CN106850573A - A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission - Google Patents

A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission Download PDF

Info

Publication number
CN106850573A
CN106850573A CN201611253525.1A CN201611253525A CN106850573A CN 106850573 A CN106850573 A CN 106850573A CN 201611253525 A CN201611253525 A CN 201611253525A CN 106850573 A CN106850573 A CN 106850573A
Authority
CN
China
Prior art keywords
data
reverse
isolating device
industrial computer
outer net
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611253525.1A
Other languages
Chinese (zh)
Inventor
杨学满
陈君伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Day Valley Electric Technology Co Ltd
Original Assignee
Nanjing Day Valley Electric Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Day Valley Electric Technology Co Ltd filed Critical Nanjing Day Valley Electric Technology Co Ltd
Priority to CN201611253525.1A priority Critical patent/CN106850573A/en
Publication of CN106850573A publication Critical patent/CN106850573A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/029Firewall traversal, e.g. tunnelling or, creating pinholes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/26Special purpose or proprietary protocols or architectures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission of the present invention, step:The deployed with devices of station level:The foundation of communication link, production control zone is deployed in interior network control machine, and information management area is deployed in outer net industrial computer, and centre is forward and reverse isolating device, and data center shows the data monitoring to station equipment;Data acquisition:Intranet industrial computer realizes the data acquisition to station equipment, dock the packet that the data that will successfully receive dress up user-defined format by groups of clients, outer net industrial computer is transferred to by isolating device, the service end in outer net industrial computer carries out being parsed into corresponding data to the packet;Reverse Turning Control:Data center issues control instruction according to particular case, and via the service end assembling datagram of outer net industrial computer, reverse single byte is transferred to Intranet machine, realizes response control.When generation data or communication abnormality, outer end can issue instruction of restarting restarts inner equipment self-inspection;It is safer efficient to positive data service by encapsulation.

Description

A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission
Technical field
The present invention relates to the technical field of photovoltaic plant electrical secondary system information communication, the especially forward and reverse isolation of a kind of transparent transmission Device Data Transport Protocol.
Background technology
Electric power secondary system include for monitor and control power network and power plant production run process, based on computer techno-stress The transaction processing system of technology and the electric power monitoring system of smart machine and the special wide area data network of power scheduling at different levels, electricity Power produces private dialup network.
《Electric power secondary system security protection specifies》In be distinctly claimed electric power secondary system security protection work should adhere to Security partitioning, network-specific, lateral isolation, the principle of longitudinal certification, ensure electric power monitoring system and Electric Power Dispatching Data Network Safety.Production control great Qu and management information great Qu is divided into principle, and setting is used between this Liang great area through country The device of the special horizontal one-way safety isolation of electric power of specific office detection certification, forbids any passing through to produce control great Qu and pipe The general purpose web service on place of safety border between reason information great Qu.Special horizontal one-way safety isolating device is according to transmission side data To being divided into positive isolating device and reverse isolation device.Positive isolating device is used to produce control zone great Qu to management information great Qu One-way data transmission, set up one-way data transfer by the way of TCP or UDP, be reversely only capable of list in positive isolating device Bit or single byte response, it is impossible to carry out data transmission.Reverse isolation device is used for management information great Qu to production control great Qu One-way data transmission, non-penetrative data transfer is carried out by the way of non-TCP.General management information great Qu obtains production control The information in Zhi great areas is all to be pushed to outer net industrial computer by isolating device from Intranet industrial computer in the way of file.
Forward and reverse isolating device effectively realizes the controllability and security of powerline network, improves defending computer Attack, the information security level of virus, however, the traffic model of this strong secured physical isolation also comes to electric power data communication band Operational inconvenience, such as business datum cannot detect the machine operation of production control great Qu when not refreshing for a long time.Together When, the traffic model of strong secured physical isolation is often applied in the big wide area data network of region span, is safeguarded across special transverse direction The data at one-way safety isolating device two ends, particularly net side is very difficult in isolating device.
The content of the invention
The technical problem to be solved in the present invention is:In order in solving the problems, such as the prior art in above-mentioned background technology, There is provided a kind of transparent transmission forward and reverse isolating device Data Transport Protocol, it is photovoltaic plant dedicated network production control great Qu and management The communication method that isolating device is passed through with non-file mode between information great Qu.
The technical solution adopted for the present invention to solve the technical problems is:A kind of forward and reverse isolating device data transfer of transparent transmission Agreement, comprises the concrete steps that:
S1:The deployed with devices of station level:The foundation of communication link, production control zone is deployed in interior network control machine, information management area portion In outer net industrial computer, centre is forward and reverse isolating device for administration, and data center shows the data monitoring to station equipment;
S2:Data acquisition:Intranet industrial computer realizes the data acquisition to station equipment, docks the data that will successfully receive by visitor Family end is assembled into the packet of user-defined format, and outer net industrial computer, the service in outer net industrial computer are transferred to by isolating device End carries out being parsed into corresponding data to the packet;
S3:Reverse Turning Control:Data center issues control instruction according to particular case, and number is assembled via the service end of outer net industrial computer According to bag, reverse single byte is transferred to Intranet machine, realizes response control.
Further limit, above-mentioned technical proposal in S3, works as data exception, when not refreshing, judgement be Intranet machine with stand in set Standby communication abnormality, now issues instruction of restarting.
Further limit, above-mentioned technical proposal, in S3, when the time of Intranet machine is incorrect, when having pair with station equipment During demand, it is necessary to Intranet machine is set time by data center, data when equally by the serve end program assembling pair of outer net machine Bag, reverse transfer gives Intranet machine.
The beneficial effects of the invention are as follows:The Data Transport Protocol has advantages below:
When the first, overcoming the business data transmission of forward and reverse isolating device, external device can not access end equipment in isolating device Ruuning situation so that when there is data exception or communication abnormality, outer end can issue instruction of restarting makes inner equipment self-inspection Restart, solve some abnormal problems;
2nd, it is safer efficient to positive data service by encapsulation, it is the data transfer forward and reverse isolating device of direct transparent transmission A kind of new method.
Brief description of the drawings
The present invention is further described with reference to the accompanying drawings and examples.
Fig. 1 is positive transmission data form;
Fig. 2 is Reverse Turning Control data form;
Fig. 3 is station level structural topology.
Specific embodiment
In conjunction with the accompanying drawings, the present invention is further explained in detail.These accompanying drawings are simplified schematic diagram, only with Illustration illustrates basic structure of the invention, therefore it only shows the composition relevant with the present invention.
See Fig. 1~3, a kind of forward and reverse isolating device Data Transport Protocol of transparent transmission, agreement includes:Forward direction transmission, reversely control System, wherein the business datum of forward data passage has been organized in positive transmission, is divided into the data types such as remote measurement, remote pulse, remote signalling.Reversely Control, realization restart, pair when instruction issue function.Instant invention overcomes forward and reverse isolating device business data transmission when, outward End equipment can not access the ruuning situation of end equipment in isolating device, so that when there is data exception or communication abnormality, outer end Instruction of restarting can be issued restarts inner equipment self-inspection, solves some abnormal problems.Meanwhile, in electric power secondary system information neck Domain, passes through isolating device typically all in the way of transmitting file, and this mode is required for hardware cache, and efficiency of transmission It is not high.The agreement of definition of the invention passes through encapsulation to positive data service, safer efficient, is the direct transparent transmission of data transfer A kind of new method of forward and reverse isolating device.
The Data Transport Protocol is comprised the concrete steps that:
S1:The deployed with devices of station level:The foundation of communication link, production control zone is deployed in interior network control machine, information management area portion In outer net industrial computer, centre is forward and reverse isolating device for administration, and data center shows the data monitoring to station equipment, sees Fig. 3;
S2:Data acquisition:Intranet industrial computer realizes data acquisition to station equipment, support IEC104, IEC101, CDT, The power communication agreement such as Modbus, docks the packet that the data that will successfully receive dress up user-defined format by groups of clients, Outer net industrial computer is transferred to by isolating device, the service end in outer net industrial computer carries out being parsed into respective counts to the packet According to being finally uploaded to data center;
S3:Reverse Turning Control:Data center issues control instruction according to particular case, and number is assembled via the service end of outer net industrial computer According to bag, reverse single byte is transferred to Intranet machine, realizes response control.In S3, work as data exception, when not refreshing, judgement is Intranet Machine and station equipment communication abnormality, now issue instruction of restarting.In S3, when the time of Intranet machine is incorrect, with station equipment When having pair during demand, it is necessary to Intranet machine is set time by data center, the serve end program assembling equally by outer net machine is right When packet, reverse transfer gives Intranet machine.
See Fig. 1, connection is set up in TCP modes during the protocol, client is used as TCP Client, service end conduct TCP Server, the client and service end of the agreement are connected by isolating device tissue.Form encapsulation of data message, forward direction transmission Outer net side is reached by isolating device, outer net lateral root parses content according to the message format.Forward data format description:Heading: 0x68;Function code:0x100 always calls data, 0x10 delta datas;Message length:The length of whole frame, is easy to verification, takes two Individual byte;Node ID:Stored by node, take two bytes;Data type:0x31 remote signalling, 0x32 remote measurements, 0x33 remote pulses;Number According to number:The data amount check that the frame is uploaded;Initial period:The initial period in the frame data domain, takes two bytes;Data field:It is distant Letter step-by-step packaging, remote measurement, remote pulse are uploaded with real-coded GA, take nybble.
See Fig. 2, Reverse Turning Control data form explanation:Initial function code:0xFF is represented restarts, when 0xFE is represented pair;Data Domain:It is 00 00 to restart, pair when be timestamp;End functions code:As initial function code;The variable for accounting for multibyte is height Preceding, low byte is rear for byte.Reverse Turning Control content:A, restart, the protocol server sends data in outer net side to interior net side The FF of FF 00 00, due to that can only pass a byte every time, so client will be added up when receiving, being represented when receiving FF needs It is controlled, is afterwards 00 00, then terminated with FF, client is accumulative in 10s receives this four bytes to have Effect, performs reset command;B, pair when, the protocol server sends director data in outward side, and first byte sends FE, work(when being pair Can code, subsequent byte is timestamp, and timestamp is defined as 0 point of number of seconds so far during 1 day 0 January in 1970, and high byte is low preceding Rear, termination character is also FE to byte, packet during composition pair, and single byte is transferred to Intranet industrial computer successively, is received in 10s Total data is effective, is set time.The character collected is not pair or time-out receives, and fails when pair;During the passback pair of Intranet machine Response data packet, the FE of FE 00 00, success when representing pair fails when FE FF FF FE are represented pair.
With above-mentioned according to desirable embodiment of the invention as enlightenment, by above-mentioned description, relevant staff is complete Various changes and amendments can be carried out without departing from the scope of the technological thought of the present invention' entirely.The technology of this invention Property scope is not limited to the content on specification, it is necessary to its technical scope is determined according to right.

