Search

CN-117055501-B - Deployment method, system, equipment and storage medium of trusted DCS upper computer system

CN117055501BCN 117055501 BCN117055501 BCN 117055501BCN-117055501-B

Abstract

The invention belongs to the technical field of industrial automation, and discloses a deployment method, a system, equipment and a storage medium of a trusted DCS upper computer system, wherein the method comprises the steps of judging whether an upper computer to be deployed is trusted or not; if the DCS system is trusted, a new user is added, an rpm package is installed, configuration parameters of the upper computer are to be deployed, the configuration parameters are written into corresponding configuration files dcs.xml under a/user/DCS folder, QT and Python dynamic libraries are installed under a/usr/local folder, whether the DCS system is installed in the/user/DCS folder of the DCS system is judged, if the DCS system is installed, the corresponding function modules are installed in the/user/DCS folder according to the installation types of the configuration parameters, the execution authority of the installation types on databases, pictures and tools is written into a config file of the DCS system, all executable applications of the DCS system are added into a trusted white list, whether the DCS system can be started successfully is verified, and if the DCS system is successful, the deployment of the trusted DCS upper computer system is completed. The invention can realize the rapid deployment of the trusted DCS upper computer system.

Inventors

  • YANG WENQIANG
  • WANG HANG
  • PAN LE
  • GUAN LEI
  • LI ZHUO
  • GAO SHAOHUA
  • LI JIE
  • YANG YONG
  • LI XUELI
  • WANG FUJING
  • ZHANG SHENG
  • LI JIAGANG
  • Sun Haogui
  • LI XINYI

Assignees

  • 华能山东发电有限公司
  • 华能威海发电有限责任公司
  • 西安热工研究院有限公司

Dates

Publication Date
20260505
Application Date
20230912

Claims (9)

  1. 1. The deployment method of the trusted DCS upper computer system is characterized by comprising the following steps of: performing trusted detection on the installation environment of the upper computer to be deployed, and judging whether the upper computer to be deployed is trusted or not; when the upper computer to be deployed is credible, adding a new user on the upper computer to be deployed; The method comprises the steps of installing an rpm package, specifically, synthesizing a Linux character string command endowed with authority and marked with a white list according to the name of the rpm package, endowing the rpm package with executable authority and a function command marked with the white list program, and using an external process starting function QProcess, namely, the rpm package necessary for installing a DCS system by start (Linux character string command); The method comprises the steps that configuration parameters of an upper computer to be deployed are written into corresponding configuration files dcs.xml under a specified path/user/dcs folder; installing QT, python dynamic libraries to specified paths/usr/local Judging whether the DCS system is installed in a/user/DCS folder of the DCS system; When the DCS system is installed in the/user/DCS folder, deleting old DCS system files in the/user/DCS folder, and then installing the corresponding functional modules in the/user/DCS folder according to the installation type of the configuration parameters; Writing the execution authority of the installation type on a database, a picture and a tool in a DCS config file; And adding all executable applications of the DCS system into the trusted white list, verifying whether all applications can be started successfully, and if so, completing the deployment of the trusted DCS upper computer system.
  2. 2. The deployment method of the trusted DCS upper computer system according to claim 1, wherein when the installation environment of the upper computer to be deployed is subjected to trusted detection, an interface in a primary integral trusted state is called, and the installation environment of the upper computer is subjected to trusted detection; The trusted detection of the installation environment of the upper computer is carried out by judging the whole of the static trusted verification state, the trusted starting verification state and the dynamic trusted verification state, and when the three trusted verification states of the static trusted verification state, the trusted starting verification state and the dynamic trusted verification state are all trusted, the upper computer to be deployed is considered to be trusted.
  3. 3. The method of claim 1, wherein adding new users to the host computer to be deployed comprises adding new users DCS and creating proprietary DCS user folders/users/DCS, and executing a change folder owner command to change the owners of the/user/DCS folders to DCS.
  4. 4. The deployment method of the trusted DCS host system according to claim 1, wherein the process of configuring the parameters of the host computer to be deployed and writing the configuration parameters into the corresponding files in the designated path comprises: The host name hostname, hosts file of the upper computer to be deployed is configured in a DCS configuration page to be filled with the hostname of other upper computers positioned in the same station, the IP of the A network and the B network of the upper computer to be deployed, the station name of the station, the hostname of two file servers to be configured in a DCS system and the type of the upper computer to be deployed; And changing hostname, hosts the station name file under the specified path/etc according to the configuration parameters, writing the configuration parameters into the corresponding files, and configuring the IP of the A network and the B network.
  5. 5. The deployment method of the trusted DCS host system of claim 1, wherein the process of installing the corresponding function module into the/user/DCS folder according to the installation type of the configuration parameters comprises: The method comprises the steps of reading configuration parameters, firstly obtaining the installation type of an upper computer to be deployed, if the installation type is a history station, installing all functional modules including a database, file service, history service and dump data service into a user/dcs file, and if the installation type is an operator station and an engineer station, installing other functional modules except the database, the file service, the history service and the dump data service into the user/ccs file.
  6. 6. The deployment method of the trusted DCS host system according to claim 1, wherein the process of writing the execution authority of the installation type to the database, the screen and the tool in the DCS system config file comprises: If the upper computer to be deployed is a history station, all the operable authorities of the database, the picture and the tool are written in the config file, if the upper computer to be deployed is an engineer station, the monitoring authorities of the database, the picture and the tool are written in the config file, and if the upper computer to be deployed is an operator station, the monitoring authorities of the database, the picture and the tool are written in the config file.
  7. 7. The deployment system of the trusted DCS upper computer system is characterized by comprising the following components: The trusted detection module is used for carrying out trusted detection on the installation environment of the upper computer to be deployed and judging whether the upper computer to be deployed is trusted or not; The newly added user module is used for adding new users on the upper computer to be deployed when the upper computer to be deployed is trusted; The first installation module is used for installing the rpm package, and specifically, the process of installing the rpm package comprises the steps of synthesizing a Linux character string command endowed with authority and marked with a white list according to the name of the rpm package, endowing the rpm package with executable authority and a function command marked with a white list program, and using an external process function QProcess:Start (Linux character string command) to install the rpm package necessary for the DCS system; the configuration parameter module is used for configuring parameters of the upper computer to be deployed and writing the configuration parameters into corresponding configuration files dcs.xml under the specified path/user/dcs folder; a second installation module for installing QT and Python dynamic library under the appointed path/usr/local The judging module is used for judging whether the DCS system is installed in the/user/DCS file folder of the DCS system; the third installation module is used for installing the corresponding functional module into the/user/DCS folder according to the installation type of the configuration parameters when the DCS system is not installed in the/user/DCS folder, deleting the old DCS system file in the/user/DCS folder when the DCS system is installed in the/user/DCS folder, and then installing the corresponding functional module into the/user/DCS folder according to the installation type of the configuration parameters; The permission writing module is used for writing the execution permission of the installation type to the database, the picture and the tool in the DCS config file; And the verification module is used for adding all executable applications of the DCS system into the trusted white list, verifying whether all the applications can be started successfully, and completing the deployment of the trusted DCS upper computer system if all the applications are started successfully.
  8. 8. An electronic device, comprising: One or more processors; A storage device having one or more programs stored thereon; the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of deploying a trusted DCS host system of any of claims 1 to 6.
  9. 9. A storage medium having stored thereon a computer program, wherein the computer program when executed by a processor implements the deployment method of a trusted DCS host system of any one of claims 1 to 6.

Description

Deployment method, system, equipment and storage medium of trusted DCS upper computer system Technical Field The invention belongs to the technical field of industrial automation, and particularly relates to a deployment method, a system, equipment and a storage medium of a trusted DCS upper computer system. Background In a thermal power system, a DCS control system is an important system in the power production process, before the thermal power plant is put into operation, a plurality of upper computers are required to be deployed, meanwhile, the upper computers are divided into an operator station, an engineer station and a history station according to the purposes of different upper computers, the upper computers with different purposes are required to be independently configured, the process is tedious and time-consuming, various compiling environments are required to be installed and configured before the DCS is deployed, and the efficiency is low and the repeatability is high. In addition, after the system is deployed, the credible safety and the normal operation of the system are required to be tested, so that the workload is increased. For these situations, new methods need to be designed to achieve rapid deployment of trusted DCS host systems. Disclosure of Invention In order to solve the problems in the prior art, the invention aims to provide a deployment method, a system, equipment and a storage medium of a trusted DCS upper computer system. The technical scheme adopted by the invention is as follows: the deployment method of the trusted DCS upper computer system comprises the following steps: performing trusted detection on the installation environment of the upper computer to be deployed, and judging whether the upper computer to be deployed is trusted or not; when the upper computer to be deployed is credible, adding a new user on the upper computer to be deployed; installing an rpm bag; The method comprises the steps that configuration parameters of an upper computer to be deployed are written into corresponding configuration files dcs.xml under a specified path/user/dcs folder; installing QT, python dynamic libraries to specified paths/usr/local Judging whether the DCS system is installed in a/user/DCS folder of the DCS system; When the DCS system is installed in the/useruser/DCS folder, deleting old DCS system files in the/useruser/DCS folder, and then installing the corresponding functional module in the/user/DCS folder according to the installation type of the configuration parameters; Writing the execution authority of the installation type on a database, a picture and a tool in a DCS config file; And adding all executable applications of the DCS system into the trusted white list, verifying whether all applications can be started successfully, and if so, completing the deployment of the trusted DCS upper computer system. Preferably, when the installation environment of the upper computer to be deployed is subjected to trusted detection, an interface in a first-level integral trusted state is called, and the installation environment of the upper computer is subjected to trusted detection; The trusted detection of the installation environment of the upper computer is carried out by judging the whole of the static trusted verification state, the trusted starting verification state and the dynamic trusted verification state, and when the three trusted verification states of the static trusted verification state, the trusted starting verification state and the dynamic trusted verification state are all trusted, the upper computer to be deployed is considered to be trusted. Preferably, the process of adding new users on the upper computer to be deployed comprises adding new users dcs and creating proprietary dcs user folders/users/ccs, and executing chown-R ccs: ccs/user/ccs (i.e. change folder owner command), and changing owners of the/user/ccs folders to ccs. Preferably, the process of installing the rpm package includes synthesizing a Linux string command for assigning authority and marking a white list according to an rpm package name, assigning executable authority and a function command marked as a white list program to the rpm package, and installing the rpm package necessary for the DCS system using a start-up external process function QProcess:: start (Linux string command). Preferably, the process of configuring parameters of the upper computer to be deployed and writing the configuration parameters into the corresponding files under the specified path includes: The host name hostname, hosts file of the upper computer to be deployed is configured in a DCS configuration page to be filled with the hostname of other upper computers positioned in the same station, the IP of the A network and the B network of the upper computer to be deployed, the station name of the station, the hostname of two file servers to be configured in a DCS system and the type of the upper computer to be deplo