Special recording the digital substation system analysis of IEC61850 network
Communication network of digital substation IEC61850
NKDL61850
Network
Network
Branch
Analysis
Department
System
Electric power automation system of digital substation and IEC61850 communication system, so that the rapid development of computer network has brought the network communication system of high speed for the power user, but also on the network management but also poses a severe challenge. Data communication in Ethernet too much, so the network and network equipment are under tremendous pressure on the load, the working efficiency and security. As digital power system management, operating personnel, must effectively understand the data transmission communication data transmission in the network is normal or not, and whether the IED network equipment overload operation, the internal LAN, LAN and Internet connection between is normal, IED is normal (such as: GOOSE information, information interoperability, fault recorder information, control information) and so on, at the same time, in the face of the network, the network of intermittent internal station control layer, process layer network network failure, must be able to quickly locate the fault point and its elimination.
L analysis of abnormal data in communication network;
L analysis of TCP in a communication network;
L analysis of the network IEC 61850 communication transceiver is normal;
L analysis in the FTP communication network is normal;
L analysis the existence of broadcast / multicast storm network; L
L analysis of the network transmission of GOOSE data packet is correctly; L
L analysis of network transmission IEC 61850 report the existence of fault;
L analysis of network network IED can not normally access fault;
L analysis of loop fault finding exist in the network;
- Finding Analysis of slow speed network fault;
Analysis of intermittent fault - finding network;
- card, line search in the network analysis and the rate of end equipment fault;
Network analysis system is a let IEC 61850 digital network management and operation, can be in a variety of network problems, an antidote against the disease network real time operation and management scheme, it to all the data in the transmission network of detection, analysis, diagnosis, record, help users to eliminate network accidents, avoid safety risk, improve network performance, increase network availability value. Management and operation people don't have to worry about network accidents are difficult to solve, network analysis system can help the network fault and safety risk will be reduced to the minimum, the network performance will gradually get promotion:
Troubleshooting networks, improve the network performance, enhance network security, network at any time to need for health analysis. Network analysis can know the use condition of network, network analysis is the basic and key work for the network management, the basic state only clear network and how it will be used for network management, to make the most powerful decision support. A tool system that can help the digital network to complete the following work:
Network traffic statistics - the station to the IED device node;
L understand the flow application composition and how it is used;
L monitor network bandwidth utilization rate;
Automatic diagnosis - provides network fault, fault location;
All data - network packet capture and detection of network transmission;
IP, port, host session and physical endpoint automatic discovery -;
L monitor intranet IEC 61850 file transfer content;
L provide data filtering and screening, to adjust the detection range;
- packet decoding analysis, analysis of IEC61850 data in depth;
Analysis of - color protocol tree development, network application;
- TCP data flow reconstruction, tracking the data transmission process;
L monitoring network connection, find the largest IED session;
L monitoring network errors, network error statistics and positioning;
L report with network communication and network data logging;
L provide various statistical analysis charts, historical sampling;
L snapshot recording network history data, provide data reference;
L detect potential communication security vulnerabilities, and provide the decision basis for the safe defense;
- IEC61850 high clear communication failure analysis, find the root of the problem.
Network analysis system integrated Ethernet leading expert analysis techniques provide accurate analysis of IEC61850 communication network in the current complex, provide the most comprehensive and in-depth data in network security, network performance, network failure, is the key of system required to present digital power system.
The technical features of 3.1.2
In Ethernet networks, all communication is the work in broadcasting mode, all of the network interface with a network segment has access to all the data transmission on the physical media, and each network interface has a unique hardware address, namely the MAC address. Under normal circumstances, a network interface can only the following two kinds of data frame response: a data frame matched with their MAC address and sent to the broadcast data of all machine frame. But in practical systems, the data sending and receiving are generally made of net card, and card working mode has the following 4:
L radio: this mode network card can receive to broadcast its own data frame of data frame and the network. (default)
L multicast: this mode the card only can receive the multicast data frames.
L direct: this mode the card can only receive send its own data frame.
L hybrid: this mode of the card can be received by all the data frame on network equipment.
From the above shows, although the card can only receive data sent to broadcast their own data and in the network by default, can force the network card in the promiscuous mode, then the card will receive all through the network equipment data, regardless of whether the data destination is who.
Network analysis software design strictly follows the Ethernet working modes. In the system, the network of every part of abstract as an object, such as the IP address, physical address, protocol, data package, these objects together organically, form the use of the term "works" system, the object and the project file is constantly changing, it changes the corresponding data in real time in the communication network representation. Network analysis software system based on the Ethernet sniffer technology, work to bypass access way. First the system will be installed on the device card set to promiscuous mode, all data the transmission through the sniffer technology to capture network packets, and then these data packets delivered to the internal system is analyzed, and then the analysis results are displayed in the interface of the system in real time.
IEC61850网络分析记录系统数字化变电站专用
数字化变电站IEC61850通讯网络
NKDL61850
网
络
分
析
系
统
数字化变电站及IEC61850通讯体系的电力自动化系统,使计算机网络的飞速发展给电力用户带来了高速的网络通讯体系,但同时也对网络管理也提出了严峻的挑战。以太网内部过多的数据通信,使得网络及网络设备在负载、工作效率以及安全方面都承受着巨大的压力。作为数字化电力系统管理、运行人员,必须有效地了解网络中的通讯数据传输是否正常、IED以及网络设备是否过载运行、局域网内部以及局域网与互联网的连接是否正常、IED之间的数据传输是否正常(如:GOOSE信息、互操作信息、故障录波信息、控制信息)等等,同时,在遇到网络时断时续、网络内部站控层网络、过程层网络故障时,必须能快速定位故障点并将其排除。
² 分析网络中的异常数据通讯;
² 分析网络中的 TCP 通信;
² 分析网络中IEC 61850通讯收发是否正常;
² 分析网络中的 FTP 通信是否正常;
² 分析网络中是否存在广播/组播风暴; l
² 分析网络中传输的GOOSE数据包是否正确; l
² 分析网络内网上IED不能正常访问故障;
² 分析查找网络存在的环路故障;
² 分析查找网络速度慢故障;
² 分析查找网络时断时续故障;
² 分析查找网络中的网卡、线路以及对端设备速率故障;
网络分析系统是一个让IEC 61850数字网络管理运行者,能够在各种网络问题中,对症下药的网络时实运行管理方案,它对网络中所有传输的数据进行检测、分析、诊断、记录,帮助用户排除网络事故,规避安全风险,提高网络性能,增大网络可用性价值。管理运行者不用再担心网络事故难以解决,网络分析系统可以帮把网络故障和安全风险会降到最低,网络性能会逐步得到提升:
排查网络故障,提高网络性能,增强网络安全性,需要网络随时能够进行健康分析。网络分析可以随时了解网络的使用状况,网络分析是网络管理中最为基本和关键的工作,只有清楚网络的最基本状态和如何被使用,才能为网络管理做出最为有力的决策支持。有了这样的工具系统,可以帮助数字网络完成以下工作:
² 全站到IED设备节点的网络流量统计;
² 了解流量应用组成以及如何被利用;
² 监测网络带宽利用率;
² 网络故障自动诊断,提供故障定位;
² 捕获网络数据包、检测网络传输的所有数据;
² 自动发现IP、端口、主机会话和物理端点;
² 监测内网IEC 61850文件传输内容;
² 提供数据过滤与筛选,来调节检测范围;
² 数据包解码分析、深入的IEC61850数据分析;
² 彩色协议树拓展、网络应用分析;
² TCP数据流重建、跟踪数据传输过程;
² 监测网络连接情况、找出会话最大的IED;
² 监测网络错误,进行网络错误统计和定位;
² 详细的网络通讯报表和网络数据日志记录;
² 提供各种统计分析图表、历史采样;
² 快照记录网络历史数据、提供数据参照;
² 检测潜在通讯安全漏洞、为安全防御提供决策依据;
² IEC61850通讯故障高清晰分析,查找问题根源。
网络分析系统整合了以太网领先的专家分析技术,对当前复杂的IEC61850通讯网络提供精确分析,在网络安全、网络性能、网络故障方面提供最全面和深入的数据依据,是目前数字化电力系统所需要的关键性系统。
3.1.2 技术特点
在以太网络中,所有通讯都是以广播方式工作的,同一个网段内的所有网络接口都可以访问在物理媒体上传输的所有数据,而每一个网络接口都有一个唯一的硬件地址,即MAC地址。在正常的情况下,一个网络接口只可能响应以下两种数据帧:与自己MAC地址相匹配的数据帧和发向所有机器的广播数据帧。但在实际的系统中,数据的收发一般都是由网卡完成的,而网卡的工作模式有以下4种:
l 广播:这种模式下的网卡能接收发给自己的数据帧和网络中的广播数据帧。(默认)
l 组播:这种模式下的网卡只能够接收组播数据帧。
l 直接:这种模式下的网卡只能接收发给自己的数据帧。
l 混杂:这种模式下的网卡能接收通过网络设备上的所有数据帧。
从上面可知,虽然网卡在默认情况下仅能接收发给自己的数据和网络中的广播数据,可以强制将网卡置于混杂模式工作,那么此时该网卡便会接收所有通过网络设备的数据,而不管该数据的目的地是谁。
网络分析软件系统的设计思想严格遵循以太网工作模式。在系统中,将网络中的每一部分都抽象为一种对象,如IP地址、物理地址、协议、数据包,将这些对象有机地结合起来,就构成了系统中用到的术语“工程”,而工程文件中不断变化的对象,则表示网络中相应数据通讯的实时变化。网络分析软件系统基于以太网嗅探技术,以旁路接入的方式工作。系统首先将安装设备上的网卡置为混杂模式,使其通过嗅探技术捕获网络中传输的所有数据包,然后将这些数据包传递到系统内部进行分析,再将分析结果实时显示在系统界面中。