Dcs controller trust verification alarm system and method
By setting up primary and secondary trusted status indicators and alarm lights in the DCS controller, the problem of not being able to quickly identify untrusted DCS controllers is solved, enabling intuitive alarm display and rapid problem handling, and reducing security risks.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- XIAN THERMAL POWER RES INST CO LTD
- Filing Date
- 2023-08-10
- Publication Date
- 2026-06-23
AI Technical Summary
Existing DCS controller trusted verification alarm methods cannot immediately determine which specific DCS controller's trusted verification object has been verified as untrustworthy, making it difficult for monitoring personnel to quickly find and address the problematic DCS controller.
Employing a primary trusted status indicator and several secondary trusted status indicators, the system combines secondary alarm indicator lights and digital display lights to display the location and number of untrusted DCS controllers in real time. Monitoring personnel can intuitively determine the untrusted status of a specific DCS controller, and the secondary display status is presented through the primary alarm indicator lights.
It enables the rapid and intuitive identification of untrusted DCS controllers in the control room, reducing the safety risks of the controlled power generation system and improving the efficiency of problem handling.
Smart Images

Figure CN116880415B_ABST
Abstract
Description
Technical Field
[0001] This invention belongs to the field of DCS controllers and relates to a trusted verification alarm system and method for DCS controllers. Background Technology
[0002] A DCS (Distributed Control System) controller that integrates trusted computing functionality needs to issue a trusted verification alarm when the trusted verification result of a trusted verification object is untrusted. This alarm is intended to alert the DCS controller that a trusted verification object has been tampered with, requiring timely user intervention for appropriate handling.
[0003] Currently, common methods for reliable authentication alarms include sending emails, text messages, or displaying alarm information on a large monitoring screen. However, these methods are not intuitive enough. Furthermore, since all DCS controllers are typically located in a closed server room, monitoring personnel in the control room cannot directly observe the operational status of all DCS controllers. This makes it impossible to immediately determine which DCS controller and which reliable authentication object has been verified as untrustworthy. It requires searching through the numerous DCS controllers based on alarm information to find the problematic controller and further analyzing the problematic reliable authentication object. Summary of the Invention
[0004] The purpose of this invention is to overcome the shortcomings of existing trusted verification alarm methods, which cannot immediately determine which DCS controller and which trusted verification object has been verified as untrustworthy, and to provide a DCS controller trusted verification alarm system and method.
[0005] To achieve the above objectives, the present invention employs the following technical solution:
[0006] In a first aspect, this invention provides a DCS controller trusted verification alarm system, comprising a primary trusted status indicator and several secondary trusted status indicators installed in a control room; one end of each of the secondary trusted status indicators is connected to several DCS controllers, and the other end of each is connected to the primary trusted status indicator; each secondary trusted status indicator contains a secondary control device and several secondary alarm indicator lights connected to the secondary control device, the secondary alarm indicator lights corresponding one-to-one with several trusted verification objects of the DCS controller; each primary trusted status indicator contains a primary control device and a primary alarm indicator light connected to the primary control device, the primary control device being connected to several secondary control devices; the secondary control device is used to receive and parse the trusted status information of the DCS controller to obtain the target trusted verification object, and when the number of target trusted verification objects is not less than 1, to control the secondary alarm indicator light corresponding to the target trusted verification object to display a first display state and send a primary alarm signal to the primary control device; the primary control device is used to control the primary alarm indicator light to display a second display state after receiving the primary alarm signal; wherein, the target trusted verification object is a trusted verification object whose trusted status is untrusted.
[0007] Optionally, the first display state is to display a first preset color and flash; the second display state is to display a second preset color and flash.
[0008] Optionally, the primary trusted status indicator is further provided with a digital display light connected to the primary control device; the primary control device is also used to obtain the alarm number by acquiring the number of the DCS controller connected to the secondary trusted status indicator corresponding to each primary alarm signal, and to change the digits of the preset all-zero binary number to 1 according to the alarm number to obtain the target binary number, and to convert the target binary number into a preset base and display it visually on the digital display light; wherein, the number of digits of the preset all-zero binary number is the same as the number of DCS controllers.
[0009] Optionally, the preset number base is a decimal number or a hexadecimal number.
[0010] Optionally, the secondary control device is further configured to send a primary alarm recovery signal to the primary control device when the number of target trusted verification objects is 0; the primary control device is configured to obtain the alarm recovery number by acquiring the number of the DCS controller connected to the secondary trusted status indicator corresponding to each primary alarm recovery signal, and change the corresponding bit of the target binary number to 0 according to the alarm recovery number to obtain the updated target binary number, and convert the updated target binary number into a preset base number and display it visually on the digital display lamp.
[0011] Optionally, when the target binary number to be updated is an all-zero binary number, the control level 1 alarm indicator light will be constantly lit in green.
[0012] Optionally, the secondary control device is further configured to control several secondary alarm indicator lights to be constantly green when the number of target trusted verification objects is 0; the primary control device is further configured to control the primary alarm indicator light to be constantly green when no primary alarm indicator light is received from any secondary trusted status indicator device.
[0013] Optionally, the primary trusted status indicator and several secondary trusted status indicator devices are connected via control lines.
[0014] Optionally, the first-level trusted status indicator is equipped with a first wireless communication device connected to the first-level control device, and the second-level trusted status indicator is equipped with a second wireless communication device connected to the second-level control device. The first wireless communication device and several second wireless communication devices are all wirelessly connected.
[0015] In a second aspect, the present invention provides a DCS controller trusted verification alarm method based on the above-described DCS controller trusted verification alarm system, comprising: connecting a plurality of secondary trusted status indicator devices to a plurality of DCS controllers respectively; receiving and parsing trusted status information of the DCS controllers through a secondary control device to obtain a target trusted verification object; and when the number of target trusted verification objects is not less than 1, controlling the secondary alarm indicator corresponding to the target trusted verification object to display a first display state and sending a primary alarm signal to the primary control device; wherein, the target trusted verification object is a trusted verification object whose trusted status is untrusted; receiving the primary alarm signal through the primary control device; and, upon receiving the primary alarm signal, controlling the primary alarm indicator to display a second display state.
[0016] Compared with the prior art, the present invention has the following beneficial effects:
[0017] This invention relates to a DCS controller trusted verification alarm system. Based on a secondary trusted status indicator device, the system receives and parses the trusted status information of the DCS controller to obtain the target trusted verification object. When the number of target trusted verification objects is not less than one, the secondary alarm indicator corresponding to the target trusted verification object is controlled to display in a first display state. Simultaneously, a primary alarm signal is sent to the primary control device. Upon receiving the primary alarm signal, the primary control device controls the primary alarm indicator to display in a second display state. This allows monitoring personnel in the control room to detect any untrustworthy risks associated with a DCS controller. By entering the machine room and viewing the real-time display status of the secondary alarm indicator lights on each DCS controller, they can easily and intuitively determine which trusted verification object of which DCS controller has been verified as untrustworthy, thereby quickly resolving and handling the problem and reducing the security risks of the controlled power generation system. Attached Figure Description
[0018] Figure 1 This is a block diagram of the DCS controller trusted verification alarm system according to an embodiment of the present invention. Detailed Implementation
[0019] To enable those skilled in the art to better understand the present invention, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings of the embodiments of the present invention. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort should fall within the scope of protection of the present invention.
[0020] It should be noted that the terms "first," "second," etc., in the specification, claims, and accompanying drawings of this invention are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It should be understood that such data can be interchanged where appropriate so that the embodiments of the invention described herein can be implemented in orders other than those illustrated or described herein. Furthermore, the terms "comprising" and "having," and any variations thereof, are intended to cover a non-exclusive inclusion; for example, a process, method, system, product, or apparatus that comprises a series of steps or units is not necessarily limited to those steps or units explicitly listed, but may include other steps or units not explicitly listed or inherent to such processes, methods, products, or apparatus.
[0021] The present invention will now be described in further detail with reference to the accompanying drawings:
[0022] See Figure 1In one embodiment of the present invention, a DCS controller trusted verification alarm system is provided, including a primary trusted status indicator and several secondary trusted status indicator devices installed in the control room; one end of each of the secondary trusted status indicator devices is connected to several DCS controllers, and the other end of each is connected to the primary trusted status indicator device; each secondary trusted status indicator device is provided with a secondary control device and several secondary alarm indicator lights connected to the secondary control device, and the several secondary alarm indicator lights correspond one-to-one with several trusted verification objects of the DCS controller; each primary trusted status indicator device is provided with a primary control device and a primary alarm indicator light connected to the primary control device, and the primary control device is connected to several secondary control devices.
[0023] The secondary control device is used to receive and parse the trusted status information of the DCS controller to obtain the target trusted verification object. When the number of target trusted verification objects is not less than 1, it controls the secondary alarm indicator corresponding to the target trusted verification object to display the first display state and sends the primary alarm signal to the primary control device. The primary control device is used to control the primary alarm indicator to display the second display state after receiving the primary alarm signal. The target trusted verification object is a trusted verification object whose trusted status is untrusted.
[0024] Specifically, the DCS controller trusted verification alarm system of this invention receives and parses the trusted status information of the DCS controller based on a set secondary trusted status indicator device to obtain the target trusted verification object. When the number of target trusted verification objects is not less than 1, the secondary alarm indicator corresponding to the target trusted verification object is controlled to display a first display state. At the same time, a primary alarm signal is sent to the primary control device. After receiving the primary alarm signal, the primary control device controls the primary alarm indicator to display a second display state. In this way, the monitoring personnel in the control room can know that there is a risk of untrustworthiness of the DCS controller. By entering the machine room to check the real-time display status of each secondary alarm indicator of each DCS controller, they can easily and intuitively determine which trusted verification object of which DCS controller has been verified as untrustworthy, thereby quickly resolving and handling the problem and reducing the security risks of the controlled power generation system.
[0025] In one possible implementation, the first display state is to display a first preset color and blink; the second display state is to display a second preset color and blink. The first and second preset colors can be the same color or different colors, specifically red or yellow, etc.
[0026] In one possible implementation, the primary trusted status indicator is further provided with a digital display light connected to the primary control device; the primary control device is further configured to obtain the alarm number by acquiring the number of the DCS controller connected to the secondary trusted status indicator corresponding to each primary alarm signal, and to change the digits of a preset all-zero binary number to 1 according to the alarm number to obtain the target binary number, and to convert the target binary number into a preset base and display it visually on the digital display light; wherein, the number of digits of the preset all-zero binary number is the same as the number of DCS controllers.
[0027] The preset number base is either a decimal number or a hexadecimal number.
[0028] Specifically, in this embodiment, the digital indicator consists of 8 digits. Based on the alarm number, the corresponding bit of the digital indicator is set to 1, and then displayed as a hexadecimal number. For example, when the 1st and 3rd controllers are untrusted, the corresponding binary bit is 1010, which is displayed as the hexadecimal number A. Therefore, the number displayed on the digital indicator is 0000000A. If displayed as the decimal number 10, the number displayed on the digital indicator is 00000010. Monitoring personnel can then calculate which DCS controllers have experienced untrusted events based on the displayed numbers.
[0029] Optionally, the secondary control device is also used to control several secondary alarm indicator lights to be constantly green when the number of target trusted verification objects is 0. The primary control device is also used to control the primary alarm indicator lights to be constantly green when no primary alarm indicator light is received from any secondary trusted status indicator device.
[0030] Specifically, in the normal state, the number of trusted verification objects is 0, indicating that no untrusted event has occurred in the current DCS controller. At this time, the secondary alarm indicator light will be solid green, and the digital display light will show all 0s. When any DCS controller becomes untrusted, the corresponding secondary alarm indicator light will turn red and flash, so that monitoring personnel can be notified in time. The numbers on the digital display light will also change, and the specific numbers can be used to calculate which DCS controllers have experienced untrusted events.
[0031] In one possible implementation, the secondary control device is further configured to send a primary alarm recovery signal to the primary control device when the number of target trusted verification objects is 0; the primary control device is configured to obtain the alarm recovery number by acquiring the number of the DCS controller connected to the secondary trusted status indicator corresponding to each primary alarm recovery signal, and change the corresponding bit of the target binary number to 0 according to the alarm recovery number to obtain the updated target binary number, and convert the updated target binary number into a preset base number and display it visually on the digital display lamp.
[0032] Optionally, when the target binary number to be updated is an all-zero binary number, the control level 1 alarm indicator light will be constantly lit in green.
[0033] Specifically, when an untrusted DCS controller completes its processing and returns to a trusted state, the alarm indicator on the secondary trusted state indicator connected to the DCS controller turns green again, and transmits the primary alarm recovery signal to the primary trusted state indicator in the control room. If all DCS controllers are trusted at this time, the primary alarm indicator on the primary trusted state indicator turns solid green, and the digital display shows all zeros. If other DCS controllers are still untrusted at this time, the primary alarm indicator remains flashing red, and the corresponding DCS controller's flag on the digital display is reset to 0 because the DCS controller has become trusted. The corresponding hexadecimal or decimal number is recalculated and displayed. For example, if the first and third DCS controllers were originally untrusted, the display would show 0000000A; when the first DCS controller completes its processing and becomes trusted, the display would show 00000008.
[0034] In another embodiment of the present invention, a DCS controller trusted verification alarm method based on the above-described DCS controller trusted verification alarm system is provided, comprising the following steps:
[0035] Step 1: Connect several secondary trusted status indicator devices to several DCS controllers respectively.
[0036] Step 2: Receive and parse the trusted status information from the DCS controller through the secondary control device to obtain the target trusted verification object. When the number of target trusted verification objects is not less than 1, control the secondary alarm indicator corresponding to the target trusted verification object to display the first display state and send a primary alarm signal to the primary control device. The target trusted verification object is a trusted verification object whose trusted status is untrusted.
[0037] Step 3: Receive the first-level alarm signal through the first-level control device, and after receiving the first-level alarm signal, control the first-level alarm indicator to display the second display state.
[0038] Optionally, the method further includes the following steps: obtaining the alarm number by acquiring the number of the DCS controller connected to the secondary trusted status indicator device corresponding to each primary alarm signal received through the primary control device, changing the digits of the preset all-zero binary number to 1 according to the alarm number to obtain the target binary number, and converting the target binary number into a preset base and visually displaying it on a digital display lamp; wherein, the number of digits of the preset all-zero binary number is the same as the number of DCS controllers.
[0039] This invention discloses a DCS controller trusted verification alarm method. Based on several secondary trusted status indicators, when an untrusted event occurs, a secondary alarm indicator light illuminates to issue an alarm. Monitoring personnel can quickly identify which DCS controller and which trusted verification object experienced the untrusted event through these secondary alarm indicators. Furthermore, a primary trusted status indicator is installed in the main control room, transmitting the trusted status of all DCS controllers in the room to the primary trusted status indicator. This primary trusted status indicator features a digital display, with each DCS controller's status corresponding to a bit. When an untrusted event occurs in a DCS controller, the corresponding bit is set to 1, and then converted into a decimal or hexadecimal number and displayed on the digital display of the primary trusted status indicator. Monitoring personnel can quickly determine which DCS controller experienced the untrusted event and, by checking the corresponding DCS controller's secondary alarm indicator in the room, can quickly resolve and handle the problem.
[0040] The above content is only for illustrating the technical concept of the present invention and should not be construed as limiting the scope of protection of the present invention. Any modifications made to the technical solution based on the technical concept proposed in this invention shall fall within the scope of protection of the claims of this invention.
Claims
1. A DCS controller trusted verification alarm system, characterized in that, It includes a primary trusted status indicator and several secondary trusted status indicators installed in the control room; one end of each of the secondary trusted status indicators is connected to several DCS controllers, and the other end of each is connected to the primary trusted status indicator. The secondary trusted status indicator is equipped with a secondary control device and several secondary alarm indicator lights connected to the secondary control device. The several secondary alarm indicator lights correspond one-to-one with several trusted verification objects of the DCS controller. The primary trusted status indicator is equipped with a primary control device and a primary alarm indicator light connected to the primary control device. The primary control device is connected to several secondary control devices. The secondary control device is used to receive and parse the trusted status information of the DCS controller to obtain the target trusted verification object. When the number of target trusted verification objects is not less than 1, it controls the secondary alarm indicator corresponding to the target trusted verification object to display the first display state and sends the primary alarm signal to the primary control device. The primary control device is used to control the primary alarm indicator to display the second display state after receiving the primary alarm signal. The target trusted verification object is a trusted verification object whose trusted status is untrusted. The primary trusted status indicator is also equipped with a digital display light connected to the primary control device; The primary control device is also used to obtain the alarm number by acquiring the number of the DCS controller connected to the secondary reliable status indicator corresponding to each primary alarm signal, and to change the number of digits corresponding to the preset all-zero binary number to 1 according to the alarm number to obtain the target binary number, and to convert the target binary number into a preset base and display it visually on the digital display lamp; wherein, the number of digits of the preset all-zero binary number is the same as the number of DCS controllers. The secondary control device is also used to send a primary alarm recovery signal to the primary control device when the number of target trusted verification objects is 0; the primary control device is used to obtain the alarm recovery number by acquiring the number of the DCS controller connected to the secondary trusted status indicator corresponding to each primary alarm recovery signal, and change the corresponding number of bits of the target binary number to 0 according to the alarm recovery number to obtain the updated target binary number, and convert the updated target binary number into a preset base number and display it visually on the digital display light; The secondary control device is also used to control several secondary alarm indicator lights to be constantly green when the number of target trusted verification objects is 0; the primary control device is also used to control the primary alarm indicator lights to be constantly green when no primary alarm signal is received from any secondary trusted status indicator device.
2. The DCS controller trusted verification alarm system according to claim 1, characterized in that, The first display state is to display a first preset color and flash; the second display state is to display a second preset color and flash.
3. The DCS controller trusted verification alarm system according to claim 1, characterized in that, The preset number system is a decimal number or a hexadecimal number.
4. The DCS controller trusted verification alarm system according to claim 1, characterized in that, When the target binary number to be updated is a binary number consisting entirely of zeros, the control level 1 alarm indicator light will be constantly lit in green.
5. The DCS controller trusted verification alarm system according to claim 1, characterized in that, The primary trusted status indicator and several secondary trusted status indicator devices are connected by control lines.
6. The DCS controller trusted verification alarm system according to claim 1, characterized in that, The first-level trusted status indicator is equipped with a first wireless communication device connected to the first-level control device, and the second-level trusted status indicator is equipped with a second wireless communication device connected to the second-level control device. The first wireless communication device and several second wireless communication devices are all wirelessly connected.
7. A DCS controller trusted verification alarm method based on the DCS controller trusted verification alarm system according to any one of claims 1 to 6, characterized in that, include: Several secondary trusted status indicator devices are connected to several DCS controllers respectively; The secondary control device receives and parses the trusted status information of the DCS controller to obtain the target trusted verification object. When the number of target trusted verification objects is not less than 1, the secondary alarm indicator corresponding to the target trusted verification object is controlled to show the first display state, and a primary alarm signal is sent to the primary control device. The target trusted verification object is a trusted verification object whose trusted status is untrusted. The system receives first-level alarm signals through a first-level control device, and upon receiving a first-level alarm signal, controls the first-level alarm indicator light to display a second state. The alarm number is obtained by acquiring the number of the DCS controller connected to the secondary reliable status indicator device corresponding to each primary alarm signal received by the primary control device. The target binary number is obtained by changing the number of bits corresponding to the preset all-zero binary number to 1 according to the alarm number. The target binary number is then converted into a preset base and displayed visually on the digital display lamp. The number of bits in the preset all-zero binary number is the same as the number of DCS controllers. When the number of target trusted verification objects is 0, the secondary control device sends a primary alarm recovery signal to the primary control device. The primary control device obtains the alarm recovery number by acquiring the number of the DCS controller connected to the secondary trusted status indicator corresponding to each primary alarm recovery signal, and changes the corresponding bit of the target binary number to 0 according to the alarm recovery number to obtain the updated target binary number. The updated target binary number is then converted into a preset base and displayed visually on the digital display light. When the number of target trusted verification objects is 0, the secondary control device controls several secondary alarm indicator lights to be constantly green; when no primary alarm signal is received from any secondary trusted status indicator device, the primary control device controls the primary alarm indicator light to be constantly green.