A kind of power network object access control apparatus that can realize grid model data security configuration and access
Technical field
The present invention relates to secure access and the control of electric network data, relate in particular to and a kind of power network object access control apparatus that can realize grid model data security configuration and access is provided.
Background technology
The production management of electric power system is usually according to features such as the region of electrical network distribution, the electric pressures of electrical network, electrical network is divided into multiple subnets of hierarchical block, as by the electric characteristic such as electric pressure, electrical network can be divided into state's tunes, network regulation, province's tune, adjust, the multi-stage scheduling center such as county's tune; And in same rank, according to the region of electrical network distribution, the electrical network of same rank can be divided into multiple control centre again; The management system of final formation a set of " United Dispatching, multi-zone supervision ".
In recent years, along with the development of electrical network business and the raising of management expectancy, the requirement of the information sharing and collaboration between each professional application of electric power system, between all departments, between the superior and the subordinate's scheduling institution is more and more higher.Power control center needs under the requirement meeting the isolation of electric power dispatching system network security, the various information resources such as integration management multi-stage scheduling electric network model, data, figure, set up unified operation of power networks data center, realize sharing of power system information resource, and then provide reliable data resource and strong comprehensive analysis and validation means for dispatching of power netwoks production, administrative decision.
Coming along with unified operation of power networks data center, is the demand to message reference management and control.Before construction operation of power networks data center, corresponding with the management system of " United Dispatching, multi-zone supervision ", each control centre all set up and maintain administrative electrical network detailed electric network model structural parameters and and service data, and be responsible for corresponding operation of power networks data carry out general safety management and control.But in operation of power networks data center, each control centre operation of power networks data be incorporated into together, then must be more careful and flexible to the security management and control of operation of power networks data access.
In prior art, directly utilize system based on database security access control to carry out management and control to the access of operation of power networks data be mode common at present.Whether the management and control of accessing specific data is reached to the access rights of appointed object type (or form), object instance (or charting) by arranging user.
And be based on the shortcoming of the safe access control of database: security control granularity is not mated with electric power system reality, electric power system take layering, subregion security management and control, and database security management, as relational database system, towards be form, charting; This just causes corresponding security control to realize complexity, access control efficiency is low.
Another common security solution directly to conduct interviews control of authority for OPCUA server electric network model node.
OPC:OLEforProcessControl, for the OLE of process control.Be an industrial standard, managing this standard international organization is OPC foundation.OPC comprises the regular set of a whole set of interface, attribute and method, for process control and automated manufacturing system.
The new standard agreement for alternative OPC of OPCUA:OPCUnifiedArchitecture, OPC foundation regulation.UA is unified shader.
OPCUA is a kind of regulation by OPC foundation, for independent of the new standard agreement that communicate of manufacturer with platform, particularly in process automation.OPCUA provides consistent, a sufficient address space and service model, can be used to all operation of power networks data in operation of power networks data center, comprise Power System description data, real time data, report to the police with event and their historical information unification in an OPCUA server address space, and with a set of unified service for they outwards provide interface.OPCUA additionally provides a security model, gives which kind of security mechanism available and be configured to meet demand for security to specific installation.Security model comprises standard security and parameter.The fail safe of application-level relies on the communication port of a safety, and this communication port is effective all the time in application program conversation process, and ensures the integrality of all exchanged information.When a session establishment, client and server application program consults structure secured communication channel and exchanges to show that the software authentication book of client and server identity also will exchange the information that can provide function separately.
Shortcoming directly based on the safe access control of OPCUA server electric network model node is: with OPCUA node for security control basis, adjust electric network model OPCUA node with regard to reaching the electric network model of 1,000,000 orders of magnitude for ground, its security control granularity is meticulous, and corresponding system configuration maintenance workload is large.And, owing to can not mate with the existing way to manage of electrical network production management, when electric network model or dispatching of power netwoks authority change, be difficult to automatically carry out security configuration migration.
Summary of the invention
The object of the present invention is to provide a kind of power network object access control apparatus that can realize grid model data security configuration and access, the distinguishing hierarchy of user authentication and licensing scheme and electric network model can be inherited by this device, realize more careful, flexible and efficient security management and control to operation of power networks data access, and this device can realize to the secure access of whole operation of power networks data and the corresponding of existing management system, the access control of suitable dynamics.
Object of the present invention realizes by following technical measures:
Can realize the power network object access control apparatus to grid model data security configuration and access, described device comprises:
The layering division of grid model data and security permission configuration module and access security control module; Described layering division and security permission configuration module realize layering division and the security permission configuration of grid model data, comprise following content:
(11) electric network model subregion initialization:
Power network object access control apparatus obtains grid model data from OPCUA server, by the electric network model object of the area in grid model data, equipment container, equipment, measurement, measuring value type according to interzone, between area and equipment container, between dissimilar equipment container, equipment container and equipment room, between equipment and measurement, to measure and incidence relation between measuring value carries out distinguishing hierarchy;
Described interzone incidence relation, refers to the inclusion relation between the sub-area of area-> that " province-city-county " is such;
Described equipment container is a kind of abstract concept, comprises power plant, transformer station, electric pressure, interval, circuit; Wherein, described power plant, transformer station are referred to as plant stand usually; Described electric pressure implication is be made up of the equipment with identical voltage in a transformer station one equipment container in logic; The part that be describedly spaced apart compact siro spinning technology in a transformer station, there is some common function form one equipment container in logic; The type of the capital equipment that usual interval comprises according to it is classified as different intervals, comprises electric power outgoing line interval, bus interval, main transformer interval;
Incidence relation between described area and equipment container, refers to the inclusion relation between area and plant stand;
Incidence relation between described equipment container, refers to that plant stand comprises electric pressure, electric pressure comprises interval and plant stand directly comprises this several incidence relation of interval;
The incidence relation of described equipment container and equipment room, refers to transformer station, electric pressure, inclusion relation between interval and equipment;
Incidence relation between described equipment and measurement, refers to the inclusion relation between equipment and measurement;
Incidence relation between described measurement and measuring value, refers to the inclusion relation between measurement and measuring value;
(12) asynchronous subscription: power network object access control apparatus is subscribed to OPCUA server and monitored electric network model change events, OPCUA server is when the electric network model that it manages changes, for the electric network model event change event of asynchronous subscription, the asynchronous notifications of the change that supplies a model to power network object access control apparatus; The type of the electric network model change events be concerned about comprises the incidence relation amendment between power network object increase, deletion, power network object;
(13) power network object access control apparatus responds the asynchronous asynchronous notifications subscribing to correspondence, and breath is converted in the additions and deletions according to the electric network model carried in asynchronous notifications, safeguards electric network model distinguishing hierarchy dynamically;
(14) bookkeeping setting: specify specific user to the access rights of different electric network model level branch, the access right existence " reading " supported, " establishment ", " change " and " deletion ", for electrical network level branch, the authority for next level is specified to cover and is specified the unified rights of father's level;
The access security that described access security control module realizes electric network model controls, and described access security controls to comprise following content:
(21) OPCUA client, OPCUA server end through consultation, set up escape way, and have carried out certification to the identity of the other side, if now client session is confirmed to be " user 1 ";
(22) OPCUA client initiates electric network model associative operation;
(23) whether OPCUA server has suitable authority to power network object access control apparatus inquiring user;
(24) first power network object access control apparatus confirms Grid, the then identity of inquiring client terminal belonging to the electric network model object that UA node that client is accessed is corresponding, whether has the corresponding authority to target area, if had, then return " permission ", otherwise, return " refusal "; And as the response of calling step (23), return treatment step result to OPCUA server;
(25) return results according to step (24), if " permission ", then perform step (22) solicit operation, return operation execution result; Otherwise return " without access rights, operation is rejected " directly to OPCUA client;
(26) as the response of calling step (22), step (25) treatment step result is returned to OPCUA client.
The present invention contrasts prior art, has the following advantages:
The present invention proposes by by OPCUA security model, and particularly the hierarchical partition of user authentication wherein and licensing scheme and electric network model is integrated, realizes more careful, the flexible and efficient security management and control to operation of power networks data access.
The present invention is by pressing hierarchical organization by electric network model according to the sub-area of->, area-> plant stand-> electric pressure, other power network object, as equipment, terminal, measurement etc. belong in corresponding level according to its incidence relation, and system access user is combined with this level result the access rights of data, achieve and access security that is corresponding with existing management system for the secure access of whole operation of power networks data, suitable particle size is controlled.
Accompanying drawing explanation
Fig. 1 is the flow chart of grid model data layering division and security permission configuration;
Fig. 2 is the flow chart that electric network model access security control strategy is implemented;
Fig. 3 is electric network model tree distinguishing hierarchy schematic diagram.
Embodiment
The invention provides a kind of power network object access control apparatus that also can realize grid model data security configuration and access that can realize following object,
1. corresponding with the existing management system of electrical network production management, the sub-area of->, electric network model area-> plant stand-> electric pressure stratification method for organizing.
2. utilize OPCUA model modification to change subscription, the Dynamic Maintenance of distribution technology realization to electric network model stratification tissue.
3. combine with electric network model stratification tissue based on OPCUA security model, and operation of power networks data controlled access technology during the operation of realization.
This power network object access control apparatus comprises: the layering division of grid model data and security permission configuration module and access security control module;
As shown in Figure 1, layering division and security permission configuration module realize layering division and the security permission configuration of grid model data, comprise the steps:
(11) electric network model subregion initialization step: power network object access control apparatus obtains grid model data from OPCUA server, by the electric network model object of the area in grid model data, equipment container, equipment, measurement, measuring value type according to interzone, between area and equipment container, between dissimilar equipment container, equipment container and equipment room, between equipment and measurement, to measure and incidence relation between measuring value carries out distinguishing hierarchy;
Described interzone incidence relation, refers to the inclusion relation between the sub-area of area-> that " province-city-county " is such.
Described equipment container is a kind of abstract concept, comprises power plant, transformer station, electric pressure, interval, circuit.Wherein, described power plant, transformer station are referred to as plant stand usually.Described electric pressure implication is be made up of the equipment with identical voltage in a transformer station one equipment container in logic.The part that be describedly spaced apart compact siro spinning technology in a transformer station, there is some common function form one equipment container in logic.The type of the capital equipment that usual interval comprises according to it is classified as different intervals, such as electric power outgoing line interval, bus interval, main transformer interval.
Incidence relation between described area and equipment container, refers to the inclusion relation between area and plant stand.
Incidence relation between described equipment container, refers to that plant stand comprises electric pressure, electric pressure comprises interval and plant stand directly comprises this several incidence relation of interval.
The incidence relation of described equipment container and equipment room, refers to transformer station, electric pressure, inclusion relation between interval and equipment.
Incidence relation between described equipment and measurement, refers to the inclusion relation between equipment and measurement.
Incidence relation between described measurement and measuring value, refers to the inclusion relation between measurement and measuring value.
(12) asynchronous subscription: power network object access control apparatus is subscribed to OPCUA server and monitored electric network model change events.
First, OPCUA server when the electric network model that it manages changes, for the electric network model event change event of asynchronous subscription, to power network object access control apparatus supply a model change asynchronous notifications.Be consistent in order to ensure the power network object model in the power network object managed in power network object access control apparatus and OPCUA server, power network object access control apparatus is subscribed to OPCUA server and is monitored electric network model change events, the electric network model change type be concerned about comprises power network object to be increased, delete, incidence relation amendment between power network object, the scheduling power of a such as transformer station is adjusted by province's tune with transferring to, the incidence relation of corresponding area (province)-> area (districts and cities)-> plant stand will be caused to change.
According to the inclusion relation between-> plant stand-> electric pressure-> interval, the sub-area of->, area, electric network model can be divided into the level of tree shown in Fig. 3 from network structure, thus by the equipment in electric network model, measuring belongs in corresponding tree branch according to incidence relation, in described tree, area is root node, the sub-area of->, each area-> plant stand-> electric pressure forms a concrete branch, like this, equipment, measure and just according to itself and equipment container and incidence relation each other, can be attributed in corresponding tree branch.
Due in an OPCUA server, each electric network model object corresponds to an OPCUA node, and the relation between electric network model object representated by it can set up mutual association and quote between these OPCUA nodes, naturally also just can electric network model object representated by it and being divided in a concrete electric network model level branch.Therefore, after entering the division of step (1), the OPCUA node that all electric network model objects are corresponding, is all divided in a concrete electric network model level branch.
OPCUA server, when the electric network model that it manages changes, can produce the change of corresponding model and describe, and clearly subscribe to the application of these changes before to those, as power network object access control apparatus, sends the model change produced and describes.Model change describes, and in OPCUA standard, is referred to as model change events.
(13) power network object access control apparatus responds the asynchronous asynchronous notifications subscribing to correspondence, and breath is converted in the additions and deletions according to the electric network model carried in asynchronous notifications, safeguards electric network model distinguishing hierarchy dynamically.
Electric network model between described power network object access control apparatus and OPCUA server is synchronous, is completed, comprise asynchronous subscription and asynchronous notifications by one group of asynchronous operation:
A. asynchronous subscription, power network object access control apparatus subscribes to the model change events be concerned about
B. asynchronous notifications, when electric network model changes, OPCUA server produces electric network model change events, and sends to power network object access control apparatus.Not synchronous execution between this operation and the subscription operation of power network object access control apparatus, but asynchronous execution.
(14) bookkeeping setting procedure: specify specific user to the access rights of different electric network model level branch, the access right existence " reading " supported, " establishment ", " change " and " deletion ", for electrical network level branch, authority for next level is specified to cover and is specified the unified rights of father's level, such as specify " user 1 " to have " aa city of xx province " " to read, upgrade " authority, and to " xxx transformer station of aa city of xx province ", there is " reading " authority, then " user 1 " " renewal " authority to " xxx transformer station of aa city of xx province " is deprived of.
As shown in Figure 2, the access security that access security control module realizes electric network model controls, and described access security controls to comprise the steps:
(21) OPCUA client, OPCUA server end through consultation, set up escape way, and have carried out certification to the identity of the other side, if now client session is confirmed to be " user 1 ".
(22) OPCUA client initiates electric network model associative operation.
(23) whether OPCUA server has suitable authority to power network object access control apparatus inquiring user.Such as, if the associative operation of step (22) is Browse (Node1) operation of OPCUA, then check whether reading (user 1, Node1, " reading ") access request meets; If the associative operation of step (22) is DeleteNodes (Node2) operation, then check whether deletion (user 1, Node2, " deletion ") access request meets.
(24) first power network object access control apparatus confirms Grid, the then identity of inquiring client terminal belonging to the electric network model object that UA node that client is accessed is corresponding, whether has the corresponding authority to target area, if had, then return " permission ", otherwise, return " refusal ".Such as, the associative operation of step (22) be DeleteNodes (Node2) operate time, inquire Node2 and belong to " dd city of xx province ", and " user 1 " does not have " erase right ", returns refusal.
And as the response of calling step (23), return treatment step result to OPCUA server.
(25) return results according to step (24), if " permission ", then perform step (22) solicit operation, return operation execution result; Otherwise return " without access rights, operation is rejected " directly to OPCUA client.
(26) as the response of calling step (22), step (25) treatment step result is returned to OPCUA client.
Embodiments of the present invention are not limited thereto; under stating basic fundamental thought prerequisite on the invention; according to the ordinary technical knowledge of this area and customary means to content of the present invention make the amendment of other various ways, replacement or change, all drop within rights protection scope of the present invention.