CN112104507A - Method, system, equipment and medium for monitoring network security of power generation enterprise - Google Patents

Method, system, equipment and medium for monitoring network security of power generation enterprise Download PDF

Info

Publication number
CN112104507A
CN112104507A CN202011000551.XA CN202011000551A CN112104507A CN 112104507 A CN112104507 A CN 112104507A CN 202011000551 A CN202011000551 A CN 202011000551A CN 112104507 A CN112104507 A CN 112104507A
Authority
CN
China
Prior art keywords
power
power generation
equipment
network
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011000551.XA
Other languages
Chinese (zh)
Other versions
CN112104507B (en
Inventor
陆超杰
何彦君
龚益
杨鑫
胡晓峰
陈春杨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Nuclear Power Automation System Engineering Co Ltd
Original Assignee
State Nuclear Power Automation System Engineering Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Nuclear Power Automation System Engineering Co Ltd filed Critical State Nuclear Power Automation System Engineering Co Ltd
Priority to CN202011000551.XA priority Critical patent/CN112104507B/en
Publication of CN112104507A publication Critical patent/CN112104507A/en
Application granted granted Critical
Publication of CN112104507B publication Critical patent/CN112104507B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0604Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation
    • H04L43/045Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0823Errors, e.g. transmission errors
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Mining & Analysis (AREA)
  • Environmental & Geological Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Testing And Monitoring For Control Systems (AREA)

Abstract

The invention discloses a monitoring method, a system, equipment and a medium for network security of a power generation enterprise, wherein the monitoring method comprises the following steps: acquiring network security data generated in daily operation of a target power generation enterprise; constructing a light word board structure diagram according to the network system; constructing a topological graph according to the equipment information and the connection relation of the electric equipment; and monitoring the network safety of the target power generation enterprise in real time based on the first warning information and the second warning information corresponding to each power device. By utilizing the display method of the light character board structure chart, the problem that monitoring and processing cannot be performed visually and hierarchically when a power generation enterprise has a network safety fault or event is solved, the rapid positioning and accurate monitoring of the operating state of each power device of the power generation enterprise are realized according to the visually and obviously alarming and displaying information of the power devices on the topology, and the speed and the accuracy of fault solving are improved.

Description

Method, system, equipment and medium for monitoring network security of power generation enterprise
Technical Field
The invention relates to the technical field of network management, in particular to a method, a system, equipment and a medium for monitoring network security of a power generation enterprise.
Background
In recent years, in the face of power production accidents, information security situations are increasingly severe, and the construction of smart power grids is urgent. At present, a protection system consisting of boundary protection of 'safety partition, network special, transverse isolation and longitudinal authentication' and safety protection of an autonomous controllable system body plays an important role in guaranteeing safe operation of a power grid. Secondly, a multilayer network safety management system technical system is constructed according to the principles of self perception of equipment, distributed acquisition of monitoring devices and unified management of a management platform. For example, the electric power monitoring system of south reinitiation communication can be applied to network monitoring on the power grid side of a power generation enterprise, and is deployed in a safety area I, a safety area II or a safety area III of a power plant, or the system can be applied to industrial control safety monitoring of a secondary unit, a tertiary unit and the power plant of the electric power system.
Although the existing power monitoring system realizes the functions of collecting and storing data of the whole network and alarming abnormal information, the existing power monitoring system is lack of effectively classifying and screening various alarming information, and cannot enable staff to quickly locate fault equipment.
Disclosure of Invention
The invention aims to solve the technical problem that various alarm information is not classified and screened in the prior art, and staff cannot be quickly positioned to fault equipment, and provides a monitoring method, a monitoring system, monitoring equipment and a monitoring medium for network security of a power generation enterprise.
The invention solves the technical problems through the following technical scheme:
in a first aspect, the present invention provides a monitoring method for network security of a power generation enterprise, where the monitoring method includes:
acquiring network security data generated in daily operation of a target power generation enterprise; wherein the network security data comprises device information and connection relations of the power devices in each network system;
constructing a light word board structure diagram according to the network system; the background color of the light word board structure chart is used for representing first warning information of the running state of each power device;
constructing a topological graph according to the equipment information and the connection relation of the electric equipment; the display color of the power equipment in the topological graph represents second alarm information of the operation state of each power equipment;
and monitoring the network safety of the target power generation enterprise in real time based on the first warning information and the second warning information corresponding to each power device.
Preferably, the step of monitoring the network security of the target power generation enterprise based on the first warning information and the second warning information corresponding to each power device includes:
acquiring a first operation instruction and a second operation instruction of a user; the first operation instruction comprises a first preset interaction gesture and the second operation instruction comprises a second preset interaction gesture;
displaying first alarm information of the electric power equipment according to a first operation instruction of the user;
displaying second alarm information of the electric power equipment according to a second operation instruction of the user;
and analyzing the operation state of the electric power equipment according to the first warning information and/or the second warning information.
Preferably, the step of analyzing the operation state of the electrical equipment according to the first warning information and/or the second warning information includes:
acquiring prompt information according to the first alarm information and/or the second alarm information; the prompt information is used for adjusting the running state of the power equipment.
Preferably, the network system includes at least one of DCS, SIS, and NCS, and the power device includes a host device, a network device, and a security device.
Preferably, the background color of the light word plate structure diagram and the display color of the power equipment in the topological graph are set according to the running state of the power equipment.
In a second aspect, the present invention provides a monitoring system for network security of power generation enterprises, the monitoring system comprising:
the data acquisition module is used for acquiring production data corresponding to the network security of the target power generation enterprise; wherein the production data includes device information and connection relationships of the power devices in each network system;
the structure chart construction module is used for constructing a light word board structure chart according to the network system; the background color of the light word board structure chart is used for representing first warning information of the running state of each power device;
the topological graph building module is used for building a topological graph according to the equipment information and the connection relation of the electric equipment; the display color of the power equipment in the topological graph represents second alarm information of the operation state of each power equipment;
and the monitoring module is used for monitoring the network safety of the target power generation enterprise in real time based on the first warning information and the second warning information corresponding to each power device.
Preferably, the monitoring module is further configured to:
the device comprises an acquisition unit, a processing unit and a control unit, wherein the acquisition unit is used for acquiring a first operation instruction and a second operation instruction of a user; the first operation instruction comprises a first preset interaction gesture and the second operation instruction comprises a second preset interaction gesture;
the first display unit is used for displaying first alarm information of the electric equipment according to a first operation instruction of the user;
the second display unit is used for displaying second alarm information of the electric equipment according to a second operation instruction of the user;
and the analysis unit is used for analyzing the running state of the electric power equipment according to the first alarm information and/or the second alarm information.
Preferably, the analysis unit is further configured to:
acquiring prompt information according to the first alarm information and/or the second alarm information; the prompt information is used for adjusting the running state of the power equipment.
Preferably, the network system includes at least one of a DCS (Distributed control system), a SIS (Safety instrumentation system), and an NCS (network control system), and the power devices include a host device, a network device, and a Safety device.
Preferably, the background color of the light word plate structure diagram and the display color of the power equipment in the topological graph are set according to the running state of the power equipment.
In a third aspect, the present invention provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the monitoring method for network security of a power generation enterprise described in the first aspect is implemented.
In a fourth aspect, the present invention provides a computer-readable storage medium, in which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the monitoring method for network security of a power generation enterprise according to the first aspect.
The invention has the positive progress effects that: the method comprises the steps of providing a monitoring method, a monitoring system, monitoring equipment and a monitoring medium for network security of a power generation enterprise, acquiring network security data generated in daily operation of a target power generation enterprise, constructing a light character board structure diagram and a topological graph, representing first alarm information of the operation state of the power equipment through the background color of the light character board structure diagram, and solving errors occurring in the processes of information detection and information transmission of the power equipment by using a display method of the light character board structure diagram; the second alarm information of the operating state of the power equipment is represented by the display color of the power equipment in the topological graph, so that the operating state of each power equipment of a power generation enterprise can be quickly positioned and accurately monitored according to the intuitive and obvious alarm display information.
Drawings
Fig. 1 is a flowchart of a method for monitoring network security of a power generation enterprise according to embodiment 1 of the present invention.
Fig. 2 is a flowchart of step S4 of a monitoring method for network security of a power generation enterprise according to embodiment 1 of the present invention.
Fig. 3 is a schematic block diagram of a method for monitoring network security of a power generation enterprise according to embodiment 2 of the present invention.
Fig. 4 is a schematic diagram of a hardware structure of an electronic device according to embodiment 3 of the present invention.
Detailed Description
The invention is further illustrated by the following examples, which are not intended to limit the scope of the invention.
Example 1
In this embodiment, a method for monitoring network security of a power generation enterprise is provided, and referring to fig. 1, the method includes the following steps:
step S1, obtaining network security data generated in daily operation of a target power generation enterprise; the network security data comprises device information and connection relations of the power devices in each network system.
In this embodiment, production data of each power device of a target power generation enterprise on a power grid dispatching side is acquired. The production data includes a network system where each electric power device is located, device information, and connection relationship information between the electric power devices. The production data represents remote control, remote signaling and remote measuring data of production and operation of a target power generation enterprise, and the equipment information of the power equipment comprises equipment position, equipment parameters and equipment identification.
It should be noted that, in the present embodiment, the electric power equipment may represent equipment in the power generation side, for example, a power plant, a substation, a power transmission station, and the like. The network security data also comprises log information, fault information, internal and external network flow, interactive data and the like.
Optionally, the network system includes at least one of DCS, SIS, and NCS.
The network system includes DCS (Distributed control system), SIS (Safety instrumentation system), NCS (network control system), and the like.
Optionally, the power device includes a host device, a network device, and a security device.
That is, the host device includes a server, a workstation, and the like, the Network device includes a switch, a router, a Virtual Private Network (VPN) device, and the like, and the security device includes an intrusion detection device, a Network auditing device, a log auditing device, and the like.
Step S2, constructing a light word board structure chart according to a network system; the background color of the light word board structure chart is used for representing first alarm information of the operation state of each power device.
A plurality of light word board structure diagrams can be constructed according to the classification of a network system in the network safety data, and further subdivision is carried out in each light word board structure diagram according to equipment classification and alarm type classification.
In a preferred embodiment, in the above-mentioned structure diagram of the light character plate, a first functional area and a second functional area may be provided. The first functional area represents different network systems, such as DCS, SIS, NCS, secondary network systems, etc.; the second functional area represents different power devices such as a host device, a network device, and a security device under each network system. And displaying alarm information corresponding to the operating states of various power equipment through the background color of the small light word plate. In this embodiment, the light character plate structure diagram is a structure that the display screen and the built-in flashing light group are used to complete the display of the light character plate.
Illustratively, the target power generation enterprise includes a network system a, a network system B, a network system C, and a network system D, and the network system a includes an electric power device 1, an electric power device 2, an electric power device 3, and an electric power device 4. The background color of the structure diagram of the light board where the power equipment 1 is located shows red to indicate that the power equipment 1 has an emergency alarm, the background color of the structure diagram of the light board where the power equipment 2 is located shows orange to indicate that the power equipment 2 has an important alarm, the background color of the structure diagram of the light board where the power equipment 3 is located shows yellow to indicate that the power equipment 3 has a general alarm, and the background color of the structure diagram of the light board where the power equipment 4 is located shows green to indicate that the power equipment 4 has no alarm.
Step S3, constructing a topological graph according to the equipment information and the connection relation of the electric equipment; and the display color of the electric equipment in the topological graph represents second alarm information of the operation state of each electric equipment.
Topology refers to the association between devices and parameters. For example, topology in the field of computer networks refers to distribution and connection among network devices composed of computers, that is, a topology map is a map in which the network devices composed of computers are drawn according to the topology, and a conventional topology map needs to indicate location information of the devices, device names, device types, and communication media among the devices.
In a preferred embodiment, in the topology of the power devices, the power devices are represented by vertices, the connection relationships between the power devices are represented by edges, the device information of the power devices is represented by vertex attributes, the connection relationship information between the power devices is represented by edge attributes, and the topology of the power devices of the target power generation enterprise can be constructed according to the relationship between the vertices and the edges.
In a preferred embodiment, the topology data set of the network device is obtained according to the actual deployment relationship between the power device and the communication medium of the node. For example, topology data of the host device, topology data of the network device, and topology data of the security device. The topology data of the host device may include topology data of a server group node and topology data of a workstation node; the topology data of the network equipment comprises topology data of a switch node, topology data of a router node and topology data of a virtual special network equipment node; the topology data of the safety equipment comprises topology data of an intrusion detection device node, topology data of a network auditing device node and topology data of a log auditing device node. The method comprises the steps that a topological graph is constructed according to a topological data set, in the topological graph of the power equipment, a plurality of different functional areas can be divided, the first functional area represents the power equipment deployment conditions of a target power generation enterprise in a safety area I, a safety area II and a safety area III, the second functional area represents the operation states of network equipment in main networks of different safety areas, the third functional area represents the operation states of the network equipment in lower networks of different safety areas, the fourth functional area represents the operation states of the network equipment in sub-networks of different safety areas, the fifth functional area represents the operation states of the safety equipment of different safety areas, and each power equipment has a unique identifier for identifying the equipment. In this embodiment, the number of the functional regions is not particularly limited, and those skilled in the art can set the number according to actual situations.
Illustratively, the display color of the safety device 1 in the fifth functional area in the topological diagram is red, which indicates that an emergency alarm exists in the power device 1, the display color of the safety device 2 is orange, which indicates that an important alarm exists in the safety device 2, the display color of the safety device 3 is yellow, which indicates that a general alarm exists in the safety device 3, and the display color of the safety device 4 is green, which indicates that no alarm exists in the safety device 4.
And step S4, monitoring the network safety of the target power generation enterprise in real time based on the first alarm information and the second alarm information corresponding to each power device.
In a preferred embodiment, if the first alarm information acquired by the power equipment 1 from the optical character board structure diagram is an important alarm and the second alarm information acquired from the topological graph is an important alarm, the operating state of the power equipment 1 of the target power generation enterprise is an important alarm level, and needs to be maintained, and the monitoring is continued after the maintenance is completed.
In a preferred embodiment, if the first warning information acquired by the power equipment 2 from the optical character board structure diagram is an emergency warning and the second warning information acquired from the topological graph is an important warning, the operating state of the power equipment 1 of the target power generation enterprise is an emergency warning level, and needs to be overhauled immediately, and after the overhaul is completed, the operating state is used as a key monitoring object.
Optionally, the background color of the light word plate structure diagram and the display color of the power equipment in the topological diagram are set according to the operation state of the power equipment.
Specifically, the background color of the light-character plate structure diagram and the display color of the power equipment in the topological diagram will change with the change of the operation state of the power equipment. For example, if the power device 3 represents an important alarm according to the background color in the light-word board structure diagram and the display color of the power device in the topological diagram three days ago, and after the emergency repair, the power device 3 is recovered to be normal, the operating state of the power device 3 sets the background color of the light-word board structure diagram to be green and the display color of the power device in the topological diagram to be green.
As shown in fig. 2, in the present embodiment, step S4 includes:
step S41, acquiring a first operation instruction and a second operation instruction of a user; the first operation instruction comprises a first preset interaction gesture and the second operation instruction comprises a second preset interaction gesture;
step S42, displaying first alarm information of the power equipment according to a first operation instruction of a user;
step S43, displaying second alarm information of the power equipment according to a second operation instruction of the user;
and step S44, analyzing the operation state of the electric equipment according to the first alarm information and/or the second alarm information.
For example, the first preset interaction gesture may be an operation of a user clicking on the power device 4 in the optical character board structure diagram, and the second preset interaction gesture may be an operation of a user double clicking on the power device 4 in the topological graph. The operation of the electrical equipment can be analyzed according to the first alarm information of the electrical equipment displayed by the first operation instruction, or the operation of the electrical equipment can be analyzed according to the second alarm information of the electrical equipment displayed by the second operation instruction, or the first alarm information and the second alarm information are comprehensively analyzed, and the operation state of the electrical equipment is determined by comparison.
Optionally, step S44 includes:
acquiring prompt information according to the first alarm information and/or the second alarm information; the prompt information is used for adjusting the running state of the power equipment.
Specifically, one of the first alarm information and the second alarm information can be selected as the final-level alarm information by comparing the first alarm information and the second alarm information, and the prompt information can be obtained according to the final alarm information. For example, if the final-level alarm information of the power equipment 5 is an emergency alarm, the prompt information is to immediately perform maintenance on the power equipment body, or monitor whether the equipment network is normal.
In the embodiment, a method for monitoring network security of a power generation enterprise comprises the steps of obtaining production data of the power generation enterprise, constructing a light word board structure diagram and a topological graph, representing first alarm information of the operation state of power equipment through the background color of the light word board structure diagram, and solving errors occurring in the processes of information detection and information transmission of the power equipment by using a display method of the light word board structure diagram; the second alarm information of the operating state of the power equipment is represented by the display color of the power equipment in the topological graph, so that the operating state of each power equipment of a power generation enterprise can be quickly positioned and accurately monitored according to the intuitive and obvious alarm display information.
Example 2
In this embodiment, a monitoring system for network security of a power generation enterprise is provided, referring to fig. 3, the system includes: the system comprises a data acquisition module 110, a structure diagram construction module 120, a topological diagram construction module 130 and a monitoring module 140, wherein the monitoring module 140 comprises an acquisition unit 141, a first display unit 142, a second display unit 143 and an analysis unit 144;
the data obtaining module 110 is configured to obtain network security data generated in daily operation of the target power generation enterprise, where the network security data includes device information and connection relationships of power devices in each network system.
It should be noted that, in the present embodiment, the electric power equipment may represent equipment in the power generation side, for example, a power plant, a substation, a power transmission station, and the like. The network security data also comprises log information, fault information, internal and external network flow, interactive data and the like.
In this embodiment, production data of each power device of a target power generation enterprise on a power grid dispatching side is acquired. The production data includes a network system where each electric power device is located, device information, and connection relationship information between the electric power devices. The production data represents remote control, remote signaling and remote measuring data of production and operation of a target power generation enterprise, and the equipment information of the power equipment comprises equipment position, equipment parameters and equipment identification.
It should be noted that, in the present embodiment, the electric power equipment may represent equipment in the power generation side, for example, a power plant, a substation, a power transmission station, and the like.
Optionally, the network system includes at least one of DCS, SIS, and NCS.
The network system includes DCS (Distributed control system), SIS (Safety instrumentation system), NCS (network control system), and the like.
Optionally, the power device includes a host device, a network device, and a security device.
That is, the host device includes a server, a workstation, and the like, the Network device includes a switch, a router, a Virtual Private Network (VPN) device, and the like, and the security device includes an intrusion detection device, a Network auditing device, a log auditing device, and the like.
The structure diagram constructing module 120 is used for constructing a structure diagram of the light word board according to the network system; the background color of the light word board structure chart is used for representing first alarm information of the operation state of each power device.
A plurality of light word board structure diagrams can be constructed according to the classification of a network system in the network safety data, and further subdivision is carried out in each light word board structure diagram according to equipment classification and alarm type classification.
In a preferred embodiment, in the above-mentioned structure diagram of the light character plate, a first functional area and a second functional area may be provided. The first functional area represents different network systems, such as DCS, SIS, NCS, secondary network systems, etc.; the second functional area represents different power devices such as a host device, a network device, and a security device under each network system. And displaying alarm information corresponding to the operating states of various power equipment through the background color of the small light word plate. In this embodiment, the light character plate structure diagram is a structure that the display screen and the built-in flashing light group are used to complete the display of the light character plate.
Illustratively, the target power generation enterprise includes a network system a, a network system B, a network system C, and a network system D, and the network system a includes an electric power device 1, an electric power device 2, an electric power device 3, and an electric power device 4. The background color of the structure diagram of the light board where the power equipment 1 is located shows red to indicate that the power equipment 1 has an emergency alarm, the background color of the structure diagram of the light board where the power equipment 2 is located shows orange to indicate that the power equipment 2 has an important alarm, the background color of the structure diagram of the light board where the power equipment 3 is located shows yellow to indicate that the power equipment 3 has a general alarm, and the background color of the structure diagram of the light board where the power equipment 4 is located shows green to indicate that the power equipment 4 has no alarm.
The topological graph building module 130 is configured to build a topological graph according to the device information and the connection relation of the electrical device; and the display color of the electric equipment in the topological graph represents second alarm information of the operation state of each electric equipment.
Topology refers to the association between devices and parameters. For example, topology in the field of computer networks refers to distribution and connection among network devices composed of computers, that is, a topology map is a map in which the network devices composed of computers are drawn according to the topology, and a conventional topology map needs to indicate location information of the devices, device names, device types, and communication media among the devices.
In a preferred embodiment, in the topology of the power devices, the power devices are represented by vertices, the connection relationships between the power devices are represented by edges, the device information of the power devices is represented by vertex attributes, the connection relationship information between the power devices is represented by edge attributes, and the topology of the power devices of the target power generation enterprise can be constructed according to the relationship between the vertices and the edges.
In a preferred embodiment, the topology data set of the network device is obtained according to the actual deployment relationship between the power device and the communication medium of the node. For example, topology data of the host device, topology data of the network device, and topology data of the security device. The topology data of the host device may include topology data of a server group node and topology data of a workstation node; the topology data of the network equipment comprises topology data of a switch node, topology data of a router node and topology data of a virtual special network equipment node; the topology data of the safety equipment comprises topology data of an intrusion detection device node, topology data of a network auditing device node and topology data of a log auditing device node. The method comprises the steps that a topological graph is constructed according to a topological data set, in the topological graph of the power equipment, a plurality of different functional areas can be divided, the first functional area represents the power equipment deployment conditions of a target power generation enterprise in a safety area I, a safety area II and a safety area III, the second functional area represents the operation states of network equipment in main networks of different safety areas, the third functional area represents the operation states of the network equipment in lower networks of different safety areas, the fourth functional area represents the operation states of the network equipment in sub-networks of different safety areas, the fifth functional area represents the operation states of the safety equipment of different safety areas, and each power equipment has a unique identifier for identifying the equipment. In this embodiment, the number of the functional regions is not particularly limited, and those skilled in the art can set the number according to actual situations.
Illustratively, the display color of the safety device 1 in the fifth functional area in the topological diagram is red, which indicates that an emergency alarm exists in the power device 1, the display color of the safety device 2 is orange, which indicates that an important alarm exists in the safety device 2, the display color of the safety device 3 is yellow, which indicates that a general alarm exists in the safety device 3, and the display color of the safety device 4 is green, which indicates that no alarm exists in the safety device 4.
The monitoring module 140 is configured to monitor network security of the target power generation enterprise in real time based on the first warning information and the second warning information corresponding to each power device.
In a preferred embodiment, if the first alarm information acquired by the power equipment 1 from the optical character board structure diagram is an important alarm and the second alarm information acquired from the topological graph is an important alarm, the operating state of the power equipment 1 of the target power generation enterprise is an important alarm level, and needs to be maintained, and the monitoring is continued after the maintenance is completed.
In a preferred embodiment, if the first warning information acquired by the power equipment 2 from the optical character board structure diagram is an emergency warning and the second warning information acquired from the topological graph is an important warning, the operating state of the power equipment 1 of the target power generation enterprise is an emergency warning level, and needs to be overhauled immediately, and after the overhaul is completed, the operating state is used as a key monitoring object.
Optionally, the background color of the light word plate structure diagram and the display color of the power equipment in the topological diagram are set according to the operation state of the power equipment.
Specifically, the background color of the light-character plate structure diagram and the display color of the power equipment in the topological diagram will change with the change of the operation state of the power equipment. For example, if the power device 3 represents an important alarm according to the background color in the light-word board structure diagram and the display color of the power device in the topological diagram three days ago, and after the emergency repair, the power device 3 is recovered to be normal, the operating state of the power device 3 sets the background color of the light-word board structure diagram to be green and the display color of the power device in the topological diagram to be green.
As shown in fig. 2, in the present embodiment, the monitoring module 140 includes:
the acquiring unit 141 is used for acquiring a first operation instruction and a second operation instruction of a user; the first operation instruction comprises a first preset interaction gesture and the second operation instruction comprises a second preset interaction gesture;
the first display unit 142 is used for displaying first alarm information of the power equipment according to a first operation instruction of a user;
the second display unit 143 is configured to display second alarm information of the power equipment according to a second operation instruction of the user;
the analysis unit 144 is configured to analyze the operation state of the electrical equipment according to the first warning information and/or the second warning information.
For example, the first preset interaction gesture may be an operation of a user clicking on the power device 4 in the optical character board structure diagram, and the second preset interaction gesture may be an operation of a user double clicking on the power device 4 in the topological graph. The operation of the electrical equipment can be analyzed according to the first alarm information of the electrical equipment displayed by the first operation instruction, or the operation of the electrical equipment can be analyzed according to the second alarm information of the electrical equipment displayed by the second operation instruction, or the first alarm information and the second alarm information are comprehensively analyzed, and the operation state of the electrical equipment is determined by comparison.
Optionally, the analysis unit 144 is specifically configured to:
acquiring prompt information according to the first alarm information and/or the second alarm information; the prompt information is used for adjusting the running state of the power equipment.
Specifically, one of the first alarm information and the second alarm information can be selected as the final-level alarm information by comparing the first alarm information and the second alarm information, and the prompt information can be obtained according to the final alarm information. For example, if the final-level alarm information of the power equipment 5 is an emergency alarm, the prompt information is to immediately perform maintenance on the power equipment body, or monitor whether the equipment network is normal.
In the embodiment, an acquisition module acquires production data of a power generation enterprise, a structure diagram construction module and a topological graph construction module construct a light word board structure diagram and a topological graph, first alarm information of the operating state of power equipment is represented by the background color of the light word board structure diagram, and errors occurring in the information detection and information transmission processes of the power equipment are solved by using a display method of the light word board structure diagram; through the second alarm information of the operating state of the power equipment represented by the display color of the power equipment in the topological graph, the analysis module realizes the rapid positioning and accurate monitoring of the operating state of each power equipment of the power generation enterprise according to the intuitive and obvious alarm display information.
Example 3
Fig. 4 is a schematic structural diagram of an electronic device provided in this embodiment. The electronic device includes a memory, a processor and a computer program stored in the memory and executable on the processor, and the processor executes the program to implement the monitoring method for network security of power generation enterprise of embodiment 1, and the electronic device 30 shown in fig. 4 is only an example and should not bring any limitation to the function and the scope of application of the embodiment of the present invention.
The electronic device 30 may be embodied in the form of a general purpose computing device, which may be, for example, a server device. The components of the electronic device 30 may include, but are not limited to: the at least one processor 31, the at least one memory 32, and a bus 33 connecting the various system components (including the memory 32 and the processor 31).
The bus 33 includes a data bus, an address bus, and a control bus.
The memory 32 may include volatile memory, such as Random Access Memory (RAM)321 and/or cache memory 322, and may further include Read Only Memory (ROM) 323.
Memory 32 may also include a program/utility 325 having a set (at least one) of program modules 324, such program modules 324 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The processor 31 executes various functional applications and data processing, such as a monitoring method of network security of a power generation enterprise according to embodiment 1 of the present invention, by running the computer program stored in the memory 32.
The electronic device 30 may also communicate with one or more external devices 34 (e.g., keyboard, pointing device, etc.). Such communication may be through input/output (I/O) interfaces 35. Also, model-generating device 30 may also communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet) via network adapter 36. As shown, network adapter 36 communicates with the other modules of model-generating device 30 via bus 33. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the model-generating device 30, including but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID (disk array) systems, tape drives, and data backup storage systems, etc.
It should be noted that although in the above detailed description several units/modules or sub-units/modules of the electronic device are mentioned, such a division is merely exemplary and not mandatory. Indeed, the features and functionality of two or more of the units/modules described above may be embodied in one unit/module according to embodiments of the invention. Conversely, the features and functions of one unit/module described above may be further divided into embodiments by a plurality of units/modules.
Example 4
The present embodiment provides a computer-readable storage medium on which a computer program is stored, which when executed by a processor, implements the steps of the monitoring method for power generation enterprise network security of embodiment 1.
More specific examples, among others, that the readable storage medium may employ may include, but are not limited to: a portable disk, a hard disk, random access memory, read only memory, erasable programmable read only memory, optical storage device, magnetic storage device, or any suitable combination of the foregoing.
In a possible implementation, the present invention can also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps of implementing the monitoring method for power generation enterprise network security of example 1, when the program product is run on the terminal device.
Where program code for carrying out the invention is written in any combination of one or more programming languages, the program code may be executed entirely on the user device, partly on the user device, as a stand-alone software package, partly on the user device and partly on a remote device or entirely on the remote device.
While specific embodiments of the invention have been described above, it will be appreciated by those skilled in the art that this is by way of example only, and that the scope of the invention is defined by the appended claims. Various changes and modifications to these embodiments may be made by those skilled in the art without departing from the spirit and scope of the invention, and these changes and modifications are within the scope of the invention.

Claims (12)

1. A monitoring method for network security of a power generation enterprise is characterized by comprising the following steps:
acquiring network security data generated in daily operation of a target power generation enterprise; wherein the network security data comprises device information and connection relations of the power devices in each network system;
constructing a light word board structure diagram according to the network system; the background color of the light word board structure chart is used for representing first warning information of the running state of each power device;
constructing a topological graph according to the equipment information and the connection relation of the electric equipment; the display color of the power equipment in the topological graph represents second alarm information of the operation state of each power equipment;
and monitoring the network safety of the target power generation enterprise in real time based on the first warning information and the second warning information corresponding to each power device.
2. The method for monitoring network security of a power generation enterprise according to claim 1, wherein the step of monitoring the network security of the target power generation enterprise based on the first warning information and the second warning information corresponding to each power device comprises:
acquiring a first operation instruction and a second operation instruction of a user; the first operation instruction comprises a first preset interaction gesture and the second operation instruction comprises a second preset interaction gesture;
displaying first alarm information of the electric power equipment according to a first operation instruction of the user;
displaying second alarm information of the electric power equipment according to a second operation instruction of the user;
and analyzing the operation state of the electric power equipment according to the first warning information and/or the second warning information.
3. The method for monitoring network security of power generation enterprise according to claim 2, wherein the step of analyzing the operation state of the power equipment according to the first warning information and/or the second warning information comprises:
acquiring prompt information according to the first alarm information and/or the second alarm information; the prompt information is used for adjusting the running state of the power equipment.
4. The method for monitoring network security of power generation enterprise of claim 1, wherein said network system comprises at least one of DCS, SIS and NCS, and said power devices comprise host devices, network devices and security devices.
5. The method for monitoring the network security of the power generation enterprise as claimed in claim 1, wherein the background color of the light word plate structure diagram and the display color of the power equipment in the topological graph are set according to the operation state of the power equipment.
6. A monitoring system for network security of a power generation enterprise, the monitoring system comprising:
the data acquisition module is used for acquiring network security data generated in daily operation of a target power generation enterprise; wherein the network security data comprises device information and connection relations of the power devices in each network system;
the structure chart construction module is used for constructing a light word board structure chart according to the network system; the background color of the light word board structure chart is used for representing first warning information of the running state of each power device;
the topological graph building module is used for building a topological graph according to the equipment information and the connection relation of the electric equipment; the display color of the power equipment in the topological graph represents second alarm information of the operation state of each power equipment;
and the monitoring module is used for monitoring the network safety of the target power generation enterprise in real time based on the first warning information and the second warning information corresponding to each power device.
7. The power generation enterprise network security monitoring system of claim 6, wherein the monitoring module is further configured to:
the device comprises an acquisition unit, a processing unit and a control unit, wherein the acquisition unit is used for acquiring a first operation instruction and a second operation instruction of a user; the first operation instruction comprises a first preset interaction gesture and the second operation instruction comprises a second preset interaction gesture;
the first display unit is used for displaying first alarm information of the electric equipment according to a first operation instruction of the user;
the second display unit is used for displaying second alarm information of the electric equipment according to a second operation instruction of the user;
and the analysis unit is used for analyzing the running state of the electric power equipment according to the first alarm information and/or the second alarm information.
8. The power generation enterprise network security monitoring system of claim 7, wherein the analysis unit is further configured to:
acquiring prompt information according to the first alarm information and/or the second alarm information; the prompt information is used for adjusting the running state of the power equipment.
9. The power generation enterprise network security monitoring system of claim 6, wherein the network system comprises at least one of a DCS, a SIS, and a NCS, and the power devices comprise a host device, a network device, and a security device.
10. The power generation enterprise network security monitoring system of claim 6, wherein the background color of the light word plate structure diagram and the display color of the power equipment in the topological graph are set according to the operation state of the power equipment.
11. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method for monitoring power generation enterprise network security of any one of claims 1-5 when executing the computer program.
12. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, implements the steps of the monitoring method for power generation enterprise network security of any one of claims 1 to 5.
CN202011000551.XA 2020-09-22 2020-09-22 Method, system, equipment and medium for monitoring network security of power generation enterprise Active CN112104507B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011000551.XA CN112104507B (en) 2020-09-22 2020-09-22 Method, system, equipment and medium for monitoring network security of power generation enterprise

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011000551.XA CN112104507B (en) 2020-09-22 2020-09-22 Method, system, equipment and medium for monitoring network security of power generation enterprise

Publications (2)

Publication Number Publication Date
CN112104507A true CN112104507A (en) 2020-12-18
CN112104507B CN112104507B (en) 2021-12-17

Family

ID=73755741

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011000551.XA Active CN112104507B (en) 2020-09-22 2020-09-22 Method, system, equipment and medium for monitoring network security of power generation enterprise

Country Status (1)

Country Link
CN (1) CN112104507B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113824643A (en) * 2021-11-25 2021-12-21 中国科学院信息工程研究所 Ubiquitous network topological graph construction method and network security protection method

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103023695A (en) * 2012-11-28 2013-04-03 绍兴电力局 Master station system monitoring model based on power dispatching automation
CN104092302A (en) * 2014-06-30 2014-10-08 国家电网公司 Power grid monitoring equipment with intelligent warning device
CN204720064U (en) * 2015-06-04 2015-10-21 国电南瑞科技股份有限公司 A kind of comprehensively monitoring robotization actual training device based on transformer station
CN105282772A (en) * 2015-09-10 2016-01-27 北京爱可生通信技术有限公司 Wireless network data communication equipment monitoring system and equipment monitoring method
CN106981928A (en) * 2017-05-19 2017-07-25 国网天津市电力公司 A kind of intelligent substation optical power monitoring system
US20180183546A1 (en) * 2016-12-22 2018-06-28 Samsung Electronics Co., Ltd. Electronic device and method for detecting error thereof
CN109768880A (en) * 2018-12-17 2019-05-17 国网重庆市电力公司 A kind of network topology distant place visualizing monitor method towards electric power monitoring system
CN111259002A (en) * 2019-12-31 2020-06-09 新奥数能科技有限公司 Monitoring method, monitoring system and monitoring equipment
CN111478324A (en) * 2020-05-09 2020-07-31 杨益 Power station alarm analysis system

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103023695A (en) * 2012-11-28 2013-04-03 绍兴电力局 Master station system monitoring model based on power dispatching automation
CN104092302A (en) * 2014-06-30 2014-10-08 国家电网公司 Power grid monitoring equipment with intelligent warning device
CN204720064U (en) * 2015-06-04 2015-10-21 国电南瑞科技股份有限公司 A kind of comprehensively monitoring robotization actual training device based on transformer station
CN105282772A (en) * 2015-09-10 2016-01-27 北京爱可生通信技术有限公司 Wireless network data communication equipment monitoring system and equipment monitoring method
US20180183546A1 (en) * 2016-12-22 2018-06-28 Samsung Electronics Co., Ltd. Electronic device and method for detecting error thereof
CN106981928A (en) * 2017-05-19 2017-07-25 国网天津市电力公司 A kind of intelligent substation optical power monitoring system
CN109768880A (en) * 2018-12-17 2019-05-17 国网重庆市电力公司 A kind of network topology distant place visualizing monitor method towards electric power monitoring system
CN111259002A (en) * 2019-12-31 2020-06-09 新奥数能科技有限公司 Monitoring method, monitoring system and monitoring equipment
CN111478324A (en) * 2020-05-09 2020-07-31 杨益 Power station alarm analysis system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
N.K. SINGHAL;L.H. SAHASRABUDDHE;B. MUKHERJEE: "Optimal Multicasting of Multiple Light-Trees of Different Bandwidth Granularities in a WDM Mesh Network With Sparse Splitting Capabilities", 《 IEEE/ACM TRANSACTIONS ON NETWORKING 》 *
刘斯斯,谭国庆: "优化监控信息和提高电网监控效率的探究", 《通信电源技术》 *
王军,刘立亮: "智能化光字牌在电网监控系统中的应用", 《电力系统通信》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113824643A (en) * 2021-11-25 2021-12-21 中国科学院信息工程研究所 Ubiquitous network topological graph construction method and network security protection method
CN113824643B (en) * 2021-11-25 2022-02-22 中国科学院信息工程研究所 Ubiquitous network topological graph construction method and network security protection method

Also Published As

Publication number Publication date
CN112104507B (en) 2021-12-17

Similar Documents

Publication Publication Date Title
US20190228296A1 (en) Significant events identifier for outlier root cause investigation
CN100412993C (en) System for intelligent maintaince of muclear power paltn based on state monitoring
CN108667666A (en) A kind of intelligent O&M method and its system based on visualization technique
CN106020154A (en) Safe dynamic health assessment method and assessment system for ethylene production
US12092269B2 (en) Method for troubleshooting potential safety hazards of compressor in smart gas pipeline network and internet of things system thereof
CN102361354A (en) Remote intensive management and control system of unattended converting station automatic system
CN106936859A (en) A kind of Cloud Server policy deployment system and method
CN104637265A (en) Dispatch-automated multilevel integration intelligent watching alarming system
CN114819225A (en) Intelligent operation and maintenance method and system for offshore energy unit
CN113741368A (en) Power enterprise safety production management method based on management and control of Internet of things
CN117955245B (en) Method and device for determining running state of power grid, storage medium and electronic equipment
CN112104507B (en) Method, system, equipment and medium for monitoring network security of power generation enterprise
CN116030943A (en) Big data intelligent operation and maintenance control system and method
CN117670033A (en) Security check method, system, electronic equipment and storage medium
CN113379193B (en) Power grid operation inspection control method and device and terminal equipment
CN116582339B (en) Intelligent building network security monitoring method and monitoring system
CN113592210A (en) Internet of things integrated management platform for water supply non-negative-pressure secondary water supply facility
CN116404751A (en) Device state monitoring method, device, storage medium and computer product
CN115424212A (en) Electric power operation field violation identification system and application thereof
KR101896442B1 (en) System, Server and Method for monitoring wind plant with ICT fusion
CN115658981A (en) Equipment data acquisition method and system, terminal equipment and storage medium
CN113472068A (en) Island microgrid remote operation and maintenance method, system and storage medium
CN112510699A (en) Transformer substation secondary equipment state analysis method and device based on big data
CN114615344B (en) Intelligent protocol conversion method and device for electric power instrument
Jubo et al. Application Analysis of Machine Learning in Intelligent Operation and Maintenance System

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant