CN210839623U - Safety access gateway module - Google Patents
Safety access gateway module Download PDFInfo
- Publication number
- CN210839623U CN210839623U CN201922327169.9U CN201922327169U CN210839623U CN 210839623 U CN210839623 U CN 210839623U CN 201922327169 U CN201922327169 U CN 201922327169U CN 210839623 U CN210839623 U CN 210839623U
- Authority
- CN
- China
- Prior art keywords
- module
- control module
- data
- equipment terminal
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The utility model relates to the technical field of safe communication, in particular to a safe access gateway module, which comprises a power module, an input module, a control module, an encryption module, an output module, a storage module and a communication module; the power supply module is used for supplying power; the input module is used for signal transmission between the equipment terminal and the control module; the control module is used for receiving data of the equipment terminal and processing the data; the encryption module is used for encrypting and decrypting data of the equipment terminal; the output module is used for outputting the data of the equipment terminal processed by the control module; the storage module is used for storing the data of the equipment terminal processed by the control module; and the communication module is used for transmitting the data of the equipment terminal processed by the control module to the robot centralized control system. The utility model provides a safety access gateway module carries out encryption and decryption processing through the data of control module control encryption module to equipment terminal input, guarantees the security that equipment terminal inserts higher level system.
Description
Technical Field
The utility model relates to a safety communication technical field, concretely relates to safety access gateway module.
Background
According to the technical requirements of safety protection of the management information system of the national grid company, a special safety access device special for the national grid company is adopted to access the boundary of the special control type, operation type and acquisition type terminals accessing the information intranet. The safety communication access method is applied to the intelligent inspection robot of the transformer substation, safety protection is performed by adopting an authentication technology based on a digital certificate and an encryption technology based on a domestic commercial cryptographic algorithm through analysis and research on safety access equipment and a communication module, access authentication and data transmission encryption are realized, and the safety level of monitoring background and centralized management of the intelligent inspection robot is improved.
The terminal is used as a source and an initiator of remote access, and the security of the terminal is directly related to the security of data transmission and even the security of an internal application system. If the access terminal has weak security protection strategy and security loopholes or even viruses, the internal application system has the risk of being attacked. If the access terminal is not subjected to perfect identity authentication and authority management, the terminal can be caused to have unauthorized access to network resources, abuse and even damage, and the safety and reliability of the terminal side are difficult to guarantee.
The network security is a global concept, the security threat is hidden in each link, and the existing security scheme is very important for enhancing the security communication technology and applying the data transmission security of the intelligent inspection robot of the transformer substation in view of the network threat.
Disclosure of Invention
In order to solve the problem, the utility model provides a safe access gateway module for realize that the transformer substation patrols and examines robot and robot centralized control system's safety communication, concrete technical scheme is as follows:
a safety access gateway module comprises a power supply module, an input module, a control module, an encryption module, an output module, a storage module and a communication module; the power supply module is used for supplying power; the input module is used for signal transmission between the equipment terminal and the control module; the control module is used for receiving data of the equipment terminal and processing the data; the encryption module is used for encrypting and decrypting data of the equipment terminal; the output module is used for outputting the data of the equipment terminal processed by the control module; the storage module is used for storing the data of the equipment terminal processed by the control module; the communication module is used for transmitting the data of the equipment terminal processed by the control module to the robot centralized control system; the power module, the input module, the encryption module, the output module, the storage module and the communication module are respectively connected with the control module.
Preferably, the power supply module comprises a DC-DC voltage conversion unit for converting the power supply voltage into a suitable operating voltage for the other modules.
Preferably, the output module comprises a USB output unit, an RS485 output unit, and an RS232 output unit; the USB output unit, the RS485 output unit and the RS232 output unit are respectively connected with the control module and are respectively used for the control module to carry out USB communication, 485 communication and 232 communication with external equipment.
Preferably, the storage module comprises a FLASH storage unit and a DDR memory unit; the FLASH memory unit and the DDR memory unit are respectively connected with the control module.
Preferably, the encryption module comprises an SJK1271 SD cryptocard.
Preferably, the GPS module is connected with a GPS antenna through a PL2303HX chip, and the control module reads the longitude and latitude acquired by the chip through a serial port to perform GPS positioning.
The utility model has the advantages that: the utility model provides a safety access gateway module carries out encryption and decryption processing through the data of control module control encryption module to equipment terminal input, carries out signal transmission to equipment terminal and control module through input/output communication module, realizes that the safety communication of business inserts, effectively promotes communication channel's security and information transmission's safety protection ability, guarantees the security that equipment terminal inserts higher level system.
In addition, the service data of the transformer substation inspection robot is transmitted through the 5.8G wireless private network, identity authentication and data encryption are realized through the safety access gateway, the safety communication access of the intelligent inspection robot is realized, and the safety protection capability of information transmission is effectively improved. The utility model discloses can be applied to the terminal communication access network safety platform that construction intelligence patrolled and examined robot, rational dispatch safety communication network resource carries out safety certification and encryption and decryption to resources such as access network communication line and equipment terminal, also can realize the safety and stability of various equipment and insert.
Drawings
Fig. 1 is a schematic structural view of the present invention;
fig. 2 is a schematic diagram of a power module of the present invention;
fig. 3-6 are schematic diagrams of the control module of the present invention;
FIG. 7 is a circuit diagram of MX25L6406EM21-12G chip;
FIG. 8 is a circuit diagram of a W9751G6KB 64MB chip;
FIG. 9 is a diagram of a DDR _ VREF pin connection in FIG. 8;
FIG. 10 is a pin connection diagram of DDR _ IO _1V8_ MT7628 in FIG. 8;
FIG. 11 is a connection diagram of the CLK _ P, CLK _ N pin of FIG. 8;
fig. 12 is a schematic diagram of a communication module according to the present invention.
Detailed Description
For a better understanding of the present invention, the following further description is made in conjunction with the accompanying drawings and the specific embodiments:
as shown in fig. 1, a secure access gateway module includes a power module, an input module, a control module, an encryption module, an output module, a storage module, and a communication module; the power supply module is used for supplying power; the input module is used for signal transmission between the equipment terminal and the control module; the control module is used for receiving data of the equipment terminal and processing the data; the encryption module is used for encrypting and decrypting data of the equipment terminal; the output module is used for outputting the data of the equipment terminal processed by the control module; the storage module is used for storing the data of the equipment terminal processed by the control module; the communication module is used for transmitting the data of the equipment terminal processed by the control module to the robot centralized control system; the power module, the input module, the encryption module, the output module, the storage module and the communication module are respectively connected with the control module.
The power supply module comprises a DC-DC voltage conversion unit which is used for converting the power supply voltage into the proper working voltage of other modules. As shown in fig. 2, the power module converts the DC12V power voltage into DC5V voltage output through a DC-DC chip SY8113A, and the power module converts the DC12V power voltage into DC3.3V voltage output through a DC-DC chip SY 8113A.
The input module is specifically a USB input module, and comprises an SGM7227 chip, and specifically, a USB2.0 signal is converted into a serial port signal through the SGM7227 chip and is input to the control module.
As shown in fig. 3 to fig. 6, the control module is respectively connected to the power module, the input module, the encryption module, the output module, the storage module, and the communication module, and is configured to receive data from the device terminal and process the data. The control module comprises an MT7628AN processor, and the MT7628 series integrates 2T2R 802.11.11 n Wi-Fi radio frequency, 580MHz MIPS24KECCPU, 5-port fast Ethernet PHY, a USB2.0 host, PCIe, SD-XC, I2s/PCM and a plurality of slow I/O ports.
The encryption module comprises an SJK1271 SD password card, the SJK1271 SD password card approved by the State password administration provides password operation, the SM2 password algorithm is used for signature/signature verification and asymmetric encryption/decryption operation, the SM3 password algorithm is used for data digest operation and integrity protection, the SM1 symmetric algorithm is used for symmetric encryption/decryption of data transmission, and further, the SSL VPN connection of the state password is realized; meanwhile, the SJK1271 SD password card is used for storing sensitive information such as a private key, a working key and the like, so that the sensitive information cannot be stolen physically, and the safety of the product is improved. The signature public and private keys used in the encryption module are independently generated by the interior of the SJK1271 SD password card, and the used encryption public and private keys are generated by the CA and then imported. All private keys are stored in a special storage area of the SD card and cannot be exported, so that brute force cracking is prevented.
The output module comprises a USB output unit, an RS485 output unit and an RS232 output unit; the USB output unit, the RS485 output unit and the RS232 output unit are respectively connected with the control module and are respectively used for the control module to carry out USB communication, 485 communication and 232 communication with external equipment. The USB output unit comprises a GL850G chip, and serial port signals output by the control module are converted into USB differential signals through the GL850G chip and output. The RS485 output unit comprises an MAX485 chip, and serial port signals of the control module are converted into 485 signal output through the MAX485 chip. The RS232 output unit comprises a MAX3221 chip, and serial port signals of the control module are converted into 232 signals through the MAX3221 chip and output. Wherein, 2 RS485 output units are provided.
The storage module comprises a FLASH storage unit and a DDR memory unit; the FLASH memory unit and the DDR memory unit are respectively connected with the control module. The FLASH storage unit comprises an MX25L6406EM21-12G chip, as shown in FIG. 7, the FLASH storage unit performs external FLASH storage of resources through the MX25L6406EM21-12G chip, and the communication mode of the FLASH storage unit and the control module is SPI communication. The DDR memory unit comprises a W9751G6KB 64MB chip, as shown in FIGS. 8-11, which performs data interaction with the control module through the PCI bus.
The communication module comprises a SIM7100C chip, which is in data interaction with the control module through a serial port.
The safety access gateway module also comprises a GPS module, wherein the GPS module is connected with a GPS antenna through a PL2303HX chip, and a control module reads the longitude and latitude acquired by the chip through a serial port to carry out GPS positioning.
The utility model discloses a theory of operation does: the safety access gateway module comprises a power supply module, an input module, a control module, an encryption module, an output module, a storage module and a communication module; the input module is used for signal transmission between the equipment terminal and the control module, and converts the USB2.0 signal into a serial port signal through the SGM7227 chip and inputs the serial port signal into the control module; the control module is respectively connected with the power supply module, the input module, the encryption module, the output module, the storage module and the communication module and is used for receiving data of the equipment terminal and processing the data. The encryption module is used for encrypting and decrypting data of the equipment terminal, performing signature/signature verification and asymmetric encryption/decryption operation by using an SM2 cryptographic algorithm, performing summary operation and integrity protection on the data by using an SM3 cryptographic algorithm, and performing symmetric encryption/decryption on data transmission by using an SM1 symmetric algorithm; the GPS module is connected with a GPS antenna through a PL2303HX chip, and the control module reads the longitude and latitude acquired by the chip through a serial port to carry out GPS positioning. The output module is used for outputting the data of the equipment terminal processed by the control module; the storage module is used for storing the data of the equipment terminal processed by the control module; the communication module is used for transmitting the data of the equipment terminal processed by the control module to the robot centralized control system; the power module is used for supplying power.
The present invention is not limited to the above-described embodiments, but only to the preferred embodiments of the present invention, and the present invention is not limited thereto, and any modifications, equivalent replacements, and improvements made within the spirit and principle of the present invention should be included within the protection scope of the present invention.
Claims (6)
1. A secure access gateway module, characterized by: the device comprises a power supply module, an input module, a control module, an encryption module, an output module, a storage module and a communication module; the power supply module is used for supplying power; the input module is used for signal transmission between the equipment terminal and the control module; the control module is used for receiving data of the equipment terminal and processing the data; the encryption module is used for encrypting and decrypting data of the equipment terminal; the output module is used for outputting the data of the equipment terminal processed by the control module; the storage module is used for storing the data of the equipment terminal processed by the control module; the communication module is used for transmitting the data of the equipment terminal processed by the control module to the robot centralized control system; the power module, the input module, the encryption module, the output module, the storage module and the communication module are respectively connected with the control module.
2. A security access gateway module according to claim 1, characterized by: the power supply module comprises a DC-DC voltage conversion unit for converting the power supply voltage.
3. A security access gateway module according to claim 1, characterized by: the output module comprises a USB output unit, an RS485 output unit and an RS232 output unit; the USB output unit, the RS485 output unit and the RS232 output unit are respectively connected with the control module and are respectively used for the control module to carry out USB communication, 485 communication and 232 communication with external equipment.
4. A security access gateway module according to claim 1, characterized by: the storage module comprises a FLASH storage unit and a DDR memory unit; the FLASH memory unit and the DDR memory unit are respectively connected with the control module.
5. A security access gateway module according to claim 1, characterized by: the encryption module comprises an SJK1271 SD password card.
6. A security access gateway module according to claim 1, characterized by: the GPS module is connected with a GPS antenna through a PL2303HX chip, and the control module reads the longitude and latitude acquired by the chip through a serial port to perform GPS positioning.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201922327169.9U CN210839623U (en) | 2019-12-23 | 2019-12-23 | Safety access gateway module |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201922327169.9U CN210839623U (en) | 2019-12-23 | 2019-12-23 | Safety access gateway module |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN210839623U true CN210839623U (en) | 2020-06-23 |
Family
ID=71281478
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201922327169.9U Active CN210839623U (en) | 2019-12-23 | 2019-12-23 | Safety access gateway module |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN210839623U (en) |
-
2019
- 2019-12-23 CN CN201922327169.9U patent/CN210839623U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN210719302U (en) | Safety communication system of gas meter | |
| CN103888444A (en) | Distribution safety authentication device and method | |
| MX2007013862A (en) | A system and method for converting serial data into secure data packets configured for wireless transmission in a power system. | |
| CN103916312A (en) | Marine data collecting gateway and data collecting method | |
| CN212486798U (en) | Electric power sensing equipment based on block chain technology | |
| CN115079648A (en) | Intelligent industrial control system | |
| CN111009056A (en) | Electric intelligent lock control method and system based on double-interface RFID technology | |
| CN204758672U (en) | Digital electric energy meter with ESAM encryption function | |
| WO2023108396A1 (en) | Intelligent measurement method for power grid | |
| CN210839623U (en) | Safety access gateway module | |
| CN109067550A (en) | Two-way authentication system and mutual authentication method based on CPK tagged keys | |
| CN111541698B (en) | Data acquisition system and data acquisition method based on power distribution | |
| CN206533391U (en) | Main website type special line encryption authentication device | |
| CN102063942B (en) | Trusted wireless storage equipment for wireless power supply and application method thereof | |
| CN201854292U (en) | Wirelessly-powered trusted wireless storage equipment | |
| CN111065091B (en) | Wireless data acquisition system and data transmission method based on lora | |
| CN211630190U (en) | Terminal equipment safety encryption and decryption system based on safety chip | |
| CN103647654B (en) | A kind of power distribution terminal key management method based on trust computing | |
| CN203337712U (en) | A novel voltage quality monitoring apparatus | |
| CN206533390U (en) | Transformer substation-type special line encrypts authentication device | |
| CN217333326U (en) | USB-to-4-serial-port non-network secure communication isolation module based on state secret chip | |
| CN206533392U (en) | Transformer substation-type special line encrypts authentication device | |
| CN215340907U (en) | Multifunctional notebook docking station | |
| CN203434998U (en) | Wireless secure router and power-distribution-network data transmission system | |
| CN108366372A (en) | The wireless telecommunication system and the means of communication of fault detector and hand-held maintenance tool |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |