A zero-carbon park multi-energy data credible access and auditing method and system
By building a secure sandbox environment within the edge gateway and performing multi-dimensional quality access control verification, the accuracy and reliability issues of heterogeneous device access and data transmission in zero-carbon parks are resolved. This enables precise alignment of energy consumption data and reliable accounting of carbon emissions, supporting compliance audits and carbon trading.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- NORTHEASTERN UNIV CHINA
- Filing Date
- 2026-04-28
- Publication Date
- 2026-06-05
AI Technical Summary
Existing energy management systems for industrial parks face several challenges when dealing with the complex source-load interaction scenarios in zero-carbon parks. These include energy consumption measurement errors caused by the non-standardized access of heterogeneous equipment, data lacking physical meaning and spatial attribution, insufficient data quality control, and a lack of credible self-verification capabilities in data transmission. These issues affect the accuracy and compliance of carbon accounting.
By employing edge computing technology, a secure sandbox environment is built within the edge gateway. Device messages are parsed using device profiling and fingerprint recognition technology, anti-jitter integral calculation and clock synchronization are performed, structured metadata is generated, an energy flow topology model is constructed, and multi-dimensional quality access control verification is conducted. Finally, carbon emission accounting is performed in a trusted execution environment, generating an immutable audit evidence package.
It achieves precise alignment of energy consumption data, provides a logical basis for carbon emission responsibility entities, ensures the accuracy and reliability of carbon accounting data, provides end-to-end anti-tampering capabilities, and supports the legal validity of compliance audits and carbon trading.
Smart Images

Figure CN122160070A_ABST
Abstract
Description
Technical Field
[0001] This invention belongs to the field of integrated energy management technology for industrial parks, and relates to a method and system for trusted access and auditing of multi-energy data in zero-carbon parks. Background Technology
[0002] Zero-carbon parks, as a core unit for implementing the "dual-carbon" strategy, aim to achieve a dynamic balance between carbon emissions and absorption throughout their entire life cycle. Achieving this goal heavily relies on the accurate perception and reliable accounting of multi-dimensional heterogeneous energy data, including electricity, water, gas, heat, photovoltaics, and energy storage. However, in the actual operation of current park energy management systems (EMS) or supervisory control systems (SCADA), the complex source-load interaction scenarios in zero-carbon parks still present multiple technical challenges, ranging from physical data acquisition to digital auditing.
[0003] At the forefront of data acquisition, the non-standardized access of heterogeneous devices is the main source of energy consumption metering errors. Different brands and sampling frequencies of sensors are widely distributed throughout the park. Due to the lack of a unified clock synchronization and integration algorithm, network fluctuations easily cause sampling period jitter, leading to deviations in the energy value after instantaneous power integration. Furthermore, the ratio configuration of field current transformers (CT / PT) often relies on manual input, lacking an automated verification mechanism based on primary / secondary side data comparison. If the configuration parameters do not match the physical wiring, it will cause orders of magnitude distortion in the metering data, directly undermining the accuracy of carbon accounting. From the perspective of data fusion and model building, existing systems generally suffer from "semantic gaps" and "topology gaps." Traditional acquisition methods often obtain discrete, flattened numbers, lacking a structured description of the data's physical content and spatial distribution. This "data-only, business-unclear" situation makes it difficult for upper-layer applications to automatically analyze the energy allocation logic behind the data and accurately define the responsible parties for carbon emissions. As a result, although the park possesses massive amounts of data, it is difficult to clarify the emission details and energy flow relationships of various internal entities. Meanwhile, insufficient real-time data quality control capabilities make it easy for "junk data" to infiltrate the accounting system. Existing technical solutions mostly adopt an offline processing model of "database entry first, cleanup later," lacking real-time quantitative assessment and dynamic blocking mechanisms for data missing rates, drift rates, and outliers at the edge. This lagging quality management model not only increases the server's processing load but may also lead to seriously erroneous data participating in real-time carbon trading or energy efficiency assessments, affecting the reliability of decisions. More critically, at the compliance audit level, traditional data links lack legally credible self-verification capabilities. Carbon emission accounting results are directly linked to carbon tax payments and asset transactions, requiring data to be tamper-proof and traceable. However, current systems mostly rely on plaintext or simple encryption for data transmission, lacking a complete tamper-proof closed loop from edge gateways to audit centers. Once faced with questions from regulatory agencies or counterparties, the system cannot provide a complete chain of evidence including device fingerprints, parameter snapshots, and digital signatures, leading to a significant trust crisis during data ownership confirmation and auditing. Therefore, there is an urgent need to develop an access method that can integrate edge computing and semantic modeling technologies, and has strict quality access control verification and end-to-end trusted auditing capabilities, in order to meet the stringent requirements of zero-carbon parks for high-precision, high-reliability, and traceability of energy data. Summary of the Invention
[0004] To address the aforementioned technical problems, the purpose of this invention is to provide a method and system for trusted access and auditing of multi-energy data in zero-carbon industrial parks.
[0005] This invention provides a method for trusted access and auditing of multi-energy data in zero-carbon industrial parks, including:
[0006] Step 1: Build a secure sandbox environment with resource isolation within the edge gateway, load the device driver plugin verified by digital signature, scan the field devices through multiple communication channels, and use device profiling and fingerprint recognition technology to parse messages to automatically match the driver plugin;
[0007] Step 2: Extract raw energy data and perform anti-jitter integral calculation and clock synchronization and sampling stability verification;
[0008] Step 3: Perform semantic modeling, generate structured metadata, construct an energy flow topology model based on semantic orientation, and perform boundary conservation checks;
[0009] Step 4: Perform multidimensional quality access control verification on the mapped structured metadata;
[0010] Step 5: For data that passes the access control verification, the system performs carbon emission accounting in a trusted execution environment;
[0011] Step 6: Generate and calculate the solidified hash of the evidence package, generate a digital signature, package the solidified hash, digital signature and evidence package into an audit evidence package, and upload it to the audit center for audit review.
[0012] This invention also provides a trusted access and auditing system for multi-energy data in zero-carbon industrial parks, comprising:
[0013] The edge adaptation module is used to build a secure sandbox environment with resource isolation within the edge gateway, load device driver plugins verified by digital signatures, scan field devices through multiple communication channels, and use device profiling and fingerprint recognition technology to parse messages to automatically match driver plugins.
[0014] The data extraction module is used to extract raw energy data and perform anti-jitter integral calculation and clock synchronization and sampling stability verification.
[0015] The semantic topology module is used to perform semantic modeling, generate structured metadata, construct energy flow topology models based on semantic directions, and perform boundary conservation checks.
[0016] The access control verification module is used to perform multi-dimensional quality access control verification on the mapped structured metadata.
[0017] The carbon emission accounting module is used to perform carbon emission accounting on data that has passed access control verification in a trusted execution environment.
[0018] The audit evidence package generation module generates and calculates the fixed hash of the evidence package, generates a digital signature, packages the fixed hash, digital signature, and evidence package into an audit evidence package, and uploads it to the audit center for audit review.
[0019] The present invention provides a trusted access and auditing method and system for multi-energy data in zero-carbon industrial parks, which has the following beneficial effects:
[0020] (1) This invention effectively eliminates sampling period jitter errors caused by network fluctuations and inconsistent device sampling frequencies through an edge-side energy increment integration algorithm, ensuring accurate alignment of park energy consumption data in the time dimension. This invention can monitor factory operation status in real time, automatically analyze and statistically analyze production output, and achieve rapid data upload.
[0021] (2) This invention applies semantic modeling and topological binding technology to solve the problem of traditional data lacking physical meaning and spatial affiliation, realizes the automatic transformation from flat numerical values to structured knowledge, and provides a logical basis for accurately defining the carbon emission responsibility subject.
[0022] (3) This invention innovatively constructs a dual verification system based on hard access control with multiple consistency and soft access control with multidimensional quality scoring, which can block the online data with configuration errors, data drift or abnormal missing data in real time at the edge, thus ensuring the accuracy and reliability of carbon accounting data from the source.
[0023] (4) This invention utilizes Trusted Execution Environment (TEE) and hash signature technology to package collection parameters, verification reports, topology snapshots, etc., to generate an immutable chain of evidence, so that every carbon emission data can be traced back to the original physical collection point and the specific verification process, providing a legally valid technical endorsement for compliance audits and carbon trading in zero-carbon parks. Attached Figure Description
[0024] Figure 1 This is a flowchart of a trusted access and auditing method for multi-energy data in a zero-carbon industrial park according to the present invention;
[0025] Figure 2 This is a schematic diagram of the edge gateway plugin package structure and security release link in an embodiment of the present invention;
[0026] Figure 3 This is a schematic diagram illustrating the semantic self-describing data structure and the topological binding relationship between the responsible entity in an embodiment of the present invention;
[0027] Figure 4 This is a block diagram of a zero-carbon park multi-energy data trusted access and auditing system according to the present invention;
[0028] Figure 5 This is a schematic diagram of the overall architecture of the zero-carbon park multi-energy data trusted access and auditing system according to an embodiment of the present invention. Detailed Implementation
[0029] The specific embodiments of the present invention will be described in further detail below with reference to the accompanying drawings and examples. The following examples are for illustrative purposes only and are not intended to limit the scope of the invention.
[0030] This invention provides a trusted access and auditing method for multi-energy data in zero-carbon industrial parks. Targeting multi-source heterogeneous devices at the underlying level, it combines edge computing, semantic modeling, and a TEE trusted execution environment, employing a "scan-mapping-verification-online-solidification" processing flow to strictly control the accuracy of the underlying data and the carbon emission accounting of the responsible parties.
[0031] like Figure 1 As shown, the present invention provides a method for trusted access and auditing of multi-energy data in a zero-carbon industrial park, comprising the following steps:
[0032] Step 1: Build a resource-isolated secure sandbox environment within the edge gateway, load the digitally signed device driver plugin, scan field devices through multiple communication channels, and use device profiling and fingerprinting technology to parse messages to automatically match the driver plugin. Specifically:
[0033] Step 1.1: Build a secure sandbox environment with resource isolation within the edge gateway.
[0034] Step 1.2: Download and load the device driver plugin verified by digital signature; the driver plugin includes: protocol driver code, device fingerprint library, point table template, semantic mapping rules, diagnostic script, test cases, version number and digital signature.
[0035] Step 1.3: Perform automatic scanning and handshake interaction on field devices through multiple communication channels, and use device profiling and fingerprint recognition technology to analyze device response messages to identify device models and automatically match driver plugins.
[0036] In specific implementation, the plug-in package structure and security release chain diagram of this embodiment are as follows: Figure 2 As shown. To address the challenges of heterogeneous device access and driver security, this invention designs a standardized plugin package. This package encapsulates protocol driver code, a device profile / fingerprint library, a point table template, semantic mapping rules, and diagnostic scripts, along with a version number and the developer's digital signature. During the initial system operation phase, the edge gateway sandbox environment first verifies the signature of the downloaded plugin package, rejecting unauthorized plugins. After successful verification, it is deployed in a sandbox using container technology, with CPU and memory resource quotas configured to prevent malicious or inferior plugins from exhausting gateway resources. Once deployed, the plugin outputs atomic capabilities such as device discovery, point read / write, and warning time synchronization to the gateway through unified capabilities.
[0037] Step 2: Extract raw energy data and perform anti-jitter integral calculation and clock synchronization and sampling stability verification, specifically:
[0038] Step 2.1: Collect raw energy data from multi-energy devices.
[0039] During the data collection process, to address the sampling period jitter error caused by inconsistent sampling frequencies of different devices within the park (e.g., BMS at the millisecond level, electricity meters at the minute level), this embodiment no longer simply accumulates instantaneous values, but instead employs an energy increment integral algorithm, as detailed below:
[0040] Step 2.2: Read the sampling time of device i active power The energy increment integral is used to calculate the adjacent sampling interval. Energy increment To eliminate sampling period jitter error:
[0041]
[0042] This method effectively eliminates measurement errors caused by network latency or fluctuations in the acquisition frequency.
[0043] Step 2.3: Using the energy increment formula from Step 2.2, for any time interval... The energy consumption can be obtained by accumulating the sampling increments at all unequal intervals within the interval, and the calculation formula is:
[0044]
[0045] In practice, if the data source is the cumulative reading of the electricity meter... The formula for calculating the energy consumption of a given interval is:
[0046]
[0047] This standardized energy consumption value forms the basis for subsequent boundary conservation verification and carbon conversion calculations.
[0048] Step 2.4: Record and calculate device i at time... Sampling timestamp With gateway reference clock absolute deviation :
[0049]
[0050] set up If the absolute deviation exceeds a preset threshold, a clock synchronization verification command is triggered; if the absolute deviation continues to meet the preset threshold, a clock synchronization verification command is triggered. If the clock is synchronized, it is considered to be in sync.
[0051] Step 2.5: Calculate the sampling jitter variance between adjacent sampling intervals:
[0052]
[0053] in, For device i at time Sampling timestamp, Let be the theoretical sampling period of device i;
[0054] Sampling stability was verified by checking the sampling jitter variance. i The closer J is to 0, the better the sampling stability. Set stability thresholds based on device type, sampling period, and business scenario. i Exceeding the stability threshold indicates a jitter problem.
[0055] Step 3: Perform semantic modeling, generate structured metadata, construct an energy flow topology model based on semantic orientation, and perform boundary conservation checks, specifically:
[0056] Step 3.1: Based on semantic self-description rules, map the raw energy data into point metadata output in JSON-LD format; the metadata must be filled with: energy type, physical boundary attribute, unit dimension, accuracy level, transformer ratio parameter and energy flow direction field.
[0057] Step 3.2: Based on the energy flow direction field, construct an energy flow topology model containing parent nodes, child nodes, and leaf nodes to define the energy distribution relationship from the park master table to each zone and specific energy-consuming facility.
[0058] like Figure 3 As shown, the original set of points lacks business meaning. This step generates a semantic self-description document based on semantic self-description rules. This document adopts the JSON-LD standard format and defines in detail the energy type, measurement boundary, unit dimensions, current transformer ratio parameters (CT / PT), energy flow direction attributes, and accuracy level of the data.
[0059] Subsequently, the system binds the semantic self-describing document to the responsible entity level and constructs the energy flow topology.
[0060] Step 3.3: Perform boundary conservation verification based on the energy flow topology model: calculate the energy balance deviation rate between topology nodes using the relative error formula. This involves calculating the ratio of the difference between the total meter reading of the parent node in the topology model, the sum of the individual meter readings of all associated child nodes, and the preset line loss estimate.
[0061]
[0062] if The node is marked as having metering abnormalities or suspected electricity theft, triggering an alarm and blocking accounting.
[0063] if The conservation check passed; proceed to the next step.
[0064] in, This is the total table reading for the parent node. This is the sum of the table readings of the associated child nodes. This is the estimated line loss value. This represents the allowable error percentage.
[0065] Step 4: Perform multidimensional quality gate verification on the mapped structured metadata, specifically:
[0066] Based on different verification dimensions, this invention defines two quality access control strategies on the edge gateway side: "hard access control" (multiplier consistency and boundary conservation verification) and "soft access control" (comprehensive quality multidimensional scoring verification) for dual checks.
[0067] Hard access control (rate and boundary verification): designed to identify human mismatches in current transformers (CT / PT) and abnormal leakage / line loss at the physical topology level, and to directly block them once triggered.
[0068] Soft access control (comprehensive quality check): It aims to quantify dirty data caused by network jitter and sensor drift. By comprehensively normalizing and scoring the missing rate, anomaly rate, drift rate and clock deviation, it implements a pass-through policy.
[0069] Step 4.1: Perform a hard access control check, i.e., a multiplier consistency check;
[0070] Addressing the core pain point of incorrect current transformer configuration, the system calculates the rate deviation rate in real time. :
[0071]
[0072] in, This refers to a single measurement value reported by the device. This is the measured energy on the secondary side. and These refer to the current and voltage transformer ratios configured, respectively.
[0073] judge Does it exceed the verification tolerance? If yes, it indicates an error in the multiplier configuration, and the system will directly block data from going online and trigger an abnormal alarm command; if no, the hardware access control verification passes, and proceed to the next step.
[0074] Step 4.2: The system defines a statistical window W to count the expected number of sampling points. Actual number of sampling points and the number of numerical outliers Calculate the missing rate, outlier rate, and drift rate of the data respectively:
[0075]
[0076]
[0077]
[0078] in, This represents the mean of the data within the window. Use the historical baseline mean; set a missing rate threshold. Abnormality threshold Drift rate threshold .
[0079] The access control decision logic is: if both conditions are met simultaneously... If the result is positive, proceed to the next step of comprehensive score calculation; otherwise, data access will be directly blocked; among which, outliers... The determination is based on statistical methods or specific business rule bases.
[0080] Step 4.3: Calculate the normalized subsets of missing rate, outlier rate, drift rate, and clock skew using the negative correlation mapping function:
[0081]
[0082]
[0083]
[0084]
[0085] in, To calculate the absolute value of the maximum clock deviation for this device within the statistical window, This is the preset clock skew tolerance threshold.
[0086] Step 4.4: Calculate the overall quality score of the data points based on the preset weights. :
[0087]
[0088] in, ,and , Represents the normalized sub-score of the m-th quality dimension; only if Higher than the preset upper limit If the data passes the software access control quality check, it is allowed to go online.
[0089] Step 5: For data that passes access control verification, the system performs carbon emission calculation in the trusted execution environment. Specifically, in the trusted execution environment, based on the energy flow topology and energy type consumption, and combined with the emission factor issued by the platform, carbon emission calculation is performed on the data that passes access control verification. The calculation formula is as follows:
[0090]
[0091] in, Let be the consumption amount of the s-th type of energy. The carbon emission factor per unit consumption that is matched with the energy measurement unit of energy type s.
[0092] Energy consumption This data is only allowed to participate in the calculation after undergoing sampling, anti-jitter, rate verification, and quality gate control. Only data that passes the gate control verification will enter the TEE for carbon emission accounting. Emission Factor This indicates how much carbon emissions correspond to the consumption of 1 unit of this energy.
[0093] Step 6: Generate and calculate the solidified hash of the evidence package, generate a digital signature, and package the solidified hash, digital signature, and evidence package together to solidify and generate an audit evidence package, specifically as follows:
[0094] Step 6.1: The system generates an access evidence package, which includes: device ID, plugin version, verification result report, topology snapshot, current calculation time window, raw data digest, raw data index, configuration parameters, device fingerprint digest, energy consumption for each type, emission factor version and value, carbon emission result, operator timestamp, and a byte stream containing a unique audit event identifier. The SHA256 algorithm is used to calculate the solidified hash h of the evidence packet.
[0095]
[0096] Step 6.2: Generate a digital signature using the private key sk embedded in the trusted execution environment of the device. :
[0097]
[0098] Step 6.3: Package the solidified hash, digital signature, and evidence package into an audit evidence package and upload it to the audit center for audit review.
[0099] The audit center conducts an audit review, specifically as follows:
[0100] First, use the corresponding public key (pk) to verify the validity of the digital signature and hash value:
[0101]
[0102] The audit evidence package proves that it has not been tampered with since it was signed, and that the signer's identity is credible, if and only if the verification passes.
[0103] Then, recalculate Hash(B). If it matches the uploaded fixed hash h, it means that it has not been tampered with.
[0104] The original sampled data body is stored in the edge-side business database or trusted storage, and only its summary and index are fixed in the audit evidence package; during audit review, the original data is retrieved based on the index and the summary is recalculated for consistency verification.
[0105] like Figure 4 As shown, the present invention also provides a trusted access and auditing system for multi-energy data in zero-carbon industrial parks, comprising:
[0106] The edge adaptation module is used to build a secure sandbox environment with resource isolation within the edge gateway, load device driver plugins verified by digital signatures, scan field devices through multiple communication channels, and use device profiling and fingerprint recognition technology to parse messages to automatically match driver plugins.
[0107] The data extraction module is used to extract raw energy data and perform anti-jitter integral calculation and clock synchronization and sampling stability verification.
[0108] The semantic topology module is used to perform semantic modeling, generate structured metadata, construct energy flow topology models based on semantic directions, and perform boundary conservation checks.
[0109] The access control verification module is used to perform multi-dimensional quality access control verification on the mapped structured metadata.
[0110] The carbon emission accounting module is used to perform carbon emission accounting on data that has passed access control verification in a trusted execution environment.
[0111] The audit evidence package generation module generates and calculates the fixed hash of the evidence package, generates a digital signature, packages the fixed hash, digital signature, and evidence package into an audit evidence package, and uploads it to the audit center for audit review.
[0112] The overall system architecture diagram of this embodiment is shown below. Figure 5 As shown, the system consists of three main parts from bottom to top: the on-site multi-energy device layer, the multi-energy edge gateway, and the park platform / audit center.
[0113] The on-site multi-energy device layer encompasses typical heterogeneous sensing terminals within a zero-carbon park, specifically including smart meters for electricity metering, water meters, gas meters, heat meters, and steam meters for water, gas, and heat metering, as well as photovoltaic inverters, energy storage PCS-BMS-EMS, charging piles, and building automation systems (BAS). These devices are physically connected to the edge side through multiple communication channels, including Ethernet, RS485 serial bus, 4G / 5G wireless network, and LoRa / NB-IoT narrowband IoT.
[0114] The multi-energy edge gateway is the hardware carrier for implementing the zero-carbon park multi-energy data trusted access and auditing method of this invention. Internally, it deploys multiple functional modules using software-defined technology: a plug-in runtime environment provides a container sandbox for digital signature verification and resource isolation; a multi-protocol automatic discovery module performs device scanning, handshake interaction, and fingerprint recognition; a semantic self-description generation module converts raw data into semantic metadata in JSON-LD format; a low-code debugging and mapping workflow is used to construct the "park-device" responsibility entity hierarchy and the "general-specific" energy flow topology; a data quality access control and consistency verification module acts as the system's "security inspector," responsible for performing multiplier verification and multi-dimensional scoring blocking; and an evidence chain solidification and audit traceability module, integrated into the TEE environment, is responsible for generating audit packages containing hash signatures.
[0115] The park platform / audit center is deployed in the cloud or central computer room and includes a plug-in market management console, a semantic point table center, a low-code orchestration service, a quality access control center, and an audit evidence chain center, which are used to aggregate, verify, and mine the value of data uploaded from the edge side.
[0116] After collecting discrete data from underlying multi-source heterogeneous devices at the edge gateway, the method of this invention first uses an energy incremental integral algorithm to eliminate sampling period jitter errors caused by network fluctuations; then, it generates structured point metadata in JSON-LD format based on semantic self-description rules, and constructs an energy flow topology model in combination with physical business relationships, and performs a total score boundary conservation check based on parent and child nodes; then, it uses a dual verification engine of "hard access control" to calculate the multiplier deviation rate and "soft access control" to calculate the comprehensive score of missing / abnormal / drift / clock deviation, and performs strict abnormal interception and release processing on the data; finally, the verified data and calculation results are sent into a Trusted Execution Environment (TEE) to generate an audit evidence package containing a fixed hash value and a device private key digital signature, thereby achieving high-precision alignment of energy data in zero-carbon parks, refined accounting of responsible entities, and a closed loop of end-to-end anti-tampering.
[0117] The technical solution proposed in this invention effectively eliminates sampling period jitter errors caused by network fluctuations and inconsistent device sampling frequencies by introducing an energy increment integration algorithm at the edge, ensuring accurate alignment of park energy consumption data in the time dimension. Simultaneously, this invention applies semantic modeling and topology binding technologies to solve the problem of traditional data lacking physical meaning and spatial attribution, achieving automatic transformation from flat numerical values to structured knowledge, providing a logical foundation for accurately defining the responsible parties for carbon emissions. Furthermore, this invention innovatively constructs a dual verification system based on a hard gate for rate consistency and a soft gate for multi-dimensional quality scoring, capable of blocking the online transmission of misconfigured, drifting, or abnormally missing data at the edge in real time, ensuring the accuracy and reliability of carbon accounting data from the source. Under this mechanism, this invention further utilizes a Trusted Execution Environment (TEE) and hash signature technology to package collection parameters, verification reports, topology snapshots, etc., into an immutable chain of evidence, enabling each carbon emission data point to be traced back to the original physical collection point and specific verification process. This effectively avoids the difficulties in establishing ownership and the crisis of trust faced by massive amounts of data, providing legally valid technical endorsement for compliance audits and carbon trading in zero-carbon parks.
[0118] The above description is only a preferred embodiment of the present invention and is not intended to limit the ideas of the present invention. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of the present invention should be included within the protection scope of the present invention.
Claims
1. A method for trusted access and auditing of multi-energy data in a zero-carbon industrial park, characterized in that, include: Step 1: Build a secure sandbox environment with resource isolation within the edge gateway, load the device driver plugin verified by digital signature, scan the field devices through multiple communication channels, and use device profiling and fingerprint recognition technology to parse messages to automatically match the driver plugin; Step 2: Extract raw energy data and perform anti-jitter integral calculation and clock synchronization and sampling stability verification; Step 3: Perform semantic modeling, generate structured metadata, construct an energy flow topology model based on semantic orientation, and perform boundary conservation checks; Step 4: Perform multidimensional quality access control verification on the mapped structured metadata; Step 5: For data that passes the access control verification, the system performs carbon emission accounting in a trusted execution environment; Step 6: Generate and calculate the solidified hash of the evidence package, generate a digital signature, package the solidified hash, digital signature and evidence package into an audit evidence package, and upload it to the audit center for audit review.
2. The method for trusted access and auditing of multi-energy data in zero-carbon industrial parks according to claim 1, characterized in that, Step 1 specifically involves: Step 1.1: Build a secure sandbox environment with resource isolation within the edge gateway; Step 1.2: Download and load the device driver plugin verified by digital signature; the driver plugin includes: protocol driver code, device fingerprint library, point table template, semantic mapping rules, diagnostic script, test cases, version number and digital signature; Step 1.3: Perform automatic scanning and handshake interaction on field devices through multiple communication channels, and use device profiling and fingerprint recognition technology to analyze device response messages to identify device models and automatically match driver plugins.
3. The method for trusted access and auditing of multi-energy data in zero-carbon industrial parks according to claim 1, characterized in that, Step 2 specifically involves: Step 2.1: Collect raw energy data from multiple energy devices; Step 2.2: Read the sampling time of device i active power The energy increment integral is used to calculate the adjacent sampling interval. Energy increment To eliminate sampling period jitter error: Step 2.3: Using the energy increment formula from Step 2.2, for any time interval... The energy consumption can be obtained by accumulating the sampling increments at all unequal intervals within the interval, and the calculation formula is: Step 2.4: Record and calculate device i at time... Sampling timestamp With gateway reference clock absolute deviation : set up If the absolute deviation exceeds a preset threshold, a clock synchronization verification command is triggered; if the absolute deviation continues to meet the preset threshold, a clock synchronization verification command is triggered. If the clock is synchronized, then the clock synchronization is considered to be successful. Step 2.5: Calculate the sampling jitter variance between adjacent sampling intervals: in, For device i at time Sampling timestamp, Let be the theoretical sampling period of device i; Sampling stability was verified by checking the sampling jitter variance. i The closer J is to 0, the better the sampling stability. Set stability thresholds based on device type, sampling period, and business scenario. i Exceeding the stability threshold indicates a jitter problem.
4. The method for trusted access and auditing of multi-energy data in zero-carbon industrial parks according to claim 1, characterized in that, Step 3 specifically involves: Step 3.1: Based on semantic self-description rules, map the raw energy data into point metadata output in JSON-LD format; the metadata must be filled with: energy type, physical boundary attributes, unit dimension, accuracy level, transformer rate parameter and energy flow direction field; Step 3.2: Based on the energy flow direction field, construct an energy flow topology model containing parent nodes, child nodes, and leaf nodes to define the energy distribution relationship from the park master table to each zone and specific energy-consuming facility; Step 3.3: Perform boundary conservation verification based on the energy flow topology model: calculate the energy balance deviation rate between topology nodes using the relative error formula. This involves calculating the ratio of the difference between the total meter reading of the parent node, the sum of the individual meter readings of all associated child nodes, and the preset line loss estimate in the topology model. if The node is marked as having metering abnormalities or suspected electricity theft, triggering an alarm and blocking the calculation; if The conservation check passed; proceed to the next step. in, This is the total table reading for the parent node. This is the sum of the table readings of the associated child nodes. This is the estimated line loss value. This represents the allowable error percentage.
5. The method for trusted access and auditing of multi-energy data in zero-carbon industrial parks according to claim 1, characterized in that, Step 4 specifically involves: Step 4.1: Perform a hard access control check, i.e., a multiplier consistency check; Addressing the core pain point of incorrect current transformer configuration, the system calculates the rate deviation rate in real time. : in, This refers to a single measurement value reported by the device. This is the measured energy on the secondary side. and These are the current and voltage transformer ratios, respectively. judge Does it exceed the verification tolerance? If yes, it indicates an error in the multiplier configuration, and the system will directly block data from going online and trigger an abnormal alarm command; if no, the hardware access control verification passes, and proceed to the next step. Step 4.2: The system defines a statistical window W to count the expected number of sampling points. Actual number of sampling points and the number of numerical outliers Calculate the missing rate, outlier rate, and drift rate of the data respectively: in, This represents the mean of the data within the window. Use the historical baseline mean; set a missing rate threshold. Abnormality threshold Drift rate threshold ; The access control decision logic is: if both conditions are met simultaneously... If the result is positive, proceed to the next step of comprehensive score calculation; otherwise, data access will be directly blocked; among which, outliers... The determination is based on statistical methods or a specific business rule base; Step 4.3: Calculate the normalized subsets of missing rate, outlier rate, drift rate, and clock skew using the negative correlation mapping function: in, To calculate the absolute value of the maximum clock deviation for this device within the statistical window, This is the preset clock skew tolerance threshold; Step 4.4: Calculate the overall quality score of the data points based on the preset weights. : in, ,and , Represents the normalized sub-score of the m-th quality dimension; only if Higher than the preset upper limit If the data passes the software access control quality check, it is allowed to go online.
6. The method for trusted access and auditing of multi-energy data in zero-carbon industrial parks according to claim 1, characterized in that, Step 5 specifically involves: In a trusted execution environment, based on the energy flow topology and energy consumption, and combined with the emission factor issued by the platform, performing carbon emission calculation on the data that has passed access control verification. The calculation formula is as follows: in, Let be the consumption amount of the s-th type of energy. The carbon emission factor per unit consumption that is matched with the energy measurement unit of energy type s.
7. The method for trusted access and auditing of multi-energy data in zero-carbon industrial parks according to claim 1, characterized in that, Step 6 specifically involves: Step 6.1: The system generates an access evidence package, which includes: device ID, plugin version, verification result report, topology snapshot, current calculation time window, raw data digest, raw data index, configuration parameters, device fingerprint digest, energy consumption for each type, emission factor version and value, carbon emission result, operator timestamp, and a byte stream containing a unique audit event identifier. The SHA256 algorithm is used to calculate the solidified hash h of the evidence packet. Step 6.2: Generate a digital signature using the private key sk embedded in the trusted execution environment of the device. : Step 6.3: Package and solidify the solidified hash, digital signature, and evidence package to generate an audit evidence package.
8. The method for trusted access and auditing of multi-energy data in zero-carbon industrial parks according to claim 7, characterized in that, The audit review specifically includes: First, use the corresponding public key (pk) to verify the validity of the digital signature and hash value: The audit evidence package is proven to have not been tampered with since it was signed, and the signer's identity is credible, if and only if the verification passes. Then, recalculate Hash(B). If it matches the uploaded fixed hash h, it means that it has not been tampered with.
9. A trusted access and auditing system for multi-energy data in a zero-carbon industrial park, characterized in that, include: The edge adaptation module is used to build a secure sandbox environment with resource isolation within the edge gateway, load device driver plugins verified by digital signatures, scan field devices through multiple communication channels, and use device profiling and fingerprint recognition technology to parse messages to automatically match driver plugins. The data extraction module is used to extract raw energy data and perform anti-jitter integral calculation and clock synchronization and sampling stability verification. The semantic topology module is used to perform semantic modeling, generate structured metadata, construct energy flow topology models based on semantic directions, and perform boundary conservation checks. The access control verification module is used to perform multi-dimensional quality access control verification on the mapped structured metadata. The carbon emission accounting module is used to perform carbon emission accounting on data that has passed access control verification in a trusted execution environment. The audit evidence package generation module generates and calculates the fixed hash of the evidence package, generates a digital signature, packages the fixed hash, digital signature, and evidence package into an audit evidence package, and uploads it to the audit center for audit review.