CN108155933A - A kind of method for realizing safety level DCS communication isolatings - Google Patents

A kind of method for realizing safety level DCS communication isolatings Download PDF

Info

Publication number
CN108155933A
CN108155933A CN201711189382.7A CN201711189382A CN108155933A CN 108155933 A CN108155933 A CN 108155933A CN 201711189382 A CN201711189382 A CN 201711189382A CN 108155933 A CN108155933 A CN 108155933A
Authority
CN
China
Prior art keywords
communication
data
communication station
station
safety level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711189382.7A
Other languages
Chinese (zh)
Inventor
张源
马刚
孙武
唐庆
王冬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Center Control Systems Engineering (cse) Co Ltd
Original Assignee
Center Control Systems Engineering (cse) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Center Control Systems Engineering (cse) Co Ltd filed Critical Center Control Systems Engineering (cse) Co Ltd
Priority to CN201711189382.7A priority Critical patent/CN108155933A/en
Publication of CN108155933A publication Critical patent/CN108155933A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/03Arrangements for fault recovery
    • H04B10/038Arrangements for fault recovery using bypasses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/25Arrangements specific to fibre transmission
    • H04B10/2589Bidirectional transmission
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/27Arrangements for networking
    • H04B10/275Ring-type networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/40Transceivers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Abstract

The invention belongs to nuclear plant safety control technology fields, and in particular to a kind of method for realizing safety level DCS communication isolatings.The both sides of safety level internal system communication carry out point-to-point connection by two optical fiber, and every optical fiber only transmits data to a fixed direction.Between safety level system and non-security grade system in a manner that multinode communicates, multi-node communication networks use dual-ring topology structure, press the inner ring of one-way transmission counterclockwise by the outer shroud and data of one-way transmission clockwise including data.The present invention sets multiple isolating means in processing module, communication module and communication protocol so that either one failure of communicating pair does not all interfere with the opposing party's normal operation.

