CN111769632A - Distributed power supply safety communication method and system adopting NB-IOT technology - Google Patents
Distributed power supply safety communication method and system adopting NB-IOT technology Download PDFInfo
- Publication number
- CN111769632A CN111769632A CN201910257727.0A CN201910257727A CN111769632A CN 111769632 A CN111769632 A CN 111769632A CN 201910257727 A CN201910257727 A CN 201910257727A CN 111769632 A CN111769632 A CN 111769632A
- Authority
- CN
- China
- Prior art keywords
- communication
- data
- distributed power
- power supply
- acquisition terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 237
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000005516 engineering process Methods 0.000 title claims abstract description 20
- 230000005540 biological transmission Effects 0.000 claims abstract description 65
- 238000007405 data analysis Methods 0.000 claims abstract description 14
- 230000008569 process Effects 0.000 claims abstract description 11
- 238000012544 monitoring process Methods 0.000 claims description 26
- 238000007726 management method Methods 0.000 claims description 25
- 238000012545 processing Methods 0.000 claims description 24
- 238000010248 power generation Methods 0.000 claims description 10
- 230000003993 interaction Effects 0.000 claims description 9
- 238000004458 analytical method Methods 0.000 claims description 8
- 230000002159 abnormal effect Effects 0.000 claims description 6
- 238000013500 data storage Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 12
- 238000004590 computer program Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 7
- 238000002955 isolation Methods 0.000 description 3
- 238000003860 storage Methods 0.000 description 3
- 238000009826 distribution Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention relates to a distributed power supply safety communication method and a system adopting NB-IOT technology.A communication acquisition terminal arranged at a distributed power supply performs data transmission on acquired data through pre-established configuration parameters of an NB-IOT distributed power supply communication network; and the communication receiving terminal arranged on the receiving side receives the data transmitted by the acquisition terminal, processes the data and completes data analysis.
Description
Technical Field
The invention belongs to the technical field of new energy, and particularly relates to a distributed power supply safety communication method and system adopting an NB-IOT technology.
Background
Due to the obvious advantages in the aspect of power generation consumption, the distributed power generation gradually becomes the main form of new energy development and utilization in China. With the rapid increase of installed capacity, the impact and influence of distributed power generation on the safe operation of a power distribution network are gradually shown, but because a safe, reliable and practical distributed power communication access system is not established at present, a power grid enterprise cannot effectively perform distributed power monitoring management.
At present, the communication between the existing distributed power supply monitoring system and each distributed power supply mainly adopts a traditional electric power communication protocol mode, if public network communication is adopted, the safety is insufficient, and the cost of an electric power private network is higher, so that an effective and wide online monitoring means is lacked for the distributed power supply at present.
Disclosure of Invention
In order to make up for the defects, a reliable, high-speed and low-power-consumption communication means is provided for online monitoring and control of the distributed power supply through a Narrow-Band Internet of Things (NB-IoT), the operation data of the distributed power supply is uploaded in real time through the NB-IoT technology, and effective supervision and operation analysis evaluation of the distributed power supply can be realized through issuing a control and regulation instruction to the distributed power supply.
The purpose of the invention is realized by adopting the following technical scheme:
a method of distributed power secure communication employing NB-IOT technology, the method comprising:
the communication acquisition terminal installed at the distributed power supply transmits the acquired data through the pre-established configuration parameters of the NB-IOT distributed power supply communication network;
and the communication receiving terminal arranged on the receiving side receives the data transmitted by the acquisition terminal, processes the data and completes data analysis.
Preferably, the data transmission of the collected data by the communication collection terminal installed at the distributed power supply through the pre-established configuration parameters of the NB-IOT distributed power supply communication network itself includes:
the communication acquisition terminal configures an NB-IOT distributed power supply communication network according to NB-IOT communication performance, and is connected with a communication channel of the distributed power supply through an RS485 interface and an Ethernet interface;
collecting operation information of distributed power supply equipment;
grouping high-speed and low-speed communication channels by adopting predefined distributed power supply information interaction rules and contents conforming to an NB-IOT distributed power supply communication network structure, and classifying operation information of distributed power supply equipment by adopting a transmission method based on Webservice according to the importance degree of signals;
and the communication acquisition terminal finishes the data transmission of the operation information of the distributed power supply equipment according to the grouping classification result and the parameter configuration.
Further, the communication acquisition terminal completing data transmission of the operation information of the distributed power supply device according to the packet classification result and the parameter configuration includes:
constructing two types of model libraries of a general information model and an equipment information model according to the operation information of the distributed power supply equipment, and acquiring data in the two types of model libraries of the general information model and the equipment information model;
judging whether the data is received or not; if the transmitted data is received, storing the data into a receiving buffer area, reading effective data of the data, and storing the read effective data into a sending buffer area;
judging whether the data in the cache region has breakpoints, if so, returning to a receiving starting point, otherwise, sending the effective data in the sending cache region;
and reading the effective data of the cache region, carrying out encryption authentication on the effective data of the cache region by using an asymmetric mode or a symmetric mode, and then sending an encryption authentication message through an NB-IOT distributed power supply communication network.
Further, the constructing of the two types of model libraries of the overall information model and the equipment information model according to the operation information of the distributed power supply equipment comprises:
the communication acquisition terminal conducts structuralization processing on the operation information of the distributed power supply equipment according to the equipment logic structure of the distributed power supply to form a hierarchical information model;
converting operation collected data of the distributed power supply into model data according to the information model, and describing the model data through a symbolic language to form two types of model libraries, namely a total information model and an equipment information model;
the overall information model base is used for describing basic information of the power station, power generation amount of the power station, electric quantity of a grid-connected point and environment monitoring information;
the equipment information model library is used for describing data information of various kinds of equipment of the distributed power supply.
Further, the receiving and processing of the data transmitted by the acquisition terminal by the communication receiving terminal installed on the receiving side includes:
the communication receiving terminal receives the encryption authentication message of the communication acquisition terminal;
performing equipment state management on the communication acquisition terminal according to the encryption authentication message, realizing real-time monitoring on the communication acquisition terminal by adopting an SNMP (simple network management protocol), acquiring the running state of the communication acquisition terminal, and uploading running state records and state analysis to a network administrator in real time;
when the abnormal state of the communication acquisition terminal is detected, adopting safety measures in a pre-established integrated safety protection system to prevent risk points; and debugging and configuration deployment of the communication acquisition terminal are executed.
Further, the performing device state management on the communication acquisition terminal according to the encrypted authentication message includes:
for the encrypted authentication message needing to be decrypted, the communication receiving terminal inquires a first encrypted authentication message based on a first time step length, and processes the encrypted authentication message by adopting a decryption algorithm through allocating and executing a pre-stored program;
the communication receiving terminal inquires a second encryption authentication message based on a second time step length, and allocates and executes a pre-stored program to manage the distributed power supply according to the inquiry result of the first message queue;
the first message is an encryption authentication message with a communication acquisition terminal, and the second encryption authentication message is a message encryption authentication message with a network administrator.
Further, the safety measures in the integrated safety protection system comprise: terminal security measures, transmission security measures and system security measures;
the risk points comprise terminal risks, transmission risks and system threats;
the terminal risks comprise terminal physical integrity and data storage risks, system bugs and illegal software risks and equipment illegal use risks;
the transmission risk comprises the information illegal interception and tampering through a wireless network channel and the access risk of an illegal terminal; system threats include unauthorized access to application system resources, sensitive data leaks, and cyber attack risks.
A distributed power secure communication system employing NB-IOT technology, the system comprising:
the system comprises a communication acquisition terminal installed at a distributed power supply and a communication receiving terminal installed at a receiving side; wherein,
the communication acquisition terminal comprises a transmission module;
the communication receiving terminal comprises a communication module;
the transmission module is used for carrying out data transmission on the acquired data through the pre-established configuration parameters of the NB-IOT distributed power supply communication network;
and the communication module is used for receiving the data transmitted by the acquisition terminal, processing the data and completing data analysis.
Preferably, the transmission module includes:
the first transmission submodule is used for configuring an NB-IOT distributed power supply communication network by the communication acquisition terminal according to NB-IOT communication performance and connecting the NB-IOT distributed power supply communication network with a communication channel of a distributed power supply through an RS485 interface and an Ethernet interface;
the acquisition submodule is used for acquiring the operation information of the distributed power supply equipment;
the processing submodule is used for grouping the high-speed and low-speed communication channels by adopting a predefined distributed power supply information interaction rule and content which accord with an NB-IOT distributed power supply communication network structure, and classifying the operation information of the distributed power supply equipment according to the importance degree of signals by adopting a transmission method based on Webservice;
and the second transmission submodule is used for finishing the data transmission of the operation information of the distributed power supply equipment by the communication acquisition terminal according to the grouping classification result and the parameter configuration.
Further, the second transmission sub-module includes:
the data acquisition unit is used for constructing two types of model libraries, namely a general information model and an equipment information model, according to the operation information of the distributed power supply equipment and acquiring data in the two types of model libraries, namely the general information model and the equipment information model;
the data caching unit is used for judging whether the data is received or not; if the transmitted data is received, storing the data into a receiving buffer area, reading effective data of the data, and storing the read effective data into a sending buffer area;
the data transmission unit is used for judging whether the data in the cache region has breakpoints or not, if so, returning to the receiving starting point, and otherwise, sending the effective data in the sending cache region;
and the encryption authentication unit is used for reading the effective data of the cache region, carrying out encryption authentication on the effective data of the cache region in an asymmetric mode or a symmetric mode, and then sending an encryption authentication message through the NB-IOT distributed power supply communication network.
Preferably, the communication module includes:
the authentication submodule is used for receiving the encrypted authentication message of the communication acquisition terminal by the communication receiving terminal;
the management submodule is used for managing the equipment state of the communication acquisition terminal according to the encryption authentication message, realizing real-time monitoring of the communication acquisition terminal by adopting an SNMP (simple network management protocol), acquiring the running state of the communication acquisition terminal, and uploading running state records and state analysis to a network administrator in real time;
the processing submodule is used for adopting safety measures in a pre-established integrated safety protection system to prevent the risk points when the abnormal state of the communication acquisition terminal is detected; and debugging and configuration deployment of the communication acquisition terminal are executed.
Further, the management submodule includes:
the data analysis unit is used for inquiring the first encryption authentication message based on the first time step length for the encryption authentication message needing to be decrypted, and processing the encryption authentication message by adopting a decryption algorithm through allocating and executing a pre-stored program;
the regulation and control unit is used for inquiring a second encryption authentication message based on a second time step length by the communication receiving terminal, and allocating and executing a pre-stored program to manage the distributed power supply according to the inquiry result of the first message queue; the first message is an encryption authentication message with a communication acquisition terminal, and the second encryption authentication message is a message encryption authentication message with a network administrator.
Compared with the closest prior art, the invention also has the following beneficial effects:
the invention provides a distributed power supply safety communication method and system adopting NB-IOT technology.A communication acquisition terminal installed at a distributed power supply performs data transmission on acquired data through pre-established configuration parameters of an NB-IOT distributed power supply communication network; and the communication receiving terminal arranged on the receiving side receives the data transmitted by the acquisition terminal, processes the data and completes data analysis. The distributed power supply safety communication method adopting the NB-IoT technology comprises a distributed power supply communication network structure adapting to NB-IOT communication performance; the distributed power supply information interaction rule and content of the communication network structure are met; the distributed power supply safety communication system adopts the functions of configuration management, data acquisition and transmission processing of an NB-IOT technology; the safety authentication and access control method of the distributed power supply safety communication system adopting the NB-IOT technology can remarkably reduce the application cost while ensuring the communication safety, improves the applicability due to the low power consumption characteristic, and can provide a reliable data communication means for online monitoring, control regulation, analysis and evaluation of the distributed power supply.
Drawings
Fig. 1 is a flowchart of a distributed power secure communication method using NB-IOT technology provided in an embodiment of the present invention;
FIG. 2 is an overall topology block diagram provided in an embodiment of the present invention;
fig. 3 is a schematic diagram illustrating classification of service information provided in an embodiment of the present invention;
FIG. 4 is a schematic diagram of an information security structure provided in an embodiment of the present invention;
fig. 5 is a schematic diagram of a terminal management system provided in an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings.
As shown in fig. 1, a method for secure communication of a distributed power supply using NB-IOT technology is provided, where the method includes:
s1, the communication acquisition terminal installed at the distributed power supply transmits the acquired data through the pre-established configuration parameters of the NB-IOT distributed power supply communication network;
and S2, the communication receiving terminal arranged on the receiving side receives the data transmitted by the acquisition terminal, processes the data and completes data analysis.
Step S1, the data transmission of the collected data by the communication collection terminal installed at the distributed power supply through the pre-established configuration parameters of the NB-IOT distributed power supply communication network itself includes:
a, a communication acquisition terminal configures an NB-IOT distributed power supply communication network according to NB-IOT communication performance, and is connected with a communication channel of a distributed power supply through an RS485 interface and an Ethernet interface;
b, collecting operation information of the distributed power supply equipment;
c, grouping high-speed and low-speed communication channels by adopting predefined distributed power supply information interaction rules and contents conforming to an NB-IOT distributed power supply communication network structure, and classifying the operation information of the distributed power supply equipment according to the importance degree of signals by adopting a transmission method based on Webservice;
and d, the communication acquisition terminal finishes the data transmission of the operation information of the distributed power supply equipment according to the grouping classification result and the parameter configuration.
Step c, the data transmission of the operation information of the distributed power supply equipment by the communication acquisition terminal according to the grouping classification result and the parameter configuration comprises the following steps:
constructing two types of model libraries of a general information model and an equipment information model according to the operation information of the distributed power supply equipment, and acquiring data in the two types of model libraries of the general information model and the equipment information model;
judging whether the data is received or not; if the transmitted data is received, storing the data into a receiving buffer area, reading effective data of the data, and storing the read effective data into a sending buffer area;
judging whether the data in the cache region has breakpoints, if so, returning to a receiving starting point, otherwise, sending the effective data in the sending cache region;
and reading the effective data of the cache region, carrying out encryption authentication on the effective data of the cache region by using an asymmetric mode or a symmetric mode, and then sending an encryption authentication message through an NB-IOT distributed power supply communication network.
The method for constructing the overall information model and the equipment information model base according to the operation information of the distributed power supply equipment comprises the following steps:
the communication acquisition terminal conducts structuralization processing on the operation information of the distributed power supply equipment according to the equipment logic structure of the distributed power supply to form a hierarchical information model;
converting operation collected data of the distributed power supply into model data according to the information model, and describing the model data through a symbolic language to form two types of model libraries, namely a total information model and an equipment information model;
the overall information model base is used for describing basic information of the power station, power generation amount of the power station, electric quantity of a grid-connected point and environment monitoring information;
the equipment information model library is used for describing data information of various kinds of equipment of the distributed power supply.
In step S2, the receiving and processing of the data transmitted by the acquisition terminal by the communication receiving terminal installed on the receiving side includes:
the communication receiving terminal receives the encryption authentication message of the communication acquisition terminal;
performing equipment state management on the communication acquisition terminal according to the encryption authentication message, realizing real-time monitoring on the communication acquisition terminal by adopting an SNMP (simple network management protocol), acquiring the running state of the communication acquisition terminal, and uploading running state records and state analysis to a network administrator in real time;
when the abnormal state of the communication acquisition terminal is detected, adopting safety measures in a pre-established integrated safety protection system to prevent risk points; and debugging and configuration deployment of the communication acquisition terminal are executed.
Wherein, the device state management of the communication acquisition terminal according to the encryption authentication message comprises:
for the encrypted authentication message needing to be decrypted, the communication receiving terminal inquires a first encrypted authentication message based on a first time step length, and processes the encrypted authentication message by adopting a decryption algorithm through allocating and executing a pre-stored program;
the communication receiving terminal inquires a second encryption authentication message based on a second time step length, and allocates and executes a pre-stored program to manage the distributed power supply according to the inquiry result of the first message queue;
the first message is an encryption authentication message with a communication acquisition terminal, and the second encryption authentication message is a message encryption authentication message with a network administrator.
The safety measures in the integrated safety protection system comprise: terminal security measures, transmission security measures and system security measures;
the risk points comprise terminal risks, transmission risks and system threats;
the terminal risks comprise terminal physical integrity and data storage risks, system bugs and illegal software risks and equipment illegal use risks;
the transmission risk comprises the information illegal interception and tampering through a wireless network channel and the access risk of an illegal terminal; system threats include unauthorized access to application system resources, sensitive data leaks, and cyber attack risks.
Example 1:
installing a communication acquisition terminal adopting NB-IOT technology at a distributed power supply, establishing a distributed power supply communication network structure adapting to NB-IOT communication performance, adopting a distributed power supply information interaction rule and content conforming to the communication network structure, adopting a Webservice-based transmission method for a transmission rule, and completing data transmission through parameter configuration; the communication channel is an NB-IOT network established by a telecom operator; and the NB-IOT technology is adopted to complete the channel management, and a communication receiving terminal adopting the NB-IOT technology is installed at a receiving side to complete data analysis.
The distributed power supply communication network structure is configured according to NB-IOT communication performance, communication channels of main equipment of the distributed power supply are collected through an RS485 interface and an Ethernet interface, high-speed and low-speed communication channels are grouped, important signals and non-important signals are classified, and communication sending is carried out according to grouping classification.
The communication acquisition terminal carries out structuralization processing on the operation information of the distributed power supply equipment according to the equipment logic structure of the distributed power supply to form a hierarchical information model, converts the operation acquisition data of the distributed power supply into model data according to the information model, and describes the model data through a symbolic language to form two types of model libraries, namely a total information model and an equipment information model.
The overall information model mainly describes basic information of the power station, power generation amount of the power station, electric quantity of a grid-connected point and environment monitoring information.
The equipment information model mainly describes data information of various kinds of equipment of the distributed power supply.
And the communication receiving terminal carries out time service on the communication acquisition terminal, and the time synchronization is kept between the communication acquisition terminal and the communication receiving terminal.
The communication receiving terminal manages the state of the communication acquisition terminal, can monitor, debug and configure the communication acquisition terminal through the communication receiving terminal, and adopts an SNMP protocol to realize real-time monitoring of the terminal.
And the communication receiving terminal and the communication acquisition terminal carry out encryption authentication in an asymmetric mode and a symmetric mode.
And the communication receiving terminal and the communication acquisition terminal perform channel encryption through IPSEC VPN.
(1) The overall topology is shown in figure 2.
The method provided by the patent comprises a communication acquisition terminal, a communication receiving terminal and an NB-IOT network, wherein the communication receiving terminal can be accessed to a plurality of communication acquisition terminals. The communication acquisition terminal comprises a data acquisition module, a data cache module, a data transmission module and a safety control module, wherein the data acquisition module can be in communication connection and data transmission with all components in the distributed power supply, including a power generation component, a grid-connected component, electric quantity metering, environment monitoring and the like; the data caching module caches the acquired data and supports breakpoint retransmission; the data transmission module establishes VPN connection with the communication interface terminal and performs transmission message control; the safety control module realizes safety encryption authentication. The communication receiving terminal comprises a safety control module, a channel management module and a data analysis module and can be simultaneously accessed to and process the multi-channel communication acquisition terminal.
(2) The traffic information classification is shown in fig. 3.
Carrying out multi-dimensional type division on distributed power sources, including distributed power stations, park photovoltaics and the like, classifying according to different grid-connected voltage grades, and including the step of merging new energy into a multi-voltage-grade power distribution network; on the level of data type of equipment interaction, classification is carried out according to communication services such as grid-connected equipment, protection equipment, metering equipment and other data acquisition equipment; on the aspect of a business processing flow, classifying according to an information exchange flow and an information flow direction between distributed power generation system equipment and a superior monitoring system, wherein the superior system comprises a power supply side distributed power generation monitoring system, a power grid side dispatching automation system, a power station automation and information operation and maintenance remote monitoring system and the like; on the communication demand level, the data types (data, voice, video) transmitted by the communication services, the traffic data flow, the bandwidth demand, the real-time requirement and the reliability requirement are classified. And providing an applicable distributed power supply access information model on the basis of classification grouping.
(3) The information security architecture is shown in fig. 4.
The terminal risks mainly comprise terminal physical integrity and data storage risks, system bugs and illegal software risks, equipment illegal use risks and the like; the transmission risk refers to the illegal interception and tampering of information generated through a wireless network channel and the access risk of an illegal terminal; the system threat refers to risks such as unauthorized access of application system resources, sensitive data leakage, network attack and the like. And aiming at the risk points, necessary safety measures are taken for precaution, and an integrated safety protection system is established.
1) Terminal security measures
Terminal data encryption: the mobile terminal utilizes a hardware cryptographic algorithm to carry out high-strength encryption in an asymmetric mode and a symmetric mode on the data file and the database, so that the leakage of secret is prevented under the condition of equipment loss. Terminal security: the terminal carries out safety protection through a certificate system, and the safety access platform carries out high authentication and access arbitration on the identity of the mobile terminal, thereby ensuring the access validity and auditing illegal access information. And (3) user authority verification: when a user logs in online, the latest authority information of the master station system is automatically acquired, and the access authority of the logged-in user is verified. The access authority comprises data downloading authority, data field access authority, task execution authority, data submission authority and the like.
2) Transmission security measures
Channel encryption: APN/VPN is adopted in the core network, and the tunnel technology is adopted in the bearer network to encrypt the network channel, so that the privacy and the safety of the data transmission channel are guaranteed. Digital certificate: and the terminal is subjected to validity verification by combining the digital certificate and the channel encryption, and the access of an illegal terminal is forbidden. Firewall and security isolation: and the transmission safety is ensured by adopting a mode of access control and communication bidirectional isolation control.
3) System security measures
And (3) verifying the identity of the service end: the identity of the mobile terminal is subjected to high-strength authentication and access arbitration based on a digital certificate system according to the authentication information of the mobile terminal and a security strategy, so that the access validity is ensured, and the illegal access information is audited. And (4) safety access protection: and the accessed terminal adopts a safety access system to carry out unified authentication monitoring. The safety access system is used as an important component of a safety access platform and provides core boundary access protection functions such as equipment access authentication, data isolation exchange, real-time safety monitoring, data safety inspection and the like when the terminal is accessed to an information intranet in a safety private network mode.
(4) Terminal management method
As shown in fig. 5, the communication access terminal has the functions of monitoring the operation state of the communication acquisition terminal in real time, and recording and analyzing the operation state. The network administrator can realize monitoring, debugging and configuration deployment of all the communication acquisition terminals.
The communication access terminal adopts SNMP protocol to realize real-time monitoring requirement for the managed communication acquisition terminal. The communication acquisition terminal establishes a communication channel in a VPN mode, and a VPN scheme can be based on software or hardware. And on the premise of establishing the internal channel link, finishing the device management and debugging work. And the SNMP protocol is responsible for monitoring the real-time state of the device.
The SNMP TRAP message is used for actively sending state information such as alarm errors and the like to the communication acquisition terminal. The SNMP GET message is used for the communication access terminal to actively request the relevant running state of the controlled device. The SNMP SET message is used for setting parameters of an application service program of the communication acquisition terminal.
Example 2:
based on the same technical concept, the invention also provides a distributed power supply safety communication system adopting NB-IOT technology, which comprises:
the system comprises a communication acquisition terminal installed at a distributed power supply and a communication receiving terminal installed at a receiving side; wherein,
the communication acquisition terminal comprises a transmission module;
the communication receiving terminal comprises a communication module;
the transmission module is used for carrying out data transmission on the acquired data through the pre-established configuration parameters of the NB-IOT distributed power supply communication network;
and the communication module is used for receiving the data transmitted by the acquisition terminal, processing the data and completing data analysis.
Wherein the transmission module comprises:
the first transmission submodule is used for configuring an NB-IOT distributed power supply communication network by the communication acquisition terminal according to NB-IOT communication performance and connecting the NB-IOT distributed power supply communication network with a communication channel of a distributed power supply through an RS485 interface and an Ethernet interface;
the acquisition submodule is used for acquiring the operation information of the distributed power supply equipment;
the processing submodule is used for grouping the high-speed and low-speed communication channels by adopting a predefined distributed power supply information interaction rule and content which accord with an NB-IOT distributed power supply communication network structure, and classifying the operation information of the distributed power supply equipment according to the importance degree of signals by adopting a transmission method based on Webservice;
and the second transmission submodule is used for finishing the data transmission of the operation information of the distributed power supply equipment by the communication acquisition terminal according to the grouping classification result and the parameter configuration.
The second transmission sub-module includes:
the data acquisition unit is used for constructing two types of model libraries, namely a general information model and an equipment information model, according to the operation information of the distributed power supply equipment and acquiring data in the two types of model libraries, namely the general information model and the equipment information model;
the data caching unit is used for judging whether the data is received or not; if the transmitted data is received, storing the data into a receiving buffer area, reading effective data of the data, and storing the read effective data into a sending buffer area;
the data transmission unit is used for judging whether the data in the cache region has breakpoints or not, if so, returning to the receiving starting point, and otherwise, sending the effective data in the sending cache region;
and the encryption authentication unit is used for reading the effective data of the cache region, carrying out encryption authentication on the effective data of the cache region in an asymmetric mode or a symmetric mode, and then sending an encryption authentication message through the NB-IOT distributed power supply communication network.
Wherein the communication module comprises:
the authentication submodule is used for receiving the encrypted authentication message of the communication acquisition terminal by the communication receiving terminal;
the management submodule is used for managing the equipment state of the communication acquisition terminal according to the encryption authentication message, realizing real-time monitoring of the communication acquisition terminal by adopting an SNMP (simple network management protocol), acquiring the running state of the communication acquisition terminal, and uploading running state records and state analysis to a network administrator in real time;
the processing submodule is used for adopting safety measures in a pre-established integrated safety protection system to prevent the risk points when the abnormal state of the communication acquisition terminal is detected; and debugging and configuration deployment of the communication acquisition terminal are executed.
The management submodule comprises:
the data analysis unit is used for inquiring the first encryption authentication message based on the first time step length for the encryption authentication message needing to be decrypted, and processing the encryption authentication message by adopting a decryption algorithm through allocating and executing a pre-stored program;
the regulation and control unit is used for inquiring a second encryption authentication message based on a second time step length by the communication receiving terminal, and allocating and executing a pre-stored program to manage the distributed power supply according to the inquiry result of the first message queue; the first message is an encryption authentication message with a communication acquisition terminal, and the second encryption authentication message is a message encryption authentication message with a network administrator.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting the same, and although the present invention is described in detail with reference to the above embodiments, those of ordinary skill in the art should understand that: modifications and equivalents may be made to the embodiments of the invention without departing from the spirit and scope of the invention, which is to be covered by the claims.
Claims (12)
1. A method for distributed power secure communication using NB-IOT technology, the method comprising: the communication acquisition terminal installed at the distributed power supply transmits the acquired data through the pre-established configuration parameters of the NB-IOT distributed power supply communication network;
and the communication receiving terminal arranged on the receiving side receives the data transmitted by the acquisition terminal, processes the data and completes data analysis.
2. The method of claim 1, wherein the data transmission of the collected data by the communication collection terminal installed at the distributed power supply through the pre-established configuration parameters of the NB-IOT distributed power supply communication network itself comprises:
the communication acquisition terminal configures an NB-IOT distributed power supply communication network according to NB-IOT communication performance, and is connected with a communication channel of the distributed power supply through an RS485 interface and an Ethernet interface;
collecting operation information of distributed power supply equipment;
grouping high-speed and low-speed communication channels by adopting predefined distributed power supply information interaction rules and contents conforming to an NB-IOT distributed power supply communication network structure, and classifying operation information of distributed power supply equipment by adopting a transmission method based on Webservice according to the importance degree of signals;
and the communication acquisition terminal finishes the data transmission of the operation information of the distributed power supply equipment according to the grouping classification result and the parameter configuration.
3. The method according to claim 2, wherein the communication collection terminal completing the data transmission of the operation information of the distributed power supply device according to the packet classification result and the parameter configuration comprises:
constructing two types of model libraries of a general information model and an equipment information model according to the operation information of the distributed power supply equipment, and acquiring data in the two types of model libraries of the general information model and the equipment information model;
judging whether the data is received or not; if the transmitted data is received, storing the data into a receiving buffer area, reading effective data of the data, and storing the read effective data into a sending buffer area;
judging whether the data in the cache region has breakpoints, if so, returning to a receiving starting point, otherwise, sending the effective data in the sending cache region;
and reading the effective data of the cache region, carrying out encryption authentication on the effective data of the cache region by using an asymmetric mode or a symmetric mode, and then sending an encryption authentication message through an NB-IOT distributed power supply communication network.
4. The method of claim 3, wherein constructing two types of model libraries of the overall information model and the equipment information model according to the operation information of the distributed power equipment comprises:
the communication acquisition terminal conducts structuralization processing on the operation information of the distributed power supply equipment according to the equipment logic structure of the distributed power supply to form a hierarchical information model;
converting operation collected data of the distributed power supply into model data according to the information model, and describing the model data through a symbolic language to form two types of model libraries, namely a total information model and an equipment information model;
the overall information model base is used for describing basic information of the power station, power generation amount of the power station, electric quantity of a grid-connected point and environment monitoring information;
the equipment information model library is used for describing data information of various kinds of equipment of the distributed power supply.
5. The method of claim 3, wherein the receiving side of the communication receiving terminal receives and processes the data transmitted by the collecting terminal, and the data analysis is completed by:
the communication receiving terminal receives the encryption authentication message of the communication acquisition terminal;
performing equipment state management on the communication acquisition terminal according to the encryption authentication message, realizing real-time monitoring on the communication acquisition terminal by adopting an SNMP (simple network management protocol), acquiring the running state of the communication acquisition terminal, and uploading running state records and state analysis to a network administrator in real time;
when the abnormal state of the communication acquisition terminal is detected, adopting safety measures in a pre-established integrated safety protection system to prevent risk points; and debugging and configuration deployment of the communication acquisition terminal are executed.
6. The method of claim 5, wherein the device state management of the communication acquisition terminal according to the encrypted authentication message comprises:
for the encrypted authentication message needing to be decrypted, the communication receiving terminal inquires a first encrypted authentication message based on a first time step length, and processes the encrypted authentication message by adopting a decryption algorithm through allocating and executing a pre-stored program;
the communication receiving terminal inquires a second encryption authentication message based on a second time step length, and allocates and executes a pre-stored program to manage the distributed power supply according to the inquiry result of the first message queue;
the first message is an encryption authentication message with a communication acquisition terminal, and the second encryption authentication message is a message encryption authentication message with a network administrator.
7. The method of claim 5, wherein the security measures in the integrated security system comprise: terminal security measures, transmission security measures and system security measures;
the risk points comprise terminal risks, transmission risks and system threats;
the terminal risks comprise terminal physical integrity and data storage risks, system bugs and illegal software risks and equipment illegal use risks;
the transmission risk comprises the information illegal interception and tampering through a wireless network channel and the access risk of an illegal terminal; system threats include unauthorized access to application system resources, sensitive data leaks, and cyber attack risks.
8. A distributed power secure communication system employing NB-IOT technology, the system comprising:
the system comprises a communication acquisition terminal installed at a distributed power supply and a communication receiving terminal installed at a receiving side; wherein,
the communication acquisition terminal comprises a transmission module;
the communication receiving terminal comprises a communication module;
the transmission module is used for carrying out data transmission on the acquired data through the pre-established configuration parameters of the NB-IOT distributed power supply communication network;
and the communication module is used for receiving the data transmitted by the acquisition terminal, processing the data and completing data analysis.
9. The system of claim 8, wherein the transmission module comprises:
the first transmission submodule is used for configuring an NB-IOT distributed power supply communication network by the communication acquisition terminal according to NB-IOT communication performance and connecting the NB-IOT distributed power supply communication network with a communication channel of a distributed power supply through an RS485 interface and an Ethernet interface;
the acquisition submodule is used for acquiring the operation information of the distributed power supply equipment;
the processing submodule is used for grouping the high-speed and low-speed communication channels by adopting a predefined distributed power supply information interaction rule and content which accord with an NB-IOT distributed power supply communication network structure, and classifying the operation information of the distributed power supply equipment according to the importance degree of signals by adopting a transmission method based on Webservice;
and the second transmission submodule is used for finishing the data transmission of the operation information of the distributed power supply equipment by the communication acquisition terminal according to the grouping classification result and the parameter configuration.
10. The system of claim 9, wherein the second transmission sub-module comprises:
the data acquisition unit is used for constructing two types of model libraries, namely a general information model and an equipment information model, according to the operation information of the distributed power supply equipment and acquiring data in the two types of model libraries, namely the general information model and the equipment information model;
the data caching unit is used for judging whether the data is received or not; if the transmitted data is received, storing the data into a receiving buffer area, reading effective data of the data, and storing the read effective data into a sending buffer area;
the data transmission unit is used for judging whether the data in the cache region has breakpoints or not, if so, returning to the receiving starting point, and otherwise, sending the effective data in the sending cache region;
and the encryption authentication unit is used for reading the effective data of the cache region, carrying out encryption authentication on the effective data of the cache region in an asymmetric mode or a symmetric mode, and then sending an encryption authentication message through the NB-IOT distributed power supply communication network.
11. The system of claim 8, wherein the communication module comprises:
the authentication submodule is used for receiving the encrypted authentication message of the communication acquisition terminal by the communication receiving terminal;
the management submodule is used for managing the equipment state of the communication acquisition terminal according to the encryption authentication message, realizing real-time monitoring of the communication acquisition terminal by adopting an SNMP (simple network management protocol), acquiring the running state of the communication acquisition terminal, and uploading running state records and state analysis to a network administrator in real time;
the processing submodule is used for adopting safety measures in a pre-established integrated safety protection system to prevent the risk points when the abnormal state of the communication acquisition terminal is detected; and debugging and configuration deployment of the communication acquisition terminal are executed.
12. The system of claim 11, wherein the management submodule comprises:
the data analysis unit is used for inquiring the first encryption authentication message based on the first time step length for the encryption authentication message needing to be decrypted, and processing the encryption authentication message by adopting a decryption algorithm through allocating and executing a pre-stored program;
the regulation and control unit is used for inquiring a second encryption authentication message based on a second time step length by the communication receiving terminal, and allocating and executing a pre-stored program to manage the distributed power supply according to the inquiry result of the first message queue; the first message is an encryption authentication message with a communication acquisition terminal, and the second encryption authentication message is a message encryption authentication message with a network administrator.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910257727.0A CN111769632B (en) | 2019-04-01 | 2019-04-01 | Distributed power source secure communication method and system adopting NB-IOT technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910257727.0A CN111769632B (en) | 2019-04-01 | 2019-04-01 | Distributed power source secure communication method and system adopting NB-IOT technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111769632A true CN111769632A (en) | 2020-10-13 |
| CN111769632B CN111769632B (en) | 2024-02-06 |
Family
ID=72718793
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910257727.0A Active CN111769632B (en) | 2019-04-01 | 2019-04-01 | Distributed power source secure communication method and system adopting NB-IOT technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111769632B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112333212A (en) * | 2021-01-06 | 2021-02-05 | 广州技象科技有限公司 | Encryption management method and device for business data of power Internet of things |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105811585A (en) * | 2016-05-18 | 2016-07-27 | 国网山东省电力公司青岛供电公司 | Distributed power grid-connection monitoring system |
| CN108879958A (en) * | 2018-07-23 | 2018-11-23 | 阳光电源股份有限公司 | A kind of distributed power supply system and its communication cross talk restraining method |
-
2019
- 2019-04-01 CN CN201910257727.0A patent/CN111769632B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105811585A (en) * | 2016-05-18 | 2016-07-27 | 国网山东省电力公司青岛供电公司 | Distributed power grid-connection monitoring system |
| CN108879958A (en) * | 2018-07-23 | 2018-11-23 | 阳光电源股份有限公司 | A kind of distributed power supply system and its communication cross talk restraining method |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112333212A (en) * | 2021-01-06 | 2021-02-05 | 广州技象科技有限公司 | Encryption management method and device for business data of power Internet of things |
| CN112333212B (en) * | 2021-01-06 | 2021-03-26 | 广州技象科技有限公司 | Encryption management method and device for business data of power Internet of things |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111769632B (en) | 2024-02-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112073375B (en) | Isolation device and isolation method suitable for client side of electric power Internet of things | |
| CN114302402B (en) | 5G-based power regulation and control service safety communication method | |
| CN102842001B (en) | System and method for detecting computer security information based on U disc authentication | |
| CN110535653A (en) | A kind of safe distribution terminal and its means of communication | |
| EP2479698A1 (en) | Systems and methods for detecting fraud associated with systems application processing | |
| CN103986743A (en) | Method, apparatus and system for acquiring data in Internet of Things | |
| CN113254947B (en) | Vehicle data protection method, system, equipment and storage medium | |
| CN110798474A (en) | Power data transmission safety protection system based on Beidou short message communication mode | |
| CN112583796B (en) | Method and system for accessing terminal equipment to power Internet of things, Internet of things management platform and storage medium | |
| CN212486798U (en) | Electric power sensing equipment based on block chain technology | |
| CN111064779A (en) | SF of transformer substation6Online monitoring device, method and system | |
| CN106453311A (en) | Register and login system and method for biological characteristic distributed identity authentication | |
| CN114531942A (en) | Intelligent power grid measuring method | |
| CN115580414A (en) | Data opening system and method based on privacy computation | |
| CN113992328A (en) | Zero trust transport layer flow authentication method, device and storage medium | |
| CN111212077A (en) | Host access system and method | |
| CN111769632B (en) | Distributed power source secure communication method and system adopting NB-IOT technology | |
| US20180262502A1 (en) | Method for operating an industrial network and industrial network | |
| CN101408955A (en) | Method and system determining obligation base on tactic | |
| CN105656633A (en) | Safety certification method for smart grid AMI system | |
| CN102404114A (en) | Monitoring method and system both for Web service | |
| CN116950882A (en) | Remote management system of digital energy air compression station | |
| CN112087301A (en) | Gas meter safety certification system based on state cryptographic algorithm | |
| CN113452702B (en) | Micro-service traffic detection system and method | |
| CN109507922A (en) | A kind of harbour data collection system and method based on Intelligent internet of things |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |