Professional Documents
Culture Documents
05157821
05157821
I.
Grid
or
Load
PV-subnet
...
SCADA-RTU
PV
Plant 2
PV
... Plant
N
INTRODUCTION
R pv R converter R SC AD A
,(((
SCADA
Configration
Server
OPC
DB
,3(0&
only takes one tenth of the whole investment. At the same time,
considering the important role of SCADA system in PV power
plants, device redundancy can be seen as a feasible method to
solve equipment failure and improve the reliability of SCADA
system.
This paper focuses on improving communication reliability
of SCADA system in PV power plants through adopting
effective security strategy and redundancy mechanism. Section
2 presents the component of SCADA system in PV power
plants. Section3 studies security communication mechanism in
distributed PV power plants network. SCADA system
redundant structure is shown in section 4, and in this section
redundancy switching mechanism is discussed. Finally, some
functions of the SCADA system were verified through SCADA
server configuration software.
II.
,QYHUWHU
COMMUNICATION SECURITY
SCADA-RTU
idc
D1
KDC
DCT
T1
D2
T3
T5
V dc
C1
Link request
Link respond
ACT1
LCL
Filter
C2
ACT2
Security certificate
Apply key
ACT3
Security certificate
Request or Respond
Apply or Distribute Key
Device announcement
T4
T6
T2
Date or Service
ACK
PT1
PT
PWM1
PWM6
temperature
irradiance
SCADA -RTU
Port 1: Ethernet
(RJ45)
Port 2: RS485
,(((
,3(0&
Gateway
Switch
6&$'$578
2 $OWHUQDWH
1 GHYLFH
6&$'$578
$FWLYH 1
GHYLFH
2
2 6&$'$578
1 $OWHUQDWH
GHYLFH
6&$'$578
$FWLYH 1
GHYLFH
2
...
...
$FWLYH%XV
PV2
$OWHUQDWH%XV
Port 1
TCP/IP
Port2 Modbus
PV1
...
KDC
Redundant
state
announcement
service
(R_DeviceActiveAnouncement) is broadcasted in every cycle
Transport Key
by active device. Synchronization request service
(R_SynRequest) is sent by new device to request configuration
MAC-PDU
PDU
APL-PDU
information and operating information. Synchronization service
(R_Syn) implements the function that active device sends
configuration and operating information to new access device.
PDU with Key
When the active device was malfunction, alternate device
Fig.4. Data packet encryption process
3) Role based access control. In Power generation systems, broadcast device switching service (R_DeviceSwitch) message.
different users should have different rights. Role based access And the service included PD Tag, active device IP and failed
control (RBAC) strategy was introduced. Three roles device IP.
(administrator, operator and ordinary user) were set in this C. Redundancy switching
system. Ordinary users could only view parameters of the 1) Device redundancy switching
Active device
Alternate device
system and didnt have the authority to change the parameters.
But operators could modify the parameters. System
R_SynRequest
R_SynRequest Resp(+)
administrator was the highest authority owner, who took charge
Work
R_Syn
of SCADA system control strategy, and had the rights of adding
or reducing users number and their privileges.
R_Syn Resp(+)
Device message
AES
encrypt
IV.
XOR
encrypt
...
REDUNDANCY MECHANISM
R_DeviceActiveAnouncement
R_DeviceActiveAn ouncement
T
T
T
Fault
Active device
Fault device
R_DeviceSwitch
,(((
,3(0&
VI.
CONCLUSIONS
,(((
,3(0&