CN117319013A - Redundant safety isolation protection system - Google Patents

Redundant safety isolation protection system Download PDF

Info

Publication number
CN117319013A
CN117319013A CN202311213175.6A CN202311213175A CN117319013A CN 117319013 A CN117319013 A CN 117319013A CN 202311213175 A CN202311213175 A CN 202311213175A CN 117319013 A CN117319013 A CN 117319013A
Authority
CN
China
Prior art keywords
acquisition server
forwarding
folder
main
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311213175.6A
Other languages
Chinese (zh)
Inventor
罗远林
吴月超
袁建平
张奇伟
徐军杨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Huachen Electric Power Control Engineering Co ltd
PowerChina Huadong Engineering Corp Ltd
Original Assignee
Hangzhou Huachen Electric Power Control Engineering Co ltd
PowerChina Huadong Engineering Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Huachen Electric Power Control Engineering Co ltd, PowerChina Huadong Engineering Corp Ltd filed Critical Hangzhou Huachen Electric Power Control Engineering Co ltd
Priority to CN202311213175.6A priority Critical patent/CN117319013A/en
Publication of CN117319013A publication Critical patent/CN117319013A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • H04L41/0663Performing the actions predefined by failover planning, e.g. switching to standby network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/24Multipath
    • H04L45/247Multipath using M:N active or standby paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/28Routing or path finding of packets in data switching networks using route fault recovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a redundant safety isolation protection system which comprises a first acquisition server, an industrial firewall, a first forward safety isolation device or a first reverse safety isolation device which are positioned in a production control area, a second acquisition server, a second forward safety isolation device or a second reverse safety isolation device which are positioned in a production non-control area, and a third acquisition server which is positioned in a management information area. The invention fully excavates the equipment capacity of the existing safety isolation device on the basis of not increasing and changing the common triangular topological structure of the power station, builds a redundant safety isolation protection system based on the common triangular topological structure on the basis of meeting the safety protection regulation of the national power monitoring system, and realizes the data interaction stability of each safety partition under the condition of partial interface faults of the safety isolation equipment or single safety isolation equipment faults by using a plurality of safety isolation devices for mutual standby, thereby effectively improving the stability of data aggregation of the power station and the usability of the data.

Description

Redundant safety isolation protection system
Technical Field
The invention relates to the field of network security, in particular to a redundant safety isolation protection system.
Background
The construction of a novel power system taking wind power and photovoltaic as main bodies has become a development target of the power industry in China, but with the large-scale intermittent wind power and photovoltaic power supply connected to a power grid, the safe and stable operation of the power grid is greatly impacted, and how to ensure the safe and stable operation of the power grid becomes a new challenge facing the power industry in China. The intelligent energy system and the comprehensive energy service are used as a new energy form for covering each link of the energy network charge storage, and the circulation of various energy products in each link of the energy system is regulated by a digital means, so that the intelligent energy system and the comprehensive energy service are effective safety guarantee technology in the construction process of a novel power system. In the process, each energy plant station needs to carry out operation optimization management work based on data driving, so that the work demands for carrying out mass data aggregation and excavation of the power station are faced, the work demands are also necessary ways for exerting the data value of the power station, and the data aggregation and excavation work is generally carried out in a management information area.
Currently, various energy stations have developed for a long time through industry, and a plurality of automated information service systems have been formed. According to the electric power monitoring system safety protection regulation and the GB/T36572-2018 electric power monitoring system network safety protection guidance, a power station network is divided into a production control area and a management information area, wherein the production control area is further divided into a production control area and a production non-control area, a firewall is deployed between the production control area and the production non-control area to realize logic isolation, a unidirectional (forward and reverse) safety isolation device is deployed between the production control area and the management information area to achieve or approach to physical isolation, and the topology structure of the electric power monitoring system safety area connection has three types of chain structures, triangle structures and star structures. The service system is distributed in each safety partition of the power station, and data cross-safety partition integration to the management information area needs to be realized through the safety equipment, wherein the forward safety isolation device supports two data sending modes of TCP direct connection and file forwarding, and the reverse safety isolation device only supports one data sending mode of file forwarding. The TCP direct connection transmission mode completes direct communication between the internal network and the external network through the virtual IP, and the isolation device returns a TCP communication success and failure result in a single bit mode. The forward security isolation device forwards the text file in the appointed folder on the intranet server to the appointed folder on the extranet server, if the forwarding is successful, the file on the intranet server is deleted, and if the forwarding is unsuccessful, the file is not deleted, so that whether the forwarding is successful or not can be judged according to whether the file is deleted or not, and if the forwarding is not successful, the reverse security isolation device is reverse. At present, the power station generally integrates the data of control systems such as a computer monitoring system of a production control area and monitoring systems such as a unit state monitoring system of a production non-control area in a management information area, so that the data integration from the production control area to the management information area and from the production non-control area to the management information area is realized by adopting a triangle topology structure. In this process, the security device, especially the security isolation device, becomes a bottleneck affecting the data integration of numerous service systems, and although the security isolation device provides a plurality of internal network ports and external network ports as standby interfaces, the problem that all interfaces cannot communicate under the condition of equipment failure still cannot be avoided, and when part of interfaces fail, manual field switching is also required, so that how to ensure the stability of data integration becomes a great problem.
Chinese patent CN111724276a discloses a power plant data transmission method and system integrating self-diagnosis and channel optimization, providing an additional set of forward and reverse safety isolation devices as a backup communication link for data integration from production control area to management information area. The method has the defects that a standby communication link is constructed by increasing the construction cost, the requirement of data trans-regional transmission of various monitoring systems in a production non-control area is not considered, and the interface of the configured safety isolation device is not fully utilized.
Disclosure of Invention
Aiming at the defects existing in the prior art, the invention provides a redundant safety isolation protection system by combining the common triangular topological structure of the current power station and the characteristics of a plurality of available interfaces on the safety isolation device, so as to realize the capability of excavating the existing device on the basis of not increasing the safety isolation device and realize the stable integration of data of each safety partition of the power station.
For this purpose, the above object of the present invention is achieved by the following technical solutions:
a redundant safety isolation protection system comprising:
-a first acquisition server located in the production control area, an industrial firewall, a first forward security isolation device;
-a second acquisition server, a second forward safety isolation device located in the production non-control area;
-a third acquisition server located in the management information area;
the first acquisition server, the industrial firewall and the second acquisition server are sequentially connected to form a communication link between the production control area and the production non-control area;
the first acquisition server, the first forward safety isolation device and the third acquisition server are sequentially connected to form a main communication link from the production control area to the management information area;
the second acquisition server, the second forward safety isolation device and the third acquisition server are sequentially connected to form a main communication link from the production non-control area to the management information large area;
the first acquisition server, the industrial firewall, the second forward safety isolation device and the third acquisition server are sequentially connected to form a standby communication link from the production control area to the management information large area.
The invention can also adopt or combine the following technical proposal when adopting the technical proposal:
as a preferred technical scheme of the invention: the second acquisition server, the industrial firewall, the first forward safety isolation device and the third acquisition server are sequentially connected to form a standby communication link from the production non-control area to the management information large area.
As a preferred technical scheme of the invention: the first acquisition server establishes a main communication channel from a first type of service system in a production control area to a third type of service system in a management information large area through a first forward safety isolation device and a third acquisition server in a TCP direct connection mode;
the first acquisition server establishes a standby communication channel from a first type service system in a production control area to a third type service system in a management information area through an industrial firewall, a second forward safety isolation device and a third acquisition server in a TCP direct connection mode;
the first acquisition server monitors the communication state of the main communication channel, and if the first acquisition server finds that normal communication cannot be performed, the first acquisition server changes the communication of the standby communication channel;
and if the first acquisition server finds that the main communication channel is recovered to be normal, the first acquisition server recovers to use the main communication channel for communication.
As a preferred technical scheme of the invention: the second acquisition server establishes a main communication channel from the second type service system in the production non-control area to the third type service system in the management information large area through a second forward security isolation device and a third acquisition server in a TCP direct connection mode;
the second acquisition server establishes a standby communication channel from a second type service system in the production non-control area to a third type service system in the management information large area through an industrial firewall, a first forward safety isolation device and a third acquisition server in a TCP direct connection mode;
the second acquisition server monitors the communication state of the main communication channel, and if the second acquisition server finds that normal communication cannot be performed, the second acquisition server changes the communication of the standby communication channel;
and if the second acquisition server finds that the main communication channel is recovered to be normal, the second acquisition server recovers to use the main communication channel for communication.
As a preferred technical scheme of the invention: the first acquisition server comprises a main forwarding folder and a standby forwarding folder, files in the main forwarding folder are forwarded to the third acquisition server through a first forward security isolation device in a file forwarding mode, and after forwarding is successful, the files in the main forwarding folder are deleted and used as a main communication channel from a first type service system in a production control area to a third type service system in a management information large area;
the first acquisition server forwards the files in the standby forwarding folder to the third acquisition server through the industrial firewall and the second forward security isolation device in a file forwarding mode, and the files in the standby forwarding folder are deleted after the files are successfully forwarded and are used as a standby communication channel from the first type service system in the production control area to the third type service system in the management information large area;
the first acquisition server monitors the file state in the main forwarding folder, and if the file is found not to be forwarded normally, the first acquisition server stores the file into the standby forwarding folder and communicates with the standby communication channel;
and if the first acquisition server finds that the file in the main forwarding folder is recovered to be normally forwarded, the first acquisition server stores the file in the main forwarding folder, and recovers to use the main communication channel for communication.
As a preferred technical scheme of the invention: the second acquisition server comprises a main forwarding folder and a standby forwarding folder, files in the main forwarding folder are forwarded to the third acquisition server through a second forward security isolation device in a file forwarding mode, and after forwarding is successful, the files in the main forwarding folder are deleted and used as a main communication channel from a second type service system in a production non-control area to a third type service system in a management information large area;
the second acquisition server forwards the files in the standby forwarding folder to the third acquisition server through the industrial firewall and the first forward security isolation device in a file forwarding mode, and the files in the standby forwarding folder are deleted after the files are successfully forwarded and are used as a standby communication channel from the second type service system in the production non-control area to the third type service system in the management information area;
the second acquisition server monitors the file state in the main forwarding folder, if the file is found not to be forwarded normally, the second acquisition server stores the file into the standby forwarding folder, and the standby communication channel is used for communication;
and if the second acquisition server finds that the file in the main forwarding folder is recovered to be normally forwarded, the second acquisition server stores the file in the main forwarding folder, and the main communication channel is recovered to be used for communication.
The invention also provides another redundant safety isolation protection system.
For this purpose, the above object of the present invention is achieved by the following technical solutions:
a redundant safety isolation protection system comprising:
-a first acquisition server located in the production control area, an industrial firewall, a first reverse security isolation device;
-a second acquisition server, a second reverse safety isolation device located in the production non-control area;
-a third acquisition server located in the management information area;
the third acquisition server, the first reverse safety isolation device and the first acquisition server are sequentially connected to form a main communication link from the management information large area to the production control area;
the third acquisition server, the second reverse safety isolation device and the second acquisition server are sequentially connected to form a main communication link from the management information large area to the production non-control area;
the third acquisition server, the second reverse safety isolation device, the industrial firewall and the first acquisition server are sequentially connected to form a standby communication link from the management information large area to the production control area.
As a preferred technical scheme of the invention: the third acquisition server, the first reverse safety isolation device, the industrial firewall and the second acquisition server are sequentially connected to form a standby communication link from the management information large area to the production non-control area.
As a preferred technical scheme of the invention: the third acquisition server comprises a first main forwarding folder and a first standby forwarding folder, files in the first main forwarding folder are forwarded to the first acquisition server through a first reverse security isolation device in a file forwarding mode, and after forwarding is successful, the files in the first main forwarding folder are deleted and serve as a main communication channel from a third type service system in the management information area to a first type service system in the production control area;
the third acquisition server forwards the files in the first standby forwarding folder to the first acquisition server through the second reverse safety isolation device and the industrial firewall in a file forwarding mode, and after the files are successfully forwarded, the files in the first standby forwarding folder are deleted and used as a standby communication channel from a third type service system in the management information area to a first type service system in the production control area;
the third acquisition server monitors the file state in the first main forwarding folder, and if the file is found not to be forwarded normally, the third acquisition server stores the file into the first standby forwarding folder and communicates with the standby communication channel;
and if the third acquisition server finds that the file in the first main forwarding folder is recovered to normally forward, the third acquisition server stores the file in the first main forwarding folder, and the communication is recovered to use the main communication channel.
As a preferred technical scheme of the invention: the third acquisition server comprises a second main forwarding folder and a second standby forwarding folder, files in the second main forwarding folder are forwarded to the second acquisition server through a second reverse security isolation device in a file forwarding mode, and after forwarding is successful, the files in the second main forwarding folder are deleted and used as a main communication channel from a third type service system in the management information area to a second type service system in the production non-control area;
the third acquisition server forwards the files in the second standby forwarding folder to the second acquisition server through the first reverse safety isolation device and the industrial firewall in a file forwarding mode, and after the files are successfully forwarded, the files in the second standby forwarding folder are deleted and used as a standby communication channel from a third type service system in the management information large area to a second type service system in the production non-control area;
the third acquisition server monitors the file state in the second main forwarding folder, and if the file is found not to be forwarded normally, the third acquisition server stores the file in the second standby forwarding folder and communicates with the standby communication channel;
and if the third acquisition server finds that the file in the second main forwarding folder is recovered to normally forward, the third acquisition server stores the file in the second main forwarding folder, and the communication is recovered to use the main communication channel.
Compared with the prior art, the redundant safety isolation protection system provided by the invention has the following advantages and beneficial effects:
on the basis of not increasing and changing the common triangular topological structure of the power station, the equipment capacity of the existing safety isolation device is fully excavated, on the basis of meeting the safety protection regulations of the national power monitoring system, a redundant safety isolation protection system is constructed based on the common triangular topological structure, a plurality of safety isolation devices are mutually standby, the data interaction stability of each safety partition under the condition of partial interface faults of the safety isolation equipment or single safety isolation equipment faults can be realized, the stability of power station data aggregation and the availability of data can be effectively improved, and the construction of a service intelligent power station and a novel power system is realized.
Drawings
Fig. 1 is a schematic diagram of a redundant safety isolation protection system structure provided by the present invention.
Fig. 2 is a schematic diagram of another redundant safety isolation protection system structure provided by the present invention.
Detailed Description
The invention is further illustrated by the following figures and examples, which are not intended to be limiting.
As shown in fig. 1, a redundant safety isolation protection system, comprising: the system comprises a first acquisition server, an industrial firewall, a first forward safety isolation device, a second acquisition server, a second forward safety isolation device, a third acquisition server and a third acquisition server, wherein the first acquisition server, the industrial firewall and the first forward safety isolation device are positioned in a production control area, the second acquisition server and the second forward safety isolation device are positioned in a production non-control area, the third acquisition server is positioned in a management information area, the two forward isolation devices are SysKeeper-2000 hundred megan forward isolation, 4 inner network ports and 4 outer network ports are respectively arranged from a first inner network port to a fourth inner network port, and the 4 outer network ports are respectively arranged from a first outer network port to a fourth outer network port, so that communication channels are formed by one-to-one correspondence of the inner network ports and the outer network ports, and logic isolation is formed between the inner network ports, the outer network ports and the inner network ports and the outer network ports with different serial numbers; the first acquisition server, the industrial firewall and the second acquisition server are sequentially connected to form a communication link between the production control area and the production non-control area; the first acquisition server is connected with a first internal network port of the first forward safety isolation device, and a first external network port of the first forward safety isolation device is connected with the third acquisition server to form a main communication link from the production control area to the management information area, as shown in a link formed by a thin solid line in FIG. 1; the second acquisition server is connected with the first internal network port of the second forward safety isolation device, and the first external network port of the second forward safety isolation device is connected with the third acquisition server to form a main communication link from the production non-control area to the management information area, as shown in a thick solid line in fig. 1; the first acquisition server is connected with a second internal network port of the second forward safety isolation device through an industrial firewall, and the second external network port of the second forward safety isolation device is connected with the third acquisition server to form a standby communication link from the production control area to the management information area, as shown by a link formed by a thin dotted line in fig. 1.
The second acquisition server is connected with the second internal network port of the first forward safety isolation device through the industrial firewall, and the second external network port of the first forward safety isolation device is connected with the third acquisition server to form a standby communication link from the production non-control area to the management information area, as shown in a link formed by thick dotted lines in fig. 1.
The first acquisition server establishes a main communication channel from a first type of service system in the production control area to a third type of service system in the management information large area through a first forward safety isolation device and a third acquisition server in a TCP direct connection mode; the first acquisition server establishes a standby communication channel from a first type service system in the production control area to a third type service system in the management information large area through an industrial firewall, a second forward safety isolation device and a third acquisition server in a TCP direct connection mode; the first acquisition server monitors the communication state of the main communication channel, and if the communication is found to be abnormal, the first acquisition server changes the communication of the standby communication channel; and if the first acquisition server finds that the main communication channel is recovered to be normal, the first acquisition server recovers to use the main communication channel for communication.
The second acquisition server establishes a main communication channel from the second type service system in the production non-control area to the third type service system in the management information large area through a second forward safety isolation device and a third acquisition server in a TCP direct connection mode; the second acquisition server establishes a standby communication channel from the second type service system in the production non-control area to the third type service system in the management information large area through the industrial firewall, the first forward safety isolation device and the third acquisition server in a TCP direct connection mode; the second acquisition server monitors the communication state of the main communication channel, and if the communication is found to be abnormal, the second acquisition server changes the communication of the standby communication channel; and if the second acquisition server finds that the main communication channel is recovered to be normal, the second acquisition server recovers to use the main communication channel for communication.
The first acquisition server comprises a main forwarding folder and a standby forwarding folder, the files in the main forwarding folder are forwarded to the third acquisition server through a first forward security isolation device in a file forwarding mode, and after forwarding is successful, the files in the main forwarding folder are deleted and used as a main communication channel from a first type service system in a production control area to a third type service system in a management information large area; the first acquisition server forwards the files in the standby forwarding folder to the third acquisition server through the industrial firewall and the second forward security isolation device in a file forwarding mode, and the files in the standby forwarding folder are deleted after forwarding is successful and are used as a standby communication channel from the first type service system in the production control area to the third type service system in the management information large area; the first acquisition server monitors the file state in the main forwarding folder, if the file is found not to be forwarded normally, the first acquisition server stores the file into the standby forwarding folder and communicates with the standby communication channel; and if the first acquisition server finds that the file in the main forwarding folder is recovered to be forwarded normally, the first acquisition server stores the file in the main forwarding folder, and the communication of the file is recovered to be used by the main communication channel.
The second acquisition server comprises a main forwarding folder and a standby forwarding folder, the files in the main forwarding folder are forwarded to the third acquisition server through a second forward security isolation device in a file forwarding mode, and after forwarding is successful, the files in the main forwarding folder are deleted and used as a main communication channel from the second type service system in the production non-control area to the third type service system in the management information large area; the second acquisition server forwards the files in the standby forwarding folder to the third acquisition server through the industrial firewall and the first forward security isolation device in a file forwarding mode, and the files in the standby forwarding folder are deleted after forwarding is successful and are used as a standby communication channel from the second type service system in the production non-control area to the third type service system in the management information large area; the second acquisition server monitors the file state in the main forwarding folder, if the file is found not to be forwarded normally, the second acquisition server stores the file into the standby forwarding folder, and the standby communication channel is used for communication; and if the second acquisition server finds that the file in the main forwarding folder is recovered to be forwarded normally, the second acquisition server stores the file in the main forwarding folder, and the main communication channel is recovered to be used for communication.
As shown in fig. 2, another redundant safety isolation protection system may include: the first reverse safety isolation device and the second reverse safety isolation device are in SysKeeper-2000 hundred megamediums reverse isolation, 4 inner net openings are respectively arranged from the first inner net opening to the fourth inner net opening, 4 outer net openings are respectively arranged from the first outer net opening to the fourth outer net opening, the inner net openings and the outer net openings are in one-to-one correspondence to form communication channels, and logic isolation is carried out among the inner net openings, the outer net openings and the inner and outer net openings with different serial numbers; the third acquisition server is connected with a first external network port of a first reverse safety isolation device, and the first internal network port of the first reverse safety isolation device is connected with the first acquisition server to form a main communication link from a management information large area to a production control area, as shown in a link formed by a thin solid line in FIG. 2; the third acquisition server is connected with the first external network port of the second reverse safety isolation device, and the first internal network port of the second reverse safety isolation device is connected with the second acquisition server to form a main communication link from the management information large area to the production non-control area, as shown in a link formed by a thick solid line in FIG. 2; the third acquisition server is connected with a second external network port of the second reverse safety isolation device, and the second external network port of the second reverse safety isolation device is connected with the first acquisition server through an industrial firewall to form a standby communication link from the management information large area to the production control area, as shown by a link formed by a thin dotted line in fig. 2.
The third acquisition server is connected with a second external network port of the first reverse safety isolation device, and the second internal network port of the first reverse safety isolation device is connected with the second acquisition server through an industrial firewall to form a standby communication link from the management information large area to the production non-control area, as shown by a link formed by thick dotted lines in fig. 2.
The third acquisition server comprises a first main forwarding folder and a first standby forwarding folder, files in the first main forwarding folder are forwarded to the first acquisition server through a first reverse security isolation device in a file forwarding mode, and after forwarding is successful, the files in the first main forwarding folder are deleted and serve as a main communication channel from a third type service system in the management information large area to a first type service system in the production control area; the third acquisition server forwards the files in the first standby forwarding folder to the first acquisition server through the second reverse safety isolation device and the industrial firewall in a file forwarding mode, and after forwarding is successful, the files in the first standby forwarding folder are deleted and used as a standby communication channel from a third type service system in the management information area to a first type service system in the production control area; the third acquisition server monitors the file state in the first main forwarding folder, if the file is found not to be forwarded normally, the third acquisition server stores the file into the first standby forwarding folder and communicates with the standby communication channel; and if the third acquisition server finds that the file in the first main forwarding folder is recovered to be normally forwarded, the third acquisition server stores the file in the first main forwarding folder, and the communication is recovered to be used by the main communication channel.
The third acquisition server comprises a second main forwarding folder and a second standby forwarding folder, files in the second main forwarding folder are forwarded to the second acquisition server through a second reverse security isolation device in a file forwarding mode, and after forwarding is successful, the files in the second main forwarding folder are deleted and used as a main communication channel from a third type service system in a management information large area to a second type service system in a production non-control area; the third acquisition server forwards the files in the second standby forwarding folder to the second acquisition server through the first reverse safety isolation device and the industrial firewall in a file forwarding mode, and after forwarding is successful, the files in the second standby forwarding folder are deleted and used as a standby communication channel from a third type service system in the management information large area to a second type service system in the production non-control area; the third acquisition server monitors the file state in the second main forwarding folder, if the file is found not to be forwarded normally, the third acquisition server stores the file in the second standby forwarding folder, and the standby communication channel is used for communication; and if the third acquisition server finds that the file in the second main forwarding folder is recovered to be normally forwarded, the third acquisition server stores the file in the second main forwarding folder, and the communication is recovered to be used by the main communication channel.
The foregoing is only a preferred embodiment of the present invention, and is not intended to limit the present invention in any way, and any simple modification, equivalent variation, etc. of the above embodiment according to the technical substance of the present invention fall within the protection scope of the present invention.

Claims (10)

1. A redundant safety isolation protection system, characterized by: the redundant safety isolation protection system comprises:
-a first acquisition server located in the production control area, an industrial firewall, a first forward security isolation device;
-a second acquisition server, a second forward safety isolation device located in the production non-control area;
-a third acquisition server located in the management information area;
the first acquisition server, the industrial firewall and the second acquisition server are sequentially connected to form a communication link between the production control area and the production non-control area;
the first acquisition server, the first forward safety isolation device and the third acquisition server are sequentially connected to form a main communication link from the production control area to the management information area;
the second acquisition server, the second forward safety isolation device and the third acquisition server are sequentially connected to form a main communication link from the production non-control area to the management information large area;
the first acquisition server, the industrial firewall, the second forward safety isolation device and the third acquisition server are sequentially connected to form a standby communication link from the production control area to the management information large area.
2. The redundant safety isolation protection system of claim 1, wherein: the second acquisition server, the industrial firewall, the first forward safety isolation device and the third acquisition server are sequentially connected to form a standby communication link from the production non-control area to the management information large area.
3. The redundant safety isolation protection system of claim 1, wherein:
the first acquisition server establishes a main communication channel from a first type of service system in a production control area to a third type of service system in a management information large area through a first forward safety isolation device and a third acquisition server in a TCP direct connection mode;
the first acquisition server establishes a standby communication channel from a first type service system in a production control area to a third type service system in a management information area through an industrial firewall, a second forward safety isolation device and a third acquisition server in a TCP direct connection mode;
the first acquisition server monitors the communication state of the main communication channel, and if the first acquisition server finds that normal communication cannot be performed, the first acquisition server changes the communication of the standby communication channel;
and if the first acquisition server finds that the main communication channel is recovered to be normal, the first acquisition server recovers to use the main communication channel for communication.
4. The redundant safety isolation protection system of claim 1, wherein:
the second acquisition server establishes a main communication channel from the second type service system in the production non-control area to the third type service system in the management information large area through a second forward security isolation device and a third acquisition server in a TCP direct connection mode;
the second acquisition server establishes a standby communication channel from a second type service system in the production non-control area to a third type service system in the management information large area through an industrial firewall, a first forward safety isolation device and a third acquisition server in a TCP direct connection mode;
the second acquisition server monitors the communication state of the main communication channel, and if the second acquisition server finds that normal communication cannot be performed, the second acquisition server changes the communication of the standby communication channel;
and if the second acquisition server finds that the main communication channel is recovered to be normal, the second acquisition server recovers to use the main communication channel for communication.
5. The redundant safety isolation protection system of claim 1, wherein:
the first acquisition server comprises a main forwarding folder and a standby forwarding folder, files in the main forwarding folder are forwarded to the third acquisition server through a first forward security isolation device in a file forwarding mode, and after forwarding is successful, the files in the main forwarding folder are deleted and used as a main communication channel from a first type service system in a production control area to a third type service system in a management information large area;
the first acquisition server forwards the files in the standby forwarding folder to the third acquisition server through the industrial firewall and the second forward security isolation device in a file forwarding mode, and the files in the standby forwarding folder are deleted after the files are successfully forwarded and are used as a standby communication channel from the first type service system in the production control area to the third type service system in the management information large area;
the first acquisition server monitors the file state in the main forwarding folder, and if the file is found not to be forwarded normally, the first acquisition server stores the file into the standby forwarding folder and communicates with the standby communication channel;
and if the first acquisition server finds that the file in the main forwarding folder is recovered to be normally forwarded, the first acquisition server stores the file in the main forwarding folder, and recovers to use the main communication channel for communication.
6. The redundant safety isolation protection system of claim 1, wherein:
the second acquisition server comprises a main forwarding folder and a standby forwarding folder, files in the main forwarding folder are forwarded to the third acquisition server through a second forward security isolation device in a file forwarding mode, and after forwarding is successful, the files in the main forwarding folder are deleted and used as a main communication channel from a second type service system in a production non-control area to a third type service system in a management information large area;
the second acquisition server forwards the files in the standby forwarding folder to the third acquisition server through the industrial firewall and the first forward security isolation device in a file forwarding mode, and the files in the standby forwarding folder are deleted after the files are successfully forwarded and are used as a standby communication channel from the second type service system in the production non-control area to the third type service system in the management information area;
the second acquisition server monitors the file state in the main forwarding folder, if the file is found not to be forwarded normally, the second acquisition server stores the file into the standby forwarding folder, and the standby communication channel is used for communication;
and if the second acquisition server finds that the file in the main forwarding folder is recovered to be normally forwarded, the second acquisition server stores the file in the main forwarding folder, and the main communication channel is recovered to be used for communication.
7. A redundant safety isolation protection system, characterized by: the redundant safety isolation protection system comprises:
-a first acquisition server located in the production control area, an industrial firewall, a first reverse security isolation device;
-a second acquisition server, a second reverse safety isolation device located in the production non-control area;
-a third acquisition server located in the management information area;
the third acquisition server, the first reverse safety isolation device and the first acquisition server are sequentially connected to form a main communication link from the management information large area to the production control area;
the third acquisition server, the second reverse safety isolation device and the second acquisition server are sequentially connected to form a main communication link from the management information large area to the production non-control area;
the third acquisition server, the second reverse safety isolation device, the industrial firewall and the first acquisition server are sequentially connected to form a standby communication link from the management information large area to the production control area.
8. The redundant safety isolation protection system of claim 7, wherein: the third acquisition server, the first reverse safety isolation device, the industrial firewall and the second acquisition server are sequentially connected to form a standby communication link from the management information large area to the production non-control area.
9. A redundant safety isolation protection system according to claim 7 or 8 wherein:
the third acquisition server comprises a first main forwarding folder and a first standby forwarding folder, files in the first main forwarding folder are forwarded to the first acquisition server through a first reverse security isolation device in a file forwarding mode, and after forwarding is successful, the files in the first main forwarding folder are deleted and serve as a main communication channel from a third type service system in the management information area to a first type service system in the production control area;
the third acquisition server forwards the files in the first standby forwarding folder to the first acquisition server through the second reverse safety isolation device and the industrial firewall in a file forwarding mode, and after the files are successfully forwarded, the files in the first standby forwarding folder are deleted and used as a standby communication channel from a third type service system in the management information area to a first type service system in the production control area;
the third acquisition server monitors the file state in the first main forwarding folder, and if the file is found not to be forwarded normally, the third acquisition server stores the file into the first standby forwarding folder and communicates with the standby communication channel;
and if the third acquisition server finds that the file in the first main forwarding folder is recovered to normally forward, the third acquisition server stores the file in the first main forwarding folder, and the communication is recovered to use the main communication channel.
10. A redundant safety isolation protection system according to claim 7 or 8 wherein:
the third acquisition server comprises a second main forwarding folder and a second standby forwarding folder, files in the second main forwarding folder are forwarded to the second acquisition server through a second reverse security isolation device in a file forwarding mode, and after forwarding is successful, the files in the second main forwarding folder are deleted and used as a main communication channel from a third type service system in the management information area to a second type service system in the production non-control area;
the third acquisition server forwards the files in the second standby forwarding folder to the second acquisition server through the first reverse safety isolation device and the industrial firewall in a file forwarding mode, and after the files are successfully forwarded, the files in the second standby forwarding folder are deleted and used as a standby communication channel from a third type service system in the management information large area to a second type service system in the production non-control area;
the third acquisition server monitors the file state in the second main forwarding folder, and if the file is found not to be forwarded normally, the third acquisition server stores the file in the second standby forwarding folder and communicates with the standby communication channel;
and if the third acquisition server finds that the file in the second main forwarding folder is recovered to normally forward, the third acquisition server stores the file in the second main forwarding folder, and the communication is recovered to use the main communication channel.
CN202311213175.6A 2023-09-19 2023-09-19 Redundant safety isolation protection system Pending CN117319013A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311213175.6A CN117319013A (en) 2023-09-19 2023-09-19 Redundant safety isolation protection system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311213175.6A CN117319013A (en) 2023-09-19 2023-09-19 Redundant safety isolation protection system

Publications (1)

Publication Number Publication Date
CN117319013A true CN117319013A (en) 2023-12-29

Family

ID=89296414

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311213175.6A Pending CN117319013A (en) 2023-09-19 2023-09-19 Redundant safety isolation protection system

Country Status (1)

Country Link
CN (1) CN117319013A (en)

Similar Documents

Publication Publication Date Title
EP3301784B1 (en) Intelligent power server applied to protection and control system for intelligent substation
CN101997340B (en) Intelligent feeder line automation method in autonomous self-healing distribution network
CN103869781B (en) A kind of non-similar triplex redundance machine on-board electrical Electrical Load Management Center
CN108011948A (en) A kind of industrial equipment integrated monitoring system based on edge calculations
CN103812710B (en) Power communication communication terminal special
CN108075825B (en) SDN-based multi-controller failure processing method for space-based information network
CN106559254A (en) SDN multiple-domain networks device and implementation method based on both-end mouth switch
CN105896490B (en) A kind of fault handling method and device of power distribution network
CN105712143B (en) A kind of elevator long-distance monitorng point inspection and maintenance method
CN104242261A (en) Control method for switching on and off of differential protection function of T-joint electric transmission line
CN100385255C (en) Double collecting machine system and it double collecting method for double machine hot back-up
CN105657065B (en) A kind of elevator remote monitoring system
EP2090950A1 (en) Critical device with increased availability
CN102932183A (en) Double-up link failure processing method and device
CN117319013A (en) Redundant safety isolation protection system
CN104916856A (en) Energy storage system capable of increasing operational reliability of flow battery and method thereof
CN102760504A (en) Digital control system for all plant units in nuclear power station and non-nuclear-grade control system and method
CN101330382A (en) Automatic pass-by method based on ciphering tunnel intelligent selection
CN105680426A (en) Neural network based intelligent processing method for power-losing accident of 35kv line fault
CN217360579U (en) Navigation telegraph system configured with redundant network
CN108462537A (en) A kind of implementation method of one master and multiple slaves communication
KR102291814B1 (en) System and method for restoring missing data in distributed solar power system
CN109462492A (en) Network disaster tolerance processing method, device and communication system
CN106100864A (en) A kind of communications management system of seismograph station
CN110708184A (en) Intelligent power grid digital distribution

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination