CN112600829A - Data safety protection system of comprehensive energy regulation and control system - Google Patents
Data safety protection system of comprehensive energy regulation and control system Download PDFInfo
- Publication number
- CN112600829A CN112600829A CN202011438355.0A CN202011438355A CN112600829A CN 112600829 A CN112600829 A CN 112600829A CN 202011438355 A CN202011438355 A CN 202011438355A CN 112600829 A CN112600829 A CN 112600829A
- Authority
- CN
- China
- Prior art keywords
- data
- module
- independent control
- control module
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y10/00—Economic sectors
- G16Y10/35—Utilities, e.g. electricity, gas or water
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y30/00—IoT infrastructure
- G16Y30/10—Security thereof
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y40/00—IoT characterised by the purpose of the information processing
- G16Y40/50—Safety; Security of things, users, data or systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Business, Economics & Management (AREA)
- Development Economics (AREA)
- Economics (AREA)
- General Business, Economics & Management (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Remote Monitoring And Control Of Power-Distribution Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a data security protection system of a comprehensive energy regulation and control system, which relates to the technical field of network security and comprises an independent control module, a security input module and an information management module; the independent control module is connected with a communication module of a superior power grid dispatching automation system, and the safety input module is used for data acquisition and transmitting the data to the information management module; the information management module is used for managing information data transmitted by the independent control module and the safety input module, forward and reverse physical isolation is arranged among the independent control module, the safety input module and the information management module, and the independent control module is connected to the wireless private network safety input module for power grid dispatching automation and receives the regulation requirement of the dispatching automation; the information safety protection is provided with protection devices with power safety certification, such as redundant positive and reverse physical isolation devices, a longitudinal encryption device and the like.
Description
Technical Field
The invention belongs to the technical field of network security, and particularly relates to a data security protection system of a comprehensive energy regulation and control system.
Background
The comprehensive energy system is characterized in that advanced physical information technology and innovative management modes are utilized in a certain area, multiple energy sources such as coal, petroleum, natural gas, electric energy and heat energy in the area are integrated, and coordinated planning, optimized operation, cooperative management, interactive response and complementary mutual assistance among multiple heterogeneous energy subsystems are achieved. The energy utilization efficiency is effectively improved and the sustainable development of energy is promoted while the diversified energy utilization requirements in the system are met.
The comprehensive energy regulation and control system is positioned as an industrial control system, is different from an internet system, and related safety protection needs to be configured according to the requirements of an industrial control system. The security of system data transmission and storage is fully considered from the aspects of network communication, virus protection, data storage and the like, and the controllability and the energy of information security are ensured.
Disclosure of Invention
In view of the deficiencies of the prior art, the present invention provides a data security system for an integrated energy regulation system, so as to solve the problems mentioned in the background art.
The purpose of the invention can be realized by the following technical scheme: a data safety protection system of a comprehensive energy regulation and control system comprises an independent control module, a safety input module and an information management module;
the independent control module is connected with a communication module of a superior power grid dispatching automation system, performs information interaction with the superior power grid dispatching system, receives the regulation requirement of the superior power grid dispatching automation, and realizes the deployment of comprehensive energy regulation;
the safety input module is used for acquiring data and transmitting the data to the information management module;
the information management module is used for managing the information data transmitted by the independent control module and the safety input module.
As a further scheme of the invention, a communication acquisition server is arranged in the safety input module, and the acquisition server is connected with an external energy subsystem.
As a further scheme of the invention, the independent control module and the safety input module are protected by adopting forward and reverse physical isolation, and a longitudinal encryption module is arranged in a transmission channel of the independent control module and the safety input module.
As a further scheme of the invention, the safety input module is connected with each energy subsystem at the user side, communication is carried out by adopting a communication mode of an optical fiber private network and a 1.8GHz wireless private network, and the communication protocol adopts an IEC104 protocol.
As a further scheme of the invention, the information management module is provided with a web server and an interface server.
As a further scheme of the invention, a forward and reverse physical isolation device is arranged in data interaction between the independent control module and the power grid dispatching automation system, and a longitudinal encryption device is selected and matched according to the communication distance between the independent control module and the power grid dispatching automation system for safety protection.
As a further scheme of the present invention, data interacted between the independent control module and the upper layer scheduling automation system includes uplink data and downlink data, the uplink data is data forwarded by the integrated energy system to the upper layer scheduling automation system, the downlink data is data forwarded by the upper layer scheduling automation system to the integrated energy system, the uplink data and the downlink data are both real-time data and quasi-real-time data, the real-time data is forwarded through an IEC104 protocol, and the quasi-real-time data is forwarded in an E-file format in an ftp manner.
As a further scheme of the invention, the independent control module is provided with a comprehensive safety protection module, the comprehensive safety protection module is used for detecting network safety, and the comprehensive safety protection module comprises a network safety monitoring device, an intrusion monitoring device, a malicious code prevention system and a safety audit module.
As a further scheme of the invention, the comprehensive safety protection module is used for configuring three modules of an anti-malicious code system, a safety audit device, an intrusion monitoring device and the like in an independent control module in a differentiation mode according to the importance degree of the adjustable capacity.
The invention has the beneficial effects that: the invention ensures the safety protection and data transmission of the comprehensive energy regulation and control system as an industrial control system.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present invention, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
FIG. 1 is a schematic diagram of a network security architecture of an integrated energy regulation system;
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, in an embodiment of the present invention, a data security protection system for an integrated energy regulation and control system includes an independent control module, a security input module, and an information management module;
the independent control module is connected with a communication module of a superior power grid dispatching automation system, performs information interaction with the superior power grid dispatching system, receives the regulation requirement of the superior power grid dispatching automation, and realizes the deployment of comprehensive energy regulation;
the safety input module is used for acquiring data and transmitting the data to the information management module;
the information management module is used for managing the information data transmitted by the independent control module and the safety input module. The system achieves the functions of self data acquisition, coordination control, information interaction with a superior dispatching system, acceptance of regulation requirements of power grid dispatching automation and the like.
Preferably, a communication acquisition server is arranged in the safety input module, the acquisition server is connected with the external energy subsystem, the communication acquisition server collects information data in the external energy subsystem,
preferably, the independent control module and the safety input module are protected by forward and reverse physical isolation, and a longitudinal encryption module is arranged in a transmission channel between the independent control module and the safety input module, so that the safety of data transmission is ensured, the data transmission is ensured to be correct and effective, and the effectiveness of system management is ensured.
Preferably, the safety input module is connected with each energy subsystem of the user side, communication is carried out in a communication mode of an optical fiber private network and a 1.8GHz wireless private network, and an IEC104 protocol is adopted as a communication protocol. In this example, the microgrid system and the photo-thermal power generation system are accessed to the system through optical fiber cables, the fan system and part of the mobile energy storage are accessed to the system through a wireless private network, and the intelligent community and part of the mobile energy storage are accessed to the system through a wireless public network.
Preferably, the information management module is provided with a web server and an interface server, information data in the independent control module and the safety input module are called through a wireless network, online lookup is achieved, and operation is convenient and rapid.
Preferably, a forward and reverse physical isolation device is arranged in data interaction between the independent control module and the power grid dispatching automation system, and a longitudinal encryption device is selected and matched according to the communication distance between the independent control module and the power grid dispatching automation system for safety protection, so that the safety of communication data transmission between the independent control module and the power grid dispatching automation system is ensured, the data transmission is ensured to be correct and effective, and the effectiveness of system management is ensured.
Preferably, the data that independent control module and upper scheduling automation system are interactive includes uplink data and downlink data, uplink data is the data that comprehensive energy system forwarded to upper scheduling automation system, downlink data is the data that upper scheduling automation system forwarded to comprehensive energy system, uplink data and downlink data are equallyd divide into real-time data and quasi real-time data, real-time data forwards through the IEC stipulation, quasi real-time data forwards with the format of E file through the mode of ftp.
In this example, the real-time data in the uplink data includes information of new energy power generation, aggregated information and the like in the integrated energy park, the quasi-real-time data includes adjustable margin, duration and the like, the real-time data in the downlink data includes remote signaling of main remote measurement, switching, protection and the like of a line, a main transformer and the like included in a power supply path of an area where the integrated energy system is located, and the quasi-real-time data includes information of adjustment requirements and the like issued by a provincial dispatching center of a power grid.
Preferably, the independent control module is configured with a comprehensive security protection module, the comprehensive security protection module is used for detecting network security, and the comprehensive security protection module comprises a network security monitoring device, an intrusion monitoring device, a malicious code prevention system and a security audit module.
Preferably, the comprehensive safety protection module is used for configuring three modules such as a malicious code prevention system, a safety audit and an intrusion monitoring device in a differentiation mode in the independent control module according to the importance degree of the adjustable capacity.
In this example, the standard of the adjustable capacity is set to 50MW, which is less than the standard and does not require three modules, such as a malicious code prevention system, a security audit, an intrusion monitoring device, and the like, and is more than or equal to the standard and needs to be added.
The working principle of the invention is as follows: the invention ensures the safety protection and data transmission of the comprehensive energy regulation and control system as an industrial control system.
It will be appreciated by those skilled in the art that various changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the spirit and scope of the invention, and any equivalents thereto, such as those skilled in the art, are intended to be embraced therein.
Claims (9)
1. A data safety protection system of a comprehensive energy regulation and control system is characterized by comprising an independent control module, a safety input module and an information management module;
the independent control module is connected with a communication module of a superior power grid dispatching automation system, performs information interaction with the superior power grid dispatching system, receives the regulation requirement of the superior power grid dispatching automation, and realizes the deployment of comprehensive energy regulation;
the safety input module is used for acquiring data and transmitting the data to the information management module;
the information management module is used for managing the information data transmitted by the independent control module and the safety input module.
2. The system for data security protection of an integrated energy regulation and control system of claim 1, wherein the security input module is provided with a communication acquisition server, and the acquisition server is connected to an external energy subsystem.
3. The data security protection system of the comprehensive energy regulation and control system of claim 1, wherein the independent control module and the security input module are protected by forward and reverse physical isolation, and a longitudinal encryption module is arranged in a transmission channel of the independent control module and the security input module.
4. The system for data security protection of an integrated energy regulation and control system according to claim 1, wherein the security input module is connected to each energy subsystem at the user side, and is communicated in a communication mode of a fiber private network and a 1.8GHz wireless private network, and the communication protocol adopts an IEC104 protocol.
5. The system according to claim 1, wherein the information management module comprises a web server and an interface server.
6. The integrated energy regulation and control system data safety protection system of claim 3, wherein a forward and reverse physical isolation device is provided in the data interaction between the independent control module and the power grid dispatching automation system, and a longitudinal encryption device is selected and matched according to the communication distance between the independent control module and the power grid dispatching automation system for safety protection.
7. The system of claim 1, wherein the data interacted between the independent control module and the upper-layer dispatching automation system comprises uplink data and downlink data, the uplink data is data forwarded by the integrated energy system to the upper-layer dispatching automation system, the downlink data is data forwarded by the upper-layer dispatching automation system to the integrated energy system, the uplink data and the downlink data are divided into real-time data and quasi-real-time data, the real-time data is forwarded through an IEC104 protocol, and the quasi-real-time data is forwarded in an E-file format through ftp.
8. The system for data security protection of an integrated energy regulation and control system according to claim 1, wherein an integrated security protection module is configured in the independent control module, the integrated security protection module is used for detecting network security, and the integrated security protection module comprises four modules of a network security monitoring device, an intrusion monitoring device, a malicious code prevention system and security audit.
9. The system according to claim 8, wherein the integrated safety protection module is configured with three modules of malicious code prevention system, safety audit and intrusion monitoring device in a differentiated manner at the independent control module according to the importance of the adjustable capacity.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011438355.0A CN112600829A (en) | 2020-12-07 | 2020-12-07 | Data safety protection system of comprehensive energy regulation and control system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011438355.0A CN112600829A (en) | 2020-12-07 | 2020-12-07 | Data safety protection system of comprehensive energy regulation and control system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112600829A true CN112600829A (en) | 2021-04-02 |
Family
ID=75192301
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011438355.0A Pending CN112600829A (en) | 2020-12-07 | 2020-12-07 | Data safety protection system of comprehensive energy regulation and control system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112600829A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113809775A (en) * | 2021-09-28 | 2021-12-17 | 国网伊犁伊河供电有限责任公司 | Distributed energy grid-connected data secure access system and secure access method |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106529795A (en) * | 2016-10-28 | 2017-03-22 | 中国南方电网有限责任公司电网技术研究中心 | Safety control method and device of electric power monitoring system |
CN110601895A (en) * | 2019-09-19 | 2019-12-20 | 国家电网有限公司 | Data control method and device for power communication system |
-
2020
- 2020-12-07 CN CN202011438355.0A patent/CN112600829A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106529795A (en) * | 2016-10-28 | 2017-03-22 | 中国南方电网有限责任公司电网技术研究中心 | Safety control method and device of electric power monitoring system |
CN110601895A (en) * | 2019-09-19 | 2019-12-20 | 国家电网有限公司 | Data control method and device for power communication system |
Non-Patent Citations (1)
Title |
---|
华光辉等: "区域综合能源协调控制技术", 《中国电力》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113809775A (en) * | 2021-09-28 | 2021-12-17 | 国网伊犁伊河供电有限责任公司 | Distributed energy grid-connected data secure access system and secure access method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Li et al. | Smart home: architecture, technologies and systems | |
Ma et al. | Smart grid communication: Its challenges and opportunities | |
CN102280935B (en) | Intelligent power grid management system | |
CN102087132B (en) | Wireless communication processing method for water meter | |
CN104901307A (en) | Multi-network-combined home microgrid electric-energy consumption interactive management system and method thereof | |
CN105100252A (en) | Network topology structure of distributed power monitoring system | |
CN103683503A (en) | System for household power consumption management based on intelligent interaction device | |
CN104065094B (en) | A kind of system and method for electric power virtual energy storage control | |
CN110912872A (en) | New energy power plant dispatching data acquisition system based on Beidou electric power application | |
Wen et al. | A survey on smart grid communication system | |
CN104009544A (en) | Photovoltaic power generation remote control and communication system and method | |
CN113763169A (en) | Energy routing device based on block chain and energy management method | |
CN113794232A (en) | Access method and system suitable for flexible interaction of multi-region multi-type load resources | |
CN112600829A (en) | Data safety protection system of comprehensive energy regulation and control system | |
CN103138293A (en) | Optimal distribution method and system for heat-engine plant plant-level loads | |
CN104124754B (en) | A kind of low pressure large user group uses Electric optimization and system | |
CN207884359U (en) | A kind of safety stabilization control system integration layered cooperative structure | |
CN104201781A (en) | Small-power wireless private network system applied to smart grid | |
CN201514568U (en) | Remote centralized management and control system | |
CN214315305U (en) | Data radio station intelligent communication device based on solar power station | |
CN215299154U (en) | Holographic sensing electric energy scheduling system for power line carrier communication | |
CN202068233U (en) | Intelligent electrical network supervising device based on embedded CPU | |
Hsu et al. | Two-layer security scheme for AMI system in Taiwan | |
CN109639681B (en) | Online reactor core power distribution monitoring system | |
CN207380505U (en) | Home energy source management controls smart host |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210402 |
|
RJ01 | Rejection of invention patent application after publication |