A Question System and Method for Running Parameters Based on Natural Language Parsing
By using a natural language parsing-based system for querying operational parameters, the problem of distinguishing between read-only query relationships and action execution relationships has been solved, ensuring accurate processing of natural language query requests in the safety zone 1 scenario of thermal power units. This improves upon the unclear boundary issues in existing technologies and achieves a more stable processing chain.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- GD POWER HANDAN DONGJIAO THERMAL POWER CO LTD
- Filing Date
- 2026-05-06
- Publication Date
- 2026-06-30
Smart Images

Figure CN122309547A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of intelligent query technology, and more specifically, to a query system and method based on natural language parsing for operating parameters. Background Technology
[0002] In the scenario of safety zone one operation monitoring and equipment status monitoring of thermal power units, operators typically need to initiate natural language query requests based on information such as equipment name, parameter name, time range, statistical caliber, comparison relationship, and filtering conditions to quickly obtain operating parameters, statistical results, trend changes, and anomaly correlation information. To reduce the workload of manually searching for measurement points and manually configuring query conditions, existing monitoring systems usually introduce processing methods such as natural language parsing, query statement generation, workflow node orchestration, and permission verification to achieve automatic processing of natural language query requests.
[0003] For example, existing technical document CN118484465A discloses a method and apparatus for generating SQL statements from natural language statements. This method decomposes the natural language statement to be converted and then encodes and decodes the decomposition results to generate the SQL statement. While this approach can improve the processing capability of complex natural language queries to some extent, it primarily focuses on the conversion process from natural language to query statements. When a natural language query request is connected to a unified orchestration link that includes read nodes, external write nodes, and control-related nodes, simply generating the query statement is insufficient to determine whether the current request corresponds only to a read-only query or has entered the scope of executable actions.
[0004] For example, existing technical document CN110910081A discloses a workflow configuration implementation method based on a laboratory information management system. This method achieves workflow configuration and activation by determining workflow nodes, setting operation permissions for each workflow node, defining the node order, and configuring permissions for the workflow. This type of solution demonstrates that existing technologies recognize the importance of workflow node order and permissions, but they focus more on node configuration and authorization during the workflow design phase. When a single natural language query request enters an existing workflow, existing solutions still lack the ability to distinguish between read-only and action boundaries for subsequent processing paths based on the semantics of the current query.
[0005] For example, existing technical document CN117009319A discloses a database operation method based on a large language model. This method determines the corresponding permission operation type after permission verification is passed, and verifies the operation type keywords based on the permission operation type, then treats the verified operation tasks as pending tasks. This type of solution can control permissions for database read, write, update, and delete operations to a certain extent, but it mainly focuses on task verification at the database operation level. When a natural language query request corresponds to a combination of multiple nodes in a unified orchestration chain, relying solely on database operation type verification is still insufficient to form overall constraints on non-query nodes such as message push, report generation, work order creation, alarm publishing, configuration writing, and automatic handling, all oriented towards the current request.
[0006] Furthermore, in scenarios involving operational parameter queries, many requests initiated by operators are solely for the purpose of reading device parameters, conducting statistical analysis, and displaying results. However, the unified orchestration pipeline often contains both read-only nodes and nodes with external write or control capabilities. If reliance is placed solely on the conversion of natural language to query statements, preset permissions for workflow nodes, or database operation type validation, then when natural language queries contain descriptions of actions such as exporting, sending, pushing, distributing, or controlling, or when the query itself is a parameter query but the existing pipeline contains pre-existing external write or control-related nodes, unclear request processing boundaries can still easily arise. This can cause read-only query requests to continue along paths containing external write or control-related behaviors, resulting in unexpected external write or control-related results.
[0007] Therefore, the main problem with existing technologies is that in scenarios combining natural language querying and low-code orchestration, when the unified orchestration chain simultaneously contains read nodes, external write nodes, and control-related nodes, existing processing methods struggle to simultaneously ensure accurate differentiation between read-only query relationships and action execution relationships, effective limitation of subsequent processing paths, and correct constraint of the scope of processed objects. Based on this, how to provide a processing method that can accurately distinguish between read-only query relationships and action execution relationships, and constrain subsequent processing paths and the scope of objects, for runtime parameter querying scenarios, has become a technical problem that needs to be solved in this field.
[0008] In view of this, the present invention proposes a system and method for querying runtime parameters based on natural language parsing to solve the above problems. Summary of the Invention
[0009] To overcome the aforementioned shortcomings of the prior art and achieve the above objectives, the present invention provides the following technical solution: a method for querying runtime parameters based on natural language parsing, comprising:
[0010] Acquire natural language questions, orchestration definition data, identity and permission data, and measurement point dictionary data;
[0011] The natural language problem is parsed to obtain the natural language parsing result; based on the natural language parsing result, boundary mapping is performed to generate query intent boundary data; and based on the query intent boundary data, the orchestration definition data is filtered to obtain the action node set.
[0012] The orchestration definition data is categorized and aggregated to obtain node capability footprint data; the node capability footprint data is mapped based on query intent boundary data and identity permission data to generate read-only data seal data; the read-only data seal data, node capability footprint data and orchestration definition data are combined into links to generate read-only execution links;
[0013] The identity and permission data and node capability footprint data are matched to obtain read authorization range data and action authorization range data; based on the natural language parsing results, read authorization range data and action authorization range data, a pass determination is made to generate the action permission type;
[0014] The measurement point dictionary data is queried based on the read-only execution link, the read authorization range data, and the natural language parsing results to obtain the query result data; the action node set is constrained based on the action permission type, the action authorization range data, and the natural language parsing results to obtain the execution result.
[0015] Furthermore, the natural language parsing results include device name, parameter name, time range, statistical caliber, comparison relationship, filtering conditions, action verbs, action target name, and action range description.
[0016] Furthermore, the query intent boundary data includes a set of read-only output data names and a set of action output data names. When the action verb, action target name, and action scope description are all empty, the query intent boundary data is limited to the set of read-only output data names. When at least one of the action verb, action target name, and action scope description is not empty, the natural language parsing result is marked as an action intent candidate. When the action verb, action target name, and action scope description are all not empty, and the action target name, after being standardized by object name, matches the set of write object names or the set of control object names in the orchestration definition data, the natural language parsing result is determined as an action execution candidate.
[0017] Furthermore, the node capability footprint data is indexed by node name and includes node name, node type, set of read object names, set of write object names, set of control object names, set of output data names, connection relationship records, and trigger order records. The node capability footprint data is obtained by classifying and aggregating orchestration definition data based on node resource declarations, node action declarations, node connection relationships, and node trigger order.
[0018] Furthermore, when generating read-only data sealing data based on query intent boundary data, identity and permission data, and node capability footprint data, the action output data name set is extracted from the query intent boundary data. Based on the identity and permission data, the set of allowed reading object names is determined, and read authorization scope data is generated. The read authorization scope data includes the set of allowed reading object names. When the intersection of the output data name set and the action output data name set is not empty, the set of written object names is not empty, or the set of controlled object names is not empty, the corresponding node is added to the read-only prohibited node name set.
[0019] Furthermore, based on the correspondence between the set of read object names and the set of allowed read object names, nodes are divided into read-only restrictions. When the difference between the set of read object names and the set of allowed read object names is not empty and the intersection is empty, the corresponding node is added to the set of prohibited read-only node names. When the difference between the set of read object names and the set of allowed read object names is not empty and the intersection is not empty, the corresponding node is added to the set of restricted read-only node names. When the set of read object names is a subset of the set of allowed read object names and the corresponding node is not added to either of the aforementioned sets, the corresponding node is added to the set of allowed read-only node names.
[0020] Furthermore, the read-only data sealing data includes a set of read-only allowed node names, a set of read-only prohibited node names, a set of read-restricted node names, a set of read-only prohibited object names, a set of read-only allowed read object names, and a set of read-only allowed output data names. Among them, the set of read-only prohibited object names is obtained by deduplicating and merging the set of write object names and the set of control object names; the set of read-only allowed read object names is obtained by taking the intersection of the union of the set of read object names corresponding to the read-only allowed nodes and the set of allowed read object names; and the set of read-only allowed output data names is obtained by filtering the set of read-only output data names and the set of output data names corresponding to the read-only allowed nodes.
[0021] Furthermore, when generating read-only execution links based on read-only data seal data, node capability footprint data, and orchestration definition data, the orchestration definition data is abstracted into a directed graph. Connection relationship records are used as directed edges, and trigger order records are used as path sorting constraints. All reachable paths are searched, and paths with loops are truncated according to a preset maximum number of loop expansions. Paths that pass through read-only prohibited nodes or read-restricted nodes, paths whose set of read object names is not a subset of the set of read-only allowed read object names, and paths whose set of output data names is not a subset of the set of read-only allowed output data names are removed. A read-only node sequence is generated based on the trigger order records to obtain the read-only execution link.
[0022] Furthermore, the action authorization scope data includes a set of allowed write object names and a set of allowed control object names; the action permission type is determined based on the action verb, action target name, action scope description, and action authorization scope data; if any of these are empty or the action target name does not match either the allowed write object name set or the allowed control object name set after object name standardization, the action permission type is determined to be denied, and the corresponding node is removed from the connection relationship record and trigger order record corresponding to the action node set; if a match is found, the action verb, action target name, and action scope description are appended to the trigger condition description of the corresponding node, and the matched authorized object name is appended to the object scope description; if the action scope description cannot be converted to a preset structured description format, it remains denied, wherein the preset structured description format includes at least a scope type field and a scope value field.
[0023] A runtime parameter query system based on natural language parsing includes:
[0024] The data acquisition module is used to acquire natural language questions, arrangement definition data, identity and permission data, and measurement point dictionary data;
[0025] The instruction parsing module is used to parse natural language questions and obtain natural language parsing results; based on the natural language parsing results, it performs boundary mapping to generate query intent boundary data, and filters the orchestration definition data based on the query intent boundary data to obtain a set of action nodes;
[0026] The read-only permission constraint module is used to classify and aggregate orchestration definition data to obtain node capability footprint data; it maps the node capability footprint data based on query intent boundary data and identity permission data to generate read-only data seal data; and it combines the read-only data seal data, node capability footprint data, and orchestration definition data to generate read-only execution links.
[0027] The action permission verification module matches identity permission data and node capability footprint data to obtain read authorization range data and action authorization range data; based on the natural language parsing results, read authorization range data and action authorization range data, it makes a release judgment and generates the action permission type.
[0028] Compared with existing technologies, the technical effects and advantages of the natural language parsing-based runtime parameter query system and method of the present invention are as follows:
[0029] The present invention relates to a runtime parameter query system and method based on natural language parsing. This addresses the problem in low-code orchestration platforms where read-only query behavior and write control behavior are not effectively isolated, leading to pure parameter query requests mistakenly entering external write paths or control-related paths during the processing chain. By performing natural language parsing, boundary mapping, capability classification, chain combination, and release judgment processing on natural language queries, orchestration definition data, and identity and permission data, the system generates query intent boundary data, node capability footprint data, read-only data sealing data, read-only execution chain, read authorization scope data, action authorization scope data, and action permission type. This ensures that natural language query requests, upon entering the unified orchestration chain, form read-only query boundaries and action execution boundaries specific to the current request, thereby effectively constraining subsequent processing paths and object scope.
[0030] Specifically, by parsing natural language questions and performing boundary mapping based on the parsing results, query intent boundary data is generated. At the same time, the orchestration definition data is filtered based on the query intent boundary data to obtain a set of action nodes. This allows for the differentiation of whether the current request has the potential to be executed from the request semantic level. This distinguishes natural language question requests that only have the purpose of reading device parameters, statistical analysis, and displaying results from requests that contain external writing or control intents. This improves the problems in the existing technology where the unified orchestration link is insufficient in identifying request attributes and easily mixes read-only query relationships with action execution relationships.
[0031] By classifying and aggregating orchestration definition data, node capability footprint data is obtained. Based on query intent boundary data and identity permission data, the node capability footprint data is mapped to generate read-only data seal data. Then, combined with orchestration definition data, a link combination is performed to generate a read-only execution link. This can explicitly show the set of read object names, write object names, control object names, output data names, and the connection relationships and triggering order between nodes in each node of the orchestration link. On this basis, nodes and paths with external write capabilities, control capabilities, or exceeding the read authorization scope are eliminated. This improves the problem in the existing technology that read-only query requests lack path-level constraints after entering the unified orchestration link and are prone to entering non-read-only nodes along existing connection relationships.
[0032] By matching identity and permission data with node capability footprint data, read authorization scope data and action authorization scope data are obtained. Based on the natural language parsing results, read authorization scope data and action authorization scope data, a release judgment is made to generate action permission types. It can verify whether the action verb, action target name and action scope description are complete, and whether the action target falls into the set of allowed write object names or the set of allowed control object names. It keeps unauthorized, incomplete or unstructured action requests in a non-release state, thereby improving the problems of unclear action request object scope, unclear authorization boundaries and unexpected action nodes may still participate in subsequent processing in the existing technology.
[0033] By querying the measurement point dictionary data based on read-only execution links, read authorization scope data, and natural language parsing results, and performing constraint operations on the action node set based on action permission type, action authorization scope data, and natural language parsing results, read-only query requests can complete measurement point queries and result output along restricted read-only execution links. At the same time, action nodes that are not allowed are removed from the corresponding connection relationship records and trigger sequence records, and allowed action nodes can only participate in execution within the authorized object scope. This reduces the possibility of pure parameter query requests triggering unexpected external write behaviors or control-related behaviors such as report generation, message push, work order creation, alarm release, configuration writing, and automatic handling.
[0034] Therefore, this invention not only improves the local processing defects of the prior art in the request attribute identification, path range limitation and object range constraint links, but also makes the overall processing chain of natural language query requests in the safety zone 1 scenario of thermal power units have better boundary clarity, execution continuity and processing stability, which is more conducive to realizing reliable processing of query scenarios for operating parameters in a unified orchestration environment. Attached Figure Description
[0035] Figure 1 This is a schematic diagram of a runtime parameter query system based on natural language parsing, according to an embodiment of the present invention.
[0036] Figure 2 This is a flowchart of the method for querying runtime parameters based on natural language parsing according to an embodiment of the present invention;
[0037] Figure 3 This is a flowchart illustrating the read-only query processing of an embodiment of the present invention;
[0038] Figure 4 This is a flowchart of the action permission verification process according to an embodiment of the present invention. Detailed Implementation
[0039] The technical solutions of the embodiments of the present invention will be described in detail, clearly, and completely below with reference to the accompanying drawings. It should be particularly noted that the specific embodiments described below are only for better illustrating and explaining the technical solutions of the present invention, and are intended to enable those skilled in the art to better understand and implement the present invention, and should not be construed as limiting the scope of protection of the present invention. Without departing from the spirit and substance of the present invention, those skilled in the art can modify, adjust, or make equivalent substitutions based on the content disclosed in the present invention, and these should all be considered within the scope of protection of the present invention.
[0040] Example 1:
[0041] Please see Figure 1 As shown, this embodiment discloses a system for querying runtime parameters based on natural language parsing, including a data acquisition module, an instruction parsing module, a read-only permission constraint module, an action permission verification module, and a result output module. Each module is connected via wired and / or wireless means to achieve data transmission.
[0042] The data acquisition module is used to acquire natural language questions, arrangement definition data, identity and permission data, and measurement point dictionary data.
[0043] Natural language questions are obtained through text input by operators. The text input interface records the submission time and generates a batch identifier upon receiving a natural language question. This batch identifier is used to bind orchestration definition data, identity and permission data, and measurement point dictionary data to the same natural language question. Natural language questions retain their original expressions, preserving the original wording of device names, parameter names, time range descriptions, statistical caliber descriptions, comparison relationship descriptions, filter condition descriptions, action verb descriptions, action target name descriptions, and action range descriptions. No synonym substitutions, abbreviations, or deletions of numbers and units are performed.
[0044] Orchestration definition data is retrieved from the low-code orchestration platform's configuration storage and release-state configuration snapshots. The retrieval action occurs immediately after the batch identifier is generated to avoid obtaining orchestration states inconsistent with natural language processing. Orchestration definition data includes a node list, node connection relationships, node triggering order, node resource declarations, node action declarations, and node type identifiers. The node list determines the range of triggerable nodes. Node connection relationships and node triggering order determine the reachable execution paths. Node resource declarations specify the sets of read object names, write object names, and control object names. Node action declarations specify the set of output data names. Node type identifiers identify one or more of the following: script nodes, message nodes, report nodes, external interface nodes, file output nodes, work order nodes, alarm nodes, configuration write nodes, and automatic handling nodes.
[0045] After data acquisition, the data is categorized, aggregated, and aspect extracted. Categorization, aggregation, and aspect extraction are performed on a node-by-node basis. Node resource declarations and node action declarations are expanded into sets of read object names, write object names, control object names, and output data names. Node connection relationships and node triggering sequences are expanded into connection relationship records and triggering sequence records. The generation of connection relationship records and triggering sequence records includes the following steps: reading node connection relationships to form a directed graph; searching all reachable paths after removing nodes with no connection relationships; sorting all reachable paths according to the node triggering sequence; and truncating paths with loops according to a preset maximum number of loop expansions. The preset maximum number of loop expansions limits the number of times the same node is repeatedly expanded within the same path, preferably one to three times, more preferably twice. When the number of times any node in a path is repeated exceeds the preset maximum number of loop expansions, the expansion of that path is stopped, and the path segments formed before truncation are retained as candidate paths.
[0046] Identity and permission data is retrieved from the user and permission storage of the monitoring system and bound to the collection batch identifier. This data includes operator identity information and operator authorization scope information. Operator identity information is derived from login status association. Operator authorization scope information comes from authorization records in the user and permission storage. After retrieval, the identity and permission data forms an object authorization mapping. This mapping converts the operator authorization scope information into a set of operator authorized object names. The set of operator authorized object names must at least distinguish between sets of allowed read object names, allowed write object names, and allowed control object names. Object names are represented using a standard namespace. When the naming and standard namespace of the original permission data differ from the orchestration definition data, object name standardization is first performed based on the correspondence between object codes and object names, followed by set matching. Fuzzy matching and abbreviation mapping are not performed.
[0047] The measurement point dictionary data comes from a time-series database and a relational database, and is obtained by binding it with the data acquisition batch identifier. The relational database provides equipment name, parameter name, measurement point identifier, unit, measurement range, sampling period, availability status, and a set of synonyms. The time-series database verifies whether the measurement point identifier is searchable and provides the activity status of the measurement points within the most recent time window. The measurement point dictionary data includes the correspondence between equipment parameter names and measurement point identifiers. After the measurement point dictionary data is acquired, the measurement point name mapping is organized. The measurement point name mapping uses the equipment name and parameter name as keys, aggregating the measurement point identifier, data source name, unit, measurement range, sampling period, availability status, and a set of synonyms to form a directly searchable measurement point name mapping.
[0048] The measurement point name mapping allows multiple measurement point identifiers to correspond to the same device name and the same parameter name. The number of candidate measurement point identifiers is preferably one to ten, with the top three being retained. The selection rules for candidate measurement point identifiers include: prioritizing those with an available status; if the available status is the same, prioritizing those with a shorter sampling period; if the sampling period is the same, prioritizing those with a higher matching degree between the parameter name and terms in the synonym set and parameter name fragments in the natural language problem; if the matching degree is the same, prioritizing those with a recently active and normal status. The matching degree is calculated using one or more of the following methods: string equality, inclusion relation, edit distance, and preset thesaurus hit rules.
[0049] The natural language processing questions, orchestration definition data, object authorization mapping results, and measurement point name mappings are merged to form a data package corresponding to the data acquisition batch identifier. The data package uses the data acquisition batch identifier as a unique index and contains references to natural language processing questions, orchestration definition data, identity and permission data, and measurement point dictionary data, as well as the acquisition time. The data package stores connection relationship records, trigger sequence records, sets of read object names, sets of write object names, sets of control object names, sets of output data names, sets of authorized object names for operators, and measurement point name mappings.
[0050] In one embodiment, the data acquisition module is described below with reference to an example.
[0051] The natural language question input by the operator was: "Query the maximum value of the main steam pressure of Unit 1 between 08:00 and 08:30 on March 23, 202X, and compare it with the average value of the preceding 30 minutes." This input text retains the equipment name (Unit 1), parameter name (main steam pressure), time range (08:00 to 08:30 on March 23, 202X), statistical maximum value, and comparison relationship (average value of the preceding 30 minutes). During the data collection phase, the system does not delete fields or merge expressions in this text; instead, it retains the original question in its entirety.
[0052] For example, when the equipment name is Unit 1 and the parameter name is main steam pressure, the measurement point name mapping can retrieve three candidate measurement point identifiers. Measurement point identifier P001 has a unit of megapascals (MPA), a sampling period of 1 second, an available status, and a recent 10-minute active status of normal. Measurement point identifier P002 has a unit of megapascals (MPA), a sampling period of 5 seconds, an available status, and a recent 10-minute active status of normal. Measurement point identifier P003 has a unit of kilopascals (kPa), a sampling period of 1 second, an unavailable status, and a recent 10-minute active status of abnormal. The system ranks P001 first, P002 second, and P003 third according to their availability, sampling period, and activity status. If the natural language question does not specify a unit, the query result corresponding to P001 is preferred.
[0053] The instruction parsing module is used to parse natural language questions and obtain natural language parsing results; based on the natural language parsing results, it performs boundary mapping to generate query intent boundary data, and filters the orchestration definition data based on the query intent boundary data to obtain a set of action nodes.
[0054] Natural language processing (NLP) questions are parsed to obtain NLP results. NLP parsing is implemented using an instruction recognition model trained on business corpora. The input to the instruction recognition model is the NLP question text, along with one or more constraint data from a device dictionary, parameter dictionary, and action vocabulary. The output includes device name, parameter name, time range, statistical caliber, comparison relationship, filtering conditions, action verb, action target name, and action range description. The instruction recognition model employs one or more of the following methods: sequence labeling, intent classification with slot extraction, and large language model with constraint decoding. The training samples for the instruction recognition model consist of historical execution questions and manually labeled results. Labeled fields include device name, parameter name, time range, statistical caliber, comparison relationship, filtering conditions, action verb, action target name, and action range description. During the training process, the instruction recognition model uses a training and validation set partitioning method. The accuracy and recall of the extracted data (device name, parameter name, time range, statistical caliber, comparison relationship, filtering conditions, action verb, action target name, and action range description) are evaluated, and the model parameters and constraint decoding rules are adjusted based on the evaluation results.
[0055] The natural language processing (NLP) results include device name, parameter name, time range, statistical caliber, comparison relationship, filtering criteria, action verb, action target name, and action range description. Device name and parameter name are preserved in their original form. The time range retains both the original description and the start and end times. Action verb, action target name, and action range description are empty by default.
[0056] Based on the natural language parsing results, boundary mapping is performed to generate query intent boundary data. This data includes a set of read-only output data names and a set of action output data names. The read-only output data name set includes query plans, query result data, visualization content, definitions, and data quality tips. The action output data name set includes report output data, message output data, work order output data, alarm output data, configuration write data, and automatic handling data.
[0057] Boundary mapping uses action verbs, action target names, and action scope descriptions as triggering information. When the action verb, action target name, and action scope description are all empty, the query intent boundary data is limited to a set of read-only output data names, and the action output data name set is determined as a set of prohibited output data names. When any of the following occurs: the action verb is not empty, the action target name is not empty, and the action scope description is not empty, the query intent boundary data is determined to include both the set of read-only output data names and the set of action output data names, and the natural language parsing result is marked as an action intent candidate. These action intent candidates are only used to prompt subsequent entry into the action permission verification process and are not used as the basis for action release. Only when the action verb, action target name, and action scope description are all non-empty, and the action target name, after object name standardization, matches the set of write object names or control object names in the orchestration definition data, is the natural language parsing result determined as an action execution candidate, and entry into the subsequent action permission verification path is allowed. Action verbs are preferably identified from an action word table. The action vocabulary includes one or more of the following: export, send, push, generate work order, alarm, write, configure, distribute, control, linkage, reset, and handle.
[0058] Boundary mapping also controls the number of filtering conditions. When the number of filtering conditions exceeds the preset limit, they are retained according to the following priority: filtering conditions appearing in the same sentence as the device name and parameter name are given priority; filtering conditions with closer word distance to the device name and parameter name are given priority; filtering conditions that directly modify the device name and parameter name in dependency syntax are given priority; time conditions are given priority. The preset limit is configured to be five to twenty, preferably ten.
[0059] Based on the query intent boundary data, the orchestration definition data is filtered to obtain a set of action nodes. The filtering process reads the action declarations of each node in the node list to obtain a set of output data names, and then performs an intersection check with the action output data name set. If the intersection of the output data name set and the action output data name set is not empty, the corresponding node is added to the action node set. The filtering process simultaneously reads the node resource declarations to obtain a set of write object names and a set of control object names. If either the write object name set or the control object name set is not empty, the corresponding node is added to the action node set. The filtering process simultaneously reads the node type identifier. If the node type belongs to one or more of the following: message node, report node, work order node, alarm node, configuration write node, automatic handling node, external interface node, or file output node, the corresponding node is added to the action node candidate set. If the node type belongs to one or more of the following: script node with external access capability, script node with file writing capability, or script node with control call capability, the corresponding node is added to the action node candidate set. For a node in the candidate set of action nodes, the corresponding node will be included in the action node set if any of the following conditions are met: the node can reach an external system through connection relationship records, the node's execution result can be written to disk, the node's execution result can send a message, or the node's execution result can trigger control. The filtering process simultaneously retains the content related to the action node set in the connection relationship records and trigger sequence records, forming a connection and sequence description of the action node set.
[0060] In one embodiment, the instruction parsing module is described below with reference to examples.
[0061] The operator inputs a natural language question: "Query the maximum value of the main steam pressure of Unit 1 from 08:00 to 08:30 on March 23, 202X, and compare it with the average value of the previous 30 minutes." The natural language parsing result for this question might include: equipment name "Unit 1," parameter name "main steam pressure," time range "from 08:00 to 08:30 on March 23, 202X," statistical caliber "maximum value," comparison relationship "comparison with the average value of the previous 30 minutes," empty filter criteria, empty action verb, empty action target name, and empty action range description. In this natural language question, the action verb, action target name, and action range description are all empty; subsequent boundary mapping will limit the query intent boundary data to a read-only set of output data names.
[0062] For example, when the natural language question is to issue the speed of induced draft fan A of Unit 1 to 850 revolutions per minute, the action verb in the parsing result is "issue", the action target name is the speed of induced draft fan A of Unit 1, and the action range description is induced draft fan A of Unit 1. Then the query intent boundary data includes both the set of read-only output data names and the set of action output data names, and the natural language parsing result is marked as an action intent candidate.
[0063] For example, a natural language query might ask for the maximum values of the following conditions for Unit 1's A coal mill outlet temperature between 00:00 and 06:00 on March 23, 202X: load greater than 450 MW, main steam pressure greater than 16.5 MPa, reheat steam temperature greater than 540°C, oxygen content between 2.5% and 4.0%, primary air volume greater than 120 tons per hour, secondary air damper opening greater than 35%, A mill current greater than 48 amperes, coal flow greater than 38 tons per hour, denitrification inlet nitrogen oxides less than 280 mg / m³, and furnace negative pressure greater than -80 Pa. This natural language query contains 11 filtering conditions. With a preset upper limit of 10 conditions, the system prioritizes retaining the 10 conditions that appear in the same sentence as the A coal mill outlet temperature and Unit 1, and are closest in word distance, while removing the lowest-ranked condition.
[0064] The read-only permission constraint module categorizes and aggregates orchestration definition data to obtain node capability footprint data; it maps the node capability footprint data based on query intent boundary data and identity permission data to generate read-only data seal data; and it combines the read-only data seal data, node capability footprint data, and orchestration definition data into links to generate read-only execution links.
[0065] Please see Figure 3 As shown, the orchestration definition data is categorized and aggregated to obtain node capability footprint data. The node capability footprint data is indexed by node name and includes node name, node type, set of read object names, set of write object names, set of control object names, set of output data names, connection relationship records, and trigger order records. The sets of read object names, write object names, and control object names are derived from node resource declarations. The set of output data names is derived from node action declarations. The connection relationship records and trigger order records are derived from node connection relationships and node trigger order.
[0066] Based on node capability footprint data, the node capability footprint data is mapped using query intent boundary data and identity / permission data to generate read-only data seal data and read authorization scope data. The mapping process first determines the set of allowed object names based on the identity / permission data. The read authorization scope data includes the set of allowed object names.
[0067] The mapping process uses the following sets of data names: output data name set, read object name set, write object name set, control object name set, and allowed read object name set. If the intersection of the output data name set and the action output data name set is not empty, the corresponding node name is added to the read-only prohibited node name set. If the write object name set is not empty, the corresponding node name is added to the read-only prohibited node name set. If the control object name set is not empty, the corresponding node name is added to the read-only prohibited node name set. If the difference between the read object name set and the allowed read object name set is not empty, and the intersection of the read object name set and the allowed read object name set is empty, the corresponding node name is added to the read-only prohibited node name set. If the difference between the read object name set and the allowed read object name set is not empty, and the intersection of the read object name set and the allowed read object name set is not empty, the corresponding node name is added to the read-restricted node name set. If the read object name set is a subset of the allowed read object name set, and the corresponding node name is neither added to the read-only prohibited node name set nor to the read-restricted node name set, the corresponding node name is added to the read-only allowed node name set.
[0068] The read-only data sealing data includes a set of read-only allowed node names, a set of read-only prohibited node names, a set of read-restricted node names, a set of read-only prohibited object names, a set of read-only allowed read object names, and a set of read-only allowed output data names. The set of read-only prohibited object names is obtained by deduplicating and merging the set of write object names and the set of control object names. The process of determining the set of read-only allowed read object names includes the following steps: extracting the read object name set corresponding to each node in the set of read-only allowed node names; performing a union operation on each extracted read object name set to obtain the node read union; and then performing an intersection operation on the node read union and the set of allowed read object names to obtain the set of read-only allowed read object names. The set of read-only allowed output data names is determined by the set of read-only output data names. The set of read-restricted node names is used to identify the set of node names for which some authorized read objects exist and need to be removed during the link assembly phase.
[0069] Link combination is performed based on read-only data, sealed data, node capability footprint data, and orchestration definition data to generate read-only execution links. Link combination abstracts the orchestration definition data into a directed graph. Nodes corresponding to the set of read-only allowed node names are used as candidate vertices. Connection records are used as directed edges. Trigger order records are used as path sorting constraints. Link combination searches all reachable paths based on the connection records in the orchestration definition data. Paths passing through the set of read-only prohibited node names are eliminated. Paths passing through the set of read-restricted node names are eliminated. Paths whose set of read object names is not a subset of the set of read-only allowed read object names are eliminated. Paths whose set of output data names is not a subset of the set of read-only allowed output data names are eliminated. For the remaining paths, a read-only node sequence is generated according to the trigger order record, and this read-only node sequence is determined as the read-only execution link. If no complete path meeting the conditions exists, a read-only execution link failure flag is generated, and entry into the query execution phase is prohibited; only the natural language parsing result and failure reason identifier are output.
[0070] After link combination, the set of read-only prohibited object names, the set of read-only allowed object names, and the set of read-only allowed output data names are bound to the read-only node sequence, forming a read-only execution link constraint expression. The read-only execution link constraint expression stipulates that the read-only node sequence may not reach the set of read-only prohibited object names, may not read objects outside the set of read-only allowed object names, and may not produce output data outside the set of read-only allowed output data names.
[0071] In one embodiment, the read-only permission constraint module is described below with reference to an example.
[0072] The set of allowed read object names in the operator's authorized object name set is {OBJ_P001, OBJ_T005, OBJ_F012}. Node N1's read object name set is {OBJ_P001}, its write object name set is empty, its control object name set is empty, and its output data name set is {query result data}. Node N2's read object name set is {OBJ_P001, OBJ_X099}, its write object name set is empty, its control object name set is empty, and its output data name set is {query result data}. Node N3's read object name set is empty, its write object name set is {OBJ_CFG021}, its control object name set is empty, and its output data name set is {configuration write data}. Node N4's read object name set is {OBJ_T005}, its write object name set is empty, its control object name set is empty, and its output data name set is {query result data}. In this example, node N1 is added to the set of read-only allowed node names, node N2 is added to the set of read-restricted node names, node N3 is added to the set of read-only prohibited node names, and node N4 is added to the set of read-only allowed node names. The set of read-only prohibited object names is {OBJ_CFG021}. The set of read-only allowed object names is obtained by performing an intersection operation between {OBJ_P001, OBJ_T005, OBJ_F012} and the union of the corresponding read object name sets of nodes N1 and N4, {OBJ_P001, OBJ_T005}.
[0073] For example, the connection relationship record corresponding to the orchestration definition data includes two candidate paths. Path 1 passes through nodes N1, N2, N3, and N5 in sequence, while path 2 passes through nodes N1, N4, and N5 in sequence. Assuming that node N2 belongs to the set of read-restricted node names, node N3 belongs to the set of read-only prohibited node names, and nodes N1, N4, and N5 belong to the set of read-only allowed node names, then during the link combination process, path 1 is eliminated, and path 2 is retained. If the triggering order records for path 2 are 10, 20, and 30, then the generated read-only node sequence is N1, N4, and N5, and this read-only node sequence is determined as the read-only execution link. Furthermore, if there is a candidate path containing a loop, with the node traversal order being N1, N4, N1, N4, and N5, and the preset maximum number of loop expansions is 2, then the system stops expanding after nodes N1 and N4 each appear twice, and retains the candidate path formed before truncation for subsequent filtering.
[0074] The action permission verification module matches identity permission data and node capability footprint data to obtain read authorization range data and action authorization range data; based on the natural language parsing results, read authorization range data and action authorization range data, it makes a release judgment and generates the action permission type.
[0075] Please see Figure 4 As shown, after obtaining identity and permission data, a set of authorized object names for operators is formed. This set of authorized object names for operators must at least distinguish between sets of allowed read object names, allowed write object names, and allowed control object names. The object names in the set of authorized object names for operators maintain the same standard namespace as the orchestration definition data. After obtaining node capability footprint data, sets of read object names, write object names, and control object names are formed. These sets of read object names, write object names, and control object names maintain the original naming of the node capability footprint data. When the naming of different data sources is inconsistent with the standard namespace, object names are standardized according to the correspondence table between object codes and object names before set matching.
[0076] The identity and permission data and node capability footprint data are matched to obtain read authorization scope data and action authorization scope data. The read authorization scope data is output with the node name as the index and includes the node name and a set of allowed read object names. The action authorization scope data is output with the node name as the index and includes the node name, a set of allowed write object names, and a set of allowed control object names. The set of allowed write object names is obtained by performing an intersection operation between the allowed write object name set and the allowed write object name set from the operator's authorized object name set. The set of allowed control object names is obtained by performing an intersection operation between the control object name set and the allowed control object name set from the operator's authorized object name set. Object names in both the read authorization scope data and the action authorization scope data are represented using standard namespaces and are consistent with the object name standardization results.
[0077] Based on the natural language parsing results, the authorized scope data, and the action authorized scope data, an action permission type is generated. The natural language parsing results include the action verb, the action target name, and the action scope description. The permission determination requires the action verb, action target name, and action scope description as necessary inputs, and uses the action authorized scope data as object boundary constraints. If any of the following conditions occur: the action verb is empty, the action target name is empty, or the action scope description is empty, the action permission type is set to "not permitted," and the corresponding natural language parsing result is marked as "action intent incomplete." If the action verb, action target name, and action scope description are all not empty, the action target name is standardized (after object name standardization) and its membership is determined against the allowed-to-write object name set and the allowed-to-control object name set. If the standardized action target name matches the allowed-to-write object name set, the action permission type is set to "permitted." If the standardized action target name matches the allowed-to-control object name set, the action permission type is set to "permitted." If the action target name, after object name standardization, does not match either the set of allowed write object names or the set of allowed control object names, the action permission type is set to "not allow," and the reason is marked as "target object not authorized." The action permission type set is formed using the node name as an index.
[0078] In one embodiment, the action permission verification module is described below with reference to an example.
[0079] The set of write object names for node N8 is {OBJ_CFG021, OBJ_CFG022}, and the set of control object names for node N9 is {OBJ_CTL031}. The set of allowed write object names in the operator's authorized object name set is {OBJ_CFG021}, and the set of allowed control object names is {OBJ_CTL031, OBJ_CTL032}. Therefore, the set of allowed write object names in the action authorization range data for node N8 is {OBJ_CFG021}, and the set of allowed control object names in the action authorization range data for node N9 is {OBJ_CTL031}. When the natural language problem involves writing the alarm threshold for Unit 1 to 16.8 MPa, and the action target name after object name standardization matches OBJ_CFG021, the action permission type is set to "allow". Conversely, when the natural language problem involves writing the standby alarm threshold for Unit 1 to 17.2 MPa, and the action target name after object name standardization matches OBJ_CFG099, but OBJ_CFG099 does not fall into the set of allowed write object names, the action permission type is set to "not allow". Similarly, when the natural language problem only involves issuing parameters for Unit 1, but lacks an action target name or action scope description, the action permission type is also set to "not allow", and it is marked as having incomplete action intent.
[0080] The results output module queries the measurement point dictionary data based on the read-only execution link, the read authorization range data, and the natural language parsing results to obtain the query result data; it performs constraint operations on the action node set based on the action permission type, the action authorization range data, and the natural language parsing results to obtain the execution result.
[0081] The system queries the measurement point dictionary data based on the read-only execution chain, the authorized reading range data, and the natural language parsing results to obtain query results. The natural language parsing results include device name, parameter name, time range, statistical caliber, comparison relationship, and filtering conditions. The system retrieves a candidate measurement point identifier set from the measurement point dictionary data based on the device name and parameter name, filters it using the authorized reading range data to obtain an authorized measurement point identifier set, and then combines the time range, statistical caliber, comparison relationship, filtering conditions, and authorized measurement point identifier set to form a query request. If the candidate measurement point identifier set is empty, the system generates a measurement point missing flag and terminates the query execution. If the candidate measurement point identifier set is empty after filtering with the authorized reading range data, the system generates a no-read-permission flag and terminates the query execution. The read-only execution chain processes query requests according to the read-only node sequence trigger order, and during processing, verifies whether the measurement point identifiers involved in the query request fall within the measurement point range corresponding to the read-only allowed read object name set, and whether the query output falls within the read-only allowed output data name set; if either verification fails, the corresponding query execution is terminated, and a failure reason flag is output. The query results are organized using measurement point identifiers as the index and include time series values and statistical values. When multiple candidate measurement point identifiers exist, the query result with the highest ranking is preferentially output, while the remaining candidate measurement point identifiers, their corresponding ranking results, and the reasons for not being selected are retained as backtracking information.
[0082] Based on action permission type, action authorization scope data, and natural language parsing results, constraint operations are performed on the action node set to obtain the execution result. Action permission type is indexed by node name, with values of "allow" or "deny". Constraint operations process the action node set one by one by node name. For node names with an action permission type of "deny", the constraint operation removes the corresponding node from the connection relationship record and trigger order record corresponding to the action node set. For node names with an action permission type of "allow", the constraint operation appends the action verb, action target name, and action scope description from the natural language parsing results to the trigger condition description of the corresponding node, and appends the set of allowed write object names or allowed control object names that match the standardized action target name to the object scope description of the corresponding node to limit the actual executable object scope of the node. An action node is executed when the action type field matches an action supported by the node, the target object field belongs to the authorized object whitelist field, and the scope field conforms to the preset structured description format. The preset structured description format of the scope field includes at least a scope type field and a scope value field. The scope type field identifies the device scope, area scope, or loop scope, while the scope value field provides a list of object names under the standard namespace. When the action scope description in the natural language parsing result cannot be converted to the preset structured description format, the action permission type corresponding to that action node is kept as "not allowed," and the reason is marked as "scope description unstructured." The execution result includes query result data, visualization content, action permission type, read authorized scope data, and action node set constraint results. The action node set constraint results include a list of non-participating node names, a list of participating node names, and the corresponding object scope description. Action execution is simultaneously subject to object authorization constraints and scope structured format constraints.
[0083] In one embodiment, the result output module is described below with reference to an example.
[0084] The natural language query asks for the maximum value of the main steam pressure of Unit 1 between 08:00 and 08:30 on March 23, 202X. The system retrieves a set of candidate measuring point identifiers {P001, P002, P003}. After filtering the authorized range data, the authorized measuring point identifier set is obtained as {P001, P002}. Within the time window of 08:00 to 08:30 on March 23, 202X, P001 corresponds to a time series value with 1800 sampling points, a maximum value of 16.72 MPa, and an average value of 16.48 MPa; P002 corresponds to a time series value with 360 sampling points, a maximum value of 16.69 MPa. The system preferentially outputs the query result corresponding to P001, and retains P002 as an unselected candidate measuring point identifier, recording the reason for its unselection as a longer sampling period. If the candidate test point identifier set is empty after filtering the authorized reading range data, a no-read-permission flag is generated and the query execution is terminated.
[0085] For example, an action node supports the action type field as "control" and the target object whitelist field as {OBJ_CTL031, OBJ_CTL032}. When the action verb in the natural language parsing result is "control," the standardized action target name corresponds to OBJ_CTL031, and the action scope description is structured so that the scope type field equals the device scope and the scope value field equals {EQP_1A_FAN_01}, the system allows the action node to enter the execution state. However, if the action scope description is "process that wind turbine as well," because this expression cannot be converted into a structured description format composed of the scope type field and the scope value field, the system will maintain the corresponding action permission type as "not allowed" and mark the reason as "scope description unstructured." Example 2:
[0086] Please see Figure 2 As shown, this embodiment provides a method for querying runtime parameters based on natural language parsing, including:
[0087] Acquire natural language questions, orchestration definition data, identity and permission data, and measurement point dictionary data;
[0088] The natural language problem is parsed to obtain the natural language parsing result; based on the natural language parsing result, boundary mapping is performed to generate query intent boundary data; and based on the query intent boundary data, the orchestration definition data is filtered to obtain the action node set.
[0089] The orchestration definition data is categorized and aggregated to obtain node capability footprint data; the node capability footprint data is mapped based on query intent boundary data and identity permission data to generate read-only data seal data; the read-only data seal data, node capability footprint data and orchestration definition data are combined into links to generate read-only execution links;
[0090] The identity and permission data and node capability footprint data are matched to obtain read authorization range data and action authorization range data; based on the natural language parsing results, read authorization range data and action authorization range data, a pass determination is made to generate the action permission type;
[0091] The measurement point dictionary data is queried based on the read-only execution link, the read authorization range data, and the natural language parsing results to obtain the query result data; the action node set is constrained based on the action permission type, the action authorization range data, and the natural language parsing results to obtain the execution result.
[0092] The above description is merely a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the technical scope disclosed in the present invention should be included within the scope of protection of the present invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.
[0093] In conclusion, the above description is only a preferred embodiment of the present invention and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of the present invention should be included within the protection scope of the present invention.
Claims
1. A method for calculating runtime parameters based on natural language parsing, characterized in that, include: Acquire natural language questions, orchestration definition data, identity and permission data, and measurement point dictionary data; The natural language problem is parsed to obtain the natural language parsing result; Boundary mapping is performed based on the natural language parsing results to generate query intent boundary data. Then, the orchestration definition data is filtered based on the query intent boundary data to obtain a set of action nodes. Classify, aggregate, and arrange definition data to obtain node capability footprint data; Map the node capability footprint data based on query intent boundary data and identity permission data to generate read-only data seal data; combine the read-only data seal data, node capability footprint data and orchestration definition data into a link to generate a read-only execution link; By matching identity and permission data with node capability footprint data, we can obtain read authorization scope data and action authorization scope data. Based on the natural language parsing results, the read authorization scope data and action authorization scope data, the pass determination is made, and the action permission type is generated; Based on the read-only execution link, the read authorization range data, and the natural language parsing results, the measurement point dictionary data is queried to obtain the query result data; Based on the action permission type, action authorization scope data, and natural language parsing results, constraint operations are performed on the action node set to obtain the execution result.
2. The method for calculating runtime parameters based on natural language parsing according to claim 1, characterized in that, Natural language parsing results include device name, parameter name, time range, statistical caliber, comparison relationship, filtering conditions, action verbs, action target name, and action range description.
3. The method for calculating runtime parameters based on natural language parsing according to claim 2, characterized in that, The query intent boundary data includes a set of read-only output data names and a set of action output data names. When the action verb, action target name, and action scope description are all empty, the query intent boundary data is limited to the set of read-only output data names. When at least one of the action verb, action target name, and action scope description is not empty, the natural language parsing result is marked as an action intent candidate. When the action verb, action target name, and action scope description are all not empty, and the action target name, after being normalized by object name, matches the set of write object names or the set of control object names in the orchestration definition data, the natural language parsing result is determined as an action execution candidate.
4. The method for calculating runtime parameters based on natural language parsing according to claim 1, characterized in that, The node capability footprint data is indexed by node name and includes node name, node type, set of read object names, set of write object names, set of control object names, set of output data names, connection relationship records, and trigger order records. The node capability footprint data is obtained by classifying and aggregating orchestration definition data based on node resource declarations, node action declarations, node connection relationships, and node trigger order.
5. The method for calculating runtime parameters based on natural language parsing according to claim 1, characterized in that, When generating read-only data seal data based on query intent boundary data, identity and permission data, and node capability footprint data, the action output data name set is extracted from the query intent boundary data. Based on the identity and permission data, the set of allowed object names is determined, and read authorization scope data is generated. The read authorization scope data includes the set of allowed object names. When the intersection of the output data name set and the action output data name set is not empty, the set of written object names is not empty, or the set of controlled object names is not empty, the corresponding node is added to the read-only prohibited node name set.
6. The method for calculating runtime parameters based on natural language parsing according to claim 5, characterized in that, Based on the correspondence between the set of read object names and the set of allowed read object names, nodes are divided into read-only restrictions. When the difference between the set of read object names and the set of allowed read object names is not empty and the intersection is empty, the corresponding node is added to the set of prohibited read node names. When the difference between the set of read object names and the set of allowed read object names is not empty and the intersection is not empty, the corresponding node is added to the set of restricted read node names. When the set of read object names is a subset of the set of allowed read object names and the corresponding node is not added to either of the aforementioned sets, the corresponding node is added to the set of allowed read node names.
7. The method for calculating runtime parameters based on natural language parsing according to claim 6, characterized in that, The read-only data sealing data includes a set of read-only allowed node names, a set of read-only prohibited node names, a set of read-restricted node names, a set of read-only prohibited object names, a set of read-only allowed read object names, and a set of read-only allowed output data names. Among them, the set of read-only prohibited object names is obtained by deduplicating and merging the set of write object names and the set of control object names; the set of read-only allowed read object names is obtained by taking the intersection of the union of the set of read object names corresponding to the read-only allowed node and the set of allowed read object names; and the set of read-only allowed output data names is obtained by filtering the set of read-only output data names and the set of output data names corresponding to the read-only allowed node.
8. The method for calculating runtime parameters based on natural language parsing according to claim 7, characterized in that, When generating read-only execution links based on read-only data seal data, node capability footprint data, and orchestration definition data, the orchestration definition data is abstracted into a directed graph, with connection relationship records as directed edges and trigger order records as path sorting constraints. All reachable paths are searched, and paths with loops are truncated according to the preset maximum number of loop expansions. Paths that pass through read-only prohibited nodes or read-restricted nodes, paths whose set of read object names is not a subset of the set of read-only allowed read object names, and paths whose set of output data names is not a subset of the set of read-only allowed output data names are removed. Based on the triggering order, a read-only node sequence is generated to obtain the read-only execution link.
9. The method for calculating runtime parameters based on natural language parsing according to claim 1, characterized in that, The action authorization scope data includes a set of allowed write object names and a set of allowed control object names. The action permission type is determined based on the action verb, action target name, action scope description, and action authorization scope data. If any of these are empty or the action target name, after object name standardization, does not match either the allowed write object name set or the allowed control object name set, the action permission type is set to "not allowed," and the corresponding node is removed from the connection relationship record and trigger order record corresponding to the action node set. If a match is found, the action verb, action target name, and action scope description are appended to the trigger condition description of the corresponding node, and the matched authorized object name is appended to the object scope description. If the action scope description cannot be converted to a preset structured description format, the action is kept "not allowed," where the preset structured description format includes at least a scope type field and a scope value field.
10. A runtime parameter counting system based on natural language parsing, used to implement the runtime parameter counting method based on natural language parsing as described in any one of claims 1-9, characterized in that, include: The data acquisition module is used to acquire natural language questions, arrangement definition data, identity and permission data, and measurement point dictionary data; The instruction parsing module is used to parse natural language questions and obtain natural language parsing results; Boundary mapping is performed based on the natural language parsing results to generate query intent boundary data. Then, the orchestration definition data is filtered based on the query intent boundary data to obtain a set of action nodes. The read-only permission constraint module is used to classify, aggregate, and arrange the orchestration definition data to obtain node capability footprint data; Map the node capability footprint data based on query intent boundary data and identity permission data to generate read-only data seal data; combine the read-only data seal data, node capability footprint data and orchestration definition data into a link to generate a read-only execution link; The action permission verification module matches identity permission data and node capability footprint data to obtain read authorization range data and action authorization range data; Based on the natural language parsing results, the authorization scope data and action authorization scope data are read to make a pass determination and generate the action permission type.