapping relations of control protocol order and practical operation data are recorded and stored, in such as Fig. 3
Peration data be to need the content that is configured of concrete condition according to scene, and control protocol order and protocol data source
In standard industry control protocol specification.
Next to that the output data of display carries out record output to be required to user by safety protection equipment 112, in Fig. 4
Configuration be need according to user need customized information set display data drawing list content, including but not limited to whether show
The data of specific control instruction, the time range of display, specific span etc..
Next the flow chart of step as shown in Figure 5 as shown in step S11, starts safety protection equipment 112 to network element ground
Location, port analysis module 404, to the IP/MAC addresses of network element, tcp port and data flow information scanning are analyzed.Such as step S12
Shown, network element address, port analysis module 404 monitor the network traffics on router 110 by network communication module, and judgement is
It is no network traffics occur, there is no flow to return and continue to monitor;If there is network traffics, as shown in step S13, IP/MAC is extracted
Whether address, tcp port, next as shown in step S14, contrasted to have and conflicted with known IP/MAC addresses, occurs conflicting
(identical IP has corresponded to different MAC Address), then send warning information and return to restarting drive sweep, if without IP/MAC ground
Location conflicts, then extract the IP/MAC addresses of host computer and slave computer, and tcp port number, then as shown in step S15, and deposits
Existing network element IP/MAC Address in storage unit 412 is compared, if with the presence of identical IP/MAC network elements, return after
Resume studies and take, if new IP/MAC addresses, then new host ip/MAC Address, tcp port to storage are stored as shown in step S16
Unit 412, the record as shown in step S17 includes device id, IP/MAC addresses, tcp port number (the i.e. industry control of host computer network element
Protocol type processed) and slave computer network element device id, IP/MAC addresses, tcp port number (i.e. industrial control protocols type).
Control protocol order is converted to practical operation data step as shown in fig. 6, by the data in safety protection equipment 112
Packet analyzing module 406 to control protocol order and resolve packet and conversion,.As shown in step S21, resolve packet module
406 read a new network traffic recording from memory cell 402, as shown in step S22, first check for the control in record
Whether protocol command is known legitimate protocol command data, if illegal, carries out error handling processing, returns and reads next note
Record.If agreement is legal, as shown in step S23, the control protocol order data of this record is analyzed, then as shown in step S24
By control protocol data and time of origin storage in memory cell 412, then according to control protocol order as shown in step S25
Control protocol order is converted to practical operation data and stores single in storage by the mapping relations of data and practical operation data
In unit 412, it is then back to carry out the next data conversion of record.
Step as shown in Figure 7 is to require output data according to user, is given birth to by the data in safety protection equipment 112/report
Data drawing list and report are generated into module 408.Resolve packet module 406 determines whether data as stated in step s 31 first
Chart output request, if having request as shown in step S32, requires from storage data drawing list output according to user customized information
Unit 412 extracts corresponding data and generates data record, predefined data chart is generated according to step S33 and output is arrived
On the display device 204 being connected with safety protection equipment 112.Then determine whether that data report is exported further according to step S34
Request, if having request as step S35 extract data record, further according to shown in step S36, according to user customized information to data
Report output request extracts corresponding data and generates data sheet or packet is sent to and security protection from memory cell 412
In the connected big data system 202 of equipment 112.
Embodiments of the invention are the foregoing is only, the scope of the claims of the invention is not thereby limited, it is every to utilize this hair
Equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and this
Art personnel can design alternative embodiment without departing from the scope of the appended claims.In claim
In, any reference symbol being located between bracket should not be configured to limitations on claims.Word " including " be not excluded for depositing
In element or step not listed in the claims.Word "a" or "an" before element do not exclude the presence of it is multiple this
The element of sample.The use of word first, second, and third does not indicate that any order.These words can be construed to title.
Claims (9)
1. a kind of method that big data based on industrial control system safety protection equipment is gathered, it is characterised in that Industry Control
Man-machine interface, host computer, safety protection equipment and slave computer are connected with router in system, while slave computer sets with scene
Standby connection, safety protection equipment is connected with big data system and display device, described to be set based on industrial control system security protection
Standby big data acquisition method includes following three step:
A. the mapping relations of control protocol data and practical operation data are configured by industrial control system safety protection equipment;
B. the industrial control system safety protection equipment is parsed to control protocol order and data so as to obtain industrial life
The practical operation data of product, and by parsing after the practical operation data record and store to the industrial control system safety
Safeguard;
C. the practical operation data transfer that will be stored in the industrial control system safety protection equipment is to big data system
And store in the big data system.
2. the method that the big data based on industrial control system safety protection equipment according to claim 1 is gathered, it is special
Levy and be, the industrial control system safety protection equipment access industrial network, and the information of each network element network Nei is obtained, wrap
Include:IP address, MAC Address and tcp port information.
3. the method that the big data based on industrial control system safety protection equipment according to claim 2 is gathered, it is special
Levy and be, the industrial control system safety protection equipment analyzes host computer, slave computer in network by the tcp port
Between control protocol order, and packet to the control protocol order parsed, and parsing is obtained as described upper
The network element of machine and the network element as the slave computer.
4. the method that the big data based on industrial control system safety protection equipment according to claim 1 is gathered, it is special
Levy and be, the industrial control system safety protection equipment can also configure the customized information of output report, the customized information
It is that the information customized according to user's request includes:The next machine information, temporal information, device parameter information, exectorial record
Information.
5. the method that the big data based on industrial control system safety protection equipment according to claim 3 is gathered, it is special
Levy and be, the industrial control system safety protection equipment obtains the control association between the host computer and the slave computer
After discussing the packet of order, according to protocol rule, the control protocol order for receiving and data are parsed, obtain original control
The data of protocol command processed.
6. the big data acquisition method based on industrial control system safety protection equipment according to claim 4 or 5, it is special
Levy and be, the industrial control system safety protection equipment according to the control protocol order and data being pre-configured with it is described
The mapping relations of practical operation data, the practical operation data are converted to by the control protocol order and data, while note
Record and store in the industrial control system safety protection equipment.
7. the big data acquisition method based on industrial control system safety protection equipment according to claim 6, its feature
It is that the industrial control system safety protection equipment will be stored in the industrial control system peace according to the customized information
The practical operation data genaration chart and/or the file of list of full protection equipment, and designated equipment is arrived in output as requested,
Including display device and/or printing device.
8. the big data acquisition method of industrial control system safety protection equipment according to claim 6, it is characterised in that
The industrial control system safety protection equipment is controlled storage in the industry according to the customized information or interim customized information
Practical operation data genaration data sheet or packet in system safety protection equipment processed.
9. the big data acquisition method of industrial control system safety protection equipment according to claim 8, it is characterised in that
The industrial control system safety protection equipment is transferred to the data sheet or packet of generation greatly by network system
Data system is simultaneously stored in the big data system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611119801.5A CN106685702B (en) | 2016-12-08 | 2016-12-08 | Big data acquisition method based on industrial control system safety protection equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611119801.5A CN106685702B (en) | 2016-12-08 | 2016-12-08 | Big data acquisition method based on industrial control system safety protection equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106685702A true CN106685702A (en) | 2017-05-17 |
| CN106685702B CN106685702B (en) | 2020-05-05 |
Family
ID=58869249
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611119801.5A Active CN106685702B (en) | 2016-12-08 | 2016-12-08 | Big data acquisition method based on industrial control system safety protection equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106685702B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108055204A (en) * | 2017-12-06 | 2018-05-18 | 常熟理工学院 | A kind of big data network communication implementation method |
| CN109507975A (en) * | 2018-12-28 | 2019-03-22 | 飞马智科信息技术股份有限公司 | A kind of acquisition network system of industry big data |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103472794A (en) * | 2013-09-11 | 2013-12-25 | 昆山奥德鲁自动化技术有限公司 | Chemical fiber industrial Ethernet remote measurement and control system and remote measurement and control method thereof |
| CN103475478A (en) * | 2013-09-03 | 2013-12-25 | 广东电网公司电力科学研究院 | Terminal safety protection method and equipment |
| CN204790999U (en) * | 2015-07-24 | 2015-11-18 | 北京艾博唯科技有限公司 | Big data acquisition of industry and processing system |
| CN105223927A (en) * | 2015-10-12 | 2016-01-06 | 上海应用技术学院 | A kind of continuous casting cloud computing research and development manufacturing system |
| WO2016081954A1 (en) * | 2014-11-18 | 2016-05-26 | Prophecy Sensors, Llc | Predictive maintenance and quality assurance of a process and machine using reconfigurable sensor networks |
| CN105827682A (en) * | 2015-01-09 | 2016-08-03 | 大唐电信科技股份有限公司 | Data uploading and downloading methods and devices thereof |
| CN106160222A (en) * | 2016-07-21 | 2016-11-23 | 成都育芽科技有限公司 | A kind of Industrial Concentrated Area big data collecting system of power consumer load information |
-
2016
- 2016-12-08 CN CN201611119801.5A patent/CN106685702B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475478A (en) * | 2013-09-03 | 2013-12-25 | 广东电网公司电力科学研究院 | Terminal safety protection method and equipment |
| CN103472794A (en) * | 2013-09-11 | 2013-12-25 | 昆山奥德鲁自动化技术有限公司 | Chemical fiber industrial Ethernet remote measurement and control system and remote measurement and control method thereof |
| WO2016081954A1 (en) * | 2014-11-18 | 2016-05-26 | Prophecy Sensors, Llc | Predictive maintenance and quality assurance of a process and machine using reconfigurable sensor networks |
| CN105827682A (en) * | 2015-01-09 | 2016-08-03 | 大唐电信科技股份有限公司 | Data uploading and downloading methods and devices thereof |
| CN204790999U (en) * | 2015-07-24 | 2015-11-18 | 北京艾博唯科技有限公司 | Big data acquisition of industry and processing system |
| CN105223927A (en) * | 2015-10-12 | 2016-01-06 | 上海应用技术学院 | A kind of continuous casting cloud computing research and development manufacturing system |
| CN106160222A (en) * | 2016-07-21 | 2016-11-23 | 成都育芽科技有限公司 | A kind of Industrial Concentrated Area big data collecting system of power consumer load information |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108055204A (en) * | 2017-12-06 | 2018-05-18 | 常熟理工学院 | A kind of big data network communication implementation method |
| CN108055204B (en) * | 2017-12-06 | 2020-06-12 | 常熟理工学院 | Big data network communication implementation method |
| CN109507975A (en) * | 2018-12-28 | 2019-03-22 | 飞马智科信息技术股份有限公司 | A kind of acquisition network system of industry big data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106685702B (en) | 2020-05-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3111433B1 (en) | Wireless sensor network | |
| CN107040459A (en) | A kind of intelligent industrial secure cloud gateway device system and method | |
| US20140282850A1 (en) | Industrial network security | |
| CN102088379A (en) | Detecting method and device of client honeypot webpage malicious code based on sandboxing technology | |
| US9245147B1 (en) | State machine reference monitor for information system security | |
| CN103944763B (en) | A kind of power system network aided management system and management method | |
| CN103559570A (en) | Fault recording master station information management system | |
| CN107018203A (en) | A kind of frequency converter remote monitoring control method | |
| CN109639756A (en) | A kind of terminal network incidence relation is shown and equipment accesses real-time monitoring system | |
| CN106027351A (en) | Embedded Web server Profibus fault diagnosis communication module | |
| CN111966465B (en) | Method, system, equipment and medium for modifying host configuration parameters in real time | |
| CN106685702A (en) | Big data acquisition method based on industrial control system security protection equipment | |
| CN101719991B (en) | Video matrix protocol converter | |
| CN103309722A (en) | Cloud computation system and application access method thereof | |
| CN202652270U (en) | Database audit system | |
| CN204288199U (en) | Printing device LPT data virtual system | |
| CN104460629A (en) | Remote diagnosis platform system for boiler | |
| CN110457897A (en) | A kind of database security detection method based on communication protocol and SQL syntax | |
| CN106354100B (en) | A kind of operation audit method and device applied to numerically-controlled machine tool | |
| KR20170009029A (en) | INDUSTRIAL IoT SERVICE SYSTEM BASED ON CLOUD | |
| CN204462802U (en) | A kind of boiler remote diagnosis plateform system | |
| CN113971288A (en) | Big data technology-based smart campus security management and control platform | |
| CN101986664A (en) | Communication network-based three-level remote monitoring system of medicinal equipment | |
| WO2020175031A1 (en) | Control device, management program, and control system | |
| CN106302031B (en) | System for monitoring state of communication line in real time |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20211122 Address after: 310051 building 3, 351 Changhe Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: Hangzhou rischen Anke Technology Co.,Ltd. Address before: 100192 floor 7, block B, science and technology wealth center, No. 8, Xueqing Road, Haidian District, Beijing Patentee before: BEIJING LANXUM NEW TECHNOLOGY Co.,Ltd. Patentee before: HANGZHOU GUYI NETWORK TECHNOLOGY CO.,LTD. |
|
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: Room 817-7, Building 1, No. 371, Mingxing Road, Economic and Technological Development Zone, Xiaoshan District, Hangzhou City, Zhejiang Province, 311215 Patentee after: Hangzhou Zhongdian Anke Modern Technology Co.,Ltd. Address before: 310051 building 3, 351 Changhe Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Patentee before: Hangzhou rischen Anke Technology Co.,Ltd. |