CN117081853B

CN117081853B - New energy edge side communication protocol conversion module with time wheel dynamic authentication

Info

Publication number: CN117081853B
Application number: CN202311316974.6A
Authority: CN
Inventors: 林振福; 马溪原; 李鹏; 杨铎铜; 徐全; 张子昊; 姚森敬; 葛俊; 俞靖一; 王鹏宇; 曾博儒
Original assignee: Southern Power Grid Digital Grid Research Institute Co Ltd
Current assignee: Southern Power Grid Digital Grid Research Institute Co Ltd
Priority date: 2023-10-12
Filing date: 2023-10-12
Publication date: 2024-02-13
Anticipated expiration: 2043-10-12
Also published as: CN117081853A

Abstract

The invention discloses a new energy edge side communication protocol conversion module with time wheel dynamic authentication, which comprises the following components: the time dimension determining module is used for determining the time dimension of the data when the data reported by the sender is received; the data distribution module to be transmitted is used for distributing data to the time slots based on the time dimension and the time range of each time slot in the multi-stage time wheel; the target data to be sent determining module is used for taking the data in the time slot as the target data to be sent when the time slot meets the task execution condition, and generating a first time stamp; the data transmission module to be authenticated is used for carrying out hash processing on the first timestamp and the target data to be transmitted, and transmitting the hash processing result, the target data to be transmitted and the first timestamp as the data to be authenticated, so that the data receiver authenticates the data to be authenticated. The authentication of communication data is realized, the safety and the reliability of data transmission are ensured, the rapid conversion between different communication protocols can be realized, and the communication efficiency is improved.

Description

New energy edge side communication protocol conversion module with time wheel dynamic authentication

Technical Field

The invention relates to the technical field of communication, in particular to a new energy edge side communication protocol conversion module with time wheel dynamic authentication.

Background

With the continuous development of new energy technology, the intelligent power grid, the distributed energy system and other new energy fields are increasingly widely applied. In these scenarios, different communication protocols are often used for data interaction between different devices, but existing communication protocol conversion modules have some problems. The security of the communication data cannot be effectively ensured, and the communication data is easy to hack and tamper with the data. And secondly, the conversion efficiency is low, so that the delay of data transmission is high, and the real-time data processing is not facilitated.

Most of traditional power communication modules do not authenticate the integrity of data, and the power protocol 104-based communication only uses the sending sequence number and the receiving sequence number to preliminarily check the sequence of the data, so that the situation of repeated or lost data is prevented, and the integrity of the data is not checked. If the communication channel is intercepted, communication data is easy to be tampered by people, a data receiver or a communication conversion plan cannot check the integrity of the data, and the data may be subjected to the risk of being tampered or falsified in the transmission process. Lacking dynamic authentication techniques, hackers or unauthorized devices may intercept, modify, or tamper with the data, resulting in the integrity and authenticity of the data being compromised, potentially raising serious security concerns.

Some communication conversion modules have authentication and authorization functions, but basically authenticate and authenticate a linked link, and do not verify and authenticate the integrity and non-repudiation of data.

Some communication conversion devices have the function of data authentication, but cannot adapt to the application scenario that data has multiple time dimensions, and under the transmission requirement that the data has multiple time dimensions, a large amount of storage space and calculation resources are spent by adopting a real-time authentication mode, or authentication is performed by adopting historical data, and the data authentication process may need to traverse all the historical data or use other complex data structures to find corresponding data blocks and compare. This can lead to inefficiency in authentication, particularly in the context of large-scale data transmission and processing, which can cause significant communication delays and performance problems.

In the case of data transmission with multiple time dimensions, a part of communication modules are used for judging business logic by developing a large number of timing tasks, and complex dependency relationships can be contained in the large number of timing tasks, some tasks need to be started to be executed after the execution sequence of other tasks or whether the tasks can be executed according to the execution results of other timing tasks, and when the types and the number of the timing tasks containing the business logic are large, a task scheduler judges the task scheduling time one by one and the execution of the task scheduling time one by one, so that the overhead of a system is increased, and the task processing efficiency is very low.

Therefore, how to ensure the safety and integrity of the communication data and improve the communication efficiency is a technical problem to be solved at present.

Disclosure of Invention

The invention provides a new energy edge side communication protocol conversion module with time wheel dynamic authentication, which realizes the security authentication of data and improves the authentication efficiency of the data.

According to one aspect of the present invention, there is provided a new energy edge side communication protocol conversion method with time-rotation dynamic authentication, including:

when data to be transmitted, which is reported by a data transmitter, is received, determining a time dimension of the data to be transmitted, wherein the time dimension is at least one of a day level, an hour level, a minute level, a second level and a millisecond level;

distributing the data to be sent to time slots in the multi-stage time wheel based on the time dimension and a time range corresponding to each time slot in the multi-stage time wheel of the first communication conversion module, wherein the multi-stage time wheel comprises at least two of a day-stage time wheel, an hour-stage time wheel, a minute-stage time wheel, a second-stage time wheel and a millisecond-stage time wheel;

aiming at any time slot in the multi-stage time wheel, when the time slot meets the task execution condition, taking the data to be sent in the time slot as target data to be sent, and generating a first timestamp;

And carrying out hash processing on the first timestamp and the target data to be sent, and sending a hash processing result, the target data to be sent and the first timestamp to a data receiver as data to be authenticated, so that the data receiver authenticates the data to be authenticated.

According to another aspect of the present invention, there is provided a new energy edge side communication protocol conversion method with time-rotation dynamic authentication, including:

receiving data to be authenticated sent by a data sender, wherein the data to be authenticated comprises target data to be sent, a first timestamp and a hash processing result of the target data to be sent and the first timestamp, and the data to be authenticated is determined by the data sender according to the time dimension of the target data to be sent and a time wheel of a first communication conversion module;

determining a target time slot corresponding to the first time stamp in a multi-stage time wheel of the second communication conversion module based on the current time and the first time stamp;

distributing the target data to be sent to the target time slot, generating a second time stamp when the target time slot meets the task execution condition, and carrying out hash calculation on the second time stamp and the target data to be sent to obtain a hash result to be used;

And determining an authentication result of the data to be authenticated, which is sent by the data sender, based on the hash result to be used and the hash processing result in the data to be authenticated.

According to another aspect of the present invention, there is provided a new energy edge side communication protocol conversion module with time wheel dynamic authentication, including:

the time dimension determining module is used for determining the time dimension of the data to be sent when the data to be sent reported by the data sender is received, wherein the time dimension is at least one of a day level, a hour level, a minute level, a second level and a millisecond level;

the data to be sent is distributed to the time slots in the multi-stage time wheel based on the time dimension and the time range corresponding to each time slot in the multi-stage time wheel of the first communication conversion module, and the multi-stage time wheel comprises at least two of a day-level time wheel, an hour-level time wheel, a minute-level time wheel, a second-level time wheel and a millisecond-level time wheel;

the target data to be sent determining module is used for regarding any time slot in the multi-stage time wheel, when the time slot meets the task execution condition, taking the data to be sent in the time slot as target data to be sent, and generating a first timestamp;

And the data to be authenticated sending module is used for carrying out hash processing on the first timestamp and the target data to be sent, and sending a hash processing result, the target data to be sent and the first timestamp to be used as data to be authenticated to a data receiver so that the data receiver authenticates the data to be authenticated.

the data receiving module is used for receiving data to be authenticated sent by a data sender, wherein the data to be authenticated comprises target data to be sent, a first timestamp and a hash processing result of the target data to be sent and the first timestamp, and the data to be authenticated is determined by the data sender according to the time dimension of the target data to be sent and a time wheel of the first communication conversion module;

the target time slot determining module is used for determining a target time slot corresponding to the first time stamp in the multi-stage time wheel of the second communication conversion module based on the current time and the first time stamp;

the to-be-used hash result generation module is used for distributing the target to-be-sent data to the target time slot, generating a second timestamp when the target time slot meets the task execution condition, and carrying out hash calculation on the second timestamp and the target to-be-sent data to obtain a to-be-used hash result;

And the authentication result determining module is used for determining an authentication result of the data to be authenticated sent by the data sender based on the hash result to be used and the hash processing result in the data to be authenticated.

The technical scheme of the embodiment of the invention comprises the following steps: when receiving data to be transmitted, which is reported by a data sender, determining the time dimension of the data to be transmitted; based on the time dimension and the time range corresponding to each time slot in the multi-stage time wheel of the first communication conversion module, distributing the data to be transmitted to the time slots in the multi-stage time wheel; aiming at any time slot in the multi-stage time wheel, when the time slot meets the task execution condition, taking the data to be sent in the time slot as target data to be sent, and generating a first timestamp; and carrying out hash processing on the first timestamp and the target data to be sent, and sending the hash processing result, the target data to be sent and the first timestamp to a data receiver as data to be authenticated, so that the data receiver authenticates the data to be authenticated. Receiving data to be authenticated sent by a data sender, wherein the data to be authenticated comprises target data to be sent, a first timestamp and a hash processing result of the target data to be sent and the first timestamp, and the data to be authenticated is determined by the data sender according to the time dimension of the target data to be sent and a time wheel of a first communication conversion module; determining a target time slot corresponding to the first time stamp in a multi-stage time wheel of the second communication conversion module based on the current time and the first time stamp; distributing the target data to be sent to the target time slot, generating a second time stamp when the target time slot meets the task execution condition, and carrying out hash calculation on the second time stamp and the target data to be sent to obtain a hash result to be used; and determining an authentication result of the data to be authenticated, which is sent by the data sender, based on the hash result to be used and the hash processing result in the data to be authenticated. The method and the device solve the technical problems that in the prior art, communication data cannot be authenticated, the method and the device cannot adapt to application scenes of the data with multiple time dimensions, so that the data security is low and the communication efficiency is low, authentication of the communication data is realized, the security and the reliability of data transmission are ensured, quick conversion between different communication protocols can be realized, and the communication efficiency is improved.

It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a flowchart of a new energy edge side communication protocol conversion method with time-wheel dynamic authentication according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of an encryption process;

fig. 3 is a flowchart of a new energy edge side communication protocol conversion method with time-wheel dynamic authentication according to a second embodiment of the present invention;

FIG. 4 is a schematic diagram of an authentication process;

FIG. 5 is a schematic diagram of a multi-level time wheel in the present embodiment;

fig. 6 is a schematic structural diagram of a new energy edge side communication protocol conversion module with time-wheel dynamic authentication according to a third embodiment of the present invention;

Fig. 7 is a schematic structural diagram of a new energy edge side communication protocol conversion module with time-wheel dynamic authentication according to a fourth embodiment of the present invention;

fig. 8 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present invention.

Detailed Description

In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.

It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

Example 1

Fig. 1 is a flowchart of a new energy edge side communication protocol conversion method with time-wheel dynamic authentication according to an embodiment of the present invention, where the embodiment is applicable to a case of encrypting data to be sent when the data to be sent is sent, and the method may be performed by a new energy edge side communication protocol conversion module with time-wheel dynamic authentication, and the module may be implemented in a hardware and/or software mode. As shown in fig. 1, the method includes:

and S110, when receiving data to be transmitted, which is reported by a data sender, determining the time dimension of the data to be transmitted.

In the embodiment of the invention, the data transmitting party refers to power equipment with data transmission requirements in a smart grid or a distributed energy system, and the data to be transmitted comprises but is not limited to equipment operation data and equipment acquisition data. The power equipment reports the data to be sent to the communication conversion module, namely the communication protocol conversion module, and the data to be sent is processed through the communication protocol conversion module, so that the processed data to be sent is forwarded to the power distribution network terminal equipment, the power distribution main station and the like, and the power distribution network and the distributed energy system can be controlled and monitored conveniently.

The communication protocol conversion module is used for converting among various different communication protocols, and under the action of the communication protocol conversion module, data among different protocols can be mutually converted, so that different devices and systems can be mutually communicated and connected, for example, in a power system, the communication module is used for communication of devices such as smart meters, smart grids and the like.

The time dimension refers to time information of data to be sent, for example, the power equipment collects data in the power distribution network once every preset minute, and the collected power data is in units of minutes; correspondingly, the time dimension of the data to be sent is in the order of minutes; for another example, for some devices with low reporting period requirements, the corresponding power data acquisition period is hour, and the corresponding time dimension of the data to be transmitted is hour level; the time dimension is at least one of a day level, an hour level, a minute level, a second level, and a millisecond level.

On the basis of the above embodiment, the data sender is an edge device in the power distribution network, where the edge device includes: at least one of a photovoltaic inverter, an energy storage station energy management system, a fan controller and a reactive power compensation device.

On the basis of the technical scheme, determining the time dimension of the data to be sent comprises the following steps: acquiring a time stamp corresponding to data to be sent, and analyzing a time unit corresponding to the time stamp; based on the time units, a time dimension of the data to be transmitted is determined.

Specifically, when receiving data to be transmitted reported by a data sender, analyzing the data to be transmitted, and determining a timestamp contained in the data to be transmitted; it will be appreciated that when the power device is generating data, the time at which the data is generated is typically referred to as the time stamp of the data, and the time stamp is reported as part of the data. Thus, by analyzing the data to be transmitted, a corresponding time stamp is determined, for example, the data to be transmitted includes data a, and the generation time of the data a is 10 th seconds, that is, the time unit of the data a is seconds, and the time dimension is seconds.

And S120, distributing the data to be transmitted to the time slots in the multi-stage time wheel based on the time dimension and the time range corresponding to each time slot in the multi-stage time wheel of the first communication conversion module.

The multi-stage time wheel comprises a day-level time wheel, an hour-level time wheel, a minute-level time wheel, a second-level time wheel and a millisecond-level time wheel, and is a time wheel algorithm for processing timing tasks, and is a data structure and can be regarded as a combination of a cyclic array and a doubly-linked list. In a multi-level time wheel, each time wheel contains a plurality of time slots for placing data within a certain time range, for example, 1-5 seconds of data in a time slot of 1-5 seconds.

The first communication conversion module refers to a communication protocol conversion module connected with a data sender, wherein the first communication conversion module comprises a multi-stage time wheel, and when the first communication conversion module receives reported data to be sent, the data to be sent is distributed into time slots of the multi-stage time wheel according to a time dimension.

In some preferred embodiments, the allocation of the data to be transmitted to the time slots in the multi-level time wheel based on the time dimension and the time range corresponding to each time slot in the multi-level time wheel includes: if the time dimension corresponding to the data to be sent is the level, the data to be sent is distributed to a time slot of a level time wheel; if the time dimension corresponding to the data to be sent is the hour level, the data to be sent is distributed to a time slot of an hour level time wheel; if the time dimension corresponding to the data to be sent is the minute level, the data to be sent is distributed to a time slot of a minute level time wheel; if the time dimension corresponding to the data to be sent is of the second level, the data to be sent is distributed to a time slot of a second level time wheel; and if the time dimension corresponding to the data to be transmitted is in the millisecond level, distributing the data to be transmitted to a time slot of a millisecond level time wheel.

On the basis of the foregoing embodiment, allocating the data to be sent to the time slot of the day-level time wheel includes: and determining a target time range matched with the time stamp of the data to be sent according to the time range corresponding to each time slot in the day-level time wheel, and distributing the data to be sent to the time slot corresponding to the target time range.

And S130, regarding any time slot in the multi-stage time wheel, when the time slot meets the task execution condition, taking the data to be sent in the time slot as target data to be sent, and generating a first timestamp.

In the embodiment of the invention, the pointer of each time wheel in the multi-stage time wheels can be rotated to the next time slot at regular time, all tasks in the time slot are executed, namely the time slot meets the task execution condition, at the moment, the data in the time slot is used as target data to be sent, and a first timestamp corresponding to the target data to be sent is generated.

In the embodiment of the present invention, when a time slot meets a task execution condition, data to be sent in the time slot is used as target data to be sent, and a first timestamp is generated, including: when the pointer of the time wheel where the time slot is positioned rotates to the time slot, determining that the time slot meets the task execution conditions; and taking the data to be transmitted in the time slot as target data to be transmitted, and taking the current moment as the first timestamp.

In the application scenario of the embodiment, when the pointer of the time wheel rotates to the current time slot, the time slot meets the execution condition, and the data block in the time slot is used as the target data to be sent. The current time may be a time when the time slot meets the task execution condition, and the current time is taken as a time stamp of the target data to be sent, i.e. a first time stamp.

S140, carrying out hash processing on the first timestamp and the target data to be sent, and sending a hash processing result, the target data to be sent and the first timestamp to be used as data to be authenticated to a data receiver, so that the data receiver authenticates the data to be authenticated.

In this embodiment, the first timestamp and the target data to be sent are processed through a hash algorithm to obtain a hash processing result, the target data to be sent, the hash processing result and the first timestamp are sent to a data receiver as data to be authenticated, and the data to be authenticated is authenticated through a communication protocol conversion module connected with the data receiver.

The data encryption process is exemplified as follows: and when the communication conversion module receives data to be transmitted from a sender, pressing the data into different time wheels according to different time dimensions of the data, and waiting for the execution of a time wheel task, uniformly generating a first timestamp, carrying out hash calculation on the first timestamp and the data block, and finally sending out the data block, the timestamp and the hash value together. The encryption process is shown in fig. 2.

In a preferred embodiment, an important characteristic of hash computation is the avalanche effect, i.e. small changes in the input data can cause large changes in the generated hash value. This makes the hash function very useful in checking the integrity of the data, since the hash values generated will be quite different if the data changes a bit. Combining the time stamp with some data to calculate a hash value can be used to generate a unique data identification or for data tamper-proof scenarios. In the embodiment, the data authentication is performed by adopting the time stamp and the data to perform hash calculation, so that the data security in the application scene of the new energy edge control is ensured. The main algorithm process is as follows:

when data generated by edge equipment such as a photovoltaic inverter, an energy storage station energy management system, a fan controller, a reactive compensation device and the like are reported to a communication conversion module, the communication conversion module presses related data into a corresponding time slot according to the time dimension, and when a task linked list of the time slot reaches an execution condition, a time stamp of the time slot is generated. Combining the time stamp and the data to be processed to obtain a new data character string, and then carrying out hash calculation on the data by adopting an SHA-256 algorithm, wherein the main algorithm process is as follows:

1. And (3) filling data: the SHA-256 algorithm divides the input data into 512 bit (64 byte) blocks. If the input data length is not an integer multiple of 512 bits, padding is performed at the end, and the data length is ensured to meet the requirement.

2. Initial hash value: the SHA-256 algorithm defines 8 initial hash values (A, B, C, D, E, F, G, H) of 32 bits, which are generated from the previous hash value, with specific values being preset constants. These initial hash values are used for the compression function of the first block.

3. Message extension: each 512-bit block would be divided into 16 sub-blocks of 32 bits, followed by 64 rounds of message expansion. During message expansion, an additional 64 32-bit words (W0 to W63) are generated according to certain rules and functions. These words are used for the compression function.

4. Compression function: SHA-256 uses a 64-round compression function to process each 512-bit block and either the initial hash value (for the first block) or the previous hash value (for the subsequent block) to generate a new hash value. The operations in the compression function include bit operations (e.g., logical AND, logical XOR, logical OR) and modulo operations (addition, circular left shift, etc.)

5. Final results: after processing all the blocks, the resulting final hash value will be the output of the SHA-256 algorithm. This final hash value is a 256-bit number, typically represented as a 64-bit hexadecimal number.

The technical scheme of the embodiment of the invention comprises the following steps: when receiving data to be transmitted, which is reported by a data sender, determining the time dimension of the data to be transmitted; based on the time dimension and the time range corresponding to each time slot in the multi-stage time wheel of the first communication conversion module, distributing the data to be transmitted to the time slots in the multi-stage time wheel; aiming at any time slot in the multi-stage time wheel, when the time slot meets the task execution condition, taking the data to be sent in the time slot as target data to be sent, and generating a first timestamp; and carrying out hash processing on the first timestamp and the target data to be sent, and sending the hash processing result, the target data to be sent and the first timestamp to a data receiver as data to be authenticated, so that the data receiver authenticates the data to be authenticated. The method and the device solve the technical problems that in the prior art, communication data cannot be authenticated, the method and the device cannot adapt to application scenes of the data with multiple time dimensions, so that the data security is low and the communication efficiency is low, authentication of the communication data is realized, the security and the reliability of data transmission are ensured, quick conversion between different communication protocols can be realized, and the communication efficiency is improved.

Example two

Fig. 3 is a flowchart of a new energy edge side communication protocol conversion method with time-wheel dynamic authentication according to a second embodiment of the present invention, on the basis of the foregoing embodiment, a data authentication process is explained in detail in this embodiment, and a specific implementation manner can be referred to the technical solution of this embodiment. Wherein, the technical terms identical to or corresponding to the above embodiments are not repeated herein. As shown in fig. 3, the method includes:

s210, receiving data to be authenticated sent by a data sender.

The data to be authenticated comprises target data to be sent, a first time stamp and a hash processing result of the target data to be sent and the first time stamp; the data to be authenticated is determined by the data sender according to the time dimension of the target data to be sent and the time wheel of the first communication conversion module.

In this embodiment, the data to be authenticated refers to data sent by the data sender, specifically, the data sender uploads the data to be sent to the first communication conversion module, the data of the first communication conversion module processes the data to be sent according to the processing manner of the foregoing embodiment to obtain the data to be authenticated, and the data to be authenticated is further sent to a communication protocol conversion module corresponding to the data receiver, for example, the second communication conversion module. After the second communication conversion module receives the data to be authenticated, the data to be authenticated is authenticated, the data to be authenticated can be transmitted to a data receiver after passing the authentication, the data receiver can further process the data, if the authentication fails, the data is possibly tampered, the corresponding communication link is disconnected, and the alarm is prompted. The data receiving party refers to terminal equipment, main station equipment and the like.

The data to be authenticated includes the target data to be sent, the first timestamp and the hash processing result, the data to be authenticated is sent by the data sender, and the data to be authenticated is processed according to the time dimension and the time wheel by the first communication conversion module of the data sender, which can be specifically referred to the content of the foregoing embodiment and is not described herein again.

S220, determining a target time slot corresponding to the first time stamp in the multi-stage time wheel based on the current time and the first time stamp.

In the embodiment of the invention, the current time can be understood as the time corresponding to the internal clock of the communication protocol conversion module, or the time when the communication protocol conversion module receives the data to be authenticated, and backtracking is performed according to the current time and the first timestamp, so that the corresponding time wheel and time slot in the second communication conversion module, namely the target time slot, can be determined. For example, when the first timestamp is 5 th second and the current time is 20 th second, performing time backtracking according to the 20 th second of the current time, and finding a time slot corresponding to the 5 th second in the second-level time wheel as a target time slot.

S230, distributing the target data to be sent to the target time slot, generating a second time stamp when the target time slot meets the task execution condition, and carrying out hash calculation on the second time stamp and the target data to be sent to obtain a hash result to be used.

In this embodiment, the target data to be sent is allocated to the target time slot of the multi-stage time wheel of the second communication conversion module, and when the pointer rotates to the target time slot, a second timestamp is generated, where the second timestamp refers to the time when the target pointer rotates to the target time slot, and hash calculation is further performed on the second timestamp and the target data to be sent to obtain a hash result to be used, and the hash algorithm process can refer to the foregoing embodiment.

S240, determining an authentication result of the data to be authenticated, which is sent by the data sender, based on the hash result to be used and the hash processing result in the data to be authenticated.

In the embodiment of the present invention, preferably, if the hash result to be used is consistent with the hash processing result, the authentication result of the data to be authenticated is determined to be authentication passing. If the two are consistent, the data are not tampered, the authentication is successful, and the data are not tampered in the transmission process of the data.

In a preferred embodiment, in the second communication conversion module, data authentication needs to be performed on the received data to be authenticated, so as to determine the integrity of the data. In the new energy edge control scene, the generation channels of the data are various, even the public network data are transmitted, the data transmission channels are redundant, the situation of attack or destruction in the data transmission process is necessarily existed, and in order to ensure the security of the new energy edge control, the security of the received data to be authenticated needs to be effectively identified. In the embodiment of the invention, the design of data authentication is provided aiming at the integrity and the correctness of data, and the schematic diagram of the authentication process is shown in fig. 4.

1. Receiving data: the receiving party receives the data to be authenticated transmitted by the transmitting party, wherein the data itself (target data to be transmitted), the first timestamp and the hash value are contained.

2. Extracting a time stamp: the receiving party extracts a first timestamp from the received data. The first timestamp is used for marking the generation time of the data and is the basis for the backtracking of the subsequent data.

3. Time wheel searching: the receiver backtracks the time wheel through the first timestamp, and searches the corresponding time slot (i.e. the target time slot) from the current moment forward. Each slot of the time wheel corresponds to a time segment, and due to the rotational nature of the time wheel, a slot containing the time stamp can be quickly located.

4. Checking the data block: once the slot containing the timestamp is found, the recipient extracts the data block from the slot, including the target data to be sent, the first timestamp, and the hash value. This block of data is the data that the sender sends at the time stamp.

5. And (3) hash calculation: the receiving side uses the same hash function to carry out hash calculation on the received data to obtain the hash value of the received data. Specifically, the target data to be sent is put back into the corresponding time wheel of the receiver, when the time wheel task is executed, a second time stamp is determined, and then the second time stamp and the target data to be sent are processed through hashing, so that a hash result to be used is obtained.

6. And (3) data authentication: the receiving side compares the calculated hash value with the hash value in the data block. If the two are consistent, the data is not tampered, and the authentication is successful; if not, the data may be tampered, and authentication fails.

In the scheme of the embodiment of the invention, a multi-stage time wheel design method is adopted, the minimum wheel is arranged in a circle, the upper layer wheel is arranged in a grid, because the data time dimension of a new energy edge control scene can be divided into a plurality of time dimensions such as millisecond level, second level, minute level, hour level, day level and the like, the time of data received by a communication conversion module is random, and the efficiency of data conversion is considered.

Meanwhile, since hash calculation is needed in the data authentication process, the hash calculation is also a very resource-consuming calculation process, and if the hash calculation is performed on fragmented data in real time, the data authentication process is very low. Therefore, the method and the device are realized by dividing the time period of one day into multiple stages of time wheels, and the new energy edge control device can find the corresponding position on the task list of the time wheels no matter the data generated at a certain moment. A schematic of a multi-stage time wheel is shown in the following figure.

Referring to fig. 5, a multi-level time wheel schematic diagram in this embodiment is shown, where the multi-level time wheel may be regarded as a plurality of single-level time wheels, and the time wheel algorithm of each time wheel may be implemented as a data structure of a cyclic array+doubly linked list. The cyclic arrays form a ring structure, pointers walk one step at regular time intervals (ickDation), and each array is mounted with a timing task list with a double linked list structure. The tasks on the doubly linked list have a property of remaining tasks, i.e., what turns the current task leaves, and each time the pointer goes to the task's location, remaining tasks are decremented by 1 until the remaining tasks are triggered by 0. The day wheel in the figure refers to a day-level time wheel, the total time range is equal to 1 month, the number of time slots in the day-level time wheel is 30, and the time range of each time slot in the day-level time wheel is 1 day, namely 1d in the figure represents 1 day.

The hour wheel refers to an hour-level time wheel, the total time range of the hour-level time wheel is equal to 1 day, the number of time slots in the hour-level time wheel is 24, and the time range of each time slot is 1 hour, namely 1 hour in the hour-level time wheel represents 1 hour.

The minute wheel means a minute-level time wheel, and the total time range of the minute-level time wheel is equal to 1 hour, wherein the number of time slots is 60, and the time range of each time slot is 1 minute, namely 1 minute is represented by 1 m.

The second wheel refers to a second-level time wheel, and the total time range of the second-level time wheel is equal to 1 minute, wherein the number of the time wheels is 60, and the time range of each time slot is 1 second, namely 1s represents 1 second.

The millisecond wheel refers to a millisecond-level time wheel, the total time range of the millisecond-level time wheel is 1 second, the millisecond-level time wheel is divided into 8 time slots in the figure, but the millisecond-level time wheel can be adjusted based on actual conditions, and the corresponding time range of each time slot is the ratio of the total time range to the total number of the time slots.

In the embodiment of the invention, the data of the communication conversion module can be divided into millisecond level, second level, minute level, hour level and day level according to different time dimensions. The invention relates to a method for processing data in a novel power system, which mainly aims at the operation real-time parameters of the novel power system, is mainly used for the edge control scene of a new energy station, and is required to carry out data transmission and processing in the millisecond level, wherein the time dimension is the minimum dimension, a communication conversion module adds the received data into a bidirectional task chain table of a time wheel in the millisecond level, the millisecond level interval designed by the invention is 50ms, real-time data in the same time interval are all added into the task chain table in the time interval, when a clock is transferred to the slot, the data in the task chain table in the slot can execute tasks, firstly, the source of a data block is authenticated, if the source of the data is authenticated correctly, the data is not tampered and is complete, then the data processing in the next step is carried out, if the authentication fails, the connection of a data channel of the source is disconnected, the data is subjected to hash calculation again after the data authentication, the data after the calculation processing is forwarded to a subscribing end, and the authentication process of other time dimensions is similar. The second level mainly relates to data scenes such as alarming, recording, prompting and metering, the data in the time dimension are mainly used for monitoring a new energy station, the second level data authentication is the same as the millisecond level data authentication process, but the second level time slot contains a millisecond level time slot, the millisecond level data is required to be summarized, the original millisecond level data is cleared according to the actual requirement of a service, or temporary caching is carried out, when the second level slot task starts to be executed, the millisecond level data is summarized and then forwarded to a subscription terminal, and the data processing of the upper layer and the lower layer of the time slot in other time dimensions is similar. The time slot of minute level is mainly used for processing non-real-time data requirements such as monitoring state monitoring, metering data, prediction data and the like of a link, and the authentication and processing process of the data is also in millisecond level. The data of the hour level is mainly data such as electric quantity, electricity price and the like of the new energy station. The day-level time slot is mainly used for summarizing the data of the same day and processing data information such as electric quantity, income, electric energy quality analysis, optimal scheduling strategy and the like of the new energy station of the same day.

In the embodiment of the invention, the time complexity of adding tasks and executing tasks of the time wheel adopted by the data authentication and data forwarding of the related communication module is fixed and does not increase with the increase of the number of the tasks. No matter how many tasks are in the time wheel, the tasks in the current slot position are only required to be processed when the tasks are executed, so the time complexity is O (1), in the scene of new energy edge control, the generation of data is special, such as a large amount of data, real time, random, complex and the like, different data generation occasions are inconsistent, even if the same data is generated, the data are not generated regularly but are generated dynamically, such as telemetry information, the data are reported only when the data change, but the data belong to the data which need to be forwarded quickly, the real-time data volume is very large, the data are required to be authenticated when the data are received, the task is bulked and the resource is wasted, the time is similar, the data of a plurality of data blocks is authenticated in the time delay required by the service control, the resource is saved, and the data authentication efficiency is improved. In contrast, the traditional timing task scheduling mode may need to traverse all tasks to find out the expired tasks, the time complexity may be O (n), n is the number of tasks, n is ten thousands of tasks in the new energy control scene, and if data authentication and forwarding are needed, resources are easy to be exhausted, so that the time round algorithm of the application is more suitable for the scene of data acquisition and processing in the multi-time dimension scene.

In addition, the time wheel adopted in the embodiment adopts a ring structure, the slots are divided at fixed time intervals, and an additional data structure is not needed to maintain the task list. While the traditional timing task may need to use a priority queue or heap to maintain a task list, occupy more memory resources, the time difference between the task trigger time and the current time of the time wheel in the patent is very small, and the task can be timely executed in a very short time. Whereas conventional timed tasks may cause some delay due to traversal, etc., particularly when the number of tasks is large, the delay may be greater.

Example III

Fig. 6 is a schematic structural diagram of a new energy edge side communication protocol conversion module with time-wheel dynamic authentication according to a third embodiment of the present invention. As shown in fig. 6, the module includes:

a time dimension determining module 310, configured to determine, when receiving data to be sent reported by a data sender, a time dimension of the data to be sent, where the time dimension is at least one of a day level, a hour level, a minute level, a second level, and a millisecond level;

a data to be sent allocation module 320, configured to allocate the data to be sent to a time slot in the multi-level time wheel based on the time dimension and a time range corresponding to each time slot in the multi-level time wheel, where the multi-level time wheel includes at least two of a day-level time wheel, an hour-level time wheel, a minute-level time wheel, a second-level time wheel, and a millisecond-level time wheel;

The target data to be sent determining module 330 is configured to, for any time slot in the multi-level time wheel, take the data to be sent in the time slot as target data to be sent when the time slot meets a task execution condition, and generate a first timestamp;

the to-be-authenticated data sending module 340 is configured to perform hash processing on the first timestamp and the target to-be-sent data, and send a hash processing result, the target to-be-sent data, and the first timestamp as to-be-authenticated data to a data receiver, so that the data receiver authenticates the to-be-authenticated data.

Optionally, the time dimension determining module 310 includes:

the time unit determining unit is used for acquiring the time stamp corresponding to the data to be sent and analyzing the time unit corresponding to the time stamp;

and the time dimension determining unit is used for determining the time dimension of the data to be transmitted based on the time unit.

Optionally, the data distribution module 320 to be sent includes:

and the day-level time wheel distribution unit is used for distributing the data to be transmitted to the time slot of the day-level time wheel if the time dimension corresponding to the data to be transmitted is the day level.

Optionally, the day time wheel allocation unit is specifically configured to:

and determining a target time range matched with the time stamp of the data to be sent according to the time range corresponding to each time slot in the day-level time wheel, and distributing the data to be sent to the time slot corresponding to the target time range.

Optionally, the target data to be sent determining module 330 includes:

the task execution condition determining module is used for determining that the time slot meets the task execution condition when the pointer of the time wheel where the time slot is positioned rotates to the time slot;

And the first timestamp determining module is used for taking the data to be sent in the time slot as target data to be sent and taking the current moment as the first timestamp.

Optionally, the data sender is an edge device in the power distribution network, where the edge device includes: at least one of a photovoltaic inverter, an energy storage station energy management system, a fan controller and a reactive power compensation device.

The new energy edge side communication protocol conversion module with the time-wheel dynamic authentication provided by the embodiment of the invention can execute the new energy edge side communication protocol conversion method with the time-wheel dynamic authentication provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.

Example IV

Fig. 7 is a schematic structural diagram of a new energy edge side communication protocol conversion module with time-wheel dynamic authentication according to a fourth embodiment of the present invention. As shown in fig. 7, the module includes:

the data receiving module 410 is configured to receive data to be authenticated sent by a data sender, where the data to be authenticated includes target data to be sent, a first timestamp, and a hash result of the target data to be sent and the first timestamp, and the data to be authenticated is determined by the data sender according to a time dimension of the target data to be sent and a time wheel of the first communication conversion module;

A target time slot determining module 420, configured to determine a target time slot corresponding to the first time stamp in a multi-level time wheel of the second communication conversion module based on the current time and the first time stamp;

the to-be-used hash result generation module 430 is configured to allocate the target to-be-sent data to the target time slot, generate a second timestamp when the target time slot meets a task execution condition, and perform hash calculation on the second timestamp and the to-be-sent data to obtain a to-be-used hash result;

the authentication result determining module 440 is configured to determine an authentication result of the data to be authenticated sent by the data sender based on the hash result to be used and a hash result in the data to be authenticated.

The technical scheme of the embodiment of the invention comprises the following steps: receiving data to be authenticated sent by a data sender, wherein the data to be authenticated comprises target data to be sent, a first time stamp and a hash processing result of the target data to be sent and the first time stamp, and the data to be authenticated is determined by the data sender according to the time dimension of the target data to be sent and a time wheel of a first communication conversion module; determining a target time slot corresponding to the first time stamp in the multi-stage time wheel of the second communication conversion module based on the current time and the first time stamp; distributing the target data to be sent into a target time slot, generating a second time stamp when the target time slot meets the task execution condition, and carrying out hash calculation on the second time stamp and the target data to be sent to obtain a hash result to be used; and determining an authentication result of the data to be authenticated, which is sent by the data sender, based on the hash result to be used and the hash processing result in the data to be authenticated. The method and the device solve the technical problems that in the prior art, communication data cannot be authenticated, the method and the device cannot adapt to application scenes of the data with multiple time dimensions, so that the data security is low and the communication efficiency is low, authentication of the communication data is realized, the security and the reliability of data transmission are ensured, quick conversion between different communication protocols can be realized, and the communication efficiency is improved.

Example five

Fig. 8 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic equipment may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.

As shown in fig. 8, the electronic device 10 includes at least one processor 11, and a memory, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, etc., communicatively connected to the at least one processor 11, in which the memory stores a computer program executable by the at least one processor, and the processor 11 may perform various appropriate actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from the storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data required for the operation of the electronic device 10 may also be stored. The processor 11, the ROM 12 and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.

Various components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, etc.; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.

The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 11 performs the various methods and processes described above, such as the new energy edge side communication protocol conversion method with time-rotation dynamic authentication.

In some embodiments, the new energy edge side communication protocol conversion method with time-wheel dynamic authentication may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as the storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into RAM 13 and executed by processor 11, one or more steps of the new energy edge side communication protocol conversion method with time-rotated dynamic authentication described above may be performed. Alternatively, in other embodiments, the processor 11 may be configured to perform the new energy edge side communication protocol conversion method with time-round dynamic authentication in any other suitable way (e.g., by means of firmware).

Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.

A computer program for carrying out methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.

In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) through which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.

The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.

The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.

It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.

The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.

Claims

1. The utility model provides a new energy edge side communication protocol conversion module that possesses time round dynamic authentication which characterized in that includes:

2. The utility model provides a new energy edge side communication protocol conversion module that possesses time round dynamic authentication which characterized in that includes:

the data receiving module is used for receiving the data to be authenticated sent by the data sender; the data to be authenticated comprises target data to be sent, a first timestamp and a hash processing result of the target data to be sent and the first timestamp, wherein the data to be authenticated is determined by the data sender according to the time dimension of the target data to be sent and a time wheel of a first communication conversion module;

3. The new energy edge side communication protocol conversion method with the time wheel dynamic authentication is characterized by comprising the following steps of:

when receiving data to be transmitted, which is reported by a data transmitter, determining the time dimension of the data to be transmitted; wherein the time dimension is at least one of a day level, an hour level, a minute level, a second level, and a millisecond level;

4. A method according to claim 3, wherein said determining the time dimension of the data to be transmitted comprises:

acquiring a time stamp corresponding to the data to be sent, and analyzing a time unit corresponding to the time stamp;

and determining the time dimension of the data to be transmitted based on the time unit.

5. The method of claim 4, wherein the distributing the data to be transmitted into the time slots in the multi-level time wheel based on the time dimension and a time range corresponding to each time slot in the multi-level time wheel of the first communication conversion module comprises:

and if the time dimension corresponding to the data to be sent is the level, distributing the data to be sent to a time slot of the level time wheel.

6. The method of claim 5, wherein the allocating the data to be transmitted into the time slot of the day time wheel comprises:

7. A method according to claim 3, wherein when the time slot meets a task execution condition, taking the data to be sent in the time slot as target data to be sent, and generating a first timestamp, includes:

when the pointer of the time wheel where the time slot is positioned rotates to the time slot, determining that the time slot meets the task execution condition;

and taking the data to be sent in the time slot as target data to be sent, and taking the current moment as the first timestamp.

8. A method according to claim 3, further comprising:

the data sender is edge equipment in the power distribution network, wherein the edge equipment comprises: at least one of a photovoltaic inverter, an energy storage station energy management system, a fan controller and a reactive power compensation device.

9. The new energy edge side communication protocol conversion method with the time wheel dynamic authentication is characterized by comprising the following steps of:

10. The method according to claim 9, wherein the determining the authentication result of the data to be authenticated sent by the data sender based on the hash result to be used and the hash result in the data to be authenticated includes:

And if the hash result to be used is consistent with the hash processing result, determining that the authentication result of the data to be authenticated is authentication passing.