Claims (3)

1. the forward and reverse isolating device Data Transport Protocol of a kind of transparent transmission, it is characterised in that:Comprise the concrete steps that:
S1:The deployed with devices of station level:The foundation of communication link, production control zone is deployed in interior network control machine, information management area portion In outer net industrial computer, centre is forward and reverse isolating device for administration, and data center shows the data monitoring to station equipment;
S2:Data acquisition:Intranet industrial computer realizes the data acquisition to station equipment, docks the data that will successfully receive by visitor Family end is assembled into the packet of user-defined format, and outer net industrial computer, the service in outer net industrial computer are transferred to by isolating device End carries out being parsed into corresponding data to the packet;
S3:Reverse Turning Control:Data center issues control instruction according to particular case, and number is assembled via the service end of outer net industrial computer According to bag, reverse single byte is transferred to Intranet machine, realizes response control.
2. the forward and reverse isolating device Data Transport Protocol of a kind of transparent transmission according to claim 1, it is characterised in that:In S3, Work as data exception, when not refreshing, judgement is Intranet machine and station equipment communication abnormality, now issues instruction of restarting.
3. the forward and reverse isolating device Data Transport Protocol of a kind of transparent transmission according to claim 1, it is characterised in that:In S3, When the time of Intranet machine is incorrect, when having pair with station equipment during demand, it is necessary to which Intranet machine is carried out by data center right When, packet when equally by the serve end program assembling pair of outer net machine, reverse transfer gives Intranet machine.
CN201611253525.1A 2016-12-30 2016-12-30 A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission Pending CN106850573A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611253525.1A CN106850573A (en) 2016-12-30 2016-12-30 A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611253525.1A CN106850573A (en) 2016-12-30 2016-12-30 A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission

Publications (1)

Publication Number Publication Date
CN106850573A true CN106850573A (en) 2017-06-13

Family

ID=59115251

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611253525.1A Pending CN106850573A (en) 2016-12-30 2016-12-30 A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission

Country Status (1)

Country Link
CN (1) CN106850573A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108540499A (en) * 2018-06-26 2018-09-14 中国华电集团科学技术研究总院有限公司 Electric power networks data transmission system with duplex channel and data transmission method
CN109525348A (en) * 2018-05-31 2019-03-26 南京天谷电气科技有限公司 A kind of positive outer internal net side time synchronization method of net side of isolation
CN111614626A (en) * 2020-04-26 2020-09-01 中广核风电有限公司 Data acquisition system and data acquisition method
CN111800277A (en) * 2020-09-10 2020-10-20 浙江浙能技术研究院有限公司 Serialization method of binary file penetration reverse isolation device
CN112260276A (en) * 2020-11-04 2021-01-22 中能电力科技开发有限公司 Virtual anemometer tower device of wind power plant power prediction system
CN113765907A (en) * 2021-08-31 2021-12-07 中能电力科技开发有限公司 High-concurrency and high-capacity new energy data transmission method
CN114244719A (en) * 2021-11-29 2022-03-25 贵州乌江水电开发有限责任公司 Centralized control power station communication topological structure suitable for public network and application method thereof

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102843352A (en) * 2012-05-15 2012-12-26 广东电网公司茂名供电局 Cross-physical isolation data transparent transmission system and method between intranet and extranet
CN104516334A (en) * 2013-12-09 2015-04-15 国家电网公司 Closed-loop control system and method for positive and reverse isolators

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102843352A (en) * 2012-05-15 2012-12-26 广东电网公司茂名供电局 Cross-physical isolation data transparent transmission system and method between intranet and extranet
CN104516334A (en) * 2013-12-09 2015-04-15 国家电网公司 Closed-loop control system and method for positive and reverse isolators

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525348A (en) * 2018-05-31 2019-03-26 南京天谷电气科技有限公司 A kind of positive outer internal net side time synchronization method of net side of isolation
CN108540499A (en) * 2018-06-26 2018-09-14 中国华电集团科学技术研究总院有限公司 Electric power networks data transmission system with duplex channel and data transmission method
CN111614626A (en) * 2020-04-26 2020-09-01 中广核风电有限公司 Data acquisition system and data acquisition method
CN111614626B (en) * 2020-04-26 2022-09-23 中广核风电有限公司 Data acquisition system and data acquisition method
CN111800277A (en) * 2020-09-10 2020-10-20 浙江浙能技术研究院有限公司 Serialization method of binary file penetration reverse isolation device
CN112260276A (en) * 2020-11-04 2021-01-22 中能电力科技开发有限公司 Virtual anemometer tower device of wind power plant power prediction system
CN113765907A (en) * 2021-08-31 2021-12-07 中能电力科技开发有限公司 High-concurrency and high-capacity new energy data transmission method
CN114244719A (en) * 2021-11-29 2022-03-25 贵州乌江水电开发有限责任公司 Centralized control power station communication topological structure suitable for public network and application method thereof
CN114244719B (en) * 2021-11-29 2023-11-28 贵州乌江水电开发有限责任公司 Centralized control power station communication topological structure suitable for public network and application method thereof

Similar Documents

Publication Publication Date Title
CN106850573A (en) A kind of forward and reverse isolating device Data Transport Protocol of transparent transmission
CN104516334B (en) One is disrupter closed loop control system and control method thereof just oppositely
CN105207817B (en) A kind of method that process layer devices resist network storm
CN105610548A (en) Telemetering framing and downloading method based on event-driven
CN104618452A (en) PIS (Passenger Information System) based remote wake-up method
CN110752966B (en) Network protocol security test method and device, electronic equipment and storage medium
CN106506347B (en) A kind of multi-protocol data communication gate equipment for air traffic control system
CN105610605A (en) Message reverse push method, network management system alarm method and state update method
CN103561032B (en) The method of Modbus device network communication under ICP/IP protocol
CN103997533A (en) System and method for remotely maintaining dynamic terminals based on wireless network
CN103442029A (en) Method and system for heterogeneous real-time historical database synchronization
CN109743365A (en) Monitor the method, apparatus and system of transmission line of electricity
CN206835124U (en) A kind of Intelligent internet of things gateway
CN103839396B (en) Remote transmission system for measured data of high-frequency anemograph
CN103023895A (en) Data transformation method between GOOSE (Generic Object Oriented Substation Event) protocol and Zigbee protocol in small hydro-electric IED (Intelligent Electronic Device) net
CN110391985A (en) A kind of power information acquisition monitoring system
CN202009273U (en) Remote maintenance device for electrified railway electric power quality monitoring system
CN204442421U (en) A kind of long distance service system
CN207427180U (en) A kind of internet device restarts system automatically
CN112596461A (en) Distributed charged particle catalytic artificial rainfall and snow remote control system and operation method
CN206461636U (en) A kind of substation communication network monitoring arrangement based on FPGA
CN104167821A (en) Transformer substation five-prevention communication system and method based on GPRS
CN205608112U (en) High soil resistivity area large hydropower station ground system
CN109525348A (en) A kind of positive outer internal net side time synchronization method of net side of isolation
CN204143235U (en) The centralized control apparatus of power distribution room supervisory system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20170613