CN111724276A - Power plant data transmission method and system integrating self-diagnosis and channel optimization - Google Patents
Power plant data transmission method and system integrating self-diagnosis and channel optimization Download PDFInfo
- Publication number
- CN111724276A CN111724276A CN202010424718.9A CN202010424718A CN111724276A CN 111724276 A CN111724276 A CN 111724276A CN 202010424718 A CN202010424718 A CN 202010424718A CN 111724276 A CN111724276 A CN 111724276A
- Authority
- CN
- China
- Prior art keywords
- server
- isolation device
- data
- command
- mirror image
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 46
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000005457 optimization Methods 0.000 title claims abstract description 22
- 238000004092 self-diagnosis Methods 0.000 title claims abstract description 22
- 238000002955 isolation Methods 0.000 claims abstract description 141
- 238000004891 communication Methods 0.000 claims abstract description 40
- 238000011084 recovery Methods 0.000 claims abstract description 24
- 238000012544 monitoring process Methods 0.000 claims description 44
- 238000004519 manufacturing process Methods 0.000 claims description 18
- 230000001502 supplementing effect Effects 0.000 claims description 15
- 230000002159 abnormal effect Effects 0.000 claims description 6
- 230000004913 activation Effects 0.000 claims description 6
- 238000009434 installation Methods 0.000 claims description 6
- 238000012937 correction Methods 0.000 claims description 2
- 230000003287 optical effect Effects 0.000 claims description 2
- 238000012423 maintenance Methods 0.000 description 3
- 230000004888 barrier function Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 238000004171 remote diagnosis Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/22—Alternate routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Economics (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- Marketing (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Primary Health Care (AREA)
- Human Resources & Organizations (AREA)
- Water Supply & Treatment (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Public Health (AREA)
- General Engineering & Computer Science (AREA)
- Medical Informatics (AREA)
- Testing And Monitoring For Control Systems (AREA)
Abstract
A power plant data transmission method and system integrating self-diagnosis and channel optimization belong to the technical field of power plant information management. The method of the invention comprises the following steps: the interface server monitors the communication state between the interface server and the mirror image server, if normal communication cannot be realized, a standby link switching command is sent to the OPC server through the reverse safety isolation device, and after the OPC server receives the standby link switching command, data are transmitted to the interface server through the third forward safety isolation device; if the interface server finds that the communication between the interface server and the mirror image server is recovered to be normal, a main link recovery command is sent to the OPC server through the reverse safety isolation device, and after the OPC server receives the main link recovery command, data are transmitted to the interface server through the main link. The invention can ensure the safety of the industrial control system of the power plant, reliably carry out data communication with an external system and reduce the cost.
Description
Technical Field
The invention relates to the technical field of power plant information management, in particular to a power plant data transmission method and system integrating self diagnosis and channel optimization.
Background
According to the partial clause 2.1.7 of the general safety protection scheme of the power monitoring system in the document of the general safety protection scheme and the assessment standard of the national energy agency (2015) 36 for issuing the general safety protection scheme of the power monitoring system, and the like: the topological structures connected in the safety area of the power monitoring system are chain structures, triangle structures and star structures. The control area in the chain structure has higher accumulated safety intensity, but has more overall layers; all areas of the triangular structure can be directly connected, so that the efficiency is higher, but more isolation devices are used; the star structure uses less equipment and is easy to implement, but the central point fault influence range is large. The three modes can meet the requirements of a safety protection system of the power monitoring system and can be selected according to specific conditions.
According to investigation, the safety area connection of the conventional uniform power plant generally adopts a chain structure, and the mode has higher accumulated safety degree but more overall layers, so that more fault points exist. The reliable transmission of data is affected by the failure of any node on the topology. Meanwhile, it is difficult to deploy conventional network monitoring equipment in the production control system to monitor and quickly locate faults. In particular to the problem of environmentally friendly data upload, under current management and technical conditions, it is almost impossible to eliminate a failure within a prescribed time and resume data transmission once a data interruption (particularly, a data interruption due to a hardware failure) occurs.
At present, because the production control software and the real-time database software of the power plants are various, the topology, the software and the hardware configuration of the two power plants are almost the same. On the basis, system manufacturers often consider packing and binding software based on monopoly and interests (standard software and a standard interface communicate in a non-standard mode), communication protocols and communication modes are complicated, and difficulty and cost of system maintenance are increased implicitly. Taking the Changxing gas turbine as an example, SCALANCE S612 modules (used for remote diagnosis and stopped now) are deployed at the boundary of an OPC server of a DCS, and external transmission of data is completed by combining MatrikonOPC Tunnel wall-penetrating software. The MatrikonOPC tunnel has a strong intellectual property protection mechanism, when the hardware configuration of a device running software is changed or the system version is upgraded, the software is unavailable, and the software can be activated only by importing a registration file after reapplication. The limitation not only affects the maintenance and management of the DCS system, but also has greater network safety hidden danger.
Disclosure of Invention
The invention aims to solve the problems in the prior art, and provides a power plant data transmission method and system integrating self-diagnosis and channel optimization, which can ensure that an industrial control system of a power plant can safely and reliably carry out data communication with an external system, and reduce the cost.
The purpose of the invention is realized by the following technical scheme:
a power plant data transmission method integrating self-diagnosis and channel optimization is used for a power plant data transmission system integrating self-diagnosis and channel optimization, the system comprises a DCS, an OPC server, an industrial firewall and a first forward security isolation device which are sequentially connected in a production control area, an SIS firewall, an SIS switch, a Client server and a PI server which are sequentially connected in a production non-control area, a second forward security isolation device, a mirror image server and an interface server which are sequentially connected in a management large area, an SIS access switch is connected between the first forward security isolation device and the SIS firewall, the PI server is connected with the second forward security isolation device, and a third forward security isolation device and a reverse security isolation device are connected between the interface server and the OPC server;
the method comprises the following steps:
the interface server monitors the communication state between the interface server and the mirror image server, if normal communication cannot be realized, a standby link switching command is sent to the OPC server through the reverse safety isolation device, and after the OPC server receives the standby link switching command, data are transmitted to the interface server through the third forward safety isolation device;
if the interface server finds that the communication between the interface server and the mirror image server is recovered to be normal, a main link recovery command is sent to the OPC server through the reverse safety isolation device, and after the OPC server receives the main link recovery command, the data are transmitted to the interface server through the industrial firewall, the first forward safety isolation device, the SIS access switch, the SIS firewall, the SIS switch, the Client server, the PI server, the second forward safety isolation device and the mirror image server in sequence.
The invention can ensure the normal transmission of data through the standby link when the main link fails by establishing the standby link between the OPC server and the interface server, and can effectively ensure the data security of the production control area due to the unidirectional property of the standby link.
Preferably, the method further comprises: the mirror image server monitors the data receiving condition, if the mirror image server does not normally receive data within a period of time, the mirror image server sends the information to the interface server, after receiving the information, the interface server sends a standby link switching command to the OPC server through the reverse safety isolation device, after receiving the standby link switching command, the OPC server transmits data to the interface server through the second forward safety isolation device, and transmits the data which are not normally received within the period of time by the mirror image server in a supplementary mode through the second forward safety isolation device;
and if the mirror image server recovers to normally receive data, the mirror image server sends the information to the interface server, the interface server sends a main link recovery command to the OPC server through the reverse security isolation device after receiving the information, and the OPC server transmits data to the interface server through the main link after receiving the main link recovery command.
Preferably, the specific method for determining whether the mirror server can normally receive the data is as follows: and the OPC server continuously sends a random value to the mirror image server, and if the mirror image server does not receive the random value within a period of time or the received value is not changed, the mirror image server is judged to fail to normally receive the data.
Preferably, after receiving the command for switching the backup link, the OPC server transmits data to the interface server through the third forward security isolation device according to the time when the communication between the interface server and the mirror image server is interrupted.
Preferably, when the interface server monitors that the interface server cannot normally communicate with the mirror image server, the interface server sends an instruction to the reverse safety isolation device to activate the reverse safety isolation device, and then sends a standby link switching command through the reverse safety isolation device; after receiving a command of switching the standby link, the OPC server firstly sends an instruction to the third forward safety isolation device to activate the third forward safety isolation device, and then the third forward safety isolation device transmits data;
when the interface server monitors that normal communication between the interface server and the mirror image server is recovered, the interface server firstly sends a main link recovery command through the reverse safety isolation device and then sends an instruction to the reverse safety isolation device to close the reverse safety isolation device; and after receiving a main link recovery command, the OPC server sends an instruction to the third forward security isolation device to close the third forward security isolation device.
The invention also provides a power plant data transmission system integrating self-diagnosis and channel optimization, which comprises a DCS (distributed control system), an OPC (optical proximity correction) server, an industrial firewall and a first forward safety isolation device which are sequentially connected in a production control area, an SIS firewall, an SIS switch, a Client server and a PI server which are sequentially connected in a production non-control area, and a second forward safety isolation device, a mirror image server and an interface server which are sequentially connected in a management large area, wherein an SIS access switch is connected between the first forward safety isolation device and the SIS firewall, the PI server is connected with the second forward safety isolation device, and a third forward safety isolation device and a reverse safety isolation device are connected between the interface server and the OPC server;
the interface server is internally provided with:
the communication monitoring module is used for monitoring the communication state between the interface server and the mirror image server;
the link switching command module is used for sending a standby link switching command or a main link recovery command to the OPC server through the reverse safety isolation device according to the result of the communication monitoring module;
the OPC server is internally provided with:
and the link switching module is used for receiving the command of the link switching command module and switching the link for transmitting data to the interface server by the OPC server according to the received command.
Preferably, the mirror image server is provided with:
the data receiving and monitoring module is used for monitoring whether the mirror image server can normally receive data;
the monitoring result feedback module is used for sending the monitoring information of the data receiving and monitoring module to the interface server;
the link switching command module sends a standby link switching command or a main link recovery command to an OPC server through the reverse safety isolation device according to the monitoring information sent by the monitoring result feedback module;
the interface server is provided with:
the data supplementary transmission command module is used for sending a data supplementary transmission command to the OPC server through the reverse safety isolation device according to the time of abnormally receiving data in the monitoring information;
the OPC server is internally provided with:
and the data supplementing and transmitting module is used for supplementing and transmitting data which is not received to the interface server through the third forward security isolation device according to the data supplementing and transmitting data command sent by the data supplementing and transmitting command module.
Preferably, in the OPC server, there are provided:
the random value sending module is used for continuously sending a random value to the mirror image server;
the data receiving monitoring module judges whether the data receiving is normal according to the receiving condition of the random value: and if the random value is not received or the received value is not changed within a period of time, judging that the mirror image server cannot normally receive the data.
Preferably, the data re-transmission command module sends a data re-transmission command to the OPC server through the reverse installation isolation device according to the time, recorded by the communication monitoring module, when the communication between the interface server and the mirror image server is abnormal.
Preferably, the interface server further comprises:
a first activation module, configured to send an instruction to the reverse security isolation device to activate the reverse security isolation device before sending the command to switch the backup link; and after the main link command transmission is resumed, sending an instruction to the reverse security isolation device to shut down the reverse installation isolation device;
the OPC server is also internally provided with:
a second activation module, configured to send an instruction to the third forward security isolation device to activate the third forward security isolation device after receiving a command to switch a backup link; and after receiving a main link restoration instruction, sending an instruction to the third forward safety isolation device to close the third forward safety isolation device.
The invention has the advantages that:
1. by establishing a backup link between the OPC server and the interface server, when the main link fails, the normal transmission of data can be ensured through the backup link.
2. Due to the unidirectional property of the standby link, the data security of the production control area can be effectively ensured.
3. The data which is not normally transmitted by the main link can be subjected to supplementary transmission, and the data loss is avoided.
4. The on and off of the standby link are strictly controlled, and the data security of the industrial control area is further ensured.
Drawings
FIG. 1 is a flow chart of the method of the present invention;
fig. 2 is a schematic diagram of the structure of the system of the present invention.
1-a production control area; 11-DCS; 12-an OPC server; 13-industrial firewalls; 14-a first positive safety isolation device; 2-production of a non-control zone; 21-SIS firewall; 22-SIS switches; 23-Client server; 24-PI server; 3-managing the large area; 31-a second positive safety barrier; 32-mirror server; 33-an interface server; 4-SIS access switches; 51-a third positive safety isolation device; 52-reverse safety isolation device.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and specific embodiments.
Example 1
A power plant data transmission method integrating self-diagnosis and channel optimization is used for a power plant data transmission system integrating self-diagnosis and channel optimization, the system comprises a DCS11, an OPC server 12, an industrial firewall 13 and a first forward security isolation device 14 which are arranged in a production control area 1 and are connected in sequence, an SIS firewall 21, an SIS switch 22, a Client server 23 and a PI server 24 which are arranged in a production non-control area 2 and are connected in sequence, a second forward security isolation device 31, a mirror image server 32 and an interface server 33 which are arranged in a management large area 3 and are connected in sequence, an SIS access switch 4 is connected between the first forward security isolation device 14 and the SIS firewall 21, the PI server 24 is connected with the second forward security isolation device 31, and a third forward security isolation device 51 and a reverse security isolation device 52 are connected between the interface server 33 and the OPC server 12;
the method comprises the following steps:
the interface server 33 monitors the communication state between the interface server and the mirror image server 32, if normal communication is found out, a command for switching the backup link is sent to the OPC server 12 through the reverse security isolation device 52, and after receiving the command for switching the backup link, the OPC server 12 transmits data to the interface server 33 through the third forward security isolation device 51;
if the interface server 33 finds that the communication between the interface server and the mirror image server 32 is recovered to be normal, a main link recovery command is sent to the OPC server 12 through the reverse security isolation device 52, and after receiving the main link recovery command, the OPC server 12 transmits data to the interface server through the main link, that is, the data are transmitted to the interface server 33 sequentially through the industrial firewall 13, the first forward security isolation device 14, the SIS access switch 5, the SIS firewall 21, the SIS switch 22, the Client server 23, the PI server 24, the second forward security isolation device 31 and the mirror image server 32.
The method can ensure the normal transmission of data through the standby link when the main link fails by establishing the standby link between the OPC server and the interface server, and can effectively ensure the data security of the production control area due to the unidirectionality of the standby link. It should be noted that, since a certain time difference exists between the time when the interface server finds that the communication between the interface server and the mirror image server is abnormal and the OPC server receives the command to switch the backup link, in order to avoid the loss of data, after the backup link is switched, data needs to be retransmitted to the interface server through the third forward security isolation device according to the time when the communication between the interface server and the mirror image server is abnormal.
Specifically, the method further comprises: the mirror image server 32 monitors the data receiving condition, if the data is not normally received within a period of time, the mirror image server sends the information to the interface server 33, after the interface server 33 receives the information, the reverse safety isolation device 52 sends a standby link switching command to the OPC server 12, after the OPC server 12 receives the standby link switching command, the third forward safety isolation device 51 transmits the data to the interface server 33, and the data which is not normally received within a period of time by the mirror image server 32 is subjected to supplementary transmission through the third forward safety isolation device 51;
if the mirror image server 32 recovers to normally receive data, the mirror image server sends the information to the interface server 33, after receiving the information, the interface server 33 sends a main link recovery command to the OPC server 12 through the reverse security isolation device 52, and after receiving the main link recovery command, the OPC server 12 transmits data to the interface server 33 through the main link.
Because the part of the main link between the mirror image server and the OPC server is configured according to the national standard, is not allowed to be changed, and is similar to be packaged in a black box, the communication state between the mirror image server and the parts is inconvenient to be directly monitored, and the condition that the mirror image server receives data can only be monitored. Moreover, since the OPC server does not always have new data to send continuously, and the mirror image server does not receive new data in a short time, it is not necessarily a failure, so that an acceptable time, for example, 30 minutes, needs to be set, and if no new data is received in 30 minutes, it is considered that the main link has a failure, and it is necessary to switch the backup link and additionally transmit data.
The specific method for determining whether the mirror server 32 can normally receive the data is as follows: the OPC server 12 continuously sends a random value to the image server 32, and if the image server 32 does not receive the random value for a period of time or the received value is not changed, it is determined that the image server 32 cannot normally receive data. In a normal state, the OPC server 12 may not update data for a long time, and if the determination time is set to be short, the link may be frequently switched by mistake, and if the determination time is set to be long, the failure of the main link may not be found in time, and the timeliness of data transmission and the efficiency of main link maintenance may be delayed. Therefore, the OPC server continuously sends an irrelevant random value to the mirror server, whether the intermediate link is normal is judged by the condition that the mirror server receives the value, the judgment time can be set to be 5 minutes considering the delay of data transmission and some special conditions, the time is far less than the 30 minutes, and the judgment result is more accurate.
In addition, when the interface server 33 monitors that it cannot normally communicate with the mirror server 32, it first sends an instruction to the reverse security isolation device 52 to activate the reverse security isolation device 52, and then sends a command for switching the standby link through the reverse security isolation device; when the OPC server 12 receives the command for switching the backup link, it first sends an instruction to the third forward security isolation device 51 to activate the third forward security isolation device 51, and then transmits data through the third forward security isolation device;
when the interface server 33 monitors that normal communication between the interface server and the mirror image server 32 is recovered, the interface server firstly sends a command of recovering the main link through the reverse security isolation device 52, and then sends a command to the reverse security isolation device 52 to close the reverse security isolation device; when the OPC server 12 receives the resume main link command, it sends an instruction to the third forward security isolation device 51 to turn off the third forward security isolation device.
In order to strictly control the on and off of the two isolation devices on the standby link, the method only enables the standby link when the standby link is started, and further ensures the safety of data in the industrial control area.
Example 2
It is known that the main link is established according to the national security standard, which has excellent security when transmitting data, and the backup link with a simpler structure is unlikely to reach the security standard of the main link, even if the backup link is only activated in a few specific situations and is not activated for too long, it is still necessary to ensure the security of the backup link when transmitting data as much as possible. Therefore, on the basis of embodiment 1, to avoid the potential safety hazard when the backup link is used to transmit data, the following measures can be taken.
In order to ensure the validity of the data source received by the interface server, a check code may be used for checking, for example, a predefined check character string is used at the OPC server, a certain rule (e.g., check character string + timestamp + sending sequence number + thread ID) is added to generate a check code for each piece of data, the check code is sent to the interface server along with the data, after the interface server receives the data, the check code for the data is generated according to the same rule and is compared with the check code carried in the data, and if the two check codes are identical, the data is considered to be true and valid, and the data is received.
In order to ensure the integrity of the data received by the interface server, the sending sequence number carried by the received data may be checked, because the data sent by the data sending thread on the same OPC server are sequential. For example, if the interface server finds that the number of the transmission sequence number of the received data is skipped, it is considered that packet loss may occur in the data corresponding to the skipped transmission sequence number, and it is necessary to send a data retransmission command to the OPC server again through the reverse security isolation device, and of course, the data retransmission command includes the transmission sequence number of the missing data.
In order to prevent the data received by the interface server from being tampered, the transmitted data can be encrypted at the OPC server side, and the data can be decrypted at the interface server side. For example, a symmetric encryption algorithm can be used for encrypting and decrypting data, the symmetric encryption algorithm is simple and rapid to use, a secret key is short, and decoding is difficult.
Finally, in order to ensure the security of the data file saved by the OPC server, the saved data file may be encrypted and decrypted when called. When the main link works normally, the OPC server stores the acquired data in the main folder, the folder does not need to be encrypted, and decryption is not needed during calling. And after the data is switched to the standby link, the OPC server stores the acquired data in the standby folder, encrypts the standby folder, and needs to decrypt the standby folder when calling the data. For example, an RSA encryption algorithm may be used for the encryption and decryption operations.
The invention also provides a power plant data transmission system integrating self-diagnosis and channel optimization, which comprises a DCS11, an OPC server 12, an industrial firewall 13 and a first forward security isolation device 14 which are arranged in a production control area 1 and are sequentially connected, an SIS firewall 21, an SIS switch 22, a Client server 23 and a PI server 24 which are arranged in a production non-control area 2 and are sequentially connected, and a second forward security isolation device 31, a mirror image server 32 and an interface server 33 which are arranged in a management large area 3 and are sequentially connected, wherein an SIS access switch 4 is connected between the first forward security isolation device 14 and the SIS firewall 21, the PI server 24 is connected with the second forward security isolation device 31, and a third forward security isolation device 51 and a reverse security isolation device 52 are connected between the interface server 33 and the OPC server 12;
the interface server is internally provided with:
the communication monitoring module is used for monitoring the communication state between the interface server and the mirror image server;
the link switching command module is used for sending a standby link switching command or a main link recovery command to the OPC server through the reverse safety isolation device according to the result of the communication monitoring module;
the data supplementary transmission command module is used for sending a data supplementary transmission command to the OPC server through the reverse safety isolation device according to the time of abnormally receiving data in the monitoring information; sending a data supplementing and transmitting command to the OPC server through the reverse installation isolation device according to the time recorded by the communication monitoring module when the communication between the interface server and the mirror image server is abnormal;
a first activation module, configured to send an instruction to the reverse security isolation device to activate the reverse security isolation device before sending the command to switch the backup link; and after resuming the main link command transmission, transmitting an instruction to the reverse security isolation device to shut down the reverse installation isolation device.
The OPC server is internally provided with:
the link switching module is used for receiving the command of the link switching command module and switching a link for transmitting data to the interface server by the OPC server according to the received command;
the data supplementing and transmitting module is used for supplementing and transmitting data which is not received to the interface server through the second forward security isolation device according to the data supplementing and transmitting command sent by the data supplementing and transmitting command module;
the random value sending module is used for continuously sending a random value to the mirror image server;
the data receiving monitoring module judges whether the data receiving is normal according to the receiving condition of the random value: if the random value is not received or the received value is not changed within a period of time, judging that the mirror image server cannot normally receive the data;
a second activation module, configured to send an instruction to the third forward security isolation device to activate the third forward security isolation device after receiving a command to switch a backup link; and after receiving a main link restoration instruction, sending an instruction to the third forward safety isolation device to close the third forward safety isolation device.
The mirror image server is internally provided with:
the data receiving and monitoring module is used for monitoring whether the mirror image server can normally receive data;
the monitoring result feedback module is used for sending the monitoring information of the data receiving and monitoring module to the interface server;
and the link switching command module sends a standby link switching command or a main link recovery command to the OPC server through the reverse safety isolation device according to the monitoring information sent by the monitoring result feedback module.
In addition, in order to avoid the potential safety hazard existing when the data is transmitted by adopting the standby link, the OPC server is further provided with:
the check code generating module is used for generating a check code of each piece of data by adding a certain rule (such as the check character string, a timestamp, a sending sequence number and a thread ID) according to the defined check character string and sending the check code and the data to the interface server;
the data encryption module is used for encrypting the sent data;
the file encryption module is used for encrypting the folder for storing the acquired data;
and the file decryption module is used for decrypting the encrypted folder.
The interface server is internally provided with:
and the check code verification module is used for generating the check code of the received data according to the rule, comparing the check code with the check code carried in the data, and if the two check codes are consistent, considering that the data is true and valid.
The serial number checking module is used for checking a sending serial number carried by the received data and sending a data supplementing and transmitting command to the OPC server through the data supplementing and transmitting command module when the condition of jumping the number is found;
and the data decryption module is used for decrypting the received data.
The above description is only a preferred embodiment of the present invention, and the present invention is not limited to the above embodiment, and any changes or substitutions that can be easily made by those skilled in the art within the technical scope of the present invention should be covered by the protection scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A power plant data transmission method integrating self-diagnosis and channel optimization is used for a power plant data transmission system integrating self-diagnosis and channel optimization, the system comprises a DCS, an OPC server, an industrial firewall and a first forward safety isolation device which are sequentially connected in a production control area, an SIS firewall, an SIS switch, a Client server and a PI server which are sequentially connected in a production non-control area, a second forward safety isolation device, a mirror image server and an interface server which are sequentially connected in a management large area, an SIS access switch is connected between the first forward safety isolation device and the SIS firewall, and the PI server is connected with the second forward safety isolation device;
the method comprises the following steps:
the interface server monitors the communication state between the interface server and the mirror image server, if normal communication cannot be realized, a standby link switching command is sent to the OPC server through the reverse safety isolation device, and after the OPC server receives the standby link switching command, data are transmitted to the interface server through the third forward safety isolation device;
if the interface server finds that the communication between the interface server and the mirror image server is recovered to be normal, a main link recovery command is sent to the OPC server through the reverse safety isolation device, and after the OPC server receives the main link recovery command, the data are transmitted to the interface server through the industrial firewall, the first forward safety isolation device, the SIS access switch, the SIS firewall, the SIS switch, the Client server, the PI server, the second forward safety isolation device and the mirror image server in sequence.
2. The power plant data transmission method combining self-diagnosis and channel optimization according to claim 1, further comprising: the mirror image server monitors the data receiving condition, if the mirror image server does not normally receive data within a period of time, the mirror image server sends the information to the interface server, after receiving the information, the interface server sends a standby link switching command to the OPC server through the reverse safety isolation device, after receiving the standby link switching command, the OPC server transmits data to the interface server through the third forward safety isolation device, and transmits the data which are not normally received within the period of time by the mirror image server in a supplementary mode through the third forward safety isolation device;
and if the mirror image server recovers to normally receive data, the mirror image server sends the information to the interface server, the interface server sends a main link recovery command to the OPC server through the reverse security isolation device after receiving the information, and the OPC server transmits data to the interface server through the main link after receiving the main link recovery command.
3. The power plant data transmission method integrating self-diagnosis and channel optimization according to claim 2, wherein the specific method for judging whether the mirror image server can normally receive data is as follows: and the OPC server continuously sends a random value to the mirror image server, and if the mirror image server does not receive the random value within a period of time or the received value is not changed, the mirror image server is judged to fail to normally receive the data.
4. The power plant data transmission method integrating self-diagnosis and channel optimization according to claim 1, wherein after receiving a command for switching a standby link, the OPC server transmits data to the interface server through the third forward security isolation device according to the time when the interface server and the mirror image server are in communication with each other and are abnormal.
5. The power plant data transmission method integrating self-diagnosis and channel optimization according to claim 1, wherein when the interface server monitors that normal communication cannot be performed between the interface server and a mirror image server, an instruction is sent to the reverse safety isolation device to activate the reverse safety isolation device, and then a command for switching the standby link is sent through the reverse safety isolation device; after receiving a command of switching the standby link, the OPC server firstly sends an instruction to the third forward safety isolation device to activate the third forward safety isolation device, and then the third forward safety isolation device transmits data;
when the interface server monitors that normal communication between the interface server and the mirror image server is recovered, the interface server firstly sends a main link recovery command through the reverse safety isolation device and then sends an instruction to the reverse safety isolation device to close the reverse safety isolation device; and after receiving a main link recovery command, the OPC server sends an instruction to the third forward security isolation device to close the third forward security isolation device.
6. A power plant data transmission system integrating self-diagnosis and channel optimization comprises a DCS (distributed control system), an OPC (optical proximity correction) server, an industrial firewall, a first forward safety isolation device, an SIS firewall, an SIS switch, a Client server, a PI server, a second forward safety isolation device, a mirror image server and an interface server, wherein the SIS firewall, the SIS switch, the Client server and the PI server are sequentially connected in a production non-control area;
the interface server is internally provided with:
the communication monitoring module is used for monitoring the communication state between the interface server and the mirror image server;
the link switching command module is used for sending a standby link switching command or a main link recovery command to the OPC server through the reverse safety isolation device according to the result of the communication monitoring module;
the OPC server is internally provided with:
and the link switching module is used for receiving the command of the link switching command module and switching the link for transmitting data to the interface server by the OPC server according to the received command.
7. A power plant data transmission system combining self-diagnosis and channel optimization according to claim 6,
the mirror image server is internally provided with:
the data receiving and monitoring module is used for monitoring whether the mirror image server can normally receive data;
the monitoring result feedback module is used for sending the monitoring information of the data receiving and monitoring module to the interface server;
the link switching command module sends a standby link switching command or a main link recovery command to an OPC server through the reverse safety isolation device according to the monitoring information sent by the monitoring result feedback module;
the interface server is provided with:
the data supplementary transmission command module is used for sending a data supplementary transmission command to the OPC server through the reverse safety isolation device according to the time of abnormally receiving data in the monitoring information;
the OPC server is internally provided with:
and the data supplementing and transmitting module is used for supplementing and transmitting data which is not received to the interface server through the third forward security isolation device according to the data supplementing and transmitting data command sent by the data supplementing and transmitting command module.
8. A power plant data transmission system combining self-diagnosis and channel optimization according to claim 7, wherein the OPC server is internally provided with:
the random value sending module is used for continuously sending a random value to the mirror image server;
the data receiving monitoring module judges whether the data receiving is normal according to the receiving condition of the random value: and if the random value is not received or the received value is not changed within a period of time, judging that the mirror image server cannot normally receive the data.
9. The power plant data transmission system combining self-diagnosis and channel optimization according to claim 7, wherein the data supplementary transmission command module sends a supplementary transmission data command to the OPC server through the reverse installation isolation device according to the time recorded by the communication monitoring module when the communication between the interface server and the mirror image server is abnormal.
10. The power plant data transmission system combining self-diagnosis and channel optimization according to claim 6, wherein the interface server further comprises:
a first activation module, configured to send an instruction to the reverse security isolation device to activate the reverse security isolation device before sending the command to switch the backup link; and after the main link command transmission is resumed, sending an instruction to the reverse security isolation device to shut down the reverse installation isolation device;
the OPC server is also internally provided with:
a second activation module, configured to send an instruction to the third forward security isolation device to activate the third forward security isolation device after receiving a command to switch a backup link; and after receiving a main link restoration instruction, sending an instruction to the third forward safety isolation device to close the third forward safety isolation device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010424718.9A CN111724276B (en) | 2020-05-19 | 2020-05-19 | Power plant data transmission method and system integrating self-diagnosis and channel optimization |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010424718.9A CN111724276B (en) | 2020-05-19 | 2020-05-19 | Power plant data transmission method and system integrating self-diagnosis and channel optimization |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111724276A true CN111724276A (en) | 2020-09-29 |
| CN111724276B CN111724276B (en) | 2021-09-03 |
Family
ID=72564603
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010424718.9A Active CN111724276B (en) | 2020-05-19 | 2020-05-19 | Power plant data transmission method and system integrating self-diagnosis and channel optimization |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111724276B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070165520A1 (en) * | 2006-01-18 | 2007-07-19 | Messing Jeffrey P | Port trunking between switches |
| CN103268099A (en) * | 2013-05-06 | 2013-08-28 | 国家电网公司 | Real-time data collecting method of automatic monitoring system during discharging of pollutant source of coal-fired power plant |
| CN203457170U (en) * | 2013-09-30 | 2014-02-26 | 国家电网公司 | Multi-network integration system of electric power communication network |
| CN104753699A (en) * | 2013-12-26 | 2015-07-01 | 华为技术有限公司 | Link failure handling method and device |
| CN106487678A (en) * | 2015-08-27 | 2017-03-08 | 中兴通讯股份有限公司 | Data transmission method and device |
| CN207283594U (en) * | 2017-09-09 | 2018-04-27 | 广西电网有限责任公司电力科学研究院 | Power transmission and transformation equipment state monitoring system based on network security subregion |
| CN108540499A (en) * | 2018-06-26 | 2018-09-14 | 中国华电集团科学技术研究总院有限公司 | Electric power networks data transmission system with duplex channel and data transmission method |
| CN109917761A (en) * | 2019-03-13 | 2019-06-21 | 浙江浙能长兴天然气热电有限公司 | A kind of method and system improving DCS of Power Plant security protection |
| CN110224875A (en) * | 2019-06-27 | 2019-09-10 | 湖北鑫英泰系统技术股份有限公司 | A kind of multichannel main/slave link fast switch over method and system |
| CN110636148A (en) * | 2019-09-19 | 2019-12-31 | 国家电网有限公司 | Network address upgrading processing method |
-
2020
- 2020-05-19 CN CN202010424718.9A patent/CN111724276B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070165520A1 (en) * | 2006-01-18 | 2007-07-19 | Messing Jeffrey P | Port trunking between switches |
| CN103268099A (en) * | 2013-05-06 | 2013-08-28 | 国家电网公司 | Real-time data collecting method of automatic monitoring system during discharging of pollutant source of coal-fired power plant |
| CN203457170U (en) * | 2013-09-30 | 2014-02-26 | 国家电网公司 | Multi-network integration system of electric power communication network |
| CN104753699A (en) * | 2013-12-26 | 2015-07-01 | 华为技术有限公司 | Link failure handling method and device |
| CN106487678A (en) * | 2015-08-27 | 2017-03-08 | 中兴通讯股份有限公司 | Data transmission method and device |
| CN207283594U (en) * | 2017-09-09 | 2018-04-27 | 广西电网有限责任公司电力科学研究院 | Power transmission and transformation equipment state monitoring system based on network security subregion |
| CN108540499A (en) * | 2018-06-26 | 2018-09-14 | 中国华电集团科学技术研究总院有限公司 | Electric power networks data transmission system with duplex channel and data transmission method |
| CN109917761A (en) * | 2019-03-13 | 2019-06-21 | 浙江浙能长兴天然气热电有限公司 | A kind of method and system improving DCS of Power Plant security protection |
| CN110224875A (en) * | 2019-06-27 | 2019-09-10 | 湖北鑫英泰系统技术股份有限公司 | A kind of multichannel main/slave link fast switch over method and system |
| CN110636148A (en) * | 2019-09-19 | 2019-12-31 | 国家电网有限公司 | Network address upgrading processing method |
Non-Patent Citations (7)
| Title |
|---|
| DEL PICCOLO, VALENTIN 等: "A Survey of Network Isolation Solutions for Multi-Tenant Data Centers", 《IEEE COMMUNICATIONS SURVEYS AND TUTORIALS》 * |
| LI XU 等: "Optimized Multicast Routing Algorithm Based on Tree Structure in MANETs", 《CHINA COMMUNICATIONS》 * |
| 俞爱荣 等: "基于电力行业工业控制系统等级保护工作的研究", 《网络安全技术与应用》 * |
| 刘希金: "《机床数控系统故障检测及维修》", 28 February 1995, 兵器工业出版社 * |
| 李达: "DCS与SIS系统间安全隔离技术设计与实施", 《中国设备工程》 * |
| 杨静 等: "《数据加密解密技术》", 31 October 2017, 武汉大学出版社 * |
| 沈赫男: "SIS系统在火力发电厂的应用研究", 《中国优秀硕士学位论文全文数据库 工程科技Ⅱ辑》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111724276B (en) | 2021-09-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107094155B (en) | Data security storage method and device based on alliance block chain | |
| EP0543644B1 (en) | Command authentication process between a master and a slave station encrypted messages | |
| JP6129523B2 (en) | Communication apparatus and program | |
| WO2003107626A2 (en) | Method for establishing secure network communications | |
| CN103168458B (en) | For the method and apparatus of the key management of anti-manipulation | |
| CN105409157A (en) | Adaptive traffic encryption for optical networks | |
| KR101562311B1 (en) | Transmitting/receiving device of security gateway of physically unidirectional communication capable of security tunneling and re-transmitting data, and method of transferring data using the same | |
| CN102571488B (en) | Failure processing method, device and system for encryption card | |
| CN111147247B (en) | Key updating method, device, computer equipment and storage medium | |
| US11423187B2 (en) | Security device and field bus system for supporting secure communication by means of a field bus | |
| KR102018064B1 (en) | Secure communication apparatus and method for securing SCADA communication network | |
| CN111724276B (en) | Power plant data transmission method and system integrating self-diagnosis and channel optimization | |
| KR101214427B1 (en) | Supervisory Control and Data Acquisition System and Security management method thereof | |
| US20210075545A1 (en) | Mission-critical communication links for industrial control systems | |
| KR100794520B1 (en) | Securtioy system and method for controlling a traffic using the same | |
| CN104168110A (en) | Symmetric key online updating method | |
| KR102125047B1 (en) | Key Management and Operation Method for Improving Security of Distribution Intelligence System | |
| CN100596350C (en) | Method for encrypting and decrypting industrial control data | |
| CN116094745A (en) | Industrial control network safety protection method and device, terminal equipment and storage medium | |
| CN113169865B (en) | Control device, industrial control system, and encryption key lifetime extension method | |
| CN112217797B (en) | Intelligent gateway Internet of things control system and method applying block chain technology | |
| CN111490971B (en) | General hospital information infrastructure safety operation and maintenance and auditing method | |
| KR101584210B1 (en) | System and method for monitoring MCU | |
| KR101691201B1 (en) | Secure communication apparatus and method of distribute network protocol message | |
| CN103475465A (en) | MACsec key update method and device in ISSU process |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |