CN112087262A

Movatterモバイル変換

Info

Publication number: CN112087262A
Application number: CN202010961720.XA
Authority: CN
Inventors: 张�诚
Original assignee: Shanghai Waigaoqiao No3 Power Generation Co ltd
Current assignee: Shanghai Waigaoqiao No3 Power Generation Co ltd
Priority date: 2020-09-14
Filing date: 2020-09-14
Publication date: 2020-12-15

Abstract

The invention discloses a unidirectional industrial network data transmission system and a unidirectional industrial network data transmission method, which relate to the technical field of network data transmission and comprise a switch, a first photoelectric converter, an optical fiber, an optical isolator, a second photoelectric converter, a collection device and an analysis platform. The invention utilizes the one-way characteristic of the light and the reverse blocking function of the optical isolator to protect the industrial control network from transmitting data messages back by the acquisition device or avoiding abnormal risks of the control network switch caused by malicious light source injection from the acquisition device side while outputting network data to the outside.

Description

Translated fromChinese

一种单向工业网络数据传输系统及传输方法A one-way industrial network data transmission system and transmission method

技术领域technical field

本发明涉及网络数据传输技术领域，尤其涉及一种单向工业网络数据传输系统及传输方法。The invention relates to the technical field of network data transmission, in particular to a one-way industrial network data transmission system and transmission method.

背景技术Background technique

2003年1月美国俄亥俄州核电站受到SQL Slammer蠕虫病毒攻击，网络数据传输量剧增，导致系统变慢，控制计算机连续数小时无法工作。2015年12月23日当地时间15时左右，乌克兰首都基辅部分地区和乌克兰西部的140万名居民突然遭遇了一次长达数小时的大规模停电，至少三个电力区域被攻击。电力公司称：公司因遭到入侵，导致7个110KV的变电站和23个35KV的变电站出现故障，导致80000用户断电。2016年12月17日当地时间23点多，时隔一年，乌克兰的国家电力部门又一次遭遇了黑客袭击，这次停电持续了30分钟左右，受影响的区域是乌克兰首都基辅北部及其周边地区。30分钟后，工程师将设备切换为手工模式，并开始恢复供电，75分钟后完全恢复供电。In January 2003, the Ohio nuclear power plant in the United States was attacked by the SQL Slammer worm virus, and the network data transmission volume increased sharply, causing the system to slow down and the control computer to be unable to work for several hours. At around 15:00 local time on December 23, 2015, 1.4 million residents in parts of Ukraine's capital Kyiv and western Ukraine suddenly suffered a large-scale power outage that lasted for several hours, and at least three power areas were attacked. The power company said: The company was invaded, causing seven 110KV substations and 23 35KV substations to fail, resulting in power outages for 80,000 customers. At 23:00 local time on December 17, 2016, after a year, Ukraine's national power sector was attacked by hackers again. The power outage lasted about 30 minutes. The affected area was the northern part of Ukraine's capital Kyiv and its surrounding areas. area. After 30 minutes, the engineer switched the equipment to manual mode and began to restore power, and fully restored power after 75 minutes.

工业控制网络的安全越来越受到关注，目前传统防护方案除了在网络边界部署安全隔离装置外，还会在控制网络内部部署网络审计系统，对该工业控制网络进行流量审计，该系统能对网络中的工控协议进行深度包协议解析，实时检测针对工业协议的网络攻击、违规操作、非法设备接入等内网异常行为，及时发现隐藏在正常流量中的异常数据包。部署时需要对交换机进行软件设置，将所有在用端口数据使用数据镜像功能，在交换机内复制后通过双向通讯的RJ45网线发送至采集装置，再从采集装置通过双向通讯的RJ45网线发送至分析平台。The security of industrial control networks has attracted more and more attention. In addition to deploying security isolation devices at the network boundary, traditional protection solutions also deploy a network audit system inside the control network to conduct traffic audits on the industrial control network. In-depth packet protocol analysis is performed on the industrial control protocol in the system, real-time detection of network attacks against industrial protocols, illegal operations, illegal device access and other intranet abnormal behaviors, and timely discovery of abnormal data packets hidden in normal traffic. During deployment, it is necessary to set the software on the switch, and use the data mirroring function for all the port data in use. After copying in the switch, send it to the acquisition device through the two-way communication RJ45 network cable, and then send it from the acquisition device to the analysis platform through the two-way communication RJ45 network cable. .

采集装置异常时或配置错误时，会反向回送异常报文至交换机，导致交换机响应降低，影响交换机上其它端口的正常运行，甚至出现报文穿透导致工业控制网络瘫痪。由于工业网络24小时运行的特殊性，这种功能中断的风险在工业控制网络中是不可接受的。现实中曾出现过类似案例导致火电站控制系统停运，触发整座电站停运的严重事故。When the acquisition device is abnormal or misconfigured, abnormal packets will be sent back to the switch, which will reduce the response of the switch, affect the normal operation of other ports on the switch, and even cause the industrial control network to be paralyzed due to packet penetration. Due to the peculiarity of 24-hour operation of industrial networks, this risk of functional interruption is unacceptable in industrial control networks. In reality, there have been similar cases that led to the shutdown of the control system of the thermal power station, triggering a serious accident that caused the shutdown of the entire power station.

因此，本领域的技术人员致力于开发一种单向工业网络数据传输系统及传输方法。Therefore, those skilled in the art are devoted to developing a one-way industrial network data transmission system and transmission method.

发明内容SUMMARY OF THE INVENTION

有鉴于现有技术的上述缺陷，本发明所要解决的技术问题是如何实现从交换机至采集装置之间的数据单向传输，从而避免采集装置故障或异常对控制网络的影响。In view of the above-mentioned defects of the prior art, the technical problem to be solved by the present invention is how to realize unidirectional data transmission from the switch to the collection device, so as to avoid the influence of the failure or abnormality of the collection device on the control network.

为实现上述目的，本发明提供了一种单向工业网络数据传输系统及传输方法。其特征在于，包括交换机、第一光电转换器、第一光纤、第二光纤、光隔离器、第二光电转换器、采集装置和分析平台。To achieve the above purpose, the present invention provides a one-way industrial network data transmission system and transmission method. It is characterized in that it includes a switch, a first photoelectric converter, a first optical fiber, a second optical fiber, an optical isolator, a second photoelectric converter, a collection device and an analysis platform.

进一步地，所述交换机负责将工业网络数据进行流量复制，并将其转换为电信号通过RJ45网络端口输出，使用网线连接至所述第一光电转换器。Further, the switch is responsible for duplicating the flow of industrial network data, converting it into electrical signals and outputting them through the RJ45 network port, and connecting to the first photoelectric converter using a network cable.

进一步地，所述第一光电转换器负责接收所述交换机输出的RJ45端口上的电信号，并将其转换为光信号，从其光纤TX端口对外输出光信号。Further, the first photoelectric converter is responsible for receiving the electrical signal on the RJ45 port output by the switch, converting it into an optical signal, and outputting the optical signal from its optical fiber TX port.

进一步地，所述第一光纤负责将所述第一光电转换器输出的光信号传输至所述光隔离器。Further, the first optical fiber is responsible for transmitting the optical signal output by the first photoelectric converter to the optical isolator.

进一步地，所述光隔离器负责限制光的方向性，只允许光从隔离器的输入侧射向输出侧，是使得光向一个方向通过而阻止向相反方向通过的无源器件。Further, the optical isolator is responsible for limiting the directivity of light, only allowing light to be emitted from the input side of the isolator to the output side, and is a passive device that allows light to pass in one direction and prevents it from passing in the opposite direction.

进一步地，所述第二光纤负责将所述光隔离器输出的光信号传输至所述第二光电转换器光纤RX端口。Further, the second optical fiber is responsible for transmitting the optical signal output by the optical isolator to the RX port of the second optical-electrical converter optical fiber.

进一步地，所述第二光电转换器，负责将光纤RX端口接收到的光信号转换为电信号，并从其RJ45网络端口输出，通过网线连接至所述采集装置。Further, the second photoelectric converter is responsible for converting the optical signal received by the RX port of the optical fiber into an electrical signal, and outputting it from its RJ45 network port, and connecting it to the collecting device through a network cable.

进一步地，所述采集装置负责将获取的网络流量进行打包汇聚，并将汇总后的数据通过网线传输至所述分析平台。Further, the collection device is responsible for packaging and aggregation of the acquired network traffic, and transmitting the aggregated data to the analysis platform through a network cable.

进一步地，所述分析平台负责将获取的多路网络流量数据进行分析，并将分析结果进行展示和再利用。Further, the analysis platform is responsible for analyzing the acquired multi-channel network traffic data, and displaying and reusing the analysis results.

一种单向工业网络数据传输方法，其特征在于，所述方法包括以下步骤：A one-way industrial network data transmission method, characterized in that the method comprises the following steps:

步骤一、工业控制网络侧交换机开启镜像功能，将所有在用端口数据流量发送至某个空余的RJ45网络端口；Step 1. The switch on the industrial control network side enables the mirroring function to send all the data traffic of the port in use to a spare RJ45 network port;

步骤二、使用网线将所述交换机与所述第一光电转换器RJ45电口连接；Step 2, using a network cable to connect the switch with the first photoelectric converter RJ45 electrical port;

步骤三、所述第一光电转换器将RJ45电口上的电信号转换为光信号，从其光纤TX端口对外输出光信号；Step 3: The first photoelectric converter converts the electrical signal on the RJ45 electrical port into an optical signal, and outputs the optical signal from its optical fiber TX port;

步骤四、使用所述第一光纤连接所述第一光电转换器的TX端口和所述光隔离器的输入端口；Step 4, using the first optical fiber to connect the TX port of the first photoelectric converter and the input port of the optical isolator;

步骤五、使用所述光隔离器，确保所述第一光电转换器输出的光信号单向传输至所述第二光电转换器；Step 5. Using the optical isolator to ensure that the optical signal output by the first photoelectric converter is unidirectionally transmitted to the second photoelectric converter;

步骤六、使用所述第二光纤连接所述光隔离器输出端口和所述第二光电转换器的RX端口；Step 6, using the second optical fiber to connect the output port of the optical isolator and the RX port of the second photoelectric converter;

步骤七、所述第二光电转换器将光纤RX端口上接收的光信号转换为电信号，从其RJ45电口对外输出电信号；Step 7: The second photoelectric converter converts the optical signal received on the optical fiber RX port into an electrical signal, and outputs the electrical signal from its RJ45 electrical port;

步骤八、使用网线将所述第二光电转换器与所述采集装置连接；Step 8, using a network cable to connect the second photoelectric converter with the collection device;

步骤九、使用网线将所述采集装置与所述分析平台连接。Step 9. Use a network cable to connect the collection device to the analysis platform.

技术效果：Technical effect:

1、利用光的单向特性以及光隔离器的反向阻断功能，双重保护了工业控制网络在对外输出网络数据的同时，避免被采集装置传回数据报文或恶意从采集装置侧进行恶意光源注入，从而导致控制网络交换机发生异常风险。1. Utilizing the unidirectional characteristics of light and the reverse blocking function of the optical isolator, it double protects the industrial control network while outputting network data to the outside world, while avoiding the data packets being sent back by the acquisition device or malicious execution from the acquisition device side. Light source injection, resulting in abnormal risk of control network switches.

2、解决了从工业网络内部安全可靠的向外界设备提供数据的问题，使得在工业控制网络内部获取数据变得高效、便捷。2. It solves the problem of safely and reliably providing data to external devices from the inside of the industrial network, making it efficient and convenient to obtain data inside the industrial control network.

以下将结合附图对本发明的构思、具体结构及产生的技术效果作进一步说明，以充分地了解本发明的目的、特征和效果。The concept, specific structure and technical effects of the present invention will be further described below in conjunction with the accompanying drawings, so as to fully understand the purpose, characteristics and effects of the present invention.

附图说明Description of drawings

图1是本发明的一个较佳实施例的单向工业网络数据传输接入方案示意图；1 is a schematic diagram of a one-way industrial network data transmission access scheme according to a preferred embodiment of the present invention;

图2是本发明的第二个较佳实施例的单向工业网络数据传输接入方案示意图；2 is a schematic diagram of a one-way industrial network data transmission access scheme according to a second preferred embodiment of the present invention;

图3是本发明的第三个较佳实施例的单向工业网络数据传输接入方案示意图。FIG. 3 is a schematic diagram of a one-way industrial network data transmission access scheme according to a third preferred embodiment of the present invention.

具体实施方式Detailed ways

以下参考说明书附图介绍本发明的多个优选实施例，使其技术内容更加清楚和便于理解。本发明可以通过许多不同形式的实施例来得以体现，本发明的保护范围并非仅限于文中提到的实施例。在附图中，结构相同的部件以相同数字标号表示，各处结构或功能相似的组件以相似数字标号表示。The following describes several preferred embodiments of the present invention with reference to the accompanying drawings, so as to make its technical content clearer and easier to understand. The present invention can be embodied in many different forms of embodiments, and the protection scope of the present invention is not limited to the embodiments mentioned herein. In the drawings, structurally identical components are denoted by the same numerals, and structurally or functionally similar components are denoted by like numerals throughout.

一种单向工业网络数据传输系统，包括交换机、第一光电转换器、第一光纤、第二光纤、光隔离器、第二光电转换器、采集装置、分析平台。A one-way industrial network data transmission system includes a switch, a first photoelectric converter, a first optical fiber, a second optical fiber, an optical isolator, a second photoelectric converter, a collection device, and an analysis platform.

其中交换机负责将工业网络数据进行流量复制，并将其转换为电信号通过RJ45网络端口输出，使用网线连接至第一光电转换器。The switch is responsible for duplicating the flow of industrial network data, converting it into an electrical signal and outputting it through the RJ45 network port, and connecting it to the first photoelectric converter using a network cable.

第一光电转换器负责接收交换机输出的RJ45端口上的电信号，并将其转换为光信号，从其光纤TX端口对外输出光信号。The first photoelectric converter is responsible for receiving the electrical signal on the RJ45 port output by the switch, converting it into an optical signal, and outputting the optical signal from its optical fiber TX port.

第一光纤负责将第一光电转换器输出的光信号传输至光隔离器。光隔离器，负责限制光的方向性，只允许光从隔离器的输入侧射向输出侧，是使得光向一个方向通过而阻止向相反方向通过的无源器件，作用是对光的方向进行限制，使光只能单方向传输。The first optical fiber is responsible for transmitting the optical signal output by the first photoelectric converter to the optical isolator. The optical isolator is responsible for limiting the directionality of light and only allows light to be emitted from the input side of the isolator to the output side. It is a passive device that allows light to pass in one direction and prevents it from passing in the opposite direction. restrictions, so that light can only be transmitted in one direction.

第二光纤负责将光隔离器的输出的光信号传输至第二光电转换器光纤RX端口。The second optical fiber is responsible for transmitting the optical signal output by the optical isolator to the RX port of the second optical-to-electrical converter optical fiber.

第二光电转换器负责将光纤RX端口接收到的光信号转换为电信号，并从其RJ45网络端口输出，通过网线连接至采集装置。The second photoelectric converter is responsible for converting the optical signal received by the optical fiber RX port into an electrical signal, and outputting it from its RJ45 network port, and connecting it to the acquisition device through a network cable.

采集装置负责将获取的网络流量进行打包汇聚，一个采集装置可以接入多路网络的输入数据，并将汇总后的数据通过网线传输至分析平台。The collection device is responsible for packaging and aggregation of the acquired network traffic. One collection device can access the input data of multiple networks, and transmit the aggregated data to the analysis platform through the network cable.

分析平台负责将获取的多路网络流量数据(一个分析平台可以接入多路采集装置的数据)进行分析，并将分析结果进行展示或再利用。The analysis platform is responsible for analyzing the acquired multi-channel network traffic data (an analysis platform can access the data of the multi-channel collection devices), and displaying or reusing the analysis results.

接入方案单向传输特性的实现机理：The realization mechanism of the one-way transmission feature of the access scheme:

由于光纤传输数据需要发送TX端光源、传输介质光纤、接收RX端感应器三者同时存在才能完成从发送端到接受端的数据流动。且由于光的单向性，即光只会从光源侧TX端口发出到接受感应侧RX端口，反向是无光源驱动实现数据传输。从物理上确保了整个链路的单向性。Because the optical fiber transmission data requires the existence of the transmitting TX end light source, the transmission medium optical fiber, and the receiving RX end sensor at the same time, the data flow from the transmitting end to the receiving end can be completed. And due to the unidirectional nature of light, that is, light will only be sent from the TX port on the light source side to the RX port on the receiving side, and the reverse is driven by no light source to achieve data transmission. Physically ensures the unidirectionality of the entire link.

传输方法如图1所示，数据将从左向右发送：The transmission method is shown in Figure 1, the data will be sent from left to right:

步骤1、工业控制网络侧交换机开启镜像功能，将所有在用端口数据流量发送至某个空余的RJ45网络端口。Step 1. Turn on the mirroring function on the switch on the industrial control network side, and send all the data traffic of the port in use to a spare RJ45 network port.

步骤2、使用网线将交换机与第一光电转换器RJ45电口连接。Step 2. Use a network cable to connect the switch to the RJ45 electrical port of the first photoelectric converter.

步骤3、第一光电转换器将RJ45电口上的电信号转换为光信号，从其光纤TX端口对外输出光信号。Step 3. The first photoelectric converter converts the electrical signal on the RJ45 electrical port into an optical signal, and outputs the optical signal from its optical fiber TX port.

步骤4、使用第一光纤连接第一光电转换器的TX端口和光隔离器的输入端口。Step 4. Use the first optical fiber to connect the TX port of the first photoelectric converter and the input port of the optical isolator.

步骤5、使用光隔离器，确保第一光电转换器输出的光信号单向传输至第二光电转换器。Step 5. Use an optical isolator to ensure that the optical signal output by the first photoelectric converter is unidirectionally transmitted to the second photoelectric converter.

步骤6、使用第二光纤连接光隔离器输出端口和第二光电转换器的RX端口。Step 6. Use the second optical fiber to connect the output port of the optical isolator and the RX port of the second photoelectric converter.

步骤7、第二光电转换器将光纤RX端口上接收的光信号转换为电信号，从其RJ45电口对外输出电信号。Step 7. The second photoelectric converter converts the optical signal received on the RX port of the optical fiber into an electrical signal, and outputs the electrical signal from its RJ45 electrical port.

步骤8、使用网线将第二光电转换器与采集装置连接。Step 8. Use a network cable to connect the second photoelectric converter to the acquisition device.

步骤9、使用网线将采集装置与分析平台连接。Step 9. Use a network cable to connect the acquisition device to the analysis platform.

实施例二如下：The second embodiment is as follows:

若工业控制网络交换机与采集装置距离较近不存在远端被恶意利用风险，出于成本考虑，则可以省略光隔离器，直接将单向光纤接入第二光电转换器的RX端口，可以同样实现单向传输工业网络数据功能。If the distance between the industrial control network switch and the acquisition device is close, there is no risk of malicious use at the remote end. For cost reasons, the optical isolator can be omitted, and the unidirectional optical fiber can be directly connected to the RX port of the second photoelectric converter. Realize the function of one-way transmission of industrial network data.

一种单向工业网络数据传输系统，包括交换机、第一光电转换器、光纤、第二光电转换器、采集装置、分析平台。A one-way industrial network data transmission system includes a switch, a first photoelectric converter, an optical fiber, a second photoelectric converter, a collection device, and an analysis platform.

光纤负责将第一光电转换器TX端口输出的光信号传输至第二光电转换器光纤RX端口。The optical fiber is responsible for transmitting the optical signal output from the TX port of the first photoelectric converter to the RX port of the optical fiber of the second photoelectric converter.

第二光电转换器，负责将光纤RX端口接收到的光信号转换为电信号，并从其RJ45网络端口输出，通过网线连接至采集装置。The second photoelectric converter is responsible for converting the optical signal received by the RX port of the optical fiber into an electrical signal, outputting it from its RJ45 network port, and connecting it to the acquisition device through a network cable.

采集装置，负责将获取的网络流量进行打包汇聚，一个采集装置可以接入多路网络的输入数据，并将汇总后的数据通过网线传输至分析平台。The collection device is responsible for packaging and aggregation of the acquired network traffic. One collection device can access the input data of the multi-channel network, and transmit the aggregated data to the analysis platform through the network cable.

分析平台，负责将获取的多路网络流量数据(一个分析平台可以接入多路采集装置的数据)进行分析，并将分析结果进行展示或再利用。The analysis platform is responsible for analyzing the acquired multi-channel network traffic data (an analysis platform can access the data of the multi-channel collection devices), and displaying or reusing the analysis results.

传输方法如图2所示，数据将从左向右发送：The transmission method is shown in Figure 2, the data will be sent from left to right:

步骤4、使用光纤连接第一光电转换器的TX端口和第二光电转换器的RX端口。Step 4. Use an optical fiber to connect the TX port of the first photoelectric converter and the RX port of the second photoelectric converter.

步骤5、第二光电转换器将光纤RX端口上接收的光信号转换为电信号，从其RJ45电口对外输出电信号。Step 5. The second photoelectric converter converts the optical signal received on the RX port of the optical fiber into an electrical signal, and outputs the electrical signal from its RJ45 electrical port.

步骤6、使用网线将第二光电转换器与采集装置连接。Step 6. Use a network cable to connect the second photoelectric converter to the acquisition device.

步骤7、使用网线将采集装置与分析平台连接。Step 7. Use a network cable to connect the acquisition device to the analysis platform.

实施例三如下：The third embodiment is as follows:

若交换机本身支持光纤的单纤单发功能，则可以省略第一光电转换器，直接将单向光纤接入光隔离器，可以同样实现单向传输工业网络数据功能。目前工业网络常见交换机均无此功能，仅在少数最新的商用交换机有此功能，且实现成本较高。If the switch itself supports the single-fiber single-transmission function of the optical fiber, the first photoelectric converter can be omitted, and the one-way optical fiber is directly connected to the optical isolator, which can also realize the function of one-way transmission of industrial network data. At present, common switches in industrial networks do not have this function, only a few of the latest commercial switches have this function, and the implementation cost is high.

一种单向工业网络数据传输系统，包括交换机、第一光纤、光隔离器、第二光纤、光电转换器、采集装置、分析平台。A one-way industrial network data transmission system includes a switch, a first optical fiber, an optical isolator, a second optical fiber, a photoelectric converter, a collection device, and an analysis platform.

其中交换机负责将工业网络数据进行流量复制，并将其转换为光信号通过光纤TX端口输出，使用光纤连接至光电转换器。The switch is responsible for copying the flow of industrial network data, converting it into optical signal and outputting it through the optical fiber TX port, and connecting it to the photoelectric converter using optical fiber.

第一光纤负责将交换机输出的光信号传输至光隔离器。The first optical fiber is responsible for transmitting the optical signal output by the switch to the optical isolator.

光隔离器，负责限制光的方向性，只允许光从隔离器的输入侧射向输出侧，是使得光向一个方向通过而阻止向相反方向通过的无源器件，作用是对光的方向进行限制，使光只能单方向传输。The optical isolator is responsible for limiting the directionality of light and only allows light to be emitted from the input side of the isolator to the output side. It is a passive device that allows light to pass in one direction and prevents it from passing in the opposite direction. restrictions, so that light can only be transmitted in one direction.

第二光纤负责将光隔离器的输出的光信号传输至光电转换器光纤RX端口。The second optical fiber is responsible for transmitting the optical signal output from the optical isolator to the optical-to-electrical converter optical fiber RX port.

光电转换器负责将光纤RX端口接收到的光信号转换为电信号，并从其RJ45网络端口输出，通过网线连接至采集装置。The photoelectric converter is responsible for converting the optical signal received by the optical fiber RX port into an electrical signal, outputting it from its RJ45 network port, and connecting it to the acquisition device through a network cable.

传输方法如图3所示，数据将从左向右发送：The transmission method is shown in Figure 3, the data will be sent from left to right:

步骤1、工业控制网络侧交换机开启镜像功能，将所有在用端口数据流量发送至某个空余的光纤网络端口，并启用单纤单发模式。Step 1. Turn on the mirroring function on the switch on the industrial control network side, send all the data traffic of the port in use to a spare optical fiber network port, and enable the single-fiber single-shot mode.

步骤2、使用第一光纤连接交换机的TX端口和光隔离器的输入端口。Step 2. Use the first optical fiber to connect the TX port of the switch and the input port of the optical isolator.

步骤3、使用光隔离器，确保交换机输出的光信号单向传输至光电转换器。Step 3. Use an optical isolator to ensure that the optical signal output by the switch is unidirectionally transmitted to the photoelectric converter.

步骤4、使用第二光纤连接光隔离器输出端口和光电转换器的RX端口。Step 4. Use the second optical fiber to connect the output port of the optical isolator and the RX port of the photoelectric converter.

步骤5、光电转换器将光纤RX端口上接收的光信号转换为电信号，从其RJ45电口对外输出电信号Step 5. The photoelectric converter converts the optical signal received on the optical fiber RX port into an electrical signal, and outputs the electrical signal from its RJ45 electrical port.

以上详细描述了本发明的较佳具体实施例。应当理解，本领域的普通技术无需创造性劳动就可以根据本发明的构思作出诸多修改和变化。因此，凡本技术领域中技术人员依本发明的构思在现有技术的基础上通过逻辑分析、推理或者有限的实验可以得到的技术方案，皆应在由权利要求书所确定的保护范围内。The preferred embodiments of the present invention have been described in detail above. It should be understood that many modifications and changes can be made according to the concept of the present invention by those skilled in the art without creative efforts. Therefore, any technical solutions that can be obtained by those skilled in the art through logical analysis, reasoning or limited experiments on the basis of the prior art according to the concept of the present invention shall fall within the protection scope determined by the claims.