Description

A kind of method for realizing safety level DCS communication isolatings
Technical field
The invention belongs to nuclear plant safety control technology fields, and in particular to a kind of safety level DCS communication isolatings realized Method.
Background technology
Communication independence design is one of important design criteria of nuclear power station security level DCS system design.It is led according to correlation Then with the requirement of standard, between the safety level DCS system based on digital computer and safety level DCS and non-security grade DCS systems Between system, the sprawling of the adverse effect and failure between system in order to prevent, the structure and technology of communication link need to meet system Independence requirement between system.In addition to physical segregation and electrical isolation, the problem of design need to take measures to ensure communication link Processing module will not be damaged;The design of communication link should cause the data with non-security grade system communicate cannot endanger safety level system The data communication and operation of system.
Safety level DCS system intercommunication is used for transmission the logic voting signal between protection channel, according to DI&C-ISG- 14th article of requirement in 04Highly-Integrated Control Rooms-Communications Issues (HICRc), For transmit protection channel between shutdown voting logic signal communication, should be by the way of point-to-point communication.Here it is point-to-point It is meant that communication data is transmitted directly to receiver station from communication station is sent, and without any other than transmitting-receiving communication station Equipment.The characteristics of this kind of communication is that message capacity is small, but more demanding to the communication response time.
Communicate between safety level DCS and non-security grade DCS system for by the process signal of safety level internal system, monitoring Signal and alarm signal are sent to non-security grade DCS by multi-node communication networks and carry out data storage, display and analysis.Or It is that the equipment control instruction of non-safety level is received, and performed after passing through priority selection logic by safety class equipment.It is this kind of logical Letter is since signal comes from each equipment of distributed system, and data interaction capacity is larger, but the requirement to the response time is opposite It is relatively low.
The existing communication technology is normally based on the protocol architecture of the suitable industrial environment application of Industrial Ethernet, using face To the mode of connection, each calling requires a response, and the synchronization mechanism of this calling/response has switching Ethernet There is very high stability.But due to communicating pair, there are complementary relationships so that when the side failure of communication, meeting The opposing party for leading to communication generates the uncertainty of behavior.It is impossible to meet nuclear power station security levels for the mechanism of this communication handshake Requirements of the DCS to the independence that communicates.
Invention content
The purpose of the present invention is to provide a kind of method for realizing safety level DCS communication isolatings, in processing module, communication mould Multiple isolating means are set in block and communication protocol so that either one failure of communicating pair does not all interfere with another Founder Often operation.
In order to achieve the above objectives, the technical solution used in the present invention is:
A kind of method for realizing safety level DCS communication isolatings,
Safety level internal system communicates:
The intercommunication station 1 of safety level internal system communication and communication station 2 carry out point-to-point connection by two optical fiber, Every optical fiber only transmits data to a fixed direction;Communication station 1 and communication station 2 include communication module and processing module, Communication module includes two-port RAM, communication controler and optical receiver, optical transmitter;After the processing module of communication station 1 will be handled Data write-in communication station 1 two-port RAM, the communication controler fixed cycle of communication station 1 will be in the two-port RAM of communication station 1 Data be sent to the optical transmitter of communication station 1, after optical signal is converted to, the optical transmitter of communication station 1 is sent the data to Communication station 2;The optical signal that the optical receiver receiver station 1 of communication station 2 is sent, and convert optical signals to electric signal;Foundation IEC61784-3, the communication controler of communication station 2 carry out the electric signal verification of data integrity, only pass through the number of verification According to being just considered correct and the two-port RAM of communication station 2 is written, abnormal data will be rejected and will not be written into communication station 2 two-port RAM;
It communicates between safety level system and non-security grade system:
Between safety level system and non-security grade system in a manner that multinode communicates, multi-node communication networks are using double Ring topology is pressed the inner ring of one-way transmission counterclockwise including data by the outer shroud and data of one-way transmission clockwise;More piece Each communication station on point communication network is more comprising multinode communication module, multinode communication switching module and processing module Node communication module includes two-port RAM and communication controler, and multinode communication switching module includes one group of optical transceiver;Safety The processing module of the communication station 1 of grade is by the two-port RAM of treated data write-in communication station 1, the communication control of communication station 1 Data in the two-port RAM of communication station 1 are sent to the optical transceiver of communication station 1 by device fixed cycle, after optical signal is converted to, Data are sent to the communication station 2 and peace of safety level adjacent on ring by the optical transceiver of communication station 1 by inner ring and outer rings respectively The communication station 5 of full grade;Communication station 2 turns the optical signal after the optical signal for receiving the transmission of communication station 1, by its optical transceiver Be changed to electric signal, and transmit data to the multinode communication module of communication station 2, the communication controler of communication station 2 to data into Simultaneously its two-port RAM is written in the data that verification passes through by row completeness check;The processing module of last communication station 2 reads its both-end Information and the logical process of itself is carried out in mouthful RAM.
It communicates for safety level internal system:Two-port RAM is divided into two big data regions, and each data area only allows One side's write operation, or being that processing module is readable, communication module is writeable;It is that processing module is writeable, communication module is readable, Prevent both sides and be provided simultaneously with writeable access rights situation;The read-write cycle of both sides is completely independent and asynchronous, does not need to Treat that the read-write operation of the opposing party is completed.
It communicates for safety level internal system:The communication controler of communication station 2 carries out the verification measure of data integrity such as Under:
X represents diagnostic measures used by safety agreement;
Sequence number:Using cycle count method, each Frame Protocol of agreement includes the sequence of the affiliated message of the frame data Number and its number of frames in the message, the field compare as counter, can all add 1 in each cycle, its value range is 【0,0xFFFF】;
Receive time-out:During periodic duty, period of the respective communication module of Liang Ge communication stations be it is fixed known to, lead to Interval time between the message that adjacent reception arrives can be known by spending the period of sequence of message module, once it is overtime, then on Report an error mistake;
Authentication:Destination address and source address authentication;
Integrity verification:Using CRC data completeness check;
Redundancy compares:Redundant data communications compare.
The processing procedure of verification is as follows:This period of communication controler of communication station 2 has received data packet;Verify CRC's Correctness;It checks sequence number, whether on the basis of a upper period 1 was increased by analytical sequence number;Continuous 3 period does not connect It receives data packet and is considered as reception time-out;Check whether destination address and the source address of data packet are correct;Check the number that two-way is sent According to having received;After getting 2 bag datas, whether consistent the data received are compared.
For communicating between safety level system and non-security grade system:Multi-node communication networks have malfunctioning node bypass machine System, in the case of this communication station normal operation, this communication station is connect by multinode communication switching module with adjacent communication site Form loop network;In this communication station failure or when safeguarding, multinode communication switching module bypasses this communication station from network.
For communicating between safety level system and non-security grade system:Two-port RAM is according to maximum communication station number static state Multiple regions are assigned as, including the writeable region of this communication station and the writeable region of other communication stations, the writeable region of this communication station only permits Perhaps processing module is writeable, and communication module is readable;The writeable region of other communication stations only allows writeable from communication module, and processing module can It reads;When a certain safety level communication station is configured as only sending communication station, the communication controler of the communication station only crosses ring, and other are logical Believe the data at station, but do not descend any data of ring to two-port RAM;On the contrary, when a certain non-security grade communication station is configured as only During receiver station, the communication controler of the communication station only crosses the data of other communication stations of ring, not by the data in two-port RAM It is sent on multi-node communication networks.
For communicating between safety level system and non-security grade system:Multinode communication switching module is provided with manual bypass Key switch, the key switch can the physical links of hand off multinode communication module and multi-node communication networks connect.
Having the beneficial effect that acquired by the present invention:
(1) meet existing nuclear power station DCS applications design, simplified communication system network connection optimizes network topology structure; (2) communication function is completed using the communication module independently of processing unit, and to reduce, communication function is abnormal to produce processing unit It is raw to influence;(3) data transmission between communication module and processing unit is using the two-port RAM customized, so as to ensure that processing is single The periodic duty of member will not be influenced by communication module failure;(4) receiving-transmitting sides do not use request-reply mode, and are pacifying Point-to-point but path, fixed cycle and unidirectional communication are used between the channel of full grade system, between channel and the ad hoc sequence of safety Mode, so as to which the function of ensureing receiving-transmitting sides will not be interfered by the exception of other side;(5) communication has certainty, receiving-transmitting sides By the identical data of identical path, fixed periodic transfer, and recipient uses these data using fixed rule; (6) multi-node communication networks are relatively more due to connecting equipment, to alleviate the influence of network failure, using bicyclic web frame and event Hinder node by-pass mechanism;(7) between safety level DCS and non-security grade DCS, by the way of physical limit, key switch is provided And hard logic circuit interrupts the means of communication link.
Description of the drawings
Schematic diagram is isolated for safety level intercommunication in Fig. 1;
Fig. 2 is multi-node communication networks topology and failure schematic diagram;
Fig. 3 is safety level and non-security grade communication isolating schematic diagram.
Specific embodiment
The present invention is described in detail with specific embodiment below in conjunction with the accompanying drawings.
First, safety level internal system communicates
As shown in Figure 1, the intercommunication station 1 of safety level internal system communication and communication station 2 are carried out a little by two optical fiber Connection to point, every optical fiber only transmit data to a fixed direction.Communication station 1 and communication station 2 include communication module And processing module, communication module include two-port RAM, communication controler and optical receiver, optical transmitter.
The processing module of communication station 1 is by the two-port RAM of treated data write-in communication station 1, the communication control of communication station 1 Data in the two-port RAM of communication station 1 are sent to the optical transmitter of communication station 1 by device fixed cycle processed, are being converted to optical signal Afterwards, the optical transmitter of communication station 1 sends the data to communication station 2.Two-port RAM is divided into two big data regions, each data Region only allows side's write operation, or being that processing module is readable, communication module is writeable;It is that processing module is writeable, leads to Believe that module is readable, prevent both sides and be provided simultaneously with writeable access rights situation.The read-write cycle of both sides is to be completely independent and asynchronous , the read-write operation for withouting waiting for the opposing party is completed, and therefore, any one module really all will not be by other side in fixed cycle Influence.
The optical signal that communication station 2 is sent by the optical receiver receiver station 1 of communication station 2, and convert optical signals to Electric signal.According to IEC61784-3, the communication controler of communication station 2 carries out the electric signal verification of data integrity, only Just it is considered two-port RAM correct and that communication station 2 is written by the data of verification, abnormal data will be rejected and will not It is written into the two-port RAM of communication station 2.It is as follows to design the verification measure used:
Note:" X " in table represents diagnostic measures used by safety agreement
● sequence number:Using cycle count method, each Frame Protocol of agreement includes the sequence of the affiliated message of the frame data Row number and its number of frames in the message, the field compare as counter, can all add 1 in each cycle, its value range It is【0,0xFFFF】.
● receive time-out:During periodic duty, period of the respective communication module of Liang Ge communication stations be it is fixed known to, The interval between the message that adjacent reception arrives can be known by the period of sequence of message number (sequence number) module Time, once it is overtime, then report mistake.
● authentication:Destination address and source address authentication.
● integrity verification:Using CRC data completeness check.
● redundancy compares:Redundant data communications compare.
The processing procedure of verification is described as follows:
This period of communication controler has received data packet;Verify the correctness of CRC;Sequence number is checked, by analyzing sequence Whether row number on the basis of a upper period increased 1.Continuous 3 period is not received by data packet, is considered as reception time-out;It checks Whether the destination address and source address of data packet are correct;Check that the data that two-way is sent have received;Get 2 bag datas Afterwards, it is whether consistent that the data received are compared.
In addition, the data structure of communication controler write-in two-port RAM is predefined, and for depositing for data is written It is also predefined and changeless that storage space, which is put,.Since these storage locations are not influenced by application software and parameter setting, So communication data will not be written into the region except being expected.The processing module fixed cycle of communication station 2, asynchronous reading both-end Information and the logical process of itself is carried out in mouthful RAM, no matter whether the data change.
2nd, it communicates between safety level system and non-security grade system
The mode for multinode being used to communicate between safety level system and non-security grade system is to cope with the biography of Large Volume Data It is defeated.Multi-node communication networks use dual-ring topology structure, including two data paths of outer shroud and inner ring, as shown in Fig. 2, two The mutual redundancy in path.Data on ring respectively by (outer shroud) clockwise and (inner ring) one-way transmission counterclockwise, do not support routing with Dynamic topology.(communication station 1,2,5 is safety level node, and communication station 3,4 is non-peace for each communication station on multi-node communication networks Full grade node) include a multinode communication module, multinode communication switching module and a processing module.Multinode communication mould Block includes two-port RAM and communication controler, and multinode communication switching module includes one group of optical transceiver.
Similar with safety level internal system communication mechanism, by treated, more piece is written in data to the processing module of communication station 1 The two-port RAM of point communication module.The communication controler fixed cycle of multinode communication module passes through the data in two-port RAM Entodorsum connector of standing is sent to the optical transceiver of multinode communication switching module, and after optical signal is converted to, optical transceiver will Data are sent to communication station 2 (passing through inner ring) adjacent on ring and communication station 5 (passing through outer shroud).Communication station 2 is receiving communication It stands after 1 optical signal sent, which is converted to by electric signal by the optical transceiver of its multinode communication switching module, and Multinode communication module is transmitted data to by back panel connector.The communication controler of multinode communication module then to data into Simultaneously its two-port RAM is written in the data that verification passes through by row completeness check, to ensure the correctness of communication data in itself, verification Mechanism is identical with safety level internal system communication.The processing module of last communication station 2 reads multinode communication module two-port RAM Middle information and the logical process for carrying out itself.
This dual-ring topology realizes link redundancy and data redundancy simultaneously so that whole network is naturally to single link There is fault tolerant mechanism with single node failure.It is any when (1 or 2) link failure between communication station 2 and communication station 3 The data that communication station is sent still (can pass through inner ring or outer ring) and reach other all communication stations.When 2 failure of communication station, except communication The data that any communication station outside 2 is sent of standing still (can pass through inner ring or outer ring) and reach other normal communication stations.
Multi-node communication networks have malfunctioning node by-pass mechanism, right during coping with some communication node failure or safeguard Other communication nodes impact on network.In the case of this node normal operation, this node passes through multinode communication switching Module connects and composes loop network with adjacent communication node.In this communication station failure or when safeguarding, multinode communication switching module This communication station can be bypassed from loop network.In 2 failure of communication station (such as Loss of power failure), more communication stations of communication station 2 lead to Letter interconnecting module meeting auto by pass falls the communication of this communication station so that entire more communication station networks are still complete bicyclic Shape topological structure.
The two-port RAM of multinode communication module is multiple regions according to maximum communication station number static allocation, including this The writeable region of communication station and the writeable region of other communication stations, as shown in Figure 3.Wherein, the writeable region in local communication station only allows to locate Reason module is writeable, and communication module is readable;The writeable region of other communication stations only allows writeable from communication module, and processing module is readable. When a certain safety level communication station (communication station 2 in such as Fig. 2) is configured as only sending communication station, the communication control of the communication station Device only crosses the data of other communication stations of ring, but does not descend any data of ring to two-port RAM.On the contrary, when a certain non-security grade is led to When letter station (communication station 3 in such as Fig. 2) is configured as receiver station, the communication controler of the communication station only crosses ring, and other are logical Believe the data at station, the data in two-port RAM will not be sent on more communication station networks.So as to ensure multiple safety levels The one-way that equipment is transmitted to non-security grade equipment.
In addition, multinode communication switching module is provided with manual bypass key switch, which provides hand off The means of the physical link of multinode communication module and communications loop connection.So as to ensure that safety class equipment can be physically thorough Bottom disconnects the safe operation with the connection, to ensure safety grade equipment of non-security grade equipment.

Claims (7)

  1. A kind of 1. method for realizing safety level DCS communication isolatings, it is characterised in that:
    Safety level internal system communicates:
    The intercommunication station 1 of safety level internal system communication and communication station 2 carry out point-to-point connections by two optical fiber, every Optical fiber only transmits data to a fixed direction;Communication station 1 and communication station 2 include communication module and processing module, communication Module includes two-port RAM, communication controler and optical receiver, optical transmitter;The processing module of communication station 1 will treated number According to the two-port RAM of write-in communication station 1, the communication controler fixed cycle of communication station 1 is by the number in the two-port RAM of communication station 1 According to the optical transmitter for being sent to communication station 1, after optical signal is converted to, the optical transmitter of communication station 1 sends the data to communication Stand 2;The optical signal that the optical receiver receiver station 1 of communication station 2 is sent, and convert optical signals to electric signal;Foundation IEC61784-3, the communication controler of communication station 2 carry out the electric signal verification of data integrity, only pass through the number of verification According to being just considered correct and the two-port RAM of communication station 2 is written, abnormal data will be rejected and will not be written into communication station 2 two-port RAM;
    It communicates between safety level system and non-security grade system:
    Between safety level system and non-security grade system in a manner that multinode communicates, multi-node communication networks use Crossed Circle Topological structure is pressed the inner ring of one-way transmission counterclockwise including data by the outer shroud and data of one-way transmission clockwise;Multinode leads to Each communication station on communication network is comprising multinode communication module, multinode communication switching module and processing module, multinode Communication module includes two-port RAM and communication controler, and multinode communication switching module includes one group of optical transceiver;Safety level The processing module of communication station 1 determines the two-port RAM of treated data write-in communication station 1, the communication controler of communication station 1 Data in the two-port RAM of communication station 1 are sent to the optical transceiver of communication station 1 by the period, after optical signal is converted to, communication Data are sent to the communication station 2 and safety level of safety level adjacent on ring by 1 optical transceiver of standing by inner ring and outer rings respectively Communication station 5;Communication station 2 is converted to the optical signal by its optical transceiver after the optical signal for receiving the transmission of communication station 1 Electric signal, and the multinode communication module of communication station 2 is transmitted data to, the communication controler of communication station 2 has carried out data Simultaneously its two-port RAM is written in the data that verification passes through by whole property verification;The processing module of last communication station 2 reads its dual-port Information and the logical process of itself is carried out in RAM.
  2. 2. the method according to claim 1 for realizing safety level DCS communication isolatings, it is characterised in that:For safety level system System intercommunication:Two-port RAM is divided into two big data regions, and each data area only allows side's write operation, or be Processing module is readable, and communication module is writeable;It is that processing module is writeable, communication module is readable, and preventing that both sides are provided simultaneously with can Write access permission situation;The read-write cycle of both sides is completely independent and asynchronous, withouts waiting for the read-write operation of the opposing party It completes.
  3. 3. the method according to claim 1 for realizing safety level DCS communication isolatings, it is characterised in that:For safety level system System intercommunication:The verification measure that the communication controler of communication station 2 carries out data integrity is as follows:
    X represents diagnostic measures used by safety agreement;
    Sequence number:Using cycle count method, each Frame Protocol of agreement includes the sequence number of the affiliated message of the frame data, with And its number of frames in the message, the field compare as counter, can all add 1 in each cycle, its value range is【0, 0xFFFF】;
    Receive time-out:During periodic duty, period of the respective communication module of Liang Ge communication stations be it is fixed known to, pass through report The period of literary sequence number module can know the interval time between the message that adjacent reception arrives, once it is overtime, then on report an error Accidentally;
    Authentication:Destination address and source address authentication;
    Integrity verification:Using CRC data completeness check;
    Redundancy compares:Redundant data communications compare.
  4. 4. the method according to claim 3 for realizing safety level DCS communication isolatings, it is characterised in that:Verification processes Journey is as follows:This period of communication controler of communication station 2 has received data packet;Verify the correctness of CRC;It checks sequence number, leads to Cross whether analysis sequence number on the basis of a upper period increased 1;Continuous 3 period is not received by data packet, and to be considered as reception super When;Check whether destination address and the source address of data packet are correct;Check that the data that two-way is sent have received;Get 2 After bag data, whether consistent the data received are compared.
  5. 5. the method according to claim 1 for realizing safety level DCS communication isolatings, it is characterised in that:For safety level system System between non-security grade system with communicating:Multi-node communication networks have malfunctioning node by-pass mechanism, are normally transported in this communication station In the case of row, this communication station connects and composes loop network by multinode communication switching module and adjacent communication site;It is logical at this When believing station failure or safeguarding, multinode communication switching module bypasses this communication station from network.
  6. 6. the method according to claim 1 for realizing safety level DCS communication isolatings, it is characterised in that:For safety level system System between non-security grade system with communicating:Two-port RAM is multiple regions according to maximum communication station number static allocation, including this The writeable region of communication station and the writeable region of other communication stations, the writeable region of this communication station only allow processing module writeable, and communicate mould Block is readable;The writeable region of other communication stations only allows writeable from communication module, and processing module is readable;When a certain safety level communication station When being configured as only sending communication station, the communication controler of the communication station only crosses the data of other communication stations of ring, but ring is not descended to appoint What data is to two-port RAM;On the contrary, when a certain non-security grade communication station is configured as receiver station, the communication station Communication controler only cross the data of ring other communication stations, the data in two-port RAM are not sent to multi-node communication networks On.
  7. 7. the method according to claim 1 for realizing safety level DCS communication isolatings, it is characterised in that:For safety level system System between non-security grade system with communicating:Multinode communication switching module is provided with manual bypass key switch, the key switch Can the physical links of hand off multinode communication module and multi-node communication networks connect.
CN201711189382.7A 2017-11-24 2017-11-24 A kind of method for realizing safety level DCS communication isolatings Pending CN108155933A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711189382.7A CN108155933A (en) 2017-11-24 2017-11-24 A kind of method for realizing safety level DCS communication isolatings

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711189382.7A CN108155933A (en) 2017-11-24 2017-11-24 A kind of method for realizing safety level DCS communication isolatings

Publications (1)

Publication Number Publication Date
CN108155933A true CN108155933A (en) 2018-06-12

Family

ID=62468171

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711189382.7A Pending CN108155933A (en) 2017-11-24 2017-11-24 A kind of method for realizing safety level DCS communication isolatings

Country Status (1)

Country Link
CN (1) CN108155933A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109194682A (en) * 2018-09-29 2019-01-11 江苏新质信息科技有限公司 A kind of double one-way isolation switching technology implementation methods
CN109525476A (en) * 2018-12-28 2019-03-26 中核控制系统工程有限公司 A kind of network data guard method based on FPGA
WO2019062268A1 (en) * 2017-09-27 2019-04-04 华为技术有限公司 Method, apparatus and system for transmitting multicast message
CN111224931A (en) * 2019-10-11 2020-06-02 工业互联网创新中心(上海)有限公司 Industrial isolation communication system and method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN202512907U (en) * 2011-12-14 2012-10-31 中国广东核电集团有限公司 Overhaul interface of DCS (data communication system) of nuclear power station
CN103646675A (en) * 2013-12-13 2014-03-19 中广核工程有限公司 Nuclear power station digitization distributed control system and isolation method thereof
JP5766148B2 (en) * 2012-04-25 2015-08-19 三菱電機株式会社 Nuclear power plant monitoring and control system
CN106789520A (en) * 2016-12-26 2017-05-31 中核控制系统工程有限公司 A kind of high speed failure safe multi-node communication networks
CN106972969A (en) * 2017-03-31 2017-07-21 中国核动力研究设计院 The network isolating device and its method of a kind of nuclear power plant

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN202512907U (en) * 2011-12-14 2012-10-31 中国广东核电集团有限公司 Overhaul interface of DCS (data communication system) of nuclear power station
JP5766148B2 (en) * 2012-04-25 2015-08-19 三菱電機株式会社 Nuclear power plant monitoring and control system
CN103646675A (en) * 2013-12-13 2014-03-19 中广核工程有限公司 Nuclear power station digitization distributed control system and isolation method thereof
CN106789520A (en) * 2016-12-26 2017-05-31 中核控制系统工程有限公司 A kind of high speed failure safe multi-node communication networks
CN106972969A (en) * 2017-03-31 2017-07-21 中国核动力研究设计院 The network isolating device and its method of a kind of nuclear power plant

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
IEC: "《IEC 61784-3:2016》", 31 December 2016 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019062268A1 (en) * 2017-09-27 2019-04-04 华为技术有限公司 Method, apparatus and system for transmitting multicast message
US11336475B2 (en) 2017-09-27 2022-05-17 Huawei Technologies Co., Ltd. Multicast packet transmission method, apparatus, and system
CN109194682A (en) * 2018-09-29 2019-01-11 江苏新质信息科技有限公司 A kind of double one-way isolation switching technology implementation methods
CN109525476A (en) * 2018-12-28 2019-03-26 中核控制系统工程有限公司 A kind of network data guard method based on FPGA
CN111224931A (en) * 2019-10-11 2020-06-02 工业互联网创新中心(上海)有限公司 Industrial isolation communication system and method

Similar Documents

Publication Publication Date Title
CN108155933A (en) A kind of method for realizing safety level DCS communication isolatings
CN103684954B (en) The industrial communication systems of energy redundant operation and the method for operating the industrial communication systems
US9356830B2 (en) Communication device for a redundantly operable industrial communication network and method for operating the communication device
CN205068381U (en) A secure computer platform for track traffic
US11016463B2 (en) Control and data-transfer system, gateway module, I/O module, and method for process control
Barranco et al. An active star topology for improving fault confinement in CAN networks
US9787496B2 (en) Communication system, communication apparatus, and protection method
CA1201170A (en) Hybrid optical/electrical data highway
KR100595984B1 (en) Transceiver Frame Structure for Control Communication Network of Distributed Control System
CN102123110B (en) Data transmission method for gateway system, and gateway system
CN106527115B (en) One kind two takes a redundancy control system and its multiple means of voting
PT1789857E (en) Data transfer method and automation system used in said data transfer method
CN103944865A (en) Isolation protection system and method for executing bidirectional data packet filtering inspection
CN102598593B (en) The communication network of addressing method and this addressing method of tool
US9910754B2 (en) Duplexed control system and control method thereof
CN106789520B (en) A kind of high speed failure safe multi-node communication networks
US10187365B2 (en) Method for exchanging numerical data frames and associated communication system
CN104796287A (en) Method for detecting faults of looped EPON (Ethernet passive optical networks)
CN215268308U (en) Two data communication integrated circuit boards of two of high reliability
EP0093578B1 (en) Communications system
CN102024319A (en) Centralized meter reading system capable of realizing multiple communication modes
CN208971553U (en) Based on point-to-point communication network system
CN107634972B (en) Unidirectional communication system and board card of nuclear power station safety level system and non-safety level system
US9001646B2 (en) Information transmission device, information transmission system and information transmission method
CN107347003A (en) The method and apparatus and wind power generating set of automatic switchover communication line

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180612