CN117714272A - Network system with multipoint fault protection capability - Google Patents
Network system with multipoint fault protection capability Download PDFInfo
- Publication number
- CN117714272A CN117714272A CN202311713678.XA CN202311713678A CN117714272A CN 117714272 A CN117714272 A CN 117714272A CN 202311713678 A CN202311713678 A CN 202311713678A CN 117714272 A CN117714272 A CN 117714272A
- Authority
- CN
- China
- Prior art keywords
- network
- fault
- equipment
- data
- faults
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 claims abstract description 44
- 238000012545 processing Methods 0.000 claims abstract description 8
- 238000013480 data collection Methods 0.000 claims description 7
- 230000005540 biological transmission Effects 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 claims description 3
- 238000009792 diffusion process Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000000034 method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of power communication networks, in particular to a network system with multipoint fault protection capability, which comprises a central processing unit, and a communication equipment information collecting system, a real-time communication data collecting system, a network fault analysis system, a fault positioning system and a fault response system which are all connected with the central processing unit. The invention collects the equipment information of data communication in the power grid area, records the control instruction and the response data returned by the terminal equipment, the data sent by the terminal equipment and the route data forwarded by the data in real time, judges whether the equipment has faults according to the response time or the sending interval time of the data of the terminal equipment or the data exchange equipment, further positions the fault equipment and analyzes the software and hardware faults according to the fault of the terminal equipment or the expression form of the fault of the data exchange equipment, analyzes whether the fault is a network attack behavior for the software faults, and gives early warning and attack response to the network attack.
Description
Technical Field
The invention relates to the technical field of power communication networks, in particular to a network system with multipoint fault protection capability.
Background
The power communication network is a typical power information physical system, a large number of sensing measurement devices and communication devices are integrated on the basis of the traditional power network and communication network, and the power network and the communication network are more closely connected. The production, operation, management and power supply services of the power grid all need to rely on the power communication network, so the power communication network is an important support for the stable operation of the power system, and the fault identification and positioning of the power communication network are very important.
Disclosure of Invention
The present invention is directed to a network system with multipoint fault protection capability, so as to solve the problems set forth in the background art.
In order to achieve the above purpose, the present invention provides the following technical solutions: a network system with multi-point fault protection capability, comprising: the system comprises a central processing unit, and a communication equipment information collection system, a real-time communication data collection system, a network fault analysis system, a fault positioning system and a fault response system which are all connected with the central processing unit;
the communication equipment information collection system is used for collecting equipment information needing to be subjected to data communication in a power grid area in advance and sending the equipment information to the network fault analysis system; the equipment information comprises equipment names, equipment numbers and regional subnet numbers of each equipment;
the real-time communication data collection system is used for collecting data receiving and transmitting conditions of all communication equipment in the power network in real time and sending the data receiving and transmitting conditions of the communication equipment collected in real time to the network fault analysis system;
the network fault analysis system is used for analyzing whether network faults occur in the power network in real time;
the fault positioning system is used for analyzing the position of the network fault and the reason of the fault;
the fault response system is used for responding to network faults.
Further, the fault positioning system is further configured to send network attack early warning information to the fault response system when judging that a network attack occurs; the fault response system is also used for responding to the attack after the electric power network encounters a network attack.
Further, the data transceiving conditions of each communication device collected by the real-time communication data collection system include: the control center sends control instructions to each terminal device or regional subnetwork, response data returned by the terminal device, power data or monitoring data sent by the terminal device, and routing data during data forwarding.
Further, the network fault analysis system is configured to determine whether a network fault occurs in the terminal device according to a time interval when the terminal device responds to a control instruction of the power dispatching center, and is configured to determine whether the network fault occurs in the terminal device or the data switching device according to a data transmission interval of the terminal device or the data switching device.
Further, the fault locating system is used for determining whether the data exchange equipment in the regional subnetwork has network faults according to the duty ratio of the terminal equipment with network faults in the regional subnetwork.
Further, the fault locating system is used for judging whether the upper layer data exchange equipment has network faults or not.
Further, the fault locating system is used for judging whether hardware faults or software faults occur in the data exchange equipment or the upper layer data exchange equipment of the regional subnetwork.
Further, the fault locating system is used for sending early warning information to a manager of the power dispatching center, wherein the early warning information comprises the locating condition of equipment with network faults and the reasons of the faults.
Compared with the prior art, the invention has the beneficial effects that:
the network system with the multipoint fault protection capability collects equipment information needing to be subjected to data communication in a power grid area, records response data returned by a control instruction and terminal equipment, data sent by the terminal equipment and route data forwarded by the data in real time, judges whether the equipment has communication faults according to response time or sending interval time of the data of the terminal equipment or data exchange equipment, further positions fault equipment and analyzes software and hardware faults according to the manifestation form of the faults of the terminal equipment or the faults of the data exchange equipment, analyzes whether the fault equipment is network attack behavior for the software faults, and gives early warning and attack response to the network attack.
Drawings
Fig. 1 is a system block diagram of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 1, a network system with multipoint fault protection capability includes a central processing unit, and a communication device information collecting system, a real-time communication data collecting system, a network fault analyzing system, a fault locating system and a fault responding system which are all connected with the central processing unit; the communication equipment information collection system is used for collecting equipment information needing to be subjected to data communication in the power grid area in advance and sending the equipment information needing to be subjected to data communication to the network fault analysis system; the equipment information comprises equipment names, equipment numbers and regional subnet numbers of each equipment; the real-time communication data collection system is used for collecting data receiving and transmitting conditions of all communication equipment in the power network in real time and sending the data receiving and transmitting conditions of the communication equipment collected in real time to the network fault analysis system. The network fault analysis system is used for analyzing whether a network fault occurs in the power network in real time and sending a judging result of the network fault to the fault positioning system; the fault positioning system is used for analyzing the position of the network fault and the reason of the fault, and sending network attack early warning information to the fault response system when judging that the network attack occurs; the fault response system is used for responding to network faults and is used for responding to attacks after the electric power network encounters network attacks.
In the embodiment of the invention, the real-time communication data collection system is used for collecting data receiving and transmitting of communication equipment in real time, and specifically comprises the following contents: the control center sends control instructions to each terminal device or regional subnetwork, and response data returned by the terminal device, power data or monitoring data sent by the terminal device, and routing data during data forwarding.
In the embodiment of the invention, the terminal equipment which is used for analyzing whether the network fault occurs in the power network and does not return response data is judged to have the network fault through a preset response time threshold t1 and a preset transmission interval time threshold t2 if the power dispatching center is transmitting the control instruction and the response time threshold t1 is passed; further, if the data sent by a certain terminal device or data exchange device is received and the data sent by the terminal device or data exchange device is not received again after the interval t2, it is determined that the terminal device or data exchange device has a network failure.
In the embodiment of the invention, the fault locating system analyzes the occurrence position of the network fault and the fault reason and comprises the following steps:
step S1: if the judging result is that the terminal equipment has network faults, a first fault proportion threshold value x1 is further set, the number of the same regional subnetwork in the terminal equipment with the network faults is judged, the ratio of the number of the terminal equipment with the network faults in the regional subnetwork to the total number of the terminal equipment is further calculated, and if the ratio is larger than the first fault proportion threshold value x1, the network faults of the data exchange equipment in the regional subnetwork are judged; otherwise, executing the step S3;
step S2: setting a second fault proportion threshold value x2, recursively judging whether the same number of upper layer data exchange equipment exists in the routing data of the area subnets where the terminal equipment with network faults exists, if the same number of the upper layer data exchange equipment exists, calculating the ratio of the number of the area subnets with network faults forwarded by the upper layer data exchange equipment to the number of the total forwarded area subnets, and if the ratio is larger than the second fault proportion threshold value, judging that the network faults occur to the upper layer data exchange equipment; otherwise, judging that the terminal equipment has network faults;
step S3: judging whether the ratio in the step S1 or the step S2 is 100%, if yes, judging that hardware faults occur to data exchange equipment or upper layer data exchange equipment of the regional subnetwork, otherwise, judging that software faults occur;
step S4: sending early warning information to a manager of the power dispatching center, wherein the early warning information comprises the reasons of software or hardware for positioning equipment with network faults and faults;
step S5: for software network faults, calculating the diffusion speed of the network faults; the network fault diffusion speed is the unit growth speed of the number of terminal equipment or data exchange equipment with network faults in the power network; setting a terminal equipment fault quantity threshold y1, a data exchange equipment fault quantity threshold y2, a terminal equipment fault quantity increase speed threshold z1 and a data exchange equipment fault quantity increase speed threshold z2 according to the actual size of the power grid in advance; when the fault of the terminal equipment in the power grid is larger than a fault quantity threshold value y1 of the terminal equipment, or the fault quantity increasing speed of the terminal equipment is larger than a fault quantity increasing speed threshold value z1 of the terminal equipment, or the fault quantity of the data exchange equipment is larger than a fault quantity threshold value y2 of the data exchange equipment, or the fault quantity increasing speed of the data exchange equipment is larger than a fault quantity increasing speed threshold value z2 of the data exchange equipment, the power network is judged to be attacked by the network, and the terminal equipment and the data exchange equipment with network communication faults are marked as fault equipment.
In the embodiment of the invention, the fault response system is used for carrying out attack response on network attack and comprises the following components: presetting a packet loss probability f, taking a data exchange device marked as a fault device in a current power grid as a pre-control device, and discarding each data packet according to the packet loss probability f for each upper layer data exchange device which receives data sent by the data exchange device with communication fault;
wherein, the packet loss probability f=1-f 1/f2; f1 is the number of data sender devices forwarded by the data exchange device in the last unit time, and f2 is the total number of data sender devices received by the data exchange device.
It can be appreciated that an important way for an external network attack to attack the power network to break down the power grid is to perform a DDOS attack, i.e. to send a large number of data packets to the power dispatching center, so that the power dispatching center loses the power grid control function; in this process, part of the data exchange devices receive too much data in a short time, so that part of the data packets sent by the terminal devices in the regional subnetwork are lost.
The foregoing has shown and described the basic principles, principal features and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the above-described embodiments, and that the above-described embodiments and descriptions are only preferred embodiments of the present invention, and are not intended to limit the invention, and that various changes and modifications may be made therein without departing from the spirit and scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (8)
1. A network system having multi-point fault protection capability, comprising: the system comprises a central processing unit, and a communication equipment information collection system, a real-time communication data collection system, a network fault analysis system, a fault positioning system and a fault response system which are all connected with the central processing unit;
the communication equipment information collection system is used for collecting equipment information needing to be subjected to data communication in a power grid area in advance and sending the equipment information to the network fault analysis system; the equipment information comprises equipment names, equipment numbers and regional subnet numbers of each equipment;
the real-time communication data collection system is used for collecting data receiving and transmitting conditions of all communication equipment in the power network in real time and sending the data receiving and transmitting conditions of the communication equipment collected in real time to the network fault analysis system;
the network fault analysis system is used for analyzing whether network faults occur in the power network in real time;
the fault positioning system is used for analyzing the position of the network fault and the reason of the fault;
the fault response system is used for responding to network faults.
2. A network system with multipoint failsafe capability as recited in claim 1, wherein: the fault positioning system is also used for sending network attack early warning information to the fault response system when judging that the network attack occurs; the fault response system is also used for responding to the attack after the electric power network encounters a network attack.
3. A network system with multipoint failsafe capability as recited in claim 1, wherein: the data receiving and transmitting conditions of each communication device collected by the real-time communication data collecting system comprise: the control center sends control instructions to each terminal device or regional subnetwork, response data returned by the terminal device, power data or monitoring data sent by the terminal device, and routing data during data forwarding.
4. A network system with multipoint failsafe capability as recited in claim 1, wherein: the network fault analysis system is used for judging whether the terminal equipment has network faults according to the time interval of the terminal equipment responding to the control instruction of the power dispatching center, and judging whether the terminal equipment or the data exchange equipment has network faults according to the interval of the data transmission of the terminal equipment or the data exchange equipment.
5. A network system with multipoint failsafe capability as recited in claim 1, wherein: the fault positioning system is used for determining whether the data exchange equipment in the regional subnetwork has network faults according to the duty ratio of the terminal equipment with network faults in the regional subnetwork.
6. A network system with multipoint failsafe capability as recited in claim 1, wherein: the fault locating system is used for judging whether the upper layer data exchange equipment has network faults or not.
7. A network system with multipoint failsafe capability as recited in claim 1, wherein: the fault positioning system is used for judging whether hardware faults or software faults occur in the data exchange equipment or the upper layer data exchange equipment of the regional subnetwork.
8. A network system with multipoint failsafe capability as recited in claim 1, wherein: the fault positioning system is used for sending early warning information to a manager of the power dispatching center, wherein the early warning information comprises the positioning condition of equipment with network faults and the reasons of the faults.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311713678.XA CN117714272A (en) | 2023-12-13 | 2023-12-13 | Network system with multipoint fault protection capability |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311713678.XA CN117714272A (en) | 2023-12-13 | 2023-12-13 | Network system with multipoint fault protection capability |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117714272A true CN117714272A (en) | 2024-03-15 |
Family
ID=90152750
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311713678.XA Pending CN117714272A (en) | 2023-12-13 | 2023-12-13 | Network system with multipoint fault protection capability |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117714272A (en) |
-
2023
- 2023-12-13 CN CN202311713678.XA patent/CN117714272A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6847613B2 (en) | Method of monitoring quality of communication for each flow | |
EP3817298A1 (en) | Data message detection method, device and system | |
JP5249950B2 (en) | Method and system for utility network outage detection | |
KR102030837B1 (en) | Apparatus and method for intrusion detection | |
CN116074184B (en) | Network fault early warning system of power dispatching center | |
CN111092840B (en) | Processing strategy generation method, system and storage medium | |
CN112367217B (en) | Cooperative type large flow detection method and system oriented to software defined network | |
CN101286996A (en) | Storm attack resisting method and apparatus | |
CN112468592B (en) | Terminal online state detection method and system based on electric power information acquisition | |
US20060168263A1 (en) | Monitoring telecommunication network elements | |
CN102263651A (en) | Method for detecting connection state of local end equipment in SNMP (simple network management protocol) network management system (NMS) | |
US20230096280A1 (en) | Method, Device, and System for Determining Bandwidth for Service Flow Transmission | |
CN110995741B (en) | Polar light attack detection system and method based on power grid switch communication data | |
CN115484047A (en) | Method, device, equipment and storage medium for identifying flooding attack in cloud platform | |
US8826296B2 (en) | Method of supervising a plurality of units in a communications network | |
Mai et al. | IEC 60870-5-104 network characterization of a large-scale operational power grid | |
CN102082677A (en) | Alarm information processing method, device and system | |
CN113452576A (en) | Network environment monitoring method and device, storage medium and electronic device | |
CN117714272A (en) | Network system with multipoint fault protection capability | |
CN110290124B (en) | Switch input port blocking method and device | |
KR20220029142A (en) | Sdn controller server and method for analysing sdn based network traffic usage thereof | |
EP2888860B1 (en) | Communication configuration analysis in process control systems | |
CN114422309A (en) | Method for analyzing service message transmission effect based on abstract feedback comparison mode | |
US20090006435A1 (en) | Object identifier awareness for network device notifications | |
Kato et al. | A proposal of event correlation for distributed network fault management and its evaluation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |