A power equipment data security transmission method based on a communication network topology diagram

Abstract

This invention discloses a method for secure data transmission of power equipment based on a communication network topology, comprising the following steps: establishing a communication local area network (LAN) between devices; encrypting data packets of the devices on the LAN; transmitting the encrypted data packets to a data centralization module connected to the external network; integrating the data packets to form communication data packets; transmitting the communication data packets to a data processing module; and parsing and classifying the communication data packets for storage. This invention encrypts data packets transmitted by devices through primary and secondary encryption, improving data security. The encryption process is conducted in an off-network state disconnected from the external network, resulting in higher security and preventing potential data leakage. This allows for efficient transmission of device data to the data processing module, ensuring the stable operation of the power grid system.

Description

Technical Field

[0001] This invention relates to the field of data transmission technology, and in particular to a method for secure data transmission of power equipment based on a communication network topology. Background Technology

[0002] A power system is a system that needs to maintain instantaneous balance. In traditional power systems, the power generation is mainly adjusted according to the load changes by the rotational inertia and frequency regulation capability of generator sets to achieve power balance, which is the so-called "source follows load".

[0003] Compared to traditional power grids, the development of new power systems will create a pattern dominated by large power grids, with multiple grid forms coexisting. In the future, multi-level microgrids will be formed in areas of varying sizes, such as homes, communities, and industrial parks, to address the issue of large-scale, plug-and-play integration of new energy sources and new loads. The traditional unidirectional process of "generation-transmission-transformation-distribution-consumption" in the power system will be transformed into an integrated cyclical process of "source-grid-load-storage," increasing the proportion of new energy generation consumption.

[0004] The power generation, grid, load and energy storage system contains a large number of power devices. In order to ensure the stable operation of the power generation, grid, load and energy storage system, it is necessary to centrally monitor the data of the power devices so that the devices can maintain a stable working state. However, the existing technology mostly adopts a "passive" data acquisition and reception method (that is, the device transmits the data after receiving the instruction). The data transmission efficiency of the devices is low, which leads to difficulties in data transmission and makes it impossible for the power generation, grid, load and energy storage system to operate stably. At the same time, when a large amount of data is transmitted at the same time, it is easy to cause communication congestion.

[0005] For example, Chinese patent CN114025323A discloses a data interaction system and method for power grid equipment based on LoRa communication. It includes LoRa terminals, a base station, and a multi-service platform. The LoRa terminals include terminal A, terminal B, and terminal C, each with different operating modes. All three terminals are connected to the base station, which in turn is connected to the multi-service platform. The established LoRaWAN system enables communication between smart hardware terminals and clients, real-time display of information collected and reported by the smart hardware terminals, and control functions by sending data to the smart hardware terminals. The LoRaWAN system architecture allows for the collection of terminal information across an entire area, saving significant costs. Data encryption and parsing enhance data transmission security. However, this application still does not consider methods for devices to actively transmit data, resulting in low data transmission efficiency. Furthermore, the conventional encryption method used in this application has poor encryption effectiveness, leaving a risk of data theft. The data transmission process has significant flaws. Summary of the Invention

[0006] This invention primarily addresses the problem of poor data transmission security in existing technologies for power equipment; it provides a method for secure data transmission of power equipment based on a communication network topology, which encrypts the transmitted data to improve data transmission security.

[0007] A further objective of this invention is to encrypt data packets transmitted by the device through primary and secondary encryption, thereby improving data security. The encryption process is conducted in an offline state disconnected from the external network, resulting in higher security and preventing the possibility of data leakage.

[0008] The above-mentioned technical problem of the present invention is mainly solved by the following technical solution: a method for secure data transmission of power equipment based on a communication network topology, comprising the following steps:

[0009] Establish a local area network for communication between devices;

[0010] Encrypt the device's data packets once within the local area network of the communication network;

[0011] Transmit an encrypted data packet to the data collection module connected to the external network;

[0012] Data packets are integrated to form communication data packets;

[0013] Pass the communication data packet to the data processing module;

[0014] The data processing module parses the communication data packets and then classifies and stores them.

[0015] As a preferred method, the specific approach to establishing a communication local area network between devices is as follows:

[0016] Establish a scaled equipment map of the source-grid-load-storage system, mark the equipment that uploads data, and at the same time, the equipment with the smallest number initiates the data transmission.

[0017] Input the coordinates of the device with the smallest number into the improved ant colony algorithm;

[0018] An improved ant colony algorithm is used to find other nearby devices with different numbers. When the number of devices reaches N, the search stops and the found devices are put into the same set P.

[0019] Establish a local area network among the devices in set P.

[0020] As a preferred embodiment, the specific method for the improved ant colony algorithm to find other nearby numbered devices is as follows:

[0021] Set the device node set K and initialize the parameters;

[0022] Starting from the coordinates of the device with the smallest number, the ant searches for the next device based on the pheromone concentration. After marking the location of the found device, the pheromone concentration and the device node set K are updated, and the device after the marked location is removed from the device node set K.

[0023] Determine if the number of marked devices is equal to N. If it is equal to N, the process ends; otherwise, continue searching for the next device based on the updated pheromone concentration.

[0024] As a preferred approach, obtain the device numbers in set P, communicate sequentially according to the device numbers from smallest to largest, and connect the device with the largest device number to the data centralization module.

[0025] Preferably, a data encryption unit is provided between the device and the data centralization module. The data encryption unit performs secondary encryption on the data packet according to the location of the device and the size of the data transmitted by the device, and then transmits the secondary encrypted data packet to the data centralization module.

[0026] Preferably, the data encryption unit includes a delay module, an encryption module, and an offline request module. The delay module is connected to the data identification terminal and performs delay processing on the device data transmitted by the data identification terminal. The encryption module performs secondary encryption on the data packet after the first encryption. When the device data is encrypted for the second time, the offline request module sends offline request information to the data centralization module to put the data centralization module into an offline state.

[0027] Preferably, the data concentrator module includes a concentrator, a memory, and a tagging module. The concentrator is connected to the data encryption unit and integrates the encrypted data to form a communication data packet. The memory is used to store the communication data packet, and the tagging module tags the communication data packet.

[0028] As a preferred embodiment, the specific method of the single encryption is as follows: the devices in set P are numbered in ascending order of their numbers as P1, P2...P N P1 encrypts its own device ID as ciphertext in its P1 data packet and sends the encrypted P1 data packet to P2. P2 packages its own data and P1 data into a P2 data packet and encrypts the P2 data packet using its own device ID as ciphertext. N Transfer its own data and P1 to P N-1 Pack the data packets into P N Data packets use their own device identifier as the encryption ciphertext to P. N The data packets are encrypted.

[0029] The beneficial effects of this invention are: by encrypting the data packets transmitted by the device through primary and secondary encryption, the security of the data is improved. The encryption process is carried out in an off-network state disconnected from the external network, which further enhances the security and prevents the possibility of data leakage. This allows the device data to be transmitted to the data processing module efficiently, ensuring the stable operation of the power grid system. Attached Figure Description

[0030] Figure 1 This is a schematic diagram of a data security transmission method according to an embodiment of the present invention. Detailed Implementation

[0031] To make the objectives, technical solutions, and advantages of the present invention clearer, the technical solutions in the embodiments of the present invention will be further described in detail below with reference to the accompanying drawings. It should be understood that the specific embodiments described herein are only for explaining the present invention and are not intended to limit the invention.

[0032] Example:

[0033] A method for secure data transmission of power equipment based on a communication network topology, such as... Figure 1 As shown, it includes the following steps:

[0034] S1: Establish a communication local area network (LAN) between devices; device data upload includes devices actively requesting data uploads and data processing modules sending instructions to cause devices to upload data. The power grid-load-storage system contains many distributed power devices. At the same time, multiple devices may upload data simultaneously. Multiple LANs are established between these devices. The specific method for establishing a communication LAN between devices is as follows: Create a scaled-down device map of the power grid-load-storage system, mark the devices uploading data, and during the device marking process, determine whether the uploaded data is periodic or actively uploaded, based on the data upload mechanism. Active and passive devices establish different local area networks (LANs). At the same time, the device with the smallest device number initiates data transmission. The coordinates of the device with the smallest device number are input into the improved ant colony algorithm. The improved ant colony algorithm is used to find nearby devices with other device numbers. When the number of devices reaches N, the search stops, and the found devices are placed into the same set P. LANs are established between the devices in set P. The communication method of the LAN links is as follows: obtain the device numbers in set P, communicate sequentially according to the device numbers from smallest to largest, the device with the largest device number connects to the data centralization module, P1 communicates with P2, P2 communicates with P3, and so on. N-1 With P N A communication connection is established to form a communication link.

[0035] The improved ant colony algorithm for finding nearby devices with different numbers is as follows: Set a device node set K and initialize parameters including ant population, pheromone factor, pheromone constant, volatile factor, and heuristic factor. Ants start at the coordinates of the device with the smallest number and search for the next device based on pheromone concentration. After marking the location of the found device, update the pheromone level and the device node set K. Remove the marked device from the device node set K, forming a new device node set K1. The ant colony then searches for devices from device node set K1. Check if the number of marked devices equals N. If it does, the search ends; otherwise, continue searching for the next device based on the updated pheromone concentration.

[0036] S2: Encrypt the data packets of the devices on the local area network; the specific method of encryption is as follows: the devices in set P are numbered in ascending order of their numbers: P1, P2...P... N P1 encrypts its own device ID as ciphertext in its P1 data packet and sends the encrypted P1 data packet to P2. P2 packages its own data and P1 data into a P2 data packet and encrypts the P2 data packet using its own device ID as ciphertext. N Transfer its own data and P1 to P N-1 Pack the data packets into P N Data packets use their own device identifier as the encryption ciphertext to P. N The data packets are encrypted.

[0037] S3: Transmit the encrypted data packet to the data centralization module connected to the external network. A data encryption unit is set between the device and the data centralization module. The data encryption unit performs secondary encryption on the data packet according to the device's location and the size of the data transmitted by the device, and then transmits the secondary encrypted data packet to the data centralization module. The data encryption unit includes a delay module, an encryption module, and an offline request module. The delay module is connected to the data identification terminal and performs delay processing on the device data transmitted by the data identification terminal. The encryption module encrypts the device data transmitted by the data identification terminal. The offline request module sends offline request information to the data centralization module when the device data is encrypted, so that the data centralization module is in an offline state.

[0038] A data identification terminal is also set up between the data encryption unit and the device. The data identification terminal receives the data transmission request information transmitted by the device, identifies the location of the device and the data type transmitted by the device according to the request information, transmits feedback information to the data centralization module according to the identification result, transmits the instruction information transmitted by the data centralization module to the device and receives the data transmitted by the device.

[0039] Under normal conditions, the data identification terminal actively collects data information from the equipment based on data transmission instructions periodically issued by the data processing module. This data information includes one or more of the following: equipment type, equipment code, equipment operating status, equipment instruction execution status, temperature and humidity information of the equipment location, and equipment fault self-check information. The data type is identified in the encrypted data packet transmitted over the local area network. Several data identification terminals are deployed across the region of the source-grid-load-storage system. When equipment A uploads data information once within a routine cycle T but generates emergency or fault information before the next cycle, equipment A proactively sends data to the relevant region. The data identification terminal sends a request message. After identifying the message as an emergency or fault message, the data identification terminal sends a response to the data collection module. The data collection module then re-arranges the communication and issues instructions to the data identification terminal to collect data. If device A uploads data once within a routine cycle T and generates a large amount of data before the next cycle arrives, device A will proactively send a request message to the data identification terminal in that area. The data identification terminal identifies the message as redundant and sends a response to the data collection module. The data collection module does not re-arrange the communication; instead, it integrates the data into a communication data packet and intersperses it among the regular communication data packets for transmission.

[0040] The data concentrator module includes a concentrator, a memory, and a tagging module. The concentrator is connected to the data encryption unit and integrates the encrypted data to form communication data packets. The memory is used to store the communication data packets, and the tagging module tags the communication data packets.

[0041] S4: Integrate data packets to form communication data packets, obtain the current time information, convert the time information into binary code, divide the communication data packets into a first data packet with the same number of "1"s according to the "1"s in the binary code, set the second data packet according to the "0"s in the binary code, and send the binary code, the first data packet and the second data packet to the data processing module. The second data packet is undecoded data.

[0042] S5: Pass the communication data packet to the data processing module.

[0043] S6: The data processing module parses the communication data packets and then classifies and stores them.

[0044] This invention encrypts data packets transmitted by the device through primary and secondary encryption, thereby improving data security. The encryption process is conducted in an off-network state disconnected from the external network, which further enhances security and prevents the possibility of data leakage. This allows the device data to be efficiently transmitted to the data processing module, ensuring the stable operation of the power grid system.

[0045] The embodiments described above are merely preferred embodiments of the present invention and are not intended to limit the present invention in any way. Other variations and modifications are possible without departing from the technical solutions described in the claims.

Claims

1. A method for secure data transmission of power equipment based on a communication network topology, characterized in that, Includes the following steps: Establish a communication local area network between devices, create a scaled device map of the source-network-load-storage system, mark devices that upload data, and initiate data transmission when the device with the smallest number starts at the same time. Input the coordinate information of the device with the smallest number into the improved ant colony algorithm. Obtain the device numbers in set P, and communicate in order of increasing device number, with the device with the largest number connecting to the data centralization module. Use the improved ant colony algorithm to find the nearest other devices with different numbers. Determine whether the data uploaded by the device is periodic or actively uploaded, and establish different local area networks based on the active and passive nature of the data upload. Encrypt the device's data packets once within the local area network of the communication network; Transmit an encrypted data packet to the data collection module connected to the external network; A data encryption unit is provided between the device and the data centralization module. The data encryption unit performs secondary encryption on the data packets according to the location of the device and the size of the data transmitted by the device. The data encryption unit includes a delay module, an encryption module, and an offline request module. The delay module is connected to the data identification terminal and performs delay processing on the device data transmitted by the data identification terminal. Data packets are integrated to form communication data packets. Time information is converted into binary code. The communication data packets are divided into first data packets with the same number of "1"s according to the "1"s in the binary code, and second data packets are set according to the "0"s in the binary code. Pass the communication data packet to the data processing module; The data processing module parses the communication data packets and then classifies and stores them.

2. The method for secure data transmission of power equipment based on a communication network topology as described in claim 1, characterized in that, The specific method for establishing a communication local area network between devices is as follows: When the number of devices reaches N, the search stops and the found devices are placed into the same set P. Establish a local area network among the devices in set P.

3. The method for secure data transmission of power equipment based on a communication network topology as described in claim 2, characterized in that, The specific method for the improved ant colony algorithm to find other nearby devices with different serial numbers is as follows: Set the device node set K and initialize the parameters; The ants start from the coordinates of the device with the smallest number and search for the next device based on the concentration of pheromones. After marking the location of the found devices, update the pheromone and the device node set K, and remove the marked devices from the device node set K. Determine if the number of marked devices is equal to N. If it is equal to N, the process ends; otherwise, continue searching for the next device based on the updated pheromone concentration.

4. The power device data secure transmission method based on a communication network topology map according to claim 2 or 3, characterized in that, A local area network is established among the devices in set P. The communication method of the network links is as follows: P1 communicates with P2, P2 communicates with P3, and PN-1 communicates with PN, forming a communication link.

5. The method for secure data transmission of power equipment based on a communication network topology as described in claim 1, characterized in that, The encrypted data packet is then passed to the data collection module.

6. The method for secure data transmission of power equipment based on a communication network topology as described in claim 5, characterized in that, The offline request module sends an offline request message to the data centralization module when the device data is encrypted twice, so that the data centralization module is in an offline state.

7. The method for secure data transmission of power equipment based on a communication network topology as described in claim 1, characterized in that, The data concentrator module includes a concentrator, a memory, and a tagging module. The concentrator is connected to the data encryption unit and integrates the encrypted data to form a communication data packet. The memory is used to store the communication data packet, and the tagging module tags the communication data packet.

8. A method for secure data transmission of power equipment based on a communication network topology as described in claim 2, characterized in that, The specific method of the first encryption is as follows: The devices in set P are numbered in ascending order as P1, P2, ..., P3. N P1 encrypts its own device ID as ciphertext in its P1 data packet and sends the encrypted P1 data packet to P2. P2 packages its own data and P1 data into a P2 data packet and encrypts the P2 data packet using its own device ID as ciphertext. N Transfer its own data and P1 to P N-1 Pack the data packets into P N Data packets use their own device identifier as the encryption ciphertext to P. N The data packets are encrypted.

Images