CN210835688U - Network security plant-level monitoring information system - Google Patents
Network security plant-level monitoring information system Download PDFInfo
- Publication number
- CN210835688U CN210835688U CN201922474095.1U CN201922474095U CN210835688U CN 210835688 U CN210835688 U CN 210835688U CN 201922474095 U CN201922474095 U CN 201922474095U CN 210835688 U CN210835688 U CN 210835688U
- Authority
- CN
- China
- Prior art keywords
- isolator
- server
- switch
- unit
- phase
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The utility model relates to a network security factory level monitored information system. The core server network structure of the original system adopts the form of a single server, and from the perspective of the system security theory, once the core server is paralyzed or crashed, the monitoring information system of the whole plant is lost monitoring. A network security factory level monitoring information system, comprising: the system comprises a disk array (1) which is respectively connected with a real-time data server A (2) and a real-time data server B (3), the real-time data server A and the real-time data server B are respectively connected with a convergence switch (4), the convergence switch is respectively connected with an interface machine (5), a mirror image isolator (6), a first-stage coal consumption switch (7) and a second-stage SIS switch (8), the mirror image isolator is connected with an MIS switch (9), and the second-stage SIS switch is connected with a second-stage coal consumption switch (12). The utility model discloses be applied to network security factory level monitored information system.
Description
The technical field is as follows:
the utility model relates to a network security factory level monitoring information system, especially this information system's hardware architecture.
Background art:
the core server network structure of the original system adopts a single server form. From the perspective of the system security theory, it is unreasonable that the core server adopts a single server mode, once the core server is broken down or crashed, the monitoring information system of the whole plant is not monitored, and the important parameters transmitted to the group company cannot be checked. If the patient can not recover for a long time, the consequences are serious; the factory-level monitoring information system and the management area adopt a firewall to carry out safety control, and the hidden danger that the management area directly falsify the data server exists.
The plant-level monitoring information system covers the field data of 4 machine set main and auxiliary control system networks, all production real-time data and historical data are stored in the SIS core server, and the SIS system plays an important role in whole plant production management work and also plays a role in providing production real-time data for related departments of group companies. The factory-level monitoring information system belongs to a second safety area, the factory-level monitoring information system and the management area only adopt a firewall to perform safety control, and the hidden danger that the management area directly falsify a system data server exists; the single server mode is limited by conditions such as data processing speed and storage capacity, and is not beneficial to function expansion of a plant-level monitoring information system. Therefore, the form of a single server is adopted, which is unreasonable.
The invention content is as follows:
the utility model aims at providing a network security factory level monitored control information system, this system is through increasing a redundant database server, a mirror image server on the basis of former single server. The two database servers are physically isolated from the mirror image server by using an isolator, and the mirror image server is communicated with the management large area through a firewall, so that the safety and the reliability of system operation are improved.
The above purpose is realized by the following technical scheme:
a network security factory level monitoring information system, comprising: disk array, disk array be connected with real-time data server A and real-time data server B respectively, real-time data server A and real-time data server B are connected and are connected with the switch that assembles respectively, the switch that assembles be connected with interface machine, mirror image isolator, the first phase coal consumption switch and second phase SIS switch respectively, wherein the mirror image isolator be connected with the MIS switch, the MIS switch be connected with hot wall and mirror image database server respectively, second phase SIS switch be connected with second phase coal consumption switch, second phase coal consumption switch be connected with second phase coal consumption isolator, first phase coal consumption switch be connected with first phase coal consumption isolator.
Network security plant level monitored control information system, the aggregation switch still respectively with assist net isolator, first stage desulfurization isolator, keep first stage isolator A and keep first stage isolator B again and be connected, second stage SIS switch respectively with keep second stage isolator, second stage desulfurization isolator, ammonia station isolator connect, second stage coal consumption switch be connected with 3 number of unit isolators and 4 number of unit isolators respectively, first stage coal consumption switch be connected with 1 number of unit isolators and 2 number of unit isolators respectively.
Network security plant level monitored control information system, the relay protect first phase isolator A and relay protect the switch and be connected, relay protect the switch respectively with 1 number, 2 number ECS server and HPC1 server connection, 1 number unit isolator and 1 number unit server connection, 2 number unit isolator and 2 number unit server connection, auxiliary network isolator and auxiliary network server connection, first desulfurization isolator and first desulfurization server are connected, relay protect first phase isolator B and EMS electric quantity server connection, relay protect second phase isolator and HPC2 server connection, 2 number desulfurization isolator and second phase desulfurization server connection, ammonia station isolator and ammonia station server connection, 3 number unit isolator and 3 number unit server connection, 4 number unit isolator and 4 number unit server connection.
