SUMMERY OF THE UTILITY MODEL
Therefore, in order to solve the above problems, it is necessary to provide a transformer substation safety protection device and system, so as to improve the working efficiency of transformer substation safety protection.
A substation safety protection device comprising:
the communication device is in communication connection with the operation and maintenance terminal and the transformer substation power monitoring system;
the first control device is used for performing login identity authentication on the operation and maintenance terminal;
the second control device is used for carrying out bug scanning and bug repairing on the transformer substation power monitoring system after the login identity authentication of the operation and maintenance terminal is passed;
a storage device for providing the patch package required by bug fixing to the second control device;
the first control device, the second control device and the storage device are all connected with the communication device; the second control device is connected with the storage device.
In one embodiment, the control device further comprises a power supply device, wherein the power supply device is connected with the communication device, the first control device, the second control device and the storage device.
In one embodiment, the display device is further included, and the display device is connected with the first control device and the second control device.
In one embodiment, the communication device comprises a first communication device and a second communication device, the first communication device is connected with the first control device and the operation and maintenance terminal, and the second communication device is connected with the first control device, the second control device, the storage device and the substation power monitoring system.
In one embodiment, the first communication device is a communication portal.
In one embodiment, the second control device comprises a processor and a memory, wherein the processor is connected with the memory; the processor is connected with the communication device and the storage device.
In one embodiment, the memory comprises a hard disk and/or a memory card connected to the processor.
In one embodiment, the memory card is a standard flash memory card.
In one embodiment, the storage device is a hard disk.
The transformer substation safety protection system comprises an operation and maintenance terminal and the transformer substation safety protection equipment, wherein the operation and maintenance terminal is connected with the transformer substation safety protection equipment, and the transformer substation safety protection equipment is connected with a transformer substation power monitoring system.
The transformer substation safety protection equipment comprises a communication device, a first control device, a second control device and a storage device, wherein the communication device is connected with an operation and maintenance terminal and a transformer substation power monitoring system. The first control device is used for logging in the operation and maintenance terminal for identity authentication, after the login identity authentication is passed, the second control device is used for scanning the loopholes, required patch packages are obtained from the storage device according to the scanning result, loophole repairing is carried out, loophole scanning and loophole repairing can be automatically carried out on the transformer substation power monitoring system, and the working efficiency of transformer substation safety protection is improved.
Detailed Description
To facilitate an understanding of the present application, the present application will now be described more fully with reference to the accompanying drawings. Embodiments of the present application are set forth in the accompanying drawings. This application may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein in the description of the present application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application.
It will be understood that, as used herein, the terms "first," "second," and the like may be used herein to describe various elements, but these elements are not limited by these terms. These terms are only used to distinguish one element from another. For example, a first resistance may be referred to as a second resistance, and similarly, a second resistance may be referred to as a first resistance, without departing from the scope of the present application. The first resistance and the second resistance are both resistances, but they are not the same resistance.
It is to be understood that "connection" in the following embodiments is to be understood as "electrical connection", "communication connection", and the like if the connected circuits, modules, units, and the like have communication of electrical signals or data with each other.
As used herein, the singular forms "a", "an" and "the" may include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises/comprising," "includes" or "including," etc., specify the presence of stated features, integers, steps, operations, components, parts, or combinations thereof, but do not preclude the presence or addition of one or more other features, integers, steps, operations, components, parts, or combinations thereof. Also, as used in this specification, the term "and/or" includes any and all combinations of the associated listed items.
In one embodiment, as shown in fig. 1, there is provided a substation safety protection device comprising: the communication device 100 is in communication connection with the operation and maintenance terminal and the transformer substation power monitoring system; the first control device 200 performs login identity authentication on the operation and maintenance terminal; after the login identity authentication of the operation and maintenance terminal is passed, the second control device 300 performs vulnerability scanning and vulnerability repairing on the transformer substation power monitoring system; and a storage device 400 for providing the patch package required for the bug fixing to the second control device 300. The first control device 200, the second control device 300 and the storage device 400 are all connected with the communication device 100; the second control device 300 is connected to the storage device 400.
The communication device 100 may be a wired communication device, and the signal transmission carrier may be an optical fiber, a coaxial cable, or a network cable. The communication device 100 may also be a Wireless communication device, such as a bluetooth, WIFI (Wireless Fidelity), or zigbee communication device. The first control device 200 and the second control device 300 may be controllers or control chips, and the control chips may be MCU (micro controller Unit, single chip microcomputer) chips, FPGA (Field Programmable Gate Array) chips, or other types of chips. In summary, the types of the first control device 200 and the second control device 300 are not exclusive and need not be the same type of control device. The storage device 400 refers to a device that can be used to store information, and the storage device 400 can be various types of memories or memory chips, such as a hard disk, a floppy disk, a magnetic tape, a magnetic core memory, a bubble memory, or a flash disk.
Specifically, identity authentication is also referred to as "authentication" or "authentication" and refers to a process of confirming the identity of an operator in a computer or computer network system. The identity authentication can determine whether the user has access and use authority to certain resources, so that the access policies of the computer and the network system can be reliably and effectively executed, an attacker is prevented from impersonating a legal user to obtain the access authority of the resources, the safety of the system and data is ensured, and the legal benefit of the authorized visitor is ensured. The operation and maintenance terminal is connected to the first control device 200 through the communication device 100, and the first control device 200 performs login identity authentication on the operation and maintenance terminal. The second control device 300 and the first control device 200 are connected to the substation power monitoring system via the communication device 100, respectively. After the login identity authentication is passed, the second control device 300 receives a scanning start instruction, connects the transformer substation power monitoring system through the communication device 100, scans the transformer substation power monitoring system for vulnerabilities, queries whether a corresponding patch package exists in the storage device 400 according to vulnerability scanning results, and sends the corresponding patch package to the transformer substation power monitoring system through the communication device 100 to perform vulnerability repair if the corresponding patch package exists in the storage device 400.
It should be noted that the way of acquiring the scanning start command by the second control device 300 is not exclusive, and after the login authentication of the operation and maintenance terminal is passed, the second control device may acquire the command to the first control device 200 or the operation and maintenance terminal via the communication device 100 to start the vulnerability scanning operation.
In addition, the first control device 200 does not have to perform login authentication in a unique manner, and may perform login authentication in a static password, a dynamic password, biometric identification, or any two authentication manners, or perform two-factor authentication by combining any two authentication manners. The mode of vulnerability scanning and vulnerability repair of the second control device 300 is not unique, and for example, the security of the transformer substation power monitoring system can be detected through modes such as network vulnerability scanning, host vulnerability scanning or database vulnerability scanning, so that security vulnerabilities can be found in time, the network risk level can be objectively evaluated, the network security vulnerabilities can be repaired according to the scanning result, and the transformer substation is safely protected before hacking.
The substation safety protection equipment comprises a communication device 100, a first control device 200, a second control device 300 and a storage device 400, wherein the communication device 100 is connected with an operation and maintenance terminal and a substation power monitoring system. The first control device 200 performs login identity authentication on the operation and maintenance terminal, so that the identity of a worker can be confirmed, and the safety of the system and data is ensured. After the login identity authentication is passed, the second control device 300 scans the vulnerability, acquires the required patch package from the storage device 400 according to the scanning result, repairs the vulnerability, can automatically scan and repair the vulnerability of the transformer substation power monitoring system, and is beneficial to improving the working efficiency of transformer substation safety protection.
In one embodiment, as shown in fig. 2, the substation safety protection device further includes a power supply device 500, and the power supply device 500 is connected to the communication device 100, the first control device 200, the second control device 300, and the storage device 400.
The power supply device 500 may be an energy storage battery, a voltage conversion module that obtains energy from the commercial power, or a device that includes both an energy storage battery and a voltage conversion module. The energy storage battery can be a zinc-manganese battery, a lead storage battery or a lithium battery. The voltage conversion module can be a conversion circuit or a conversion chip, and can obtain energy from a mains supply or an energy storage battery and obtain required direct current after transformation and rectification processing. For example, the power supply device 500 may have a function of outputting +3V, +5V, and +12V dc power through different output terminals, respectively, by designing a specific circuit configuration. Specifically, the power supply device 500 is connected to the communication device 100, the first control device 200, the second control device 300, and the storage device 400, and supplies power required for the operation of these hardware devices.
In the above embodiment, the power supply device 500 is configured to provide working electric energy, and the output of various voltages can be simultaneously realized by adjusting the specific circuit structure of the power supply device 500, so that the power consumption requirements of different devices in the safety protection equipment of the transformer substation are matched, and the compactness of the structure of the safety protection equipment of the transformer substation is favorably improved.
In one embodiment, with continued reference to fig. 2, the substation safety protection device further includes a display device 600, and the display device 600 is connected to the first control device 200 and the second control device 300.
The Display device 600 may be a Display screen or a touch panel and a peripheral circuit thereof, and the Display screen may be a Liquid Crystal Display (LCD) Display screen, a Light-Emitting Diode (LED) Display screen, or an Organic Light-Emitting Diode (OLED) Display screen.
Specifically, the display device 600 is connected to the first control device 200 and the second control device 300, and is configured to display a login identity authentication result, a bug scanning result, and a patch repair result of the operation and maintenance terminal. Further, in one embodiment, the display device 600 is connected to the power supply device 500, and the power supply device 500 supplies power required for operation to the display device 600.
If the required patch is not present in the storage apparatus 400, the required patch information may be displayed on the display apparatus 600, and the staff may push the patch of the risky asset through the communication apparatus 100 as needed.
In the above embodiment, the configuration display device 600 displays the login identity authentication result of the operation and maintenance terminal in real time, the bug scanning result and the patch repair result, so that the worker can conveniently and timely acquire the work progress of the safety protection equipment of the transformer substation, the convenience of work is further improved, and the work efficiency is improved.
In one embodiment, with continued reference to fig. 2, the communication device 100 includes a first communication device 110 and a second communication device 120, the first communication device 110 connects the first control device 200 and the operation and maintenance terminal, and the second communication device 120 connects the first control device 200, the second control device 300, the storage device 400 and the substation power monitoring system.
The types of the first communication device 110 and the second communication device 120 are not exclusive and may be a wired communication device or a wireless communication device, and the first communication device 110 and the second communication device 120 may be the same type of communication device or different types of communication devices. In one embodiment, the first communication device 110 is a communication portal.
Specifically, the first control device 200 is connected to the operation and maintenance terminal via the first communication device 110, performs login authentication on the operation and maintenance terminal, and if the login authentication is passed, the first control device 200 transmits a scan start command to the second control device 300 via the second communication device 120. After receiving the scanning start instruction, the second control device 300 connects to the substation power monitoring system through the second communication device 120, scans the vulnerability of the substation power monitoring system, queries whether a corresponding patch package exists in the storage device 400 according to the vulnerability scanning result, and if so, controls the storage device 400 to send the corresponding patch package to the substation power monitoring system through the second communication device 120 to repair the vulnerability.
Further, the first control device 200 may feed back an identity authentication result and a vulnerability scanning progress to the operation and maintenance terminal through the first communication device 110, and may also obtain pre-stored identity login information from the substation power monitoring system through the second communication device 120. In addition, in one embodiment, the first communication device 110 and the second communication device 120 are both connected to the power supply device 500, and the power supply device 500 supplies power required for operation to the first communication device 110 and the second communication device 120.
In the above embodiment, the first communication device 110 and the second communication device 120 are configured to communicate with the operation and maintenance terminal and the substation power monitoring system, respectively, and corresponding hardware devices may be configured according to different communication characteristics, which is beneficial to improving the reliability of the information transmission process and ensuring the orderly operation of the substation safety protection work.
In one embodiment, as shown in fig. 3, the second control device 300 includes a processor 310 and a memory 320, the processor 310 is connected to the memory 320; the processor 310 connects the communication device 100 and the storage device 400.
The processor 310 may be various controllers or control chips, and the memory 320 may be a hard disk, a floppy disk, a magnetic tape, a magnetic core memory, a bubble memory, or a flash disk. Specifically, the processor 310 is connected to the substation power monitoring system through the communication device 100, performs bug scanning and bug fixing on the substation power monitoring system, and generates a scanning log. Memory 320 provides data storage capability for storing scan logs generated by processor 310 for subsequent vulnerability analysis. Further, the processor 310 is further connected to the power supply device 500 and the display device 600, so as to obtain the required operating voltage from the power supply device 500 and display the bug scanning progress and the bug fixing result through the display device 600.
In one embodiment, with continued reference to FIG. 3, the memory 320 includes a hard disk 321 and/or a memory card 322 coupled to the processor 310. Specifically, when the memory 320 only includes the hard disk 311 or the memory card 322, the hard disk 311 or the memory card 322 is configured to store the system and software required by the processor 310 and the scan log generated by the processor 310. When the memory 320 includes the hard disk 311 and the memory card 322, the memory card 322 is configured to store systems and software required by the processor 310, and provide upgrade services for the systems and software. The hard disk 321 is configured to store a scan log generated by the processor 310. Further, in one embodiment, memory card 322 is a standard flash memory card.
In one embodiment, a transformer substation safety protection system is provided, which comprises an operation and maintenance terminal and the transformer substation safety protection device, wherein the operation and maintenance terminal is connected with the transformer substation safety protection device, and the transformer substation safety protection device is connected with a transformer substation power monitoring system.
The operation and maintenance terminal can be a computer, a mobile phone or a tablet. Specifically, the operation and maintenance terminal is connected with the transformer substation safety protection device and is connected with the transformer substation power monitoring system. The transformer substation safety protection equipment carries out identity authentication on the operation and maintenance terminal, after the identity authentication is passed, the transformer substation safety protection equipment carries out bug scanning and bug repairing on the transformer substation electric power monitoring system, and sends an identity authentication result, a bug scanning result and a bug repairing result to the operation and maintenance terminal.
Further, the manner of vulnerability scanning and vulnerability fixing by the substation security protection device is not unique, for example, the substation security protection device may be configured to: the method comprises the steps of carrying out multi-dimensional data acquisition, analysis and processing from ports of the power monitoring system, assets of the power monitoring system, protocols of the power monitoring system and holes of the power monitoring system based on a preset hole scanning strategy, supporting various types of data of port data, asset data and hole data, carrying out data comprehensive analysis and asset risk rating, and displaying analysis results in a list and graph mode. Wherein, the preset vulnerability scanning strategy comprises: determining whether a host on a target network is online through host scanning; discovering the open port and service of the remote host through port scanning; judging an operating system according to the information and a protocol stack by an Operating System (OS) identification technology; scanning the network, the system and the database to realize the acquisition of vulnerability detection data: carrying out intelligent port identification, multiple service detection, safety optimization scanning and system penetration scanning; carrying out automatic inspection of various databases and database example discovery; password generation of various DBMSs (Database Management systems) is performed, a password blasting library is provided, and quick weak password detection is realized. The asset risk rating is carried out based on the scanning result of the vulnerability scanning strategy, and after comprehensive analysis, the asset risk rating is divided into the following steps: emergency assets, high-risk assets, medium-risk assets, low-risk assets, and safety assets.
According to the transformer substation safety protection system, operation and maintenance personnel can control transformer substation safety protection equipment to automatically carry out leak scanning and leak repairing on the transformer substation electric power monitoring system through the operation and maintenance terminal, and the working efficiency of transformer substation safety protection is improved.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the utility model. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.