METHOD AND ASSEMBLY FOR ACCESSING SCADA DATA OF WIND TURBINES

Abstract

The invention relates to a method for accessing SCADA data of a wind turbine in a protected manner and to an assembly designed to carry out said method. The SCADA data together with master data of the wind turbine is transmitted to a broker server in a digitally signed form, said broker server generating a metadata set on the basis of said data and transmitting the metadata set to user clients. If the user client is interested in the SCADA data, the user client transmits the metadata set back to the broker server in a digitally signed form. The broker server responds with a likewise digitally signed delivery data set comprising the metadata set signed by the user client and the SCADA and master data belonging to the metadata set.

Claims

1. A method for accessing supervisory control and data acquisition (SCADA) data of a wind turbine in a protected manner, wherein the wind turbine is designed to capture SCADA data, comprising the steps of: a) the wind turbine capturing SCADA data and the wind turbine supplementing the captured SCADA data with master data of the wind turbine; b) the wind turbine digitally signing and transmitting the signed SCADA and master data to a broker server for further processing and storage; c) the broker server creating a metadata record from the received SCADA and master data with information relating to the scope and properties of the SCADA and master data; d) transmitting the metadata record to a user client; in the event of interest in the SCADA and master data identified by the metadata record: e) the user client digitally signing and transmitting the metadata record to the broker server; f) the broker server creating and digitally signing a delivery data record comprising the metadata record signed by the user client and the SCADA and master data belonging to the metadata record; and g) transmitting the signed delivery data record to the user client.

2. The method of claim 1, wherein when creating the delivery data record, the signature of the SCADA and master data generated by the wind turbine at step b) is removed by the broker server.

3. The method of claim 1, wherein unsigned and signed metadata records are transmitted in the form of data records of a distributed ledger database, preferably a blockchain, to which the broker server and the user client have access.

4. The method of claim 3, wherein before creating and signing the delivery data record, a transaction stored in the distributed ledger database as a smart contract is performed and the delivery data record is created and signed only in the event of a positive conclusion of the transaction.

5. The method of claim 4, wherein the transaction is initiated by transmitting a version of the metadata record digitally signed by the user client, which version is digitally (counter) signed by the broker server.

6. The method of claim 1, wherein at least two metadata records are generated by the broker server from the received SCADA and master data with information relating to the respective scope and properties of the SCADA and master data, wherein each of the at least two metadata records cover different sections of the SCADA and master data and only the SCADA and master data which are covered by the metadata record signed by the user client are taken into account when generating a delivery data record.

7. The method of claim 1, wherein the metadata records comprise information relating to the wind turbine, from which the SCADA and master data come, the scope of the SCADA and master data or the time interval of the available SCADA data.

8. The method of claim 1, wherein the master data comprise a unique identifier, a geographical position, turbine type or a basic configuration of the wind turbine.

9. The method of claim 1, wherein the SCADA data comprise measured values captured by the wind turbine or external control commands or setpoint value presets received by the wind turbine.

10. An assembly comprising a wind turbine, a broker server and a user client, configured to carry out the method of claim 1 and have a data connection to one another.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0042] The invention is now described on the basis of an advantageous embodiment with reference to the accompanying drawing, in which:

[0043] FIG. 1: shows a schematic illustration of an assembly designed to carry out the method according to the invention.

DETAILED DESCRIPTION

[0044] FIG. 1 shows an assembly 1 according to the invention. The assembly 1 comprises a wind turbine 2, a broker server 3 and a user client 4. The wind turbine 2 and the broker server 3, as well as the broker server 3 and the user client 4, each have a data connection to one another via the Internet 5. The wind turbine 2, the broker server 3 and the user client 4 each have a secret key 2′, 3′, 4′ which is suitable for digitally signing data.

[0045] Master data 10 relating to the wind turbine 2 are stored in the wind turbine 2 or its turbine controller (not illustrated). The master data 10 comprise a unique identifier, the turbine type and the basic configuration (that is to say, in particular, information relating to the tower height, blade length and nominal power) of the wind turbine 2. In addition, SCADA data 11, which are composed of all measured values captured by the wind turbine and external setpoint value presets received by the wind turbine, are also captured in the wind turbine.

[0046] The SCADA and master data 10, 11 are transmitted to the broker server 3 at regular intervals via the Internet 5 (step 100). For this purpose, the SCADA and master data 10, 11 are together provided with a digital signature 2″ on the basis of the secret key 2′ of the wind turbine.

[0047] After being received, the digital signature 2″ is checked by the broker server 3 and the correctly signed data are stored in the memory 6 of the broker server 3, in which case the signature 2″ is discarded.

[0048] In addition, a metadata record 12, which, in addition to the unique identifier of the wind turbine 10, also comprises information relating to the period covered by the SCADA data and the content-related scope of the SCADA data, is generated from the received SCADA and master data 10, 11. This metadata record 12 is transmitted to the user client 4 (step 101).

[0049] If it is determined by the user client 4 in an automated manner or manually that there is interest in the SCADA and master data, the received metadata record 12 is provided with a digital signature 4″ based on the secret key 4′ of the user client 4 and is transmitted back to the broker server 3 (step 102).

[0050] After receiving the signed metadata record 12, the broker server 3 loads the SCADA and master data 10, 11 belonging to the metadata record 12 from the memory 6 and creates a delivery data record 13 therefrom.

[0051] In this case, the delivery data record 13 comprises the metadata record 12 signed by the user client 4, including the signature thereof, and the SCADA and master data 10, 11 belonging to this metadata record 12. The delivery data record 13 is supplemented with a signature 3″ based on the secret key 3′ of the broker server 3 before it is transmitted to the user client 4 (step 103).

[0052] The user client 4 therefore gains access to the SCADA and master data 10, 11 of the wind turbine 2, the integrity of which is guaranteed by the signature 3″ of the broker server 3. The risk of unauthorized forwarding of the data is reduced in this case since the SCADA and master data 10, 11 can either only be forwarded without a signature, but their integrity is no longer guaranteed, or the origin of the data can be permanently traced back on account of the included signature 4″ of the user client 4, which in turn can result in contractually agreed sanctions of the user.

[0053] In particular, the metadata record 12 is preferably transmitted in steps 101 and 102 via a blockchain, as a result of which the data transmission security can be increased further.