CN103716336A - Communication system based on electric power dependable computing platform communication security and method - Google Patents
Communication system based on electric power dependable computing platform communication security and method Download PDFInfo
- Publication number
- CN103716336A CN103716336A CN201410031098.7A CN201410031098A CN103716336A CN 103716336 A CN103716336 A CN 103716336A CN 201410031098 A CN201410031098 A CN 201410031098A CN 103716336 A CN103716336 A CN 103716336A
- Authority
- CN
- China
- Prior art keywords
- communication
- data
- electric power
- packet
- credible calculating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Small-Scale Networks (AREA)
Abstract
The invention relates to a communication system based on electric power dependable computing platform communication security and method of the system. The communication system comprises a general MCU (Microprogrammed Control Unit) and two network interface chips, wherein the general MCU is connected with the network interface chips, and a serial port using the MCU is used in a serial port model to participate in communication. The method comprises the following steps: (1), grouping a data protocol into at least one data packets; (2), adding an enciphered data attribute field in the tail of the data packet; (3), adding an IP (Internet Protocol) packet header in a data packet header; and (4), adding a data interaction packet of an enciphered data attribute outside an original data packet. The communication system is small in change, high in applicability, low in cost and good in expansibility.
Description
Technical field
The invention belongs to embedded credible platform field, specifically relate to a kind of based on electric power credible calculating platform communication security communication system and method thereof.
Background technology
In traditional electric power transfer, PLC, controller, monitor, the RS-232 serial equipments such as card reader, carry out data communication by RS-232 serial communication and PC, exchanges data and data management.Along with popularizing fast of TCP/IP network, TCP/IP network has been obtained abundant greatly, TCP/IP network has extended to each corner of society.Compare with RS-32 serial communication, it is far away that TCP/IP network has communication distance, as long as connect the Internet, communication distance can infinitely extend.TCP/IP network communication quality is stable, because TCP/IP network is based on complex environment design, has automatic error correction function, so communication quality is highly stable, not disturbed by external environment condition.
Along with the extensive application of network technology, the fail safe of transfer of data more and more comes into one's own.End-to-end security module adopts the mode of passage bulk encryption, has a series of complete data security schemes, can effectively prevent that third party from obtaining communication data or incoming communication link carries out illegal operation.
When existing electric power terminal is upgraded credible and secure characteristic, adopt and in electric power terminal inside, increase board to increase communication interface, and increasing corresponding algorithm software in original software systems.The scheme shortcoming of such internal upgrade is, need to revise original terminal software and hardware, needs the testing time long, exists Bug during upgrading to affect the risk of existing equipment operation.All field apparatus HardwareUpgrings need a large amount of manpower and materials.
Summary of the invention
For the deficiencies in the prior art, the invention provides a kind of based on electric power credible calculating platform communication security communication system and method thereof.The present invention realizes the encapsulation of IP layer trust data, realizes end-to-end trustable network access.Initial data is directly put into encryption IP packet.Make trust data bag support serial ports (RS232, RS485, GRPS and Ethernet), the data of any like this physical interface all can realize trust data communication simultaneously.For original be that the power equipment of serial ports and network has been realized identical enciphered data encapsulation, for public network communications platform, are all the terminals with security feature.Without making special modification for the electric power terminal of different communication mode and interface specially.
The object of the invention is to adopt following technical proposals to realize:
Based on an electric power credible calculating platform communication security communication system, its improvements are, described system comprises a general MCU and two network interface chips; A described general MCU is connected with two network interface chips; In serial ports model, use the serial ports of MCU to participate in communication.
Preferably, in described system, at least one network interface of network interface model participates in connecting.
Preferably, for network port device, use Ethernet interface TCP/UDP and the RTU of MCU to set up communication; Retain the IP packet coming from RTU in communication.
Preferably, for serial equipment, use MCU serial ports RTU to set up communication; Retain in communication and carry out packet from RTU, carry out IP packing.
Preferably, described system can be set up communication by 3G/4G Modem and the upper encryption software platform of Internet.
The present invention is based on a kind of based on electric power credible calculating platform communication security communication means that another object provides, its improvements are, described method comprises
(1) data protocol bag is divided into at least one packet;
(2) packet tail adds enciphered data attribute field;
(3) at data packet head, add IP packet header;
(4), outside original packet, add the data interaction bag of enciphered data attribute.
Preferably, described data protocol bag is directly put into encryption IP packet, makes trust data bag support serial ports RS232, RS485, and GRPS and Ethernet, the data of any physical interface all can realize trust data communication.
Preferably, after encryption software platform is set up communication on Modem and Internet, call cryptographic algorithm, enciphered data.
Preferably, set up communication with the upper encryption software platform of Internet, in transmission data and encryption software platform be encrypted channel management.
Compared with the prior art, beneficial effect of the present invention is:
System is changed little: original equipment that does not possess safe networking can be upgraded and can access credible calculating public network in the situation that not changing original hardware.
Applicability is high: support communication: serial ports, GPRS/CDMA and Ethernet.Same module goes for each seed stations, DTU, FTU.
Cost is low: the cost that the cost of external security module is changed well below HardwareUpgring.
Favorable expandability: for the stricter safety requirements of power distribution network from now on, security module can meet the electrical network safety requirements in future on algorithm.
Accompanying drawing explanation
Fig. 1 is provided by the invention a kind of based on electric power credible calculating platform communication security communication system architecture figure.
Fig. 2 is provided by the invention a kind of based on data encapsulation figure in electric power credible calculating platform communication security communication means.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in further detail.
As shown in Figure 1, the present invention uses a general MCU to be connected with two network interface chips.In serial ports model, use the serial ports of MCU to participate in communication.In network interface model, one or two network interfaces participate in connecting.Then by chip firmware, realize.
In program, programming realizes following program circuit.Flow process realizes in program simultaneously below, regardless of priority.
Can use Ethernet interface TCP/UDP and the RTU of MCU to set up communication.Can retain the IP packet coming from RTU in communication;
Can use MCU to use serial ports RTU to set up communication (mode of operation: AT and transparent transmission).Can retain in communication and carry out packet from RTU, carry out IP packing;
Set up communication with the upper encryption software platform of Internet.Hardware connects use 3G/4G Modem(mode of operation: AT and transparent transmission).
Support encryption chip to set up coded communication.Use the DEA of encryption chip support to complete data encryption;
Set up communication with the upper encryption software platform of Internet;
Support serial ports configuration to use communications protocol and cryptographic protocol relevant parameter;
Data encapsulation as shown in Figure 2, is specially:
For network port device, use Ethernet interface TCP/UDP and the RTU of MCU to set up communication.Retain the IP packet coming from RTU in communication;
For serial equipment, use MCU to use serial ports RTU to set up communication.Retain in communication and carry out packet from RTU, carry out IP packing.
Set up communication with the upper encryption software platform of Internet;
Call cryptographic algorithm, enciphered data.
Set up communication with the upper encryption software platform of Internet;
Be encrypted data communication;
Disconnect enciphered data communication;
In transmission data, and encryption software platform carries out the encrypted tunnel management needing.
Finally should be noted that: above embodiment is only in order to illustrate that technical scheme of the present invention is not intended to limit, although the present invention is had been described in detail with reference to above-described embodiment, those of ordinary skill in the field are to be understood that: still can modify or be equal to replacement the specific embodiment of the present invention, and do not depart from any modification of spirit and scope of the invention or be equal to replacement, it all should be encompassed in the middle of claim scope of the present invention.
Claims (9)
1. based on an electric power credible calculating platform communication security communication system, it is characterized in that, described system comprises a general MCU and two network interface chips; A described general MCU is connected with two network interface chips; In serial ports model, use the serial ports of MCU to participate in communication.
2. as claimed in claim 1 a kind ofly it is characterized in that based on electric power credible calculating platform communication security communication system, in described system, at least one network interface of network interface model participates in connecting.
3. as claimed in claim 1 a kind ofly it is characterized in that based on electric power credible calculating platform communication security communication system, for network port device, use Ethernet interface TCP/UDP and the RTU of MCU to set up communication; Retain the IP packet coming from RTU in communication.
4. as claimed in claim 1 a kind ofly it is characterized in that based on electric power credible calculating platform communication security communication system, for serial equipment, use MCU serial ports RTU to set up communication; Retain in communication and carry out packet from RTU, carry out IP packing.
5. as claimed in claim 1 a kind ofly it is characterized in that based on electric power credible calculating platform communication security communication system, described system can be set up communication by 3G/4G Modem and the upper encryption software platform of Internet.
6. based on an electric power credible calculating platform communication security communication means, it is characterized in that, described method comprises
(1) data protocol bag is divided into at least one packet;
(2) packet tail adds enciphered data attribute field;
(3) at data packet head, add IP packet header;
(4), outside original packet, add the data interaction bag of enciphered data attribute.
7. as claimed in claim 6 a kind of based on electric power credible calculating platform communication security communication means, it is characterized in that, described data protocol bag is directly put into encryption IP packet, make trust data bag support serial ports RS232, RS485, GRPS and Ethernet, the data of any physical interface all can realize trust data communication.
8. as claimed in claim 6 a kind ofly it is characterized in that based on electric power credible calculating platform communication security communication means, call cryptographic algorithm, enciphered data after setting up communication by Modem and the upper encryption software platform of Internet.
9. as claimed in claim 6 a kind ofly it is characterized in that based on electric power credible calculating platform communication security communication means, set up communication with the upper encryption software platform of Internet, in transmission data and encryption software platform be encrypted channel management.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410031098.7A CN103716336A (en) | 2014-01-23 | 2014-01-23 | Communication system based on electric power dependable computing platform communication security and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410031098.7A CN103716336A (en) | 2014-01-23 | 2014-01-23 | Communication system based on electric power dependable computing platform communication security and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103716336A true CN103716336A (en) | 2014-04-09 |
Family
ID=50408916
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410031098.7A Pending CN103716336A (en) | 2014-01-23 | 2014-01-23 | Communication system based on electric power dependable computing platform communication security and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103716336A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468591A (en) * | 2014-12-12 | 2015-03-25 | 国家电网公司 | Power dependable safety communication system based on dependable computing module |
| CN109495908A (en) * | 2018-12-05 | 2019-03-19 | 国网辽宁省电力有限公司大连供电公司 | It is a kind of based on the wireless network optimized approach with super low-power consumption Internet of Things wireless fusion of LTE |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060265585A1 (en) * | 2002-08-21 | 2006-11-23 | Yi-Sern Lai | Apparatus and method for high speed IPSec processing |
| CN101105867A (en) * | 2007-05-25 | 2008-01-16 | 苏州工业园区国藩科技有限公司 | Cabinet security monitoring method and device in modern logistics |
| CN101188599A (en) * | 2007-12-04 | 2008-05-28 | 四方电气(集团)有限公司 | Implementation method for load balance design of electric monitoring front system of power plant |
| CN101369142A (en) * | 2008-10-10 | 2009-02-18 | 上海电力学院 | Remote I/O data acquisition system and method based on embedded type platform |
| CN101408756A (en) * | 2007-10-11 | 2009-04-15 | 上海电气电站设备有限公司 | Remote monitoring and anglicizing system and method of nuclear power steam turbine regulation system |
| CN101651366A (en) * | 2009-08-26 | 2010-02-17 | 威海华通开关设备有限公司 | Network type electric black box |
| CN103312034A (en) * | 2013-05-06 | 2013-09-18 | 威海华通开关设备有限公司 | Embedded network type power distribution data server |
-
2014
- 2014-01-23 CN CN201410031098.7A patent/CN103716336A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060265585A1 (en) * | 2002-08-21 | 2006-11-23 | Yi-Sern Lai | Apparatus and method for high speed IPSec processing |
| CN101105867A (en) * | 2007-05-25 | 2008-01-16 | 苏州工业园区国藩科技有限公司 | Cabinet security monitoring method and device in modern logistics |
| CN101408756A (en) * | 2007-10-11 | 2009-04-15 | 上海电气电站设备有限公司 | Remote monitoring and anglicizing system and method of nuclear power steam turbine regulation system |
| CN101188599A (en) * | 2007-12-04 | 2008-05-28 | 四方电气(集团)有限公司 | Implementation method for load balance design of electric monitoring front system of power plant |
| CN101369142A (en) * | 2008-10-10 | 2009-02-18 | 上海电力学院 | Remote I/O data acquisition system and method based on embedded type platform |
| CN101651366A (en) * | 2009-08-26 | 2010-02-17 | 威海华通开关设备有限公司 | Network type electric black box |
| CN103312034A (en) * | 2013-05-06 | 2013-09-18 | 威海华通开关设备有限公司 | Embedded network type power distribution data server |
Non-Patent Citations (1)
| Title |
|---|
| 迈克尔.克劳斯: "通信安全:远程访问与信息传输", 《网络安全保护》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468591A (en) * | 2014-12-12 | 2015-03-25 | 国家电网公司 | Power dependable safety communication system based on dependable computing module |
| CN109495908A (en) * | 2018-12-05 | 2019-03-19 | 国网辽宁省电力有限公司大连供电公司 | It is a kind of based on the wireless network optimized approach with super low-power consumption Internet of Things wireless fusion of LTE |
| CN109495908B (en) * | 2018-12-05 | 2022-03-11 | 国网辽宁省电力有限公司大连供电公司 | Network optimization method based on LTE wireless and ultra-low power consumption Internet of things wireless fusion |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104901832B (en) | A kind of aeronautical Ad hoc networks half-practicality network simulation system | |
| CN102280929A (en) | System for information safety protection of electric power supervisory control and data acquisition (SCADA) system | |
| CN107888613B (en) | Management system based on cloud platform | |
| CN206441195U (en) | A kind of identity real name Verification System | |
| CN104994061A (en) | Intelligent transformer station process layer switch MMS safety communication device and method | |
| CN103716336A (en) | Communication system based on electric power dependable computing platform communication security and method | |
| CN104599481A (en) | Optical fiber network based high speed meter reading system and method | |
| CN104158629A (en) | Distributed new energy running data encryption, compression and transmission method based on LZW (Lempel-Ziv-Welch) algorithm | |
| CN104065486A (en) | Encryption strategy matching algorithm module verification platform and realizing method thereof | |
| CN205336309U (en) | Novel gateway of internet of things (IoT) | |
| CN205160799U (en) | Credible wireless communication network selective system based on transformer substation is lukily professional | |
| CN106850816A (en) | A kind of remote network control system based on VLAN | |
| CN106487718A (en) | A kind of independently controlled router controls exchange system | |
| CN207976991U (en) | A kind of high speed 4G concentrators communication module and power information acquisition system | |
| CN105704121A (en) | Electric power data safe transmission system and method based on proprietary 4G network | |
| CN107018085A (en) | A kind of saving flow control methods of industrial control unit (ICU) network cloud management system | |
| CN111190357B (en) | Method for realizing real-time simulation platform of electric power information physical system based on original socket | |
| CN203775214U (en) | Infrared gate unidirectional data transmission machine | |
| CN207588905U (en) | A kind of interchanger with virus interception | |
| CN102651881B (en) | Parameter modifying method and system in test of external field of wireless network | |
| CN105955908A (en) | Method for realizing multi-serial port device connection and monitoring | |
| CN207354632U (en) | A kind of multi-standard mobile communications network internet surfing data traffic measuring device | |
| CN106255040B (en) | The method for improving bluetooth BLE transmission speed on IOS terminal device | |
| CN206096827U (en) | Industrial data collection system | |
| CN205864522U (en) | A kind of terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20160503 Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant after: State Grid Corporation of China Applicant after: China Electric Power Research Institute Applicant after: State Grid Smart Grid Institute Applicant after: State Grid Zhejiang Electric Power Company Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: China Electric Power Research Institute Applicant before: State Grid Zhejiang Electric Power Company |
|
| CB02 | Change of applicant information |
Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant after: State Grid Corporation of China Applicant after: China Electric Power Research Institute Applicant after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE Applicant after: State Grid Zhejiang Electric Power Company Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: China Electric Power Research Institute Applicant before: State Grid Smart Grid Institute Applicant before: State Grid Zhejiang Electric Power Company |
|
| COR | Change of bibliographic data | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140409 |