阅读说明：本技术 用于访问风能设备的scada数据的方法和设施 (Method and arrangement for accessing SCADA data of a wind energy plant ) 是由 莱安德·鲁斯特 亨尼希·哈登 于 2019-10-08 设计创作，主要内容包括：本发明涉及用于受保护地访问风能设备(2)的SCADA数据(11)的方法,以及被构造成用于执行该方法的设施(1)。SCADA数据(11)与风能设备(2)的主数据(10)一起经数字签名地被传输给代理服务器(3),代理服务器基于此而产生元数据集(12)并传输给用户客户端(4)。如果在用户客户端(4)方面对SCADA数据(11)感兴趣,则用户客户端(4)将元数据集(12)以数字签名的形式发送回到代理服务器(3)。代理服务器(3)以同样是经数字签名的、包括由用户客户端(4)签名的元数据集(12)和属于元数据集(12)的SCADA数据和主数据(10、11)的交付数据集(13)进行答复。(The invention relates to a method for protected access to SCADA data (11) of a wind energy plant (2), and to a plant (1) configured for carrying out the method. The SCADA data (11) is transmitted together with the master data (10) of the wind energy installation (2) to the proxy server (3) in a digitally signed manner, on the basis of which the proxy server generates a metadata set (12) and transmits it to the user client (4). If the SCADA data (11) is of interest on the part of the user client (4), the user client (4) sends the set of metadata (12) back to the proxy server (3) in the form of a digital signature. The proxy server (3) replies with a delivery data set (13) which is also digitally signed and comprises a metadata set (12) signed by the user client (4) and SCADA data and main data (10, 11) belonging to the metadata set (12).)

1. Method for protectively accessing SCADA data (11) of a wind energy plant (2), wherein the wind energy plant (2) is configured for acquiring SCADA data (11), characterized by the following steps:

a) collecting SCADA data (11) by the wind power plant (2), and supplementing the collected SCADA data (11) with the master data (10) of the wind power plant (2) by the wind power plant (2);

b) digitally signing and transmitting the signed SCADA data and the master data (10, 11) by the wind energy plant (2) to a proxy server (3) for further processing and storage [ step 100 ];

c) creating, by the proxy server (3), a set of metadata (12) from the received SCADA data and the master data (10, 11), the set of metadata having information about the scope and attributes of the SCADA data and the master data (10, 11);

d) transmitting the set of metadata (12) to at least one user client (4) [ step 101 ];

when SCADA data and primary data (10, 11) identified by the set of metadata (12) are of interest:

e) digitally signing and transmitting said set of metadata (12) by said user client (4) to said proxy server (3) [ step 102 ];

f) creating and digitally signing, by the proxy server (3), a delivery data set (13) comprising a metadata set (12) signed by the user client (4) and SCADA data and master data (10, 11) belonging to the metadata set (12); and is

g) Transmitting the signed delivery data set (13) to the user client (4).

2. The method of claim 1, wherein the first and second light sources are selected from the group consisting of,

it is characterized in that the preparation method is characterized in that,

in the case of the creation of the delivery data set (13), the signature (2 ") of the SCADA data and of the master data (10, 11) by the wind energy installation (2) is removed.

3. The method according to claim 1 or 2,

it is characterized in that the preparation method is characterized in that,

the transmission of the unsigned and signed metadata sets (12) takes place in the form of a data set transmission, preferably of a blockchain, of a distributed ledger database that can be accessed by the proxy server (3) and the user client (4).

4. The method of claim 3, wherein the first and second light sources are selected from the group consisting of,

it is characterized in that the preparation method is characterized in that,

transactions held as smart contracts in a distributed ledger database are conducted before a delivery data set (13) is created and signed, and the delivery data set (13) is created and signed only when a transaction is validly completed.

5. The method of claim 4, wherein the first and second light sources are selected from the group consisting of,

it is characterized in that the preparation method is characterized in that,

the transaction is triggered by transmitting a version of a set of metadata (12) electronically signed by the user client (4) electronically signed (paired) by the proxy server (3).

6. The method according to any one of the preceding claims,

it is characterized in that the preparation method is characterized in that,

generating, by the proxy server, at least two sets of metadata (12) from the received SCADA and master data (10, 11) with information of the respective ranges and characteristics of the SCADA and master data (10, 11), wherein the sets of metadata (12) cover different sub-areas of the SCADA and master data (10, 11), and taking into account only the SCADA and master data (10, 11) covered by the set of metadata (12) signed by the user client (4) when generating the delivery data set (13).

7. The method according to any one of the preceding claims,

it is characterized in that the preparation method is characterized in that,

the set of metadata (12) comprises information about the wind energy plant (2) from which the SCADA data and the primary data (10, 11) originate, a data range and/or a time interval of the available SCADA data (11).

8. The method according to any one of the preceding claims,

it is characterized in that the preparation method is characterized in that,

the master data (10) comprise a unique identification, a geographical location, a device type and/or a basic configuration of the wind energy plant (2).

9. The method according to any one of the preceding claims,

it is characterized in that the preparation method is characterized in that,

the SCADA data (11) comprise measured values acquired by the wind energy plant (2) and/or external control commands or preset nominal values received by the wind energy plant (2).

10. A plant (1) comprising a wind energy plant (2), a proxy server (3) and a user client (4) configured and adapted to perform a method according to any of the preceding claims and being in data connection with each other.

Technical Field

The invention relates to a method for protected access to SCADA data of a wind energy plant, and to a facility configured for carrying out the method.

Background

Wind power installations are known from the prior art. Usually, a wind power plant comprises a rotor which is rotatably arranged on a nacelle, wherein the nacelle is in turn rotatably arranged on a tower. If necessary, the rotor drives a generator via a rotor shaft and a gear. The wind-induced rotational movement of the rotor can thus be converted into electrical energy, which can then be fed into the electrical grid via a converter and/or a transformer (also at least partially directly depending on the type of construction of the generator). The rotor includes a plurality (typically three) of rotor blades extending radially from a rotor axis, which are rotatably secured relative to the rotor hub for adjusting the angle of attack of the rotor blades. The wind power installation has a large number of sensors, which are taken into account by the installation control unit when controlling the wind power installation.

It is known to integrate wind turbines or their plant controllers into SCADA systems, in which various operating parameters of the wind turbine are transmitted to a higher-level control unit and control commands and setpoint values to be taken into account are received from the higher-level control unit.

The data provided by the device control of the higher-level control unit may comprise measured values recorded by the sensors, control commands and/or setpoint values transmitted by the device control to the individual components of the wind power installation, and other information describing the actual state of the wind power installation.

These data (together with, if necessary, the control commands or nominal values of the higher-level control units) are regularly used to create an authentication report. For this purpose, the data must be provably derived from the wind energy installation to be identified and must not be manipulated. At the same time, data should only be provided to authorized users, such as trusted authenticators. The authorized user can then further process the data, for example in order to thus reveal possible malfunctions of the wind energy installation or to develop optimizations for the operation of the wind energy installation.

Disclosure of Invention

The object of the invention is to provide a method and a device which allow protected access to SCADA data of a wind energy installation in a simple manner.

This object is achieved by a method according to claim 1 and a device according to claim 10. Advantageous developments are the subject matter of the dependent claims.

The invention therefore relates to a method for protected access to SCADA data of a wind energy plant, wherein the wind energy plant is configured for collecting the SCADA data, the method being characterized by the following steps:

a) collecting SCADA data through a wind energy device, and supplementing main data of the wind energy device to the collected SCADA data through the wind energy device;

b) digitally signing the signed SCADA data and the master data by the wind energy device and transmitting the signed SCADA data and the master data to a proxy server for further processing and storage;

c) creating, by the proxy server, a set of metadata from the received SCADA data and the master data, the set of metadata having information about the scope and attributes of the SCADA data and the master data;

d) transmitting the set of metadata to at least one user client;

when SCADA data and master data validated by a set of metadata are of interest:

e) the metadata set is digitally signed by a user client and transmitted to a proxy server;

f) creating a delivery data set through a proxy server and carrying out digital signature, wherein the delivery data set comprises a metadata set signed by a user client and SCADA data and main data belonging to the metadata set; and is

g) The signed delivery data set is transmitted to the user client.

The invention also relates to a facility comprising a wind energy plant, a proxy server and a user client, which are configured to be suitable for carrying out the method according to the invention and which are in data connection with each other.

First, some terms used in connection with the present invention are set forth.

As is usual for other SCADA applications, "SCADA data" are data which are acquired by the plant control of the wind energy plant during operation, such as, for example, measurement data of sensors, actual values and nominal values of controllable components and possibly external control commands.

"master data" of a wind power installation means data which are in principle characteristic of a wind power installation and are stored regularly in the installation control of the wind power installation. In addition to the unambiguous identification of the wind energy installation (for example, an unambiguous serial number), the master data can also include: information about the type of equipment, the configuration of the equipment (e.g., tower height, blade length, and nominal power), and/or information about the location (e.g., geographic coordinates) at which the equipment is located.

A "digital signature" is a verification information generated on the basis of arbitrary data and a secret key, which can be checked by the recipient with the aid of a public key belonging to the secret key. By checking the digital signature using the public key, it is possible to confirm not only the origin of the data but also its integrity.

A "distributed ledger database" is a database that is distributed to networked computers and that agrees (consensus) on the order of database entries and database changes. One example of such a distributed ledger database is a blockchain. A "blockchain" is a continuously expandable list of data sets that are linked to one another in a tamper-proof manner by means of encryption methods. Here, each data set typically comprises an encrypted, secured scatter value of one or more previous data sets, a time stamp and the actual useful data, in this case a hash value (Hashwert) and an evaluation variable. The blockchains may also be managed and stored decentralised, which may further improve their security.

The method according to the invention enables a simple protected access to the SCADA data of the wind energy installation.

As is basically known from the prior art, SCADA data are acquired by the wind turbine or its plant control. In order to be able to subsequently associate the SCADA data with the wind energy installation or at least with the type of wind energy installation, the SCADA data acquired are also supplemented by the master data of the wind energy installation.

Subsequently, the data package consisting of SCADA data and master data is digitally signed, for which purpose, for example, a key stored in the device control can be used. The SCADA data and master data with the corresponding signatures are then transmitted to a proxy server for further processing and storage. The proxy server may check the signatures of the SCADA data and the master data to thereby ensure the origin and integrity of the received data.

It is possible to supplement the received master data with further information stored in the proxy server, which information, on the basis of the transmitted master data, can unambiguously associate the device from which the data originates. In this way, the bandwidth at the time of data transmission between the device control section and the proxy server can be reduced.

Part of the further processing on the part of the proxy server is the creation of a set of metadata from the received SCADA data and the master data. The metadata contained in the data set comprises information about the extent and properties of the SCADA data and the main data, i.e. in particular about which data of which wind energy installation are provided at which time period. A set of metadata may be understood as a catalog of SCADA data and primary data.

The set of metadata created in this way is then transmitted to at least one user client. It is immaterial here whether the metadata set is sent unsolicited to at least one user client (push method) or whether the metadata set has to be actively invoked by the user client (pull method), for example by actively downloading the metadata set via a web page. Of course, a large number of user clients may be provided.

Now, there is information on the user client which SCADA data and master data are available in the proxy server. The method continues only if SCADA data and master data belonging to the set of metadata are of interest. The interest can be expressed manually by the user with a suitable input on the user client or the user client can automatically confirm that the obtained metadata set meets certain criteria, for example can be associated with a particular predefined wind energy installation.

The metadata set is digitally signed by the user client if the main data of the SCADA sum belonging to the metadata set is of interest. To this end, the user client may have a suitable private key. The signed set of metadata is then transmitted to the proxy server.

After obtaining the signed set of metadata, the proxy server creates a delivery dataset that includes the set of metadata signed by the user client in addition to the SCADA and master data belonging to the set of metadata. The delivery data set is then digitally signed by the proxy server and finally transmitted to the user client.

The method according to the invention has the advantage that the transmission path between the wind energy installation and the user client is protected against malicious manipulation by means of a digital signature via the proxy server. Furthermore, traceability of the delivery data set is provided, since the digital signature of the user client is also recorded together with the digital signature by the proxy server, and therefore the digital signature of the user client cannot be changed or deleted without invalidating the proxy signature. When the delivery data sets are forwarded to an unauthorized third party, it can be read on the forwarded data sets via which user client and thus via which channel the data sets arrive at the possibly unauthorized third party.

Even if in principle data from the delivery data set could be forwarded without two signatures, the integrity of the delivery data set and the SCADA data and the master data contained therein would no longer be guaranteed in this case. Without the two signatures, the data from the delivery data set is effectively lost of value because the use of the data as an authentication for optimization purposes and other content related uses is no longer reliable or practically unusable due to the lack of secure data integrity.

The method according to the invention thus indirectly ensures that the SCADA data and the main data are ultimately used only by the actually authorized user, since the forwarding of the data without a signature provided according to the invention would actually lose value and can be unambiguously verified when forwarding a delivery data set comprising a signature of the user client, which asked for the data. The latter may for example be used for approval under treaty.

Preferably, the signature of the SCADA data and the master data by the wind energy plant is removed when the delivery data set is created. It is thereby ensured that the SCADA data and the master data will not be able to be extracted from the delivery dataset in the form of a digital signature, the integrity of the data being visible from the signature of the SCADA data and the master data. Even if in such a case the user must be trusted that the proxy server does not maliciously manipulate the data, the integrity of the SCADA data and the master data in the delivery dataset is advantageously guaranteed only in combination with the metadata set digitally signed with the user client.

The transmission of the unsigned and signed metadata sets between the proxy server and the user client is preferably in the form of a data set, preferably a data set of a blockchain, of a distributed ledger database accessible by the proxy server and the user client. By using the distributed ledger database, the security in data transfer can be further improved, in particular malicious manipulation is prevented.

Preferably, the transaction held as a smart contract in the distributed ledger database is conducted before the delivery data set is created and specified, and the delivery data set is created and signed only if the transaction is validly concluded. The possible transactions may be financial transactions and checking the user client's permissions to invoke the requested SCADA data and master data. By handling the corresponding transaction before creating the delivery data set and signing it is ensured that the delivery data set is delivered to the user client only if the required requirements are met.

Regardless of how the transaction is designed, and in particular which checks the transaction includes, it is preferred that the transaction is triggered by the transmission of a set of metadata electronically signed by the user client whose version is electronically signed (paired) by the proxy server. This ensures that, for example, a financial transaction is only carried out between the user client and the proxy server if both "transaction parties" have valid signatures.

Preferably, at least two sets of metadata consisting of the received SCADA data and master data with information of the extent and properties of the SCADA data and master data are generated by the proxy server, wherein the sets of metadata cover different sub-areas of the SCADA data and master data, and only the SCADA data and master data covered by the set of metadata signed by the user client are taken into account when generating the delivery data set. By generating a plurality of sets of metadata covering different SCADA data and master data, respectively, different sets of delivery data, which are specific to different groups of users, can be provided for user clients.

The metadata set comprises information about the SCADA data and the wind energy plant from which the primary data originates, the data range and/or the time interval of the available SCADA data. The primary data preferably comprises a unique identification of the wind energy device, a geographical location, a device type and/or a basic configuration. The SCADA data may comprise measured values acquired by the wind energy plant and/or external control commands or preset nominal values received by the wind energy plant.

The explanation of the installation according to the invention refers to the above-described embodiments.

Drawings

The invention will now be described in connection with advantageous embodiments with reference to the accompanying drawings. Wherein:

FIG. 1: a schematic view of a plant configured for carrying out the method according to the invention is shown.

Detailed Description

In fig. 1, a plant 1 according to the invention is shown. The installation 1 comprises a wind power plant 2, a proxy server 3 and a customer client 4. The wind power installations 2 and the proxy servers 3 as well as the proxy servers 3 and the user clients 4 are in each case connected to one another via the internet 5. The wind power installation 2, the proxy server 3 and the user client 4 each have a key 2', 3', 4' suitable for digitally signing data.

The master data 10 for the wind power installation 2 are stored in the wind power installation 2 or in its installation control (not shown). The master data 10 comprise the unique identification of the wind power installation 2, the installation type and the basic configuration (in particular information about the tower height, the blade length and the nominal power). Furthermore, SCADA data 11 are acquired in the wind power installation, which consists of all measured values acquired by the wind power installation and external setpoint values received by the wind power installation.

The SCADA data 11 and the main data 10 are transmitted to the proxy server 3 via the internet 5 at regular intervals (step 100). For this purpose, the SCADA data 11 together with the master data 10 are provided with a digital signature 2 ″ based on the key 2' of the wind energy installation.

Upon receipt, the digital signature 2 "is checked by the proxy server 3 and the correctly signed data is stored in the memory 6 of the proxy server 3, wherein the signature 2" is discarded.

Furthermore, a set of metadata 12 is generated from the received SCADA data 11 and the main data 10, which set of metadata comprises, in addition to the unambiguous identification of the wind energy plant 10, information about the time period covered by the SCADA data and the extent of the content of the SCADA data. The set of metadata 12 is sent to the user client 4 (step 101).

If the interest in SCADA data and main data is confirmed automatically or manually on the part of the user client 4, the received metadata set 12 is signed with a digital signature 4 'based on the key 4' of the user client 4 and transmitted back to the proxy server 3 (step 102).

After obtaining the signed set of metadata 12, the proxy server 3 loads the SCADA data 11 and the master data 10 belonging to the set of metadata 12 from the storage 6 and creates therefrom a delivery data set 13.

The delivery data set 13 comprises the metadata set 12 signed by the user client 4 and its signature and the SCADA data 11 and the master data 10 belonging to the metadata set 12. The delivery data set 13 is added with a signature 3 based on the key 3' of the proxy server 3 (step 103) before the delivery data set 13 is transmitted to the user client 4.

The customer client 4 thus has access to the SCADA data 11 and the master data 10 of the wind energy plant 2, the integrity of which is ensured by the signature 3 "of the proxy server 3. The risk of unauthorized forwarding of the data is reduced here, since the SCADA data 11 and the main data 10 can either only be forwarded without signature, which, however, will no longer ensure their integrity, or the origin of the data can be permanently traced back on the basis of the signature 4' contained by the user client 4, which in turn will lead to contractually agreed approval by the user.

In particular, the transmission of the metadata sets 12 in steps 101 and 102 is preferably performed sequentially via a block chain, whereby the security of data transmission can be further improved.