CN114331313A - Detection method for asset information of distribution automation terminal - Google Patents

Detection method for asset information of distribution automation terminal Download PDF

Info

Publication number
CN114331313A
CN114331313A CN202111315189.XA CN202111315189A CN114331313A CN 114331313 A CN114331313 A CN 114331313A CN 202111315189 A CN202111315189 A CN 202111315189A CN 114331313 A CN114331313 A CN 114331313A
Authority
CN
China
Prior art keywords
terminal
information
distribution automation
power distribution
detection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111315189.XA
Other languages
Chinese (zh)
Inventor
叶夏明
戚浩金
李琪
徐科兵
杨跃平
孙歆
郑瑞云
秦桑
俞佳捷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ningbo Power Supply Co of State Grid Zhejiang Electric Power Co Ltd
Original Assignee
Ningbo Power Supply Co of State Grid Zhejiang Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ningbo Power Supply Co of State Grid Zhejiang Electric Power Co Ltd filed Critical Ningbo Power Supply Co of State Grid Zhejiang Electric Power Co Ltd
Priority to CN202111315189.XA priority Critical patent/CN114331313A/en
Publication of CN114331313A publication Critical patent/CN114331313A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S10/00Systems supporting electrical power generation, transmission or distribution
    • Y04S10/50Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications

Abstract

The invention discloses a detection method of asset information of a distribution automation terminal, which relates to the field of distribution automation, and sequentially comprises the following steps: initializing a database of a distribution automation system; carrying out fingerprint scanning on the terminal system and acquiring a target system fingerprint F; carrying out port scanning on a target power distribution automation terminal and acquiring a target open port set P; extracting the characteristics of the terminal brand and model information from a database; judging whether a system service port capable of logging in exists in the target power distribution automation terminal; judging whether the login is successful, if the login is successful, carrying out the next operation, and if the login is unsuccessful, finishing the operation; acquiring software version information and hardware information of a distribution automation terminal; and finishing the operation. After the automatic login is successful, the software information and the hardware information of the terminal can be obtained in a mode of automatically reading the specific file in the terminal, and the working efficiency is improved.

Description

Detection method for asset information of distribution automation terminal
Technical Field
The invention relates to the technical field of distribution automation, in particular to a method for detecting asset information of a distribution automation terminal.
Background
The distribution automation technology is an important technology serving the reconstruction and construction of urban and rural distribution networks, the last link in the distribution of electric energy transmission and transformation has a very important role in the production of electric power, and a Distribution Automation System (DAS) is an automation system which can enable a distribution enterprise to monitor, coordinate and operate distribution equipment in a remote manner in real time; the distribution automation system comprises an SCADA server, a database server, a front-end server, a two-layer switch, a longitudinal encryption authentication gateway, an OLT, an ONU, a distribution automation terminal and other equipment; distribution automation system uses county, city as the constitution unit, and then there are hundreds distribution automation terminal in a set of distribution automation system less, and then there are thousands distribution automation terminal more, and current internal distribution automation terminal manufacture factory has tens of, produces the distribution automation terminal of each model and goes up hundreds of kinds, is multiple distribution tablet, the multiple model distribution automation terminal coexistence, simultaneous workings usually in one set of distribution automation system. At present, the management of these distribution automation terminals is mainly manually recorded in a database or an EXCEL form in a manual mode, when a new distribution automation terminal is accessed into a distribution automation system or an old distribution automation terminal is removed, manual operation on site is needed to identify manufacturer information, model information, software version information, hardware version information and the like of the distribution automation terminal, and after the distribution automation terminal information is manually checked, manual mode information change is performed on the database or the EXCEL recording the terminal information.
Distribution Automation Systems (DAS), which is an automated system that allows a distribution enterprise to monitor, coordinate, and operate distribution equipment in real time at a remote location; the system comprises a power distribution network data acquisition and monitoring (SCADA system), a power distribution Geographic Information System (GIS) and a Demand Side Management (DSM). Distribution automation technology is an important technology for serving urban and rural power distribution network transformation construction, distribution automation comprises feeder automation and a distribution management system, and communication technology is the key of distribution automation. At present, China has carried out more test points for distribution automation, a three-layer structure consisting of a distribution main station, a substation and a feeder terminal is generally accepted, and the communication mode of optical fiber communication as a backbone network is also commonly known. The implementation of feeder automation can also be based entirely on fiber optic communications, which enables feeder terminals to communicate with each other quickly, together implementing a feeder automation function with higher performance. Distribution automation terminal (DTU for short) is the intelligent terminal equipment installed in the distribution room. The intelligent power distribution system can communicate with a remote power distribution main station, transmits the operation data of the power distribution equipment to the power distribution main station, and can also receive the control command of the power distribution main station to control and adjust the power distribution equipment. The intelligent power distribution system has the functions of remote control, remote measurement, remote signaling and fault detection, is communicated with a power distribution automation main station, provides the running condition of the power distribution system and various parameters and information required by monitoring and controlling, including on-off state, electric energy parameters, phase-to-phase faults, grounding faults and parameters during faults, executes commands issued by the power distribution main station, adjusts and controls power distribution equipment, and achieves the functions of fault positioning, fault isolation, rapid recovery of power supply in non-fault areas and the like. An asset is information or resource that has value to an organization and is an object protected by a security policy. In the risk assessment work, the important factors of the risk are centered on the assets, and the threats, the vulnerabilities and the risks are objectively existed for the assets. Threats exploit the vulnerability of the asset itself, making it possible for security events to occur, thus creating a security risk. These security events, once they occur, have an impact on the specific assets and even the entire information system, and thus on the benefit of the organization. Thus, assets are important objects of risk assessment.
However, the current method for identifying asset information of a distribution automation terminal mainly has two main ways of automatic identification and manual identification of information assets, wherein the main disadvantages of the automatic identification of the information assets are as follows: at present, the known automatic identification mode of information assets is mainly oriented to information system asset equipment such as computers, servers, switches and application systems, and can realize automatic identification of ip addresses, open ports and open services of such facilities in a network scanning mode, but the support of intelligent electronic products in a specific industry such as a distribution automation terminal is insufficient, information such as brands, models, software versions and hardware versions of the distribution automation terminal cannot be effectively identified, and the pertinence and the support are insufficient. The main disadvantages of manual identification are: can effectively discern information such as brand, model, software version, hardware version of distribution automation terminal completely through artifical mode, can support completely, nevertheless through artifical mode, need artifically to relevant distribution room scene, operation distribution automation terminal discerns, and the distribution room distributes in each region in city, and artifical mode discernment work load is big, and the complexity is high.
Chinese patent CN106101098B discloses an information asset identification method and device, the method includes the following steps: identifying the type and format of the data; establishing a combination of data types and data formats; performing hierarchical identification on each combination; traversing all combinations formed by data types and data formats, and identifying assets; and reconstructing an asset list, summarizing the asset lists of all the asset layers, merging the same assets, rating the security level of the data related to the assets, and adding the security attributes of the data into the asset list. The invention strengthens the relevance of information assets by hierarchical identification from bottom to top on the basis of data, but the invention cannot effectively identify and acquire asset related information such as manufacturer information, model information, software version information, hardware version information and the like of various types of power distribution automation terminals.
Chinese patent CN112039853A discloses an asset identification method of a local area network, which comprises the following steps: acquiring flow data in a local area network; identifying a host IP in the local area network according to the IP address audited by the flow data; extracting different features from the flow data according to preset feature identifications corresponding to different host attributes, and identifying the host attributes corresponding to the host IP based on the features to determine the asset information of the host corresponding to the host IP. The invention also discloses an asset identification device, equipment and a readable storage medium of the local area network. According to the invention, the asset information of the host is identified through the flow data in the local area network, and the asset information can be determined without actively scanning the host, but the invention cannot effectively identify and acquire the manufacturer information, model information, software version information, hardware version information and other asset related information of various types of power distribution automation terminals, and has insufficient pertinence and support.
Chinese patent CN110991584A relates to a system, method, apparatus, computer device and storage medium for inventory of distribution room assets. The system comprises: the system comprises an active radio frequency identification tag, a card reader, a wireless gateway, a data server and a terminal display; the active radio frequency identification tag is used for storing an asset code of an asset; the card reader is used for periodically reading the active radio frequency identification tag to obtain an asset code and sending the asset code to the data server through the wireless gateway; the wireless gateway is used for transmitting the asset code to the data server; the data server is used for receiving the asset code and obtaining inventory information of the asset according to the asset code; comparing the checking information with pre-stored standing book information, and judging that an abnormal condition occurs when the checking information is not matched with the standing book information to obtain abnormal checking information; and the terminal display is used for displaying the abnormal counting information. However, the invention cannot effectively identify and acquire asset related information such as manufacturer information, model information, software version information, hardware version information and the like of various types of power distribution automation terminals.
Disclosure of Invention
The invention provides a detection method for asset information of a power distribution automation terminal, aiming at solving the technical problems that software and hardware version information of the power distribution automation terminal cannot be effectively identified, the human input cost is high and the like in the prior art.
In order to realize the purpose of the invention, the technical scheme adopted by the invention is as follows:
a detection method for asset information of a power distribution automation terminal comprises the following steps:
step S1: establishing a many-to-one mapping relation set M for a known power distribution automation terminal and recording the mapping relation set M into a database, and logging all power distribution automation terminals in a user power distribution automation system into an account, a password and a database;
further, in a laboratory, manually connecting an existing power distribution automation terminal { { system fingerprint, open port }: { terminal brand, terminal model } } are input into the database, system fingerprints and open ports are obtained through automatic scanning software, and terminal brand and terminal model are obtained through manual equipment checking.
Further, the system fingerprint and the open port are obtained through automatic scanning software, and the terminal brand and the terminal model are obtained through manual checking equipment.
Further, acquiring brand and model information of the terminal according to the system fingerprint and the open port information of the target terminal;
further, the many-to-one set of relationships M in step S1 includes a system fingerprint, an open port, a terminal brand, and a terminal model.
Step S2: detecting by using a detection method in the detection device, and carrying out fingerprint scanning on a power distribution automatic terminal system needing to acquire target information to acquire a target system fingerprint F;
further, searching for the terminal brand and the terminal model through the system fingerprint and the open port;
further, the detection method in step S2 includes an IP address, an open port, an open service, and an operating system fingerprint.
Step S3: carrying out port scanning on a target power distribution automation terminal by using a detection method in a detection device to obtain a target open port set P;
step S4: according to the acquired system fingerprint F and the information { F, P } of the terminal open port set P, retrieving corresponding terminal brand and model information from the database obtained in the step S1, and performing feature extraction on the terminal brand and model information;
step S5: judging whether a system service port capable of logging in exists in the target power distribution automatic terminal, if so, logging in the power distribution automatic terminal system by utilizing the login port, and performing the operation of step S6; if no system service port capable of logging in exists, stopping detection and finishing operation;
step S6: extracting all account names and passwords which are input by the user from the database obtained in the step S1, sequentially logging in, if account name password combinations which can be successfully logged in exist, performing S7 operation, and if all user name password combinations input by the user cannot be logged in, stopping detection and ending the operation;
step S7: after the automatic login of the inside of the distribution automation terminal system is successful, the system reads a file A of software version information stored in the distribution automation terminal system through a detection method to obtain the software version information of the distribution automation terminal; reading a file set B storing hardware version information in the distribution automation terminal system, and acquiring the hardware information of the distribution automation terminal;
further, step S7 is to automatically log in the terminal system according to the user name and password extracted from the database, automatically read the file containing the terminal software information and the hardware information by using the file reading command in the detected terminal system, and transmit and store the read information in the detecting device;
further, in step S7, the acquired information is transmitted and stored in the detection apparatus itself;
further, the software version information in step S7 includes a software version number, a compilation version number, a developer, a dependent environment, and a system state.
Further, the hardware version information in step S7 includes a cpu model, a motherboard model, and a network card model.
Step S8: and finishing the operation.
Compared with the prior art, the invention has the following beneficial effects:
(1) according to the invention, the manufacturer information, the model information, the software version information, the hardware version information and other asset related information of various types of power distribution automation terminals can be automatically identified and acquired in the power distribution automation system, and the automatically acquired information can be automatically inquired, updated and maintained, so that the complexity of manual work is greatly reduced, and the manual workload is reduced;
(2) the invention realizes automatic information acquisition of brand information, model information, software version information and hardware version information of the distribution automation terminal;
(3) the invention establishes a system fingerprint and an open port: a { terminal brand, terminal model } } mapping relation set database, which can automatically acquire the brand and model information of a terminal according to terminal fingerprints and open port information;
(4) the method can automatically log in the interior of the distribution automation terminal system by utilizing the acquired distribution automation terminal open port information and the account name and the password input by the user;
(5) after the automatic login is successful, the software version information and the hardware information of the terminal can be obtained in a mode of automatically reading a specific file in the terminal, so that the working efficiency is improved;
(6) the first step of the invention is to pass { { system fingerprint, open port }: { terminal brand, terminal model } } obtaining the brand model information of the target, and judging whether the target supports the second step operation according to the brand model of the target. If the operation is supported by the target system, the internal configuration file of the target system is read in a mode of automatically logging in the target system, the software and hardware information of the target system is obtained, and the complexity of manual work is reduced.
Drawings
FIG. 1 is a schematic flow chart of the present invention.
Detailed Description
In order to make the purpose and technical solution of the present invention clearer, the following will clearly and completely describe the technical solution of the present invention with reference to the embodiments.
Example 1
Fig. 1 is a flowchart of a method for detecting asset information of a distribution automation terminal, which includes the steps of:
step S1: establishing a many-to-one mapping relation set M for the known distribution automation terminal and recording the mapping relation set M into a database, and logging all the distribution automation terminals in the user distribution automation system into an account and a password and recording the login information into the database;
specifically, in a laboratory, an existing power distribution automation terminal { { system fingerprint, open port }: { terminal brand, terminal model } } are input into the database, system fingerprints and open ports are obtained through automatic scanning software, and terminal brand and terminal model are obtained through manual equipment checking. The establishment process of the mapping relation is a semi-automatic mode, namely the system fingerprint and the open port are obtained in an automatic mode, and the terminal brand and the terminal model are obtained in a manual mode and are recorded into manual recording; specifically, { { system fingerprint, open port }: { terminal brand, terminal model } } is description, system fingerprint and open port, information that can be automatically obtained under the condition that the system fingerprint and open port of a detected target terminal are not logged in, the mapping set is established, a detection method in the detection device can be enabled, under the condition that the interior of the detected target terminal is not logged in, the system fingerprint and open port of the detected target terminal are automatically obtained, the brand and model of the target are identified, and the detection device selects whether to enter the interior of the detected target system to obtain more detailed software and hardware information according to the brand and model of the target;
specifically, the many-to-one mapping relationship set M in step S1 includes a system fingerprint, an open port, a terminal brand and a terminal model, where "many" in "many-to-one" refers to a set { system fingerprint, open port }, and "one" refers to a set { terminal brand, terminal model };
step S2: detecting by using a detection method in the detection device, and carrying out fingerprint scanning on a power distribution automatic terminal system needing to acquire target information to acquire a target system fingerprint F; the detection devices are all general-purpose computing equipment borne by a computer program for realizing the detection method;
specifically, the detection method in step S2 includes an IP address, an open port, an open service, and an operating system fingerprint. The detection method is a technical method which is already disclosed in the prior art.
Step S3: carrying out port scanning on a target power distribution automation terminal by using a detection method in a detection device to obtain a target open port set P; the detection devices are all general-purpose computing equipment borne by a computer program for realizing the detection method;
step S4: according to the acquired system fingerprint F and the information of the terminal open port set P, corresponding terminal brand and model information is retrieved from the database acquired in the step S1, and feature extraction is carried out on the terminal brand and model information;
step S5: judging whether a system service port capable of logging in exists in the target power distribution automatic terminal, if so, logging in the power distribution automatic terminal system by utilizing the login port, and performing the operation of step S6; if no system service port capable of logging in exists, stopping detection and finishing operation;
step S6: extracting all account names and passwords which are input by the user from the database obtained in the step S1, sequentially logging in, if account name password combinations which can be successfully logged in exist, performing S7 operation, and if all user name password combinations input by the user cannot be logged in, stopping detection and ending the operation;
step S7: after the automatic login of the inside of the distribution automation terminal system is successful, the system reads a file A of software version information stored in the distribution automation terminal system through a detection method to obtain the software version information of the distribution automation terminal; reading a file set B storing hardware version information in the distribution automation terminal system, and acquiring the hardware information of the distribution automation terminal;
specifically, step S7 is to automatically log in the terminal system according to the user name and password extracted from the database, automatically read the file containing the terminal software information and the hardware information by using the file reading command in the detected terminal system, and transmit and store the read information in the detection device;
specifically, in step S7, the acquired information is transmitted and stored in the detection device itself;
specifically, the software information and the hardware information in step S7 are large classes, and may be divided into several sub-classes, where the software information includes but is not limited to, for example: software version number, compilation version number, developer, dependency environment, system state, etc. Hardware information includes, but is not limited to, such as: cpu model, mainboard model, network card model, memory size, disk size, etc.
Step S8: and finishing the operation.
Wherein steps S1 through S6 implement the inquiry function and step S7 implements the update function.
The above are merely embodiments of the present invention, which are described in detail and with particularity, and therefore should not be construed as limiting the scope of the invention. It should be noted that, for those skilled in the art, various changes and modifications can be made without departing from the spirit of the present invention, and these changes and modifications are within the scope of the present invention.

Claims (8)

1. A detection method for asset information of a power distribution automation terminal is characterized by comprising the following steps:
step S1: establishing information of a known power distribution automation terminal as a many-to-one mapping relation set M and inputting the information into a database, and setting login accounts and passwords of all power distribution automation terminals in a user power distribution automation system and inputting the login accounts and passwords into the database;
step S2: performing fingerprint scanning on a power distribution automatic terminal system needing to acquire target information by using a detection method in a detection device to acquire a target system fingerprint F;
step S3: carrying out port scanning on a target power distribution automation terminal by using a detection method in a detection device to obtain a target open port set P;
step S4: according to the acquired system fingerprint F and the information of the terminal open port set P, searching corresponding terminal brand and model information from the database acquired in the step S1, and performing feature extraction on the terminal brand and model information;
step S5: the system automatically judges whether a system service login port exists in the target power distribution automatic terminal, if so, the system logs in the power distribution automatic terminal system by using the login port, and the operation of the step S6 is carried out; if the system service login port does not exist, stopping detection and finishing operation;
step S6: extracting all account names and passwords which are input by the user from the database obtained in the step S1, sequentially logging in, if account name password combinations which can be successfully logged in exist, performing S7 operation, and if all user name password combinations input by the user cannot be logged in, stopping detection and ending the operation;
step S7: after the automatic login of the inside of the distribution automation terminal system is successful, the system reads a file A of software version information stored in the distribution automation terminal system to obtain the software version information of the distribution automation terminal; reading a file set B storing hardware version information in the distribution automation terminal system, and acquiring the hardware information of the distribution automation terminal;
step S8: and finishing the operation.
2. The method of claim 1, wherein the step of establishing a many-to-one set of mapping relationships M in step S1 comprises establishing relationships between system fingerprints, open ports, terminal brands and terminal models.
3. The method of claim 2, wherein the system fingerprint and the open port are obtained by automated scanning software, and the terminal brand and the terminal model are obtained by a manual viewing device.
4. The method for detecting asset information of a distribution automation terminal as claimed in claim 2, wherein the brand and model information of the terminal is obtained according to the system fingerprint and the open port information of the target terminal.
5. The method for detecting asset information of a distribution automation terminal as claimed in claim 1, wherein the detection method in step S2 includes IP address detection, open port detection, open service detection, operating system fingerprint detection.
6. The method as claimed in claim 1, wherein step S7 is to log in the terminal system automatically according to the user name and password extracted from the database, to read the file containing the terminal software information and the hardware information automatically by using the file reading command in the detected terminal system, and to transmit and store the read information in the detecting device.
7. The method for detecting asset information of a distribution automation terminal as claimed in claim 1, wherein the software version information in step S7 includes software version number, compilation version number, dependency environment, and system status.
8. The method for detecting the asset information of the distribution automation terminal as claimed in claim 1, wherein the hardware version information in the step S7 includes a cpu model, a motherboard model, and a network card model.
CN202111315189.XA 2021-11-08 2021-11-08 Detection method for asset information of distribution automation terminal Pending CN114331313A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111315189.XA CN114331313A (en) 2021-11-08 2021-11-08 Detection method for asset information of distribution automation terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111315189.XA CN114331313A (en) 2021-11-08 2021-11-08 Detection method for asset information of distribution automation terminal

Publications (1)

Publication Number Publication Date
CN114331313A true CN114331313A (en) 2022-04-12

Family

ID=81045012

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111315189.XA Pending CN114331313A (en) 2021-11-08 2021-11-08 Detection method for asset information of distribution automation terminal

Country Status (1)

Country Link
CN (1) CN114331313A (en)

Similar Documents

Publication Publication Date Title
CN106888106A (en) The extensive detecting system of IT assets in intelligent grid
CN104952117B (en) A kind of attendance management method
CN101605074A (en) The method and system of communication behavioural characteristic monitoring wooden horse Network Based
CN113115351A (en) Network exception processing method and device, terminal equipment and medium
CN102497427A (en) Method and device for realizing data acquisition services of renewable energy source monitoring system
CN104809506A (en) Room information interacting method, device and system
CN103402195A (en) Application processing method of enterprise-level mobile terminal and enterprise-level mobile application platform
CN103490978A (en) Terminal, server and message monitoring method
CN102065416A (en) Method, device and system for formatting logs
CN106911510B (en) Usability monitoring system and method for network access system
CN105706062A (en) On-board information system and information processing method therefor
CN111353136A (en) Method and device for processing operation request
CN108011870B (en) A kind of remote software online upgrading information automatic identification management method
CN103150783A (en) Implement method of environmental protection data acquisition unit based on label
CN114331313A (en) Detection method for asset information of distribution automation terminal
CN103078768A (en) Browser helper object (BHO)-technology-based simulation monitoring method and system for WEB service system
CN110069445A (en) Face image processing process, server and computer readable storage medium
CN111563986A (en) Identity recognition method and system based on NFC mobile terminal
CN106101193B (en) Information backup method, terminal equipment, operator server and backup system
CN108808864A (en) A kind of relay protection device machine account management system and method
CN105915596A (en) Optical network unit information acquiring method and optical network unit information acquiring system
CN109412861B (en) Method for establishing security association display of terminal network
CN109067932B (en) Data transmission method for data acquisition terminal without fixed IP and data server
CN103312530A (en) Method and system for correspondingly counting on-line server and rack position, and counting platform
CN111082987A (en) Ubiquitous power Internet of things-oriented distribution network operation and maintenance system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination