Situation awareness architecture deployment method for power plant industrial control system
Technical Field
The invention relates to the technical field of power plants, in particular to a situation awareness architecture deployment method for an industrial control system of a power plant.
Background
A power plant refers to a power plant that converts some form of raw energy into electrical energy for use in stationary facilities or for transportation, such as a thermal, hydraulic, steam, diesel, or nuclear power plant. Thermal power generation is power generation using thermal energy obtained by burning fuel (coal, petroleum and products thereof, natural gas, and the like). The generator set of thermal power generation has two main forms, namely a steam turbine generator set which is called as a steam turbine generator set and drives a steam turbine to rotate by utilizing high-temperature and high-pressure steam generated by a boiler; the fuel enters the gas turbine to directly convert the heat energy into mechanical energy to drive the generator to generate electricity, and the generator is called a gas turbine generator set. A thermal power plant is generally a power plant mainly including a turbo generator set. The hydroelectric power generation is that river water or lake water and river water at high positions) are guided to the downstream by diversion to form fall to push a water turbine to rotate so as to drive a generator to generate power. Power plants that generate electricity with hydro-turbo sets are known as hydroelectric power plants. In the nuclear power generation, heat energy released by slow fission of nuclear fuel (such as uranium) in a nuclear reactor is used for generating steam (replacing a boiler in a thermal power plant) to drive a steam turbine and then drive a generator to rotate for power generation. Power plants that are dominated by nuclear power generation are referred to as nuclear power plants. The wind power is used to blow large blades built on the tower top to rotate to drive a generator to generate electricity, which is called wind power generation, and a power generation field consisting of a plurality of wind power generators, a dozen of wind power generators and even dozens of wind power generators is called a wind power generation field.
In the prior art, in the operation process of a power plant, more systems such as a power grid asset management system, a scheduling system, a mass platform system, an online monitoring system and a meteorological or icing monitoring system are formed aiming at a power grid equipment state monitoring and generation management technology, although the systems can play a certain management and help role in the power operation of the power plant, the overall protection effect of the power plant is general, and the systems are difficult to timely process when the power plant has problems.
Based on the situation awareness architecture deployment method, the situation awareness architecture deployment method for the power plant industrial control system is designed to solve the problems.
Disclosure of Invention
The invention aims to provide a situation awareness architecture deployment method for a power plant industrial control system, which comprises the steps of collecting power operation data through a data collection module, transmitting the collected data through a data transmission module, processing the data through a data processing module, evaluating power situation through a situation evaluation module, processing a power situation evaluation result through a result processing module, carrying out safety protection on a power system through a safety protection module, and displaying the power operation situation through a result display module.
In order to achieve the purpose, the invention provides the following technical scheme: a situation awareness architecture deployment method for a power plant industrial control system is provided, and comprises the following steps:
the data acquisition module acquires power operation data through the data acquisition module deployed at the power generation end of the power plant and sends the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the electric power operation data according to the operation condition of each data processing service container and storing the obtained electric power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, performing situation assessment on the electric power data processed by the optimal data processing service container to obtain an electric power situation assessment result, and storing the electric power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the electric power situation evaluation result and storing the processing result;
the safety protection module comprises a hierarchical protection module, an event perception module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
and the result display module is used for carrying out statistical analysis on the data indexes and situation assessment to comprehensively display the actual running condition, the equipment health level and the operation condition of the power running.
Preferably, the data acquisition module acquires transformation power, transmission power, transformer operating power and grid equipment operating power of electric power operation.
Preferably, the hierarchical protection module determines a protection target of the electric power information system, protects according to a level by combining the degree of the protection target, and simultaneously performs all-around and multi-level security protection on sensitive information of the whole life cycle of the electric power information system by applying network isolation, human invasion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
Preferably, the event perception module finds the full threat and attack behavior existing in the information system in time through the information network security monitoring platform, effectively identifies security holes, security risks and the like in the system, realizes real-time and dynamic perception of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
Preferably, the early warning scheduling module performs comprehensive calculation on attributes such as occurrence time, event number and occurrence frequency of the security events through application of big data analysis and data mining technology, predicts diffusion range and duration of the security events through a security risk monitoring and early warning platform, checks existing security holes in time, performs security early warning through a network malicious behavior analysis model, and dynamically adjusts a security protection strategy in real time.
Preferably, the emergency response module starts an emergency plan at the first time according to the information network security incident with early warning, takes reasonable security emergency countermeasures, timely processes and eliminates adverse effects of the security incident, and simultaneously traces the source and obtains evidence of the security incident, traces and positions the security incident, and effectively avoids further deterioration of the incident.
Preferably, the disaster recovery module recovers the system and the power service at the first time when the power information system encounters a network attack, thereby minimizing adverse effects caused by security events.
Preferably, the attack and defense countermeasure module disables or hinders network attack behavior of an attacker through safety protection equipment and attack and defense means, so that the safety emergency handling capacity and the protection level of the information network of the power enterprise are continuously improved, and the attack and defense countermeasure module not only has effective combination of active and passive means, but also has timely reverse countermeasure.
Compared with the prior art, the invention has the beneficial effects that:
1. the electric power operation data are collected through the data collection module, the collected data are transmitted through the data transmission module, the data are processed through the data processing module, the electric power situation is evaluated through the situation evaluation module, the electric power situation evaluation result is processed through the result processing module, the electric power system is subjected to safety protection through the safety protection module, and the electric power operation condition is displayed through the result display module, so that the electric power operation data collection device is very convenient to use.
2. According to the invention, the data acquisition module acquires the transformation power, transmission power, transformer operating power and power grid equipment operating power of electric power operation, so that comprehensive acquisition of electric power data in the power plant is realized, the subsequent analysis and display of the electric power data are facilitated, and the stability of the electric power operation in the power plant is ensured.
3. The invention determines the protection target of the electric power information system through the grading protection module, protects according to the grade by combining the degree of the protection target, and simultaneously realizes the comprehensive and multilevel safety protection of the sensitive information of the whole life cycle of the electric power information system by applying the network safety protection technology of network isolation, human invasion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
4. In the invention, the event perception module is used for timely discovering the full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifying security holes, security risks and the like in the system, realizing real-time and dynamic perception of network security events and providing early warning information for preventing and controlling the occurrence of the security risks.
5. According to the invention, the attributes of occurrence time, event quantity, occurrence frequency and the like of the security events are comprehensively calculated through the application of a big data analysis and data mining technology by the early warning scheduling module, the diffusion range and duration of the security events are predicted through the security risk monitoring and early warning platform, existing security holes are checked in time, security early warning is carried out through a network malicious behavior analysis model, and a security protection strategy is dynamically scheduled in real time.
6. According to the invention, an emergency response module starts an emergency plan at the first time according to the information network security event with early warning, reasonable security emergency countermeasures are taken, the adverse effect of the security event is timely processed and eliminated, and meanwhile, the security event is traced to the source and is proved, and tracking and positioning are carried out, so that the further deterioration of the event is effectively avoided; when the power information system encounters network attack, the disaster recovery module is used for recovering the system and the power service at the first time, so that adverse effects caused by safety events are reduced to the maximum extent.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic flow diagram of the process of the present invention;
FIG. 2 is a block diagram of a situation awareness architecture according to the present invention;
fig. 3 is a schematic diagram of a safety protection module according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-3, the invention provides a technical solution of a situation awareness architecture deployment method for a power plant industrial control system: the situational awareness architecture comprises:
the data acquisition module acquires power operation data through the data acquisition module deployed at the power generation end of the power plant and sends the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the electric power operation data according to the operation condition of each data processing service container and storing the obtained electric power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, performing situation assessment on the electric power data processed by the optimal data processing service container to obtain an electric power situation assessment result, and storing the electric power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the electric power situation evaluation result and storing the processing result;
the safety protection module comprises a hierarchical protection module, an event perception module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
and the result display module is used for carrying out statistical analysis on the data indexes and situation assessment to comprehensively display the actual running condition, the equipment health level and the operation condition of the power running.
The data acquisition module acquires the transformation power, the transmission power, the transformer operating power and the power grid equipment operating power of electric power operation.
The hierarchical protection module determines a protection target of the electric power information system, protects according to the level by combining the degree of the protection target, and simultaneously performs all-around and multi-level safety protection on sensitive information of the whole life cycle of the electric power information system by applying network isolation, human invasion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
The event perception module discovers full threats and aggressive behaviors existing in an information system in time through an information network security monitoring platform, effectively identifies security holes, security risks and the like in the system, realizes real-time and dynamic perception of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
The early warning scheduling module comprehensively calculates attributes such as occurrence time, event quantity and occurrence frequency of the security events through application of big data analysis and data mining technology, predicts diffusion range and duration of the security events through a security risk monitoring and early warning platform, timely checks existing security holes, performs security early warning through a network malicious behavior analysis model, and dynamically adjusts safety protection strategies in real time.
The emergency response module starts an emergency plan at the first time according to the information network security incident with early warning, reasonable security emergency countermeasures are taken, adverse effects of the security incident are timely processed and eliminated, meanwhile, the security incident is traced to the source and is proved, and tracking and positioning are carried out, so that further deterioration of the incident is effectively avoided.
When the power information system encounters network attack, the disaster recovery module recovers the system and the power service at the first time, so that adverse effects caused by security events are reduced to the maximum extent.
The attack and defense countermeasure module enables network attack behaviors of attackers to be invalid or blocked through safety protection equipment and attack and defense means, so that the safety emergency handling capacity and the protection level of the information network of the power enterprise are continuously improved, and the attack and defense countermeasure module not only has effective combination of active and passive means, but also has timely reverse countermeasures.
In the description herein, references to the description of "one embodiment," "an example," "a specific example" or the like are intended to mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise embodiments disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention. The invention is limited only by the claims and their full scope and equivalents.