Situation awareness architecture deployment method for industrial control system of power plant
Technical Field
The invention relates to the technical field of power plants, in particular to a situation awareness architecture deployment method for a power plant industrial control system.
Background
A power plant refers to a power plant that converts some form of primary energy into electrical energy for stationary or transportation electricity, such as a thermal, hydraulic, steam, diesel or nuclear power plant, etc. Thermal power generation is to generate electricity by using thermal energy obtained by burning fuel (coal, petroleum, products thereof, natural gas, etc.). The generator set for thermal power generation has two main forms, namely a steam turbine generator set is called by utilizing a steam turbine which is driven by high-temperature and high-pressure steam generated by a boiler to rotate to drive a generator to generate power; the fuel enters the gas turbine to directly convert heat energy into mechanical energy to drive the generator to generate electricity, and the generator is called a gas turbine generator set. Thermal power plants are generally referred to as power plants that are primarily turbo-generator sets. The hydroelectric generation is to guide river water or lake water at high positions to the downstream to form a fall through diversion so as to push the water turbine to rotate to drive the generator to generate power. A power plant that generates electricity with a hydro-generator set is called a hydroelectric power plant. The nuclear power generation is to utilize the heat energy released by the slow fission of nuclear fuel (such as uranium) in the nuclear reactor to generate steam (instead of a boiler in a thermal power plant) to drive a steam turbine and then drive a generator to rotate for power generation. A power plant that mainly generates nuclear power is called a nuclear power plant. The large-scale paddle built on the tower top is blown by wind power to rotate so as to drive the generator to generate electricity, which is called wind power generation, and a power generation site consisting of a plurality of wind power generators, tens of wind power generators and even tens of wind power generators is called a wind power generation field.
In the prior art, in the running process of a power plant, a plurality of systems such as a power grid asset management system, a dispatching system, a mass platform system, an on-line monitoring system and a meteorological or icing monitoring system are formed aiming at the power grid equipment state monitoring and generation management technology, and the whole protection effect of the power plant is common although the electric power running of the power plant can be managed to a certain extent, so that the problem of the power plant is difficult to treat in time.
Based on the situation awareness architecture deployment method, the situation awareness architecture deployment method for the power plant industrial control system is designed to solve the above-mentioned problems.
Disclosure of Invention
The invention aims to provide a situation awareness architecture deployment method for a power plant industrial control system, which is characterized in that power operation data are acquired through a data acquisition module, the acquired data are transmitted through a data transmission module, the data are processed through a data processing module, the power situation is evaluated through a situation evaluation module, the power situation evaluation result is processed through a result processing module, the safety protection is carried out on a power system through a safety protection module, and the power operation situation is displayed through a result display module, so that the use is very convenient, and the problems in the background technology are solved.
In order to achieve the above purpose, the present invention provides the following technical solutions: a situation awareness architecture deployment method facing a power plant industrial control system, wherein the situation awareness architecture comprises the following steps:
the data acquisition module is used for acquiring power operation data through the data acquisition module deployed at the power generation end of the power plant and sending the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the power operation data according to the operation condition of each data processing service container and storing the acquired power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, carrying out situation assessment on the power data processed by the optimal data processing service container to obtain a power situation assessment result, and storing the power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the power situation assessment result and storing the processing result;
the safety protection module comprises six links, namely a grading protection module, an event sensing module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
the result display module is used for comprehensively displaying the actual running condition, the equipment health level and the operation condition of the electric power running by carrying out statistical analysis on the data indexes and the situation assessment.
Preferably, the data acquisition module comprises acquisition of electric power operation power, transmission power, transformer operation power and grid equipment operation power.
Preferably, the hierarchical protection module determines a protection target of the electric power information system, protects the electric power information system according to the level by combining the degree of the protection target, and simultaneously carries out full-aspect and multi-level security protection on sensitive information of the whole life cycle of the electric power information system by applying network security protection technologies of network isolation, human intrusion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
Preferably, the event sensing module timely discovers full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifies security vulnerabilities, security risks and the like in the system, realizes real-time and dynamic sensing of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
Preferably, the early warning scheduling module comprehensively calculates the occurrence time, the number of events, the occurrence frequency and other attributes of the security events through the application of big data analysis and data mining technology, predicts the diffusion range and the duration of the security events through the security risk monitoring early warning platform, timely checks the existing security holes, carries out security early warning through the network malicious behavior analysis model, and dynamically adjusts the security protection countermeasures in real time.
Preferably, the emergency response module starts an emergency plan at the first time according to the information network security event with early warning, adopts reasonable security emergency countermeasures, timely processes and eliminates adverse effects of the security event, and simultaneously, performs tracing and evidence obtaining on the security event, and performs tracing and positioning to effectively avoid further deterioration of the event.
Preferably, the disaster recovery module recovers the system and the power service at the first time when the power information system encounters a network attack, thereby minimizing adverse effects caused by a security event.
Preferably, the attack and defense countermeasure module disables or is blocked by the network attack behavior of an attacker through safety protection equipment and attack and defense means, so that the network safety emergency handling capacity and the protection level of the power enterprise are continuously improved, and the attack and defense countermeasure module not only has active and passive means for effective combination, but also has the function of timely countering in reverse direction.
Compared with the prior art, the invention has the beneficial effects that:
1. according to the invention, the data acquisition module is used for acquiring the power operation data, the data transmission module is used for transmitting the acquired data, the data processing module is used for processing the data, the situation assessment module is used for assessing the power situation, the result processing module is used for processing the power situation assessment result, the safety protection module is used for carrying out safety protection on the power system, and the result display module is used for displaying the power operation situation, so that the use is very convenient.
2. According to the invention, the data acquisition module is used for acquiring the power transmission power, the transformer operation power and the power grid equipment operation power of the power operation, so that the comprehensive acquisition of the power data in the power plant is realized, the subsequent analysis and display of the power data are facilitated, and the stability of the power operation in the power plant is ensured.
3. According to the invention, the protection target of the electric power information system is determined through the hierarchical protection module, the protection is carried out according to the level by combining the degree of the protection target, and meanwhile, the full-aspect and multi-level security protection is carried out on the sensitive information of the full life cycle of the electric power information system through the network security protection technology of network isolation, human intrusion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
4. In the invention, the event sensing module timely discovers full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifies security vulnerabilities, security risks and the like in the system, realizes real-time and dynamic sensing of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
5. According to the invention, through the application of big data analysis and data mining technology by the early warning scheduling module, the occurrence time, the number of events, the occurrence frequency and other attributes of the security events are comprehensively calculated, the diffusion range and the duration of the security events are predicted by the security risk monitoring early warning platform, the existing security holes are timely checked, the security early warning is carried out by the network malicious behavior analysis model, and the security protection countermeasures are dynamically adjusted in real time.
6. According to the invention, an emergency response module starts an emergency plan at the first time according to the information network security event with early warning, reasonable security emergency countermeasures are taken, adverse effects of the security event are timely processed and eliminated, and meanwhile, the security event is traced and evidence obtained, and tracing and positioning are carried out, so that further deterioration of the event is effectively avoided; when the power information system encounters network attack, the disaster recovery module recovers the system and the power service at the first time, so that adverse effects caused by a security event are reduced to the greatest extent.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic flow chart of the method of the present invention;
FIG. 2 is a schematic diagram of a situation awareness architecture module according to the present invention;
fig. 3 is a schematic diagram of a safety protection module according to the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1-3, the present invention provides a situation awareness architecture deployment method for a power plant industrial control system, which comprises the following steps: the situation awareness architecture includes:
the data acquisition module is used for acquiring power operation data through the data acquisition module deployed at the power generation end of the power plant and sending the acquired power operation data to the data transmission module;
the data transmission module is used for transmitting the power operation data acquired by the data acquisition module and transmitting the power operation data to the data processing module;
the data processing module is used for calling the optimal data processing service container to perform data processing on the power operation data according to the operation condition of each data processing service container and storing the acquired power operation data;
the situation assessment module is used for calling a situation assessment service container corresponding to the optimal data processing service container, carrying out situation assessment on the power data processed by the optimal data processing service container to obtain a power situation assessment result, and storing the power situation assessment result;
the result processing module is used for calling a result processing service container corresponding to the optimal data processing service container, processing the power situation assessment result and storing the processing result;
the safety protection module comprises six links, namely a grading protection module, an event sensing module, an early warning scheduling module, an emergency response module, a disaster recovery module and an attack countermeasure module, and meets the safety protection of the power information network;
the result display module is used for comprehensively displaying the actual running condition, the equipment health level and the operation condition of the electric power running by carrying out statistical analysis on the data indexes and the situation assessment.
The data acquisition module comprises acquisition of power transmission power, transformer operation power and power grid equipment operation power.
The hierarchical protection module determines a protection target of the electric power information system, protects the electric power information system according to the level by combining the degree of the protection target, and simultaneously realizes full-aspect and multi-level security protection on sensitive information of the whole life cycle of the electric power information system by applying network security protection technologies of network isolation, human intrusion detection and response, access control, vulnerability scanning, data encryption, authority control and identity authentication.
The event sensing module timely discovers full threat and attack behaviors existing in the information system through the information network security monitoring platform, effectively identifies security vulnerabilities, security risks and the like in the system, realizes real-time and dynamic sensing of network security events, and provides early warning information for preventing and controlling the occurrence of the security risks.
The early warning scheduling module comprehensively calculates the occurrence time, the number of events, the occurrence frequency and other attributes of the security events through the application of big data analysis and data mining technology, predicts the diffusion range and the duration of the security events through the security risk monitoring early warning platform, timely checks the existing security holes, carries out security early warning through the network malicious behavior analysis model, and dynamically adjusts the security protection countermeasures in real time.
The emergency response module starts an emergency plan at the first time according to the information network security event with early warning, adopts reasonable security emergency countermeasures, timely processes and eliminates adverse effects of the security event, and meanwhile, performs tracing and evidence obtaining on the security event, and performs tracing and positioning to effectively avoid further deterioration of the event.
When the power information system encounters network attack, the disaster recovery module recovers the system and the power service at the first time, so that adverse effects caused by a security event are reduced to the greatest extent.
The attack and defense countermeasure module enables network attack behaviors of attackers to be invalid or blocked through safety protection equipment and attack and defense means, so that the network safety emergency disposal capacity and the protection level of the power enterprise information are continuously improved, and the attack and defense countermeasure module not only has active and passive means to be effectively combined, but also has the function of timely countering in a reverse direction.
In the description of the present specification, the descriptions of the terms "one embodiment," "example," "specific example," and the like, mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The preferred embodiments of the invention disclosed above are intended only to assist in the explanation of the invention. The preferred embodiments are not exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best understand and utilize the invention. The invention is limited only by the claims and the full scope and equivalents thereof.