CN115185466B - Hierarchical management and control tool and method for mobile storage device - Google Patents
Hierarchical management and control tool and method for mobile storage device Download PDFInfo
- Publication number
- CN115185466B CN115185466B CN202210879095.3A CN202210879095A CN115185466B CN 115185466 B CN115185466 B CN 115185466B CN 202210879095 A CN202210879095 A CN 202210879095A CN 115185466 B CN115185466 B CN 115185466B
- Authority
- CN
- China
- Prior art keywords
- data
- mobile storage
- industrial control
- process flow
- storage device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0638—Organizing or formatting or addressing of data
- G06F3/0644—Management of space entities, e.g. partitions, extents, pools
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/904—Browsing; Visualisation therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Data Mining & Analysis (AREA)
- Human Computer Interaction (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
A hierarchical management tool and a method of a mobile storage device are applied to an industrial control system and comprise the following steps of firstly, importing a process flow corresponding to the industrial control system and industrial control terminal data corresponding to the process flow; identifying basic data of the imported hierarchical control topology nodes, including process flow nodes and corresponding industrial control terminal data, and converting the identification data into a set format; thirdly, carrying out parameter judgment on the industrial control terminal data of the imported data, adding the industrial control terminal data adapted to the mobile storage device into the setting of the control attribute, adding the industrial control terminal data into the process flow node, and making a hierarchical control node topological graph; step four: the method comprises the steps of performing reverse upward matching from the tail end of a branch of a process flow, and calculating a layout strategy for performing hierarchical control on an upper computer and/or a lower computer by an industrial control terminal with mobile storage equipment; and step five, displaying the finally determined layout strategy on the hierarchical control node topological graph.
Description
Technical Field
The invention relates to the technical field of industrial control data security, in particular to a mobile storage device management tool and a mobile storage device management method based on hierarchical management and control.
Background
Industrial control refers to industrial automation control and is mainly realized by combining electronics, electricity, machinery and software. I.e., industrial control, or factory automation. Mainly means that the production and the manufacturing process of a factory are more automated, efficient and accurate by using a computer technology, a microelectronic technology and an electrical means, and the method has controllability and visibility.
The appearance and popularization of industrial control technology bring about the third industrial revolution, the production speed and efficiency of factories are greatly improved, and great contribution is made to the modernization construction of China.
Data generated by industrial control has certain defects in the transmission and storage processes, for example, the abuse of a mobile storage device is easy to steal, so that the data is leaked, or the data is attacked by network viruses, so that the paralysis of an industrial control system is caused.
Therefore, the problems of the prior art are to be further improved and developed.
Disclosure of Invention
The object of the invention is: in order to solve the problems in the prior art, an object of the present invention is to provide a tool and a method for managing a mobile storage device based on hierarchical management and control, which are used for performing innovative management on the use of a mobile storage device, so as to improve the network attack prevention capability of an industrial control system.
The technical scheme is as follows: in order to solve the technical problem, the technical scheme provides a hierarchical management tool of a mobile storage device, which is applied to an industrial control system and comprises a data import module, a data attribute adding module, a layout calculation module and a layout generation display module;
acquiring a process flow corresponding to an industrial control system and industrial control terminal data corresponding to the process flow, and importing the process flow and the industrial control terminal data through the data import module;
the data import module is used for identifying imported data to establish basic data of the hierarchical control topology nodes: the method comprises the steps of (1) including process flow nodes and corresponding industrial control terminal data; converting the identification data into a set format;
the data attribute adding module is used for judging parameters of the industrial control terminal data of the imported data, adding the industrial control terminal data adapted to the mobile storage device into the setting of the control attribute, adding the industrial control terminal data into the process flow nodes, and making a hierarchical control node topological graph;
the layout calculation module is used for matching upwards in a reverse direction from the tail end of a branch of the process flow and calculating a layout strategy for performing hierarchical control on an upper computer and/or a lower computer by an industrial control terminal with mobile storage equipment;
and the layout generation display module is used for displaying the finally determined layout strategy on the hierarchical management and control node topological graph.
The hierarchical management tool of the mobile storage device comprises a layout generation and display module, a hierarchical management and control node topological graph and a hierarchical management and control node topological graph, wherein the nodes are set as 3D nodes, and the 3D nodes are connected through hollow 3D data transmission channels; the 3D node is connected with a 3D partition model of the mobile storage device, and the 3D partition model is a partition simulation display device of the mobile storage device.
The hierarchical management tool of the mobile storage device, wherein the layout strategy comprises a serial monitoring layout and a parallel monitoring layout,
in the serial monitoring layout, the upper computer and the lower computer are connected in series, and the lower computers are sequentially connected in series according to the control sequence of the process flow;
and in the parallel monitoring layout, the upper computer and the lower computer are connected in parallel, and the lower computers are sequentially arranged in parallel according to the control sequence of the process flow.
The hierarchical management tool of mobile storage device, wherein, 3D data transmission passageway includes the cavity that outer wall and outer wall are constituteed, data transmission passageway's outer wall color and layout strategy are associated.
The hierarchical management tool of the mobile storage device, wherein the uplink transmission of the data transmission corresponds to an uplink transmission channel between nodes, and the downlink transmission of the data transmission corresponds to a downlink transmission channel between nodes;
the data transmission quantity of the nodes is associated with the emitters of the particle system corresponding to the nodes, each node corresponds to an uplink particle emitter and a downlink particle emitter, uplink transmission data is associated with the uplink particle emitter, downlink transmission data is associated with the downlink particle emitter, and the particle emission quantity, the emission speed, the data transmission quantity and the data transmission speed of the particle emitters are associated.
The hierarchical management tool of the mobile storage device is characterized in that the 3D partition model is respectively associated with the particle emitters corresponding to each partition, and the particle emitters are controlled to emit particles according to the data volume, so that the particles can be used for simulating water, cloud or fog representing the data volume.
The hierarchical management tool of the mobile storage device is characterized in that the particle emitter of the 3D partition model is associated with a layout strategy unit, and different types of data in the same partition are represented by particles with different colors; and the particle emitters of different partitions are closed according to the classification authority limit.
The hierarchical management tool of the mobile storage device is characterized in that the layout strategy unit sets the mobile storage device of the industrial control system into more than 2 partitions, and the industrial control terminal can only perform data interaction with the designated partitions of the mobile storage device; and the upper computer terminal sets and changes the available partitions of the mobile storage equipment according to a preset strategy.
The hierarchical management tool of the mobile storage device comprises a particle emitter of the 3D partition model, a strategy changing unit and a display unit, wherein the particle emitter is bound with the strategy changing unit; the strategy changing unit dynamically changes the preset material types and/or the opening and closing authorities stored in each partition of the mobile storage device along with a time axis.
A hierarchical management method of a mobile storage device is applied to an industrial control system and comprises the following steps:
step one, importing a process flow corresponding to an industrial control system and industrial control terminal data corresponding to the process flow;
identifying basic data of the imported hierarchical control topology nodes, including process flow nodes and corresponding industrial control terminal data, and converting the identification data into a set format;
thirdly, carrying out parameter judgment on the industrial control terminal data of the imported data, adding the industrial control terminal data adapted to the mobile storage device into the setting of the control attribute, adding the industrial control terminal data into the process flow node, and making a hierarchical control node topological graph;
step four: the method comprises the steps that the tail ends of branches of a process flow are matched upwards in a reverse direction, and a hierarchical control setting layout strategy of an upper computer and/or a lower computer of an industrial control terminal with mobile storage equipment is calculated;
and step five, displaying the finally determined layout strategy on the hierarchical management and control node topological graph.
(III) the beneficial effects are as follows: the hierarchical control node topological graph of the hierarchical control tool and the hierarchical control method adopt a 3D stereograph and particle system particle emission to express data transmission, data reading and writing of a 3D partition model of a mobile storage device are also associated with a particle system, and the quantity and the type of read-write data are expressed by particle color and quantity characteristics; the hierarchical management and control strategy of the whole mobile storage device can be displayed in a three-dimensional stereo map in real time and comprehensively; in addition, if data reading and writing on the mobile storage device are associated with process flow data transmission, the three-dimensional hierarchical control node topological graph can be displayed more clearly.
Drawings
FIG. 1 is a schematic diagram of an architecture of a mobile storage device management system based on hierarchical management control according to the present invention;
FIG. 2 is a schematic diagram of the connection relationship between the industrial control terminals in the serial monitoring layout according to the present invention;
FIG. 3 is a schematic diagram of the connection relationship between the industrial control terminals in the parallel monitoring layout according to the present invention;
FIG. 4 is a schematic diagram of the hierarchical management tool of the mobile storage device according to the present invention;
fig. 5 is a flowchart illustrating a management method corresponding to the management tool for a mobile storage device according to the present invention.
Detailed Description
The invention will be described in further detail with reference to preferred embodiments thereof, and in the following description more details are set forth in order to provide a thorough understanding of the invention, but it will be apparent that the invention can be embodied in many other forms different from those described herein and that a person skilled in the art can make similar generalizations and deductions depending on the actual application without departing from the spirit of the invention, and therefore the scope of the invention should not be limited by the contents of this specific embodiment.
The drawings are schematic representations of embodiments of the invention, and it is noted that the drawings are intended only as examples and are not drawn to scale and should not be construed as limiting the true scope of the invention.
The invention discloses a hierarchical management and control system of a mobile storage device, and the hierarchical management and control-based mobile storage device management system comprises a hierarchical management and control terminal and a mobile terminal partition authority setting terminal, wherein the hierarchical management and control terminal comprises a management unit arranged on a server and an upper computer terminal arranged on an upper computer, and the mobile terminal partition authority setting terminal is arranged on a lower computer terminal of a lower computer, as shown in figure 1.
Aiming at the industrial control field, because the industrial network is relatively closed, the behavior that field engineers and maintenance personnel use the mobile storage medium to download reports or copy data is common, and the abuse of the mobile storage device is frequent, so that the invention creates opportunities for data management in the industrial control field and viruses such as zombies, trojans, worms and the like to enter the industrial network. The invention innovatively changes the management of the mobile storage device, carries out a dynamic partition use strategy on the mobile storage, and finds a proper balance point between the security risk management and the operation convenience.
Firstly, according to a process flow, carrying out hierarchical management and control on an upper computer and a lower computer on an industrial control terminal adapted to a mobile storage device, and changing read-write strategy management of the mobile storage device on the lower computer by utilizing the upper computer; the invention sets two layout strategies of the upper computer and the lower computer, and thus, the upper computer is simultaneously included, and different mobile storage device reading and writing strategies for different process flows of the industrial control system are convenient. The optimal layout strategies of different upper computers and lower computers can be applied to different departments of an industrial control system, so that the mobile storage device is used in a diversified manner, abuse of the mobile storage device is reduced, and the safety risk of the mobile storage device in the industrial control field is reduced.
In addition, the invention can judge the data change of the industrial control system and the data change of the industrial control terminal according to the progress of the process flow, determine whether to start the data read-write permission of the mobile storage device corresponding to the industrial control terminal and which data read-write permission of the mobile storage device corresponding to the industrial control terminal under which upper node is opened, and manage the mobile storage equipment controlled in a grading way according to the data change of the process flow by the industrial control system, so that the data read-write of the industrial control system is safer.
The management unit comprises a hierarchical management and control tool, a layout strategy unit and a strategy change unit.
According to the preferred embodiment of the hierarchical control tool, a hierarchical control node topological graph of the industrial control terminal is generated according to the process flow, and the read-write permission of the industrial control terminal on the data of the mobile storage device is marked on the device of the hierarchical control node of the topological graph; the layout strategy unit comprises a mobile storage device partition data read-write strategy; the strategy changing unit comprises a dynamic change strategy of a partition data read-write strategy of the mobile storage equipment according to a time axis; and the mobile terminal partition authority setting terminal is used for executing a partition data read-write strategy of the mobile storage device according to the setting of the management unit and recording, managing and alarming the partition data interaction of the mobile storage device.
The hierarchy control tool, as shown in fig. 4, includes: the system comprises a data import module, a data attribute adding module, a layout calculation module, a layout adjustment module and a layout generation display module.
The hierarchical control tool acquires a process flow corresponding to an industrial control system and industrial control terminal data corresponding to the process flow, and imports the process flow through the data import module, wherein the data import module is used for identifying imported data so as to establish basic data of hierarchical control topology nodes, including the process flow nodes and the corresponding industrial control terminal data, and integrating the data into a set format; the data attribute adding module is used for judging parameters of the industrial control terminal data of the imported data, adding the setting of the control attribute to the industrial control terminal data adapting to the mobile storage device, and adding the data of the industrial control terminal to process flow nodes to manufacture a hierarchical control node topological graph.
The layout calculation module comprises a preset serial monitoring layout and a preset parallel monitoring layout, the two layout modes of the upper computer and/or the lower computer are reversely matched upwards from the tail end of a branch of the process flow, the layout strategy of the serial monitoring layout and/or the parallel monitoring layout is calculated, and the industrial control terminal with the mobile storage device is subjected to hierarchical control setting of the upper computer and/or the lower computer. The layout adjusting module is used for manually adjusting the layout according to the service condition and is an optional module. And the layout generation display module is used for displaying the finally determined serial monitoring layout and/or parallel monitoring layout on the hierarchical control node topological graph. The management unit of the invention performs hierarchical control setting of the upper computer and/or the lower computer on the industrial control terminal adapted to the mobile storage device, thereby performing authority management on the mobile storage device on the industrial control terminal.
In order to simultaneously embody the layout strategy of hierarchical management and control and the trend of data, the hierarchical management and control tool adopts a 3D hierarchical management and control node topological graph, a data transmission channel between a 3D node and the node is a 3D model, data transmission is expressed by a particle system, and the node is associated with data transmission of an industrial control terminal, wherein the preferred embodiment is as follows:
the layout generation display module acquires the hierarchical control node topological graph, the hierarchical control node topological graph comprises a plurality of nodes, and the nodes are industrial control terminals represented by an upper computer or a lower computer; the data transmission of the total amount and/or the data amount corresponding to the data type of different nodes in the process flow is performed among the nodes, and the data transmission comprises uplink transmission and downlink transmission.
The nodes can be hollow 3D nodes, the 3D nodes are connected through a hollow 3D data transmission channel, the 3D nodes are connected with a 3D partition model of the mobile storage device, and the 3D partition model is a partition simulation display device of the mobile storage device, such as a partition simulation display 3D partition model of a C disk, a D disk and an E disk.