Network security factory level monitoring information system, 1 number of unit isolator, 2 number of unit isolator, auxiliary network isolator and first desulfurization isolator set up in first phase SIS within a definite time, the relay protect first phase isolator A and relay protect the switch setting in 1 number of electron within a definite time, relay protect first phase isolator B set up in first phase relay protect the station, relay protect second phase isolator set up in second phase relay protect the station of engineer, 2 number of desulfurization isolator, ammonia station isolator, 3 number of unit isolator and 4 number of unit isolator set up respectively in second phase SIS within a definite time.
Network security factory level monitoring information system, No. 1 unit service, No. 2 unit server, auxiliary network server and first desulfurization server set up an period SIS in, No. 1, No. 2 ECS server and HPC1 server set up in No. 1 electron, EMS electric quantity server sets up in first period relay protection engineer station, HPC2 server sets up in second period relay protection engineer station, second period desulfurization server, ammonia station server, No. 3 unit server and No. 4 unit server set up in second period SIS.
The utility model has the advantages that:
1. the utility model discloses use the isolator to carry out physical isolation between database server and the mirror image server, realized two districts of production and the real isolation in management big district. The mirror image server communicates with the management area through a firewall, white list management is added to the firewall, IP access except the white list is forbidden, and the safety of the system is enhanced.
2. The utility model discloses an increase a redundant database server, a mirror image server. The database server and the mirror image server are physically isolated by using an isolator, so that the real isolation of a production second area and a management large area is realized. The mirror image server communicates with the management area through a firewall, white list management is added to the firewall, IP access except the white list is forbidden, and the safety of the system is enhanced.
3. The utility model discloses increase a redundant database server, a mirror image server on former system basis. In addition, in order to improve the data storage rate and the safety of data storage, a disk array is added under the mode of adopting server cluster management and is managed by the two core servers together, so that when one server fails, the other server can automatically take over data resources in a seamless mode, thereby ensuring the uniqueness and continuity of data; the mirror image server realizes physical isolation between the production control large area and the management information large area through a physical isolator; the mirror image server communicates with the management area through a firewall, adds white list management to the firewall, and forbids IP access except the white list.
4. The operation of the system of the utility model only realizes the redundant mode of 'hot standby' operation between two core servers; the uniqueness and the continuity of the data are also ensured; in addition, the safe operation of the system is ensured by the physical isolation between the production control area and the management information area and the communication between the mirror image server and the management area through a firewall.
5. The utility model relates to a solve factory level monitored information system's safe operation problem. Compared with the original system, the added redundant database server realizes the redundant mode of 'hot standby' operation between two core servers and ensures the continuity of data; the newly-added mirror image server is physically isolated from the database server and is communicated with the management area through a firewall, so that the hidden danger that the management area directly falsify the system data server is solved.
Description of the drawings:
fig. 1 is a schematic structural diagram of the present invention.
In the figure: 1. the system comprises a disk array, 2 real-time data servers A and 3, real-time data servers B and 4, a convergence switch, 5, an interface machine, 6, a mirror image isolator, 7 and a first-stage coal consumption switch. 8. Second-stage SIS switch, 9, MIS switch, 10, firewall, 11, mirror database server, 12, second-stage coal consumption switch, 13, second-stage coal consumption isolator, 14, first-stage coal consumption isolator, 15, auxiliary network isolator, 16, first-stage desulfurization isolator, 17, relay protection first-stage isolator A, 18, relay protection first-stage isolator B, 19, relay protection second-stage isolator, 20, second-stage desulfurization isolator, 21, ammonia station isolator, No. 22, No. 3 set isolator, No. 23, No. 4 set isolator, No. 24, No. 1 set isolator, No. 25, No. 2 set isolator, 26, relay protection switch, 27, No. 1, No. 2 ECS server, 28, HPC1 server, No. 29, No. 1 set server, No. 30, No. 2 set server, 31, auxiliary network server, 32, first-stage desulfurization server, 33, EMS server, 34, HPC2, 35, second-stage desulfurization server, 36. ammonia station server, 37, 3 machine group server, 38, 4 machine group server, 39, first stage SIS, 40, 1 electronic stage, 41, first stage relay protection engineer station, 42, second stage relay protection engineer, 43, second stage SIS.
The specific implementation mode is as follows:
example 1:
a network security factory level monitoring information system, comprising: disk array 1, disk array be connected with real-time data server A2 and real-time data server B3 respectively, real-time data server A and real-time data server B connect and are connected with aggregation switch 4 respectively, aggregation switch be connected with interface machine 5, mirror image isolator 6, first phase coal consumption switch 7 and second phase SIS switch 8 respectively, wherein mirror image isolator be connected with MIS switch 9, MIS switch be connected with firewall 10 and mirror database server 11 respectively, second phase SIS switch be connected with second phase coal consumption switch 12, second phase coal consumption switch be connected with second phase coal consumption isolator 13, first phase coal consumption switch be connected with first phase coal consumption isolator 14.
Example 2:
according to embodiment 1 the network security plant-level monitoring information system, the aggregation switch is further respectively connected with the auxiliary network isolator 15, the first-stage desulfurization isolator 16, the first-stage relay protection isolator A17 and the first-stage relay protection isolator B18, the second-stage SIS switch is respectively connected with the second-stage relay protection isolator 19, the second-stage desulfurization isolator 20 and the ammonia station isolator 21, the second-stage coal consumption switch is respectively connected with the No. 3 unit isolator 22 and the No. 4 unit isolator 23, and the first-stage coal consumption switch is respectively connected with the No. 1 unit isolator 24 and the No. 2 unit isolator 25.
Example 3:
according to embodiment 1 or 2 of network security factory level monitoring information system, the relay protection first-stage isolator a is connected with the relay protection switch 26, the relay protection switch is respectively connected with the ECS server 27 and the HPC1 server 28, the unit isolator 1 is connected with the unit server 29, the unit isolator 2 is connected with the unit server 30, the auxiliary network isolator is connected with the auxiliary network server 31, the first-stage desulfurization isolator is connected with the first-stage desulfurization server 32, the relay protection first-stage isolator B is connected with the EMS power server 33, the relay protection second-stage isolator is connected with the HPC2 server 34, the second-stage desulfurization isolator 2 is connected with the second-stage desulfurization server 35, the ammonia station isolator is connected with the ammonia station server 36, the unit isolator 3 is connected with the unit server 3 37, and the unit isolator 4 is connected with the unit server 38.
Example 4:
according to the network security plant-level monitoring information system of embodiment 1 or 2 or 3, the number 1 machine group isolator, the number 2 machine group isolator, the auxiliary network isolator and the first-stage desulfurization isolator are arranged in the first-stage SIS chamber 39, the first-stage relay protection isolator a and the relay protection switch are arranged in the number 1 electronic chamber 40, the first-stage relay protection isolator B is arranged in the first-stage relay protection engineer station 41, the second-stage relay protection isolator is arranged in the second-stage relay protection engineer station 42, and the number 2 desulfurization isolator, the ammonia station isolator, the number 3 machine group isolator and the number 4 machine group isolator are respectively arranged in the second-stage SIS chamber 43.
Example 5:
according to embodiment 1 or 2 or 3 or 4 of the network security plant-level monitoring information system, the number 1 unit service, the number 2 unit server, the auxiliary network server and the first-stage desulfurization server are arranged in the first-stage SIS, the number 1, the number 2 ECS server and the HPC1 server are arranged in the number 1 electronic room, the EMS electricity server is arranged in the first-stage relay protection engineer station, the HPC2 server is arranged in the second-stage relay protection engineer station, and the second-stage desulfurization server, the ammonia station server, the number 3 unit server and the number 4 unit server are arranged in the second-stage SIS.
Claims (5)
1. A network security factory level monitoring information system, comprising: the disk array is characterized in that: disk array be connected with real-time data server A and real-time data server B respectively, real-time data server A and real-time data server B are connected and are connected with the switch that assembles respectively, the switch that assembles be connected with interface machine, mirror image isolator, the first phase coal consumption switch and second phase SIS switch respectively, wherein mirror image isolator and MIS switch be connected, the MIS switch be connected with hot wall and mirror image database server respectively, second phase SIS switch and second phase coal consumption switch be connected, second phase coal consumption switch and second phase coal consumption isolator be connected, first phase coal consumption switch be connected with first phase coal consumption isolator.
2. The network security factory level monitoring information system of claim 1, wherein: the aggregation switch is connected with an auxiliary network isolator, a first-stage desulfurization isolator, a relay first-stage isolator A and a relay first-stage isolator B respectively, a second-stage SIS switch is connected with a relay second-stage isolator, a second-stage desulfurization isolator and an ammonia station isolator respectively, a second-stage coal consumption switch is connected with a 3 # unit isolator and a 4 # unit isolator respectively, and the first-stage coal consumption switch is connected with a1 # unit isolator and a2 # unit isolator respectively.
3. The network security factory level monitoring information system of claim 2, wherein: keep a phase isolator A and keep the switch with continuing to be connected, keep the switch with continuing to be connected with No. 1, No. 2 ECS server and HPC1 server respectively, 1 number of unit isolator and No. 1 unit server connection, No. 2 unit isolator and No. 2 unit server connection, auxiliary network isolator and auxiliary network server connection, first desulfurization isolator is connected with first desulfurization server, keep a phase isolator B and EMS electric quantity server connection again, keep second phase isolator and HPC2 server connection again, No. 2 desulfurization isolator and second desulfurization server connection, ammonia station isolator and ammonia station server connection, No. 3 unit isolator and No. 3 unit server connection, No. 4 unit isolator and No. 4 unit server connection.
4. The network security factory level monitoring information system of claim 3, wherein: isolator, No. 1 unit isolator, No. 2 unit isolator, auxiliary network isolator and first desulfurization isolator set up in a period SIS, the relay protect first phase isolator A and relay protect the switch setting in No. 1 electron, relay protect first phase isolator B set up in a period relay protect the engineer station, relay protect second phase isolator set up in second phase relay protect the engineer station, No. 2 desulfurization isolator, ammonia station isolator, No. 3 unit isolator and No. 4 unit isolator set up respectively in second phase SIS.
5. The network security factory level monitoring information system of claim 4, wherein: no. 1 unit service, No. 2 unit server, auxiliary network server and first desulfurization server set up SIS in the time, No. 1, ECS server and HPC1 server setting in No. 1 electron is in, EMS electric quantity server sets up in first relay protection engineer station, HPC2 server sets up in second relay protection engineer station, second desulfurization server, ammonia station server, No. 3 unit server and No. 4 unit server set up in second SIS.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201922474095.1U CN210835688U (en) | 2019-12-31 | 2019-12-31 | Network security plant-level monitoring information system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201922474095.1U CN210835688U (en) | 2019-12-31 | 2019-12-31 | Network security plant-level monitoring information system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN210835688U true CN210835688U (en) | 2020-06-23 |
Family
ID=71257056
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201922474095.1U Active CN210835688U (en) | 2019-12-31 | 2019-12-31 | Network security plant-level monitoring information system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN210835688U (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112187830A (en) * | 2020-10-21 | 2021-01-05 | 大唐吉木萨尔五彩湾北一发电有限公司 | Data acquisition and monitoring system of thermal power factory |
-
2019
- 2019-12-31 CN CN201922474095.1U patent/CN210835688U/en active Active
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112187830A (en) * | 2020-10-21 | 2021-01-05 | 大唐吉木萨尔五彩湾北一发电有限公司 | Data acquisition and monitoring system of thermal power factory |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2018053947A1 (en) | Peer-to-peer mutual backup method suitable for multi-region integrated control of power grid | |
CN102255389B (en) | Method for implementing intensive intelligent substation based on intelligent power grid system | |
CN103366312A (en) | Intelligent transformer substation cloud system | |
CN104348254A (en) | Transformer substation monitoring system framework facing services | |
CN102325149B (en) | Intelligent network remote terminal unit (RTU) system of electrified railway | |
CN106532962B (en) | Multiterminal flexible direct current converter station centralized control method, device and system | |
CN109597723A (en) | Two-node cluster hot backup redundancy for subway comprehensive monitoring system realizes system and method | |
CN106452854B (en) | A kind of subway comprehensive monitoring system synchronous communication method based on multi-connection master-slave redundancy | |
CN104216361A (en) | State monitoring system for secondary device | |
CN108011699A (en) | reactor computer monitoring system network architecture method | |
Overman et al. | High assurance smart grid: Smart grid control systems communications architecture | |
CN101976886B (en) | Distributed data collection partitioning mutual backup method for power dispatching automation system | |
CN210835688U (en) | Network security plant-level monitoring information system | |
CN116455564A (en) | Quantum encryption-based power distribution automation protection method and system | |
CN102868218A (en) | Transition method for improving monitoring system in intelligent improvement of ordinary transformer substation | |
CN103441880A (en) | Method for preventing data from being lost for system having data access with IEC61859 intelligent device during switching of main system and standby system | |
CN102760504A (en) | Digital control system for all plant units in nuclear power station and non-nuclear-grade control system and method | |
CN102819252B (en) | Method for realizing multi-redundancy of process control station in distributed control system | |
CN103972983A (en) | Inverter control system applied to microgrid and communication method of inverter control system applied to microgrid | |
CN117879177A (en) | Substation data acquisition and power monitoring device | |
CN110890790A (en) | Multi-interval integrated digital measurement and control device and main/standby machine switching method thereof | |
CN103777579B (en) | A kind of nuclear power station TG and DCS communication system and method | |
CN106712298B (en) | Monitoring system for distribution automation system | |
CN110247809A (en) | Bicyclic network control system and communication control method | |
CN212258980U (en) | Main/standby independent redundant network architecture of coal mine safety monitoring system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GR01 | Patent grant | ||
GR01 | Patent grant |