The nodes of the invention comprise 3D data transmission channels, each 3D data transmission channel comprises a cavity body formed by an outer wall and an outer wall, the colors of the outer walls of the data transmission channels are associated with layout strategies, and the layout strategies comprise series monitoring layouts and parallel monitoring layouts. For example, if the 3D data transmission channel belongs to the serial monitoring layout, the corresponding 3D data transmission channel includes a red color whose outer wall is preset; if the 3D data transmission channel belongs to the parallel monitoring layout, the corresponding 3D data transmission channel comprises a preset green outer wall. The outer wall and the cavity of the 3D data transmission channel are preset 3D models, which are not described herein.
The uplink transmission of the data transmission corresponds to an uplink transmission channel between nodes, and the downlink transmission of the data transmission corresponds to a downlink transmission channel between nodes. The uplink transmission channel and the downlink transmission channel may be displayed in parallel without a distance, or displayed in parallel with a physical distance, or displayed in other manners, which is not limited herein.
The data transmission quantity of the nodes is associated with the transmitters of the particle system corresponding to the nodes, each node corresponds to an uplink particle transmitter and a downlink particle transmitter, uplink transmission data is associated with the uplink particle transmitter, downlink transmission data is associated with the downlink particle transmitter, the particle transmission quantity, the transmission speed, the data transmission quantity and the data transmission speed of the particle transmitters are associated, the data transmission speed is higher as the data transmission quantity is higher, the quantity of the particles transmitted by the particle transmitters is higher, and the particle rolling speed is higher. The particles emitted by the emitter are carried in a 3D data transmission channel.
The 3D node is connected with a 3D partition model of the mobile storage device, the 3D partition model is respectively associated with particle emitters corresponding to all partitions, and the amount of water, cloud or fog is simulated according to the particles emitted by the particle emitters. And displaying the data reading and writing conditions of different partitions of the mobile storage device according to the amount of the water, the cloud or the fog simulated by the particles. Furthermore, the particle emitters of the 3D partition model are bound to the layout policy unit and the policy modification unit. The particle emitters are associated with the layout policy unit, different types of data in the same partition can be represented by particles with different colors, and the particle emitters in different partitions can perform particle emission turning off according to classification permission restrictions, or when a non-permission data type is written, the data of the non-permission data type can be marked by particle special effects, such as particle explosion and the like, without limitation. And the particle emitter of the 3D partition model is bound with the strategy changing unit, and the displayed image can be dynamically adjusted according to the strategy change of the strategy changing unit.
The hierarchical control node topological graph of the hierarchical control tool adopts a 3D stereograph and particle system particle emission to express data transmission, data reading and writing of a 3D partition model of a mobile storage device are also associated with a particle system, and the quantity and the type of the read-write data are expressed by particle color and quantity characteristics; the hierarchical management and control strategy of the whole mobile storage device can be displayed in a three-dimensional stereogram in real time and comprehensively; in addition, if data reading and writing on the mobile storage device are associated with process flow data transmission, the three-dimensional hierarchical control node topological graph can be displayed more clearly.
The invention relates to a mobile storage device management system based on hierarchical management and control, which is applied to an industrial control system based on hierarchical management and control. The industrial control system divides the multistage industrial control terminals corresponding to the continuous process flow into a plurality of grading devices according to the process flow sequence, for example: comprises a first upper computer, a second lower computer, a third lower computer, a fourth lower computer and the like. The meaning of the serial monitoring layout is that the lower computers are more than two connected in series according to the process flow, and the specific number is not limited. The levels of the lower computers, such as the second lower computer, the third lower computer and the fourth lower computer, are arranged in sequence according to the control sequence of the process flow, as shown in fig. 2. According to the mobile storage equipment management system with hierarchical control, the lower computers are connected to the upper computers in series according to the control sequence of the process flow, and the system is preferably applied to process flow branches with continuous process flows, namely a series monitoring layout for short.
The invention serially monitors data processing between an upper computer and a lower computer in the layout, wherein the first upper computer is an upper computer, the second lower computer is a lower computer, the first upper computer sends a command to the second lower computer, the first upper computer collects operation data of the second lower computer, and the second lower computer receives and executes the command and sends the operation data of the second lower computer to the first upper computer. And (3) data processing between the second lower computer and the third lower computer, wherein the second lower computer sends a command to the third lower computer, the second lower computer collects operation data of the third lower computer, and the third lower computer receives and executes the command and sends the operation data of the third lower computer to the second lower computer. And (3) data processing between the third lower computer and the fourth lower computer, wherein the third lower computer sends a command to the fourth lower computer, the third lower computer collects the operation data of the fourth lower computer, and the fourth lower computer receives and executes the command and sends the operation data of the fourth lower computer to the third lower computer. And the serially connected lower computers are provided with respective lower computer terminals, and data interaction is realized through serially connected lines.
The invention is explained in detail by hydrolysis acidification process flow branches in a large-scale industrial control system for water treatment, and the equipment topology structure corresponding to the hydrolysis acidification process flow comprises a hydrolysis acidification process control console, a PLC (programmable logic controller), water quality detection equipment, biological filler adding equipment, sludge stirring equipment connected with a servo driver/frequency converter and the like. In an industrial control system for water treatment, a hydrolysis acidification process console is a first upper computer, a PLC is a second lower computer, a water quality detection device is a third lower computer, and a biological filler adding device is a fourth lower computer. The upper computer and the lower computer of the industrial control system of the invention are respectively provided with respective external mobile storage devices, such as an SD card, a usb disk, a mobile hard disk, and the like, and are not limited herein. The invention aims to carry out hierarchical management on the mobile storage management equipment on the industrial control terminal in a mode of an upper computer and a lower computer on the corresponding industrial control terminal according to continuous process flow branches.
In another preferred embodiment, the parallel monitoring layout in the mobile storage device management system of the present invention includes a first upper computer, and a plurality of parallel lower computers connected to the first upper computer, where the lower computers may include a second lower computer, a third lower computer, a fourth lower computer, and the like, which are parallel. The number of the lower computers is more than two, and the specific number is not limited. As shown in fig. 3, the preferred embodiment is applied to a process flow main line in which different process flow branches are connected in parallel, which is referred to as a parallel monitoring layout for short. For example, the first upper computer is a primary water treatment control device, the second lower computer is a grid well control device, the third lower computer is an oil removal control device, the fourth lower computer is a water quantity control device, and the adjustment is specifically carried out according to an industrial control terminal of water treatment, and the adjustment is not limited here. And the parallel lower computers are provided with respective lower computer terminals, and data interaction is realized through parallel lines.
In the industrial control system of the hierarchical control terminal, an upper computer terminal manages a data read-write strategy of a mobile storage device connected with a lower computer terminal, and the data read-write strategy stored by the upper computer terminal is dynamically adjusted according to the change of a strategy change unit.
The layout strategy unit of the invention sets the mobile storage device of the industrial control system into more than 2 partitions, preferably more than 3 partitions. The industrial control terminal can only perform data interaction with the appointed partition of the mobile storage device, and the upper computer terminal sets and changes the available partition of the mobile storage device according to a preset strategy.
The mobile terminal partition authority setting terminal is used for recording and managing data interaction of the mobile storage device partitions according to the setting of the management unit, and executing data read-write strategies of the mobile storage device, such as setting the designated partitions to be available, designating the partitions to store data in a designated format, and the like.
Preferably, the mobile terminal of the industrial control terminal on the tandem monitoring layout of the present invention sequentially arranges the partitions of the mobile storage device according to the process flow sequence, and if the mobile terminal has three partitions including the C disk, the D disk, and the E disk: the second lower computer uses the disk C, the third lower computer uses the disk D, and the fourth lower computer uses the disk E. If the mobile terminal has four partitions including a C disk, a D disk, an E disk and an F disk, the second lower computer uses the C disk, the third lower computer uses the D disk, and the fourth lower computer uses the E disk. The fifth lower computer uses the F disc, the sixth lower computer uses the C disc, and so on.
The mobile terminal of the industrial control terminal on the parallel monitoring layout performs reverse arrangement on the partitions of the mobile storage device according to the process flow sequence, if the mobile terminal has three partitions including a C disk, a D disk and an E disk, then: the second lower computer uses the E-disc, the third lower computer uses the D-disc, and the fourth lower computer uses the C-disc. If the mobile terminal has four partitions including a disk C, a disk D, a disk E and a disk F, the disk F is used by the second lower computer, the disk E is used by the third lower computer, the disk D is used by the fourth lower computer, the disk C is used by the fifth lower computer, the disk F is used by the sixth lower computer, and so on.
In the hierarchical management and control setting of the management unit, the industrial control terminal is set by an upper computer terminal for the management of the mobile storage equipment, wherein the upper computer is a management end, and the lower computer terminal is an execution end for the mobile storage equipment; some industrial control terminals can be an upper computer and a lower computer at the same time, and dynamic switching can be performed at a management end and an execution end according to the actual scene of the industrial control terminal.
The strategy changing unit of the invention dynamically changes the preset material type and/or the opening and closing authority stored in each partition of the mobile storage device along with the time axis. For example, on Monday, the C disk stores water detection data, and the D disk stores control data; the Tuesday C disk stores control data, and the D disk stores water detection data. The strategy changing unit can also dynamically adjust the preset data type and/or the opening and closing authority of each subarea of the mobile storage device stored by the upper computer terminal according to the change of the process flow according to the time axis and the production change of the data. For example, if an oil removal device in an industrial control system for water treatment is suspended in a process flow and no data is generated, the data read-write permission of the corresponding mobile storage device can be stopped through the upper computer terminal and the lower computer terminal.
And the lower computer terminal of the industrial control terminal is used for setting the mobile terminal partition authority setting terminal, and is used for recording and managing data interaction of the mobile storage device partitions according to the hierarchical management and control setting of the management unit, and verifying the mobile terminal bound with the mobile storage device. When the mobile storage device is used, the mobile terminal partition authority setting terminal sends the use rule of the corresponding mobile storage device to the bound mobile terminal in real time, so that an operator of the mobile storage device uses the mobile storage device according to the real-time rule.
And when the data reading and writing of the mobile storage device do not accord with the real-time mobile terminal partition authority setting, the mobile terminal partition authority setting terminal gives an alarm. The method comprises the steps that if the mobile storage device is attacked by a network, incorrect data reading and writing can be carried out, and timely discovery and alarm can be carried out.
The mobile storage device is divided into a plurality of partitions under the hierarchical management and control setting of the management unit, and different mobile storage devices have different data reading authorities for different partitions. In the data of the mobile storage device, a plurality of partitions are also divided, and the data read-write permission of different classification devices to different partitions is different. The data partitions of the hierarchical device and the mobile storage device may be divided according to data types, or may be divided according to data roles or data production components, and are not particularly limited herein.
The mobile storage equipment management system based on hierarchical management and control manages the mobile storage equipment used in the industrial control system through the hierarchical management and control node topological graph corresponding to the process flow, manages the upper computer terminal and the lower computer terminal, realizes the read-write strategies of different mobile storage devices of different process flow branches of the industrial control system, can also dynamically adjust the read-write strategies of the mobile storage devices through the upper computer terminal along with the change of time, ensures the confidentiality of data transmission among all departments in the industrial control system, and increases the safety protection coefficient of the industrial control system.
The present invention also provides a flow diagram of a management method corresponding to the management tool of the mobile storage device, as shown in fig. 5, which is applied to an industrial control system and includes the following steps:
firstly: importing a process flow corresponding to the industrial control system and industrial control terminal data corresponding to the process flow;
secondly, identifying basic data of the imported hierarchical control topology nodes, including process flow nodes and corresponding industrial control terminal data, and converting the identification data into a set format;
thirdly, carrying out parameter judgment on the industrial control terminal data of the imported data, adding the industrial control terminal data adapted to the mobile storage device into the setting of the control attribute, adding the industrial control terminal data into the process flow node, and making a hierarchical control node topological graph;
fourthly, matching upwards in a reverse direction from the tail end of a branch of the process flow, and calculating a layout strategy for performing hierarchical control on an upper computer and/or a lower computer by an industrial control terminal with mobile storage equipment;
and fifthly, displaying the finally determined layout strategy on the topological graph of the hierarchical management and control node.
The other process steps are consistent with the hierarchical control device of the mobile storage device, and refer to the detailed description of the hierarchical control device of the mobile storage device, which is not repeated herein.
The above description is provided for the purpose of illustrating the preferred embodiments of the present invention and will assist those skilled in the art in more fully understanding the technical solutions of the present invention. However, these examples are merely illustrative and it is not considered that the embodiments of the present invention are limited to the description of these examples. For those skilled in the art to which the invention pertains, several simple deductions and changes can be made without departing from the inventive concept, and all should be considered as falling within the protection scope of the invention.
Claims (9)
1. A hierarchical management tool of mobile storage equipment is applied to an industrial control system and comprises a data import module, a data attribute adding module, a layout calculation module and a layout generation display module;
acquiring a process flow corresponding to an industrial control system and industrial control terminal data corresponding to the process flow, and importing the process flow and the industrial control terminal data through the data import module;
the data import module is used for identifying import data so as to establish basic data of the hierarchical control topology nodes: the method comprises the steps of (1) including process flow nodes and corresponding industrial control terminal data; converting the identification data into a set format;
the data attribute adding module is used for judging parameters of the industrial control terminal data of the imported data, adding the industrial control terminal data adapted to the mobile storage device into the setting of the control attribute, adding the industrial control terminal data into the process flow nodes, and making a hierarchical control node topological graph;
the layout calculation module is used for matching upwards in a reverse direction from the tail end of a branch of the process flow and calculating a layout strategy for performing hierarchical control on an upper computer and/or a lower computer by an industrial control terminal with mobile storage equipment;
the layout generation display module is used for displaying the finally determined layout strategy on the hierarchical control node topological graph;
the layout strategy comprises a series monitoring layout and a parallel monitoring layout, wherein in the series monitoring layout, an upper computer and a lower computer are connected in series, and the lower computers are sequentially connected in series according to the control sequence of the process flow; according to the parallel monitoring layout, the upper computer and the lower computer are connected in parallel, and the lower computers are sequentially connected in parallel according to the control sequence of the process flow.
2. The hierarchical management tool for the mobile storage device according to claim 1, wherein the layout generation and display module obtains the hierarchical management and control node topology map, the nodes are set as 3D nodes, and the 3D nodes are connected by hollow 3D data transmission channels; the 3D node is connected with a 3D partition model of the mobile storage device, and the 3D partition model is a partition simulation display device of the mobile storage device.
3. The hierarchical management tool of the mobile storage device according to claim 2, wherein the 3D data transmission channel includes an outer wall and a cavity formed by the outer wall, and the outer wall color and the layout policy of the data transmission channel are associated.
4. The hierarchical management tool for mobile storage devices according to claim 3, wherein the uplink transmission of the data transmission corresponds to an uplink transmission channel between nodes, and the downlink transmission of the data transmission corresponds to a downlink transmission channel between nodes;
the data transmission quantity of the nodes is associated with the emitters of the particle system corresponding to the nodes, each node corresponds to an uplink particle emitter and a downlink particle emitter, uplink transmission data is associated with the uplink particle emitter, downlink transmission data is associated with the downlink particle emitter, and the particle emission quantity, the emission speed, the data transmission quantity and the data transmission speed of the particle emitters are associated.
5. The hierarchical management tool for a mobile storage device according to claim 2, wherein the 3D partition model is respectively associated with particle emitters corresponding to each partition, and the particle emitters are controlled to emit particles according to the data volume, so as to simulate water, cloud or fog representing the data volume.
6. The hierarchical management tool for mobile storage devices according to claim 5, wherein the particle emitters of the 3D partition model are associated with layout policy units, and different types of data in the same partition are represented by particles of different colors; and the particle emitters of different partitions are closed according to the classification authority limit.
7. The hierarchical management tool for mobile storage devices according to claim 6, wherein the layout policy unit sets the mobile storage device of the industrial control system to more than 2 partitions, and the industrial control terminal can only perform data interaction with the designated partitions of the mobile storage device; and the upper computer terminal sets and changes the available partitions of the mobile storage equipment according to a preset strategy.
8. The hierarchical management tool for a mobile storage device according to claim 5, wherein the particle emitter of the 3D partition model is bound to a policy changing unit, and the displayed image is dynamically adjusted according to a policy change of the policy changing unit; the strategy changing unit dynamically changes the preset material type and/or the opening and closing authority stored in each partition of the mobile storage device along with a time axis.
9. A hierarchical management method of a mobile storage device is applied to an industrial control system and comprises the following steps:
step one, importing a process flow corresponding to an industrial control system and industrial control terminal data corresponding to the process flow;
identifying basic data of the imported hierarchical control topology nodes, including process flow nodes and corresponding industrial control terminal data, and converting the identification data into a set format;
thirdly, carrying out parameter judgment on the industrial control terminal data of the imported data, adding the industrial control terminal data adapted to the mobile storage device into the setting of the control attribute, adding the industrial control terminal data into the process flow node, and making a hierarchical control node topological graph;
step four: the method comprises the steps that the tail ends of branches of a process flow are matched upwards in a reverse direction, and a layout strategy for carrying out hierarchical control on an upper computer and/or a lower computer by an industrial control terminal with mobile storage equipment is calculated;
displaying the finally determined layout strategy on the hierarchical control node topological graph;
the layout strategy comprises a series monitoring layout and a parallel monitoring layout, wherein in the series monitoring layout, an upper computer and a lower computer are connected in series, and the lower computers are sequentially connected in series according to the control sequence of the process flow; and in the parallel monitoring layout, the upper computer and the lower computer are connected in parallel, and the lower computers are sequentially arranged in parallel according to the control sequence of the process flow.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210879095.3A CN115185466B (en) | 2022-07-25 | 2022-07-25 | Hierarchical management and control tool and method for mobile storage device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210879095.3A CN115185466B (en) | 2022-07-25 | 2022-07-25 | Hierarchical management and control tool and method for mobile storage device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115185466A CN115185466A (en) | 2022-10-14 |
CN115185466B true CN115185466B (en) | 2023-02-28 |
Family
ID=83521800
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210879095.3A Active CN115185466B (en) | 2022-07-25 | 2022-07-25 | Hierarchical management and control tool and method for mobile storage device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115185466B (en) |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106254157A (en) * | 2016-09-21 | 2016-12-21 | 山东大学 | The distributed management and control of a kind of power distribution network topology and recognition methods |
CN106874802A (en) * | 2017-01-19 | 2017-06-20 | 湖北航天技术研究院总体设计所 | A kind of industrial control equipment virus protection system based on drive control |
WO2018193080A1 (en) * | 2017-04-21 | 2018-10-25 | ondeso GmbH | Method for carrying out data transfer processes in industrial installations |
CN109474607A (en) * | 2018-12-06 | 2019-03-15 | 连云港杰瑞深软科技有限公司 | A kind of industrial control network safeguard protection monitoring system |
CN110286657A (en) * | 2019-06-03 | 2019-09-27 | 北京国电智深控制技术有限公司 | A kind of monitoring system |
CN110505292A (en) * | 2019-08-13 | 2019-11-26 | 珠海格力电器股份有限公司 | data transmission control method, device and equipment |
CN111726353A (en) * | 2020-06-17 | 2020-09-29 | 华中科技大学 | Sensitive data grading protection method and grading protection system based on numerical control system |
EP3722973A1 (en) * | 2017-12-07 | 2020-10-14 | ZTE Corporation | Data processing method and device for distributed database, storage medium, and electronic device |
CN112114579A (en) * | 2020-09-28 | 2020-12-22 | 哈尔滨工业大学(威海) | Industrial control system safety measurement method based on attack graph |
CN114580562A (en) * | 2022-03-16 | 2022-06-03 | 北京珞安科技有限责任公司 | Abnormal data detection method and device based on process flow |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102819508B (en) * | 2012-08-15 | 2014-04-02 | 河南财经政法大学 | Method for responding to signals from security monitoring subsystem |
CN106850733A (en) * | 2016-12-02 | 2017-06-13 | 安徽波维电子科技有限公司 | A kind of engineering construction high in the clouds monitoring management system |
JP6642495B2 (en) * | 2017-03-13 | 2020-02-05 | 日本電気株式会社 | Storage management system |
CN111180990B (en) * | 2020-02-24 | 2021-01-15 | 华东师范大学重庆研究院 | Automatic mode locking control method and control system for optical frequency comb |
-
2022
- 2022-07-25 CN CN202210879095.3A patent/CN115185466B/en active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106254157A (en) * | 2016-09-21 | 2016-12-21 | 山东大学 | The distributed management and control of a kind of power distribution network topology and recognition methods |
CN106874802A (en) * | 2017-01-19 | 2017-06-20 | 湖北航天技术研究院总体设计所 | A kind of industrial control equipment virus protection system based on drive control |
WO2018193080A1 (en) * | 2017-04-21 | 2018-10-25 | ondeso GmbH | Method for carrying out data transfer processes in industrial installations |
EP3722973A1 (en) * | 2017-12-07 | 2020-10-14 | ZTE Corporation | Data processing method and device for distributed database, storage medium, and electronic device |
CN109474607A (en) * | 2018-12-06 | 2019-03-15 | 连云港杰瑞深软科技有限公司 | A kind of industrial control network safeguard protection monitoring system |
CN110286657A (en) * | 2019-06-03 | 2019-09-27 | 北京国电智深控制技术有限公司 | A kind of monitoring system |
CN110505292A (en) * | 2019-08-13 | 2019-11-26 | 珠海格力电器股份有限公司 | data transmission control method, device and equipment |
CN111726353A (en) * | 2020-06-17 | 2020-09-29 | 华中科技大学 | Sensitive data grading protection method and grading protection system based on numerical control system |
CN112114579A (en) * | 2020-09-28 | 2020-12-22 | 哈尔滨工业大学(威海) | Industrial control system safety measurement method based on attack graph |
CN114580562A (en) * | 2022-03-16 | 2022-06-03 | 北京珞安科技有限责任公司 | Abnormal data detection method and device based on process flow |
Non-Patent Citations (1)
Title |
---|
大型水电站工控系统安全防护体系设计与研究;汪国良;《水电厂自动化》;20180915;第39卷(第03期);27-32 * |
Also Published As
Publication number | Publication date |
---|---|
CN115185466A (en) | 2022-10-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7037204B2 (en) | Smart factory monitoring methods and systems | |
CN109802852B (en) | Method and system for constructing network simulation topology applied to network target range | |
CN104950741B (en) | For the configuration management interface of the multi-controller of system connection | |
Hrúz et al. | Modeling and control of discrete-event dynamic systems: With petri nets and other tools | |
CN113325816A (en) | Industrial Internet-oriented digital twin body data management method | |
CN113033001A (en) | Three-dimensional digital factory modeling method and system for digital twin application | |
CN110866320A (en) | Intelligent platform area graph automatic generation method and system | |
CA2972540A1 (en) | Plant builder system with integrated simulation and control system configuration | |
Tomforde et al. | Incremental design of adaptive systems | |
CN102867091B (en) | The quantitation modification method of a kind of electric network current diagram | |
CN104537908A (en) | Multi-stage scheduling integrated simulation system based on model sharing and method | |
CN105159754A (en) | On-line simulation method and device based on intelligent business cloud platform | |
CN113938528B (en) | Vehicle-enterprise custom data communication method and system between vehicle end and cloud end | |
CN111652760B (en) | Power grid operation and maintenance virtual reality simulation system and simulation method | |
CN109272800A (en) | A kind of Power Plant Simulation Training Methodology based on Unity3D | |
CN108734778A (en) | A kind of technical supervision data visualization method and system | |
CN115544775A (en) | Digital twin workshop multi-dimensional multi-level model construction and dynamic configuration method | |
CN112306014A (en) | Workshop production simulation and scheduling implementation method based on UE4 | |
CN115185466B (en) | Hierarchical management and control tool and method for mobile storage device | |
CN107291933B (en) | Petri network-based soft PLC system data synchronization method | |
CN109801364A (en) | A kind of 3-dimensional digital modeling method and digitlization workshop management system | |
CN108234205B (en) | Network topology structure and information presentation method thereof | |
CN116188209A (en) | Virtual reality physical experiment simulation intelligent engine system and working method | |
CN116308128A (en) | Method, equipment and medium for green construction management of assembled building | |
US20230124678A1 (en) | Storage medium to store transmission data setting support program, gateway device, and transmission data setting supporting method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |