Table of basic data of inverted siphon node.
The emergency management system for sudden water pollution accidents of the main canal is the integrated application of the aforesaid three key technologies and is the key to verify the effect of practical application of these technologies. The emergency management system is formed by integrating basic information, measured data, and professional models through the communication mode of network transmission. The system can provide support for emergency response in case of emergency conditions including sudden water pollution accidents and technical support for security operations of the MRP.
- emergency management
- integrated application
The system integrates and visualizes accident-related information and model by mainly using computer and information technologies to provide decision making support for emergency response . For a large-scale complex, water diversion project like the MRP, the scale, and complexity of the project requires more scientific decision-making methods and tools under emergency conditions including sudden water pollution accidents to ensure its safe and reliable operation and reduce the loss and influence scope as far as possible. In order to achieve consistency of information data of the project and improve model analysis efficiency, as well as the water diversion stability and the recovery performance for coping with emergencies, it is very important to establish an emergency management platform, which integrates project parameters, spatial analysis, mathematical model, decision-making consultation, and other functions.
2. Service objects and construction goals
2.1 Service objects
Three levels of management institutions are set up for the MRP: 1 head company, 5 sub-companies, and 47 management offices. The emergency management system mainly serves these management institutions above. Through operation of the system, the management staff can make scientific and reasonable responses to sudden water pollution accidents in the main canal.
2.2 Construction goals
The system focuses on the emergency management of sudden water pollution accidents in the MRP by integrating multisource data (i.e., project information and real-time measured data), professional models (i.e., hydrodynamic and water quality model, sudden water pollution accidents source identification model, and emergency operation model), and developing emergency response and decision-making consultation modules to formulate the emergency management system, in order to provide support for emergency response in case of emergency conditions including sudden water pollution accidents, and provide technical support for security operations of the MRP.
3. System framework
3.1 System hierarchy
The emergency management system takes GIS as a platform, uses Client/Server architecture and server to arrange data server and store space data, project parameters, model parameters, result data, and the like, and provides data management and sharing, system maintenance, concurrency control, and other services. An application server is arranged at the client to encapsulate user’s application business logic and provides friendly, simple operating interfaces. Through inputting a request or command, the user calls the service related to the application server. The application server interacts with a data server according to customer’s demands. After receiving an application service request, the client implements corresponding data processing according to a received application service request and returns the processing result to the application server, and then, the application server performs the business logic process corresponding thereto and finally returns the processing result to the user.
The emergency management system includes four layers: monitoring, database, decision control, and user interface. The monitoring layer is responsible for water quantity and quality monitoring and the local control and implementation of check gate pump group. The database layer includes real-time water quantity and quality information, real-time operating condition information and parameters, model parameter information, etc. The application layer includes four modules: information management, traceability simulation, emergency control, and decision consultation. The user interface layer is used for completing interactive operations with the user’s diagrams, tables, GIS, and so on. The overall system framework design is shown in Figure 1.
3.2 Database design
The database for the emergency management system is designed and managed by using Microsoft SQL Server 2008 R2. The design is introduced below by taking two types of data—attribute data of inverted siphon and the data real-time monitored at dividing gate—as examples. Refer Tables 1 and 2.
|Item||Code||Type of data|
|Inverted siphon node no.||DXHJD_ID||numeric|
|Type of node||JCTTYPE||int|
|Type of cross-section||PORTTYPE||int|
|Name of node||JCTNAME||varchar (100)|
|Node inlet pile no.||JCTINCOOR||float|
|Node outlet pile no.||JCTOUTCOOR||float|
|Number of parallel inverted siphon||PARALLELNUM||int|
|Actual pipeline length||LENGTH||float|
|Elevation of inlet bottom||IN_TOPELEV||float|
|Elevation of outlet bottom||OUT_TOPELEV||float|
|Loss coefficient at inlet transition section||KSI_0||float|
|Loss coefficient of inlet sluice chamber||KSI_1||float|
|Loss coefficient of inlet pipe orifice||KSI_2||float|
|Loss coefficient of check gate||KSI_3||float|
|Loss coefficient of outlet pipe orifice||KSI_4||float|
|Loss coefficient of outlet sluice chamber||KSI_5||float|
|Loss coefficient at outlet transition section||KSI_6||float|
|Item||Code||Type of data|
|Real-time data no.||FSKSSSJ_ID||numeric|
|Monitoring time||JCTIME||date time|
3.3 Model encapsulation and integration
3.3.1 C# language call convention
The model kernel is developed on the basis of the C++ source code of the control simulation model for the middle route. The interface is packaged in the style of standard C++, and the call is made by the C# language.
The program source code for developing C# is not compiled into a local binary code that can be directly executed on an operating system but into an intermediate code. And then, the intermediate code is executed via a virtual machine for .Net framework, which is called common language runtime (CLR). All the .Net programming languages are compiled into an intermediate code, which is called Microsoft intermediate language (MSIL). Therefore, although both final programs and traditional executable files have the suffix “.exe” on the surface, in fact, if the .Net framework is not installed on a computer, these programs will not be able to be executed. When executing the programs, .Net framework translates the intermediate code into a binary machine code so that it can run correctly. The final binary code is stored in a buffer. Once the programs use the same code, the version in the buffer will be invoked.
3.3.2 Fault-tolerant processing
When data or a file is damaged or lost due to various reasons in the model system, the system can record the related error code by using the running log mode and basic reasons. At this time, the system will enter a self-checking data process and correct data in such a manner that has no effect on the next computing. On the contrary, the model releases resources, stops working, and pops up an outer notification frame.
3.3.3 Management of input and output of text and database formats
Model basic engineering parameter files support text read-in, other parameters are inputted by calling an interface, and input data are checked by the model kernel. When finding unqualified data, the model kernel notifies an external call framework via error log and returned value. The returned value is judged each time before entering the next step. After basic engineering at the initial phase of model simulation is established, the user can intervene data preparation by a computing unit by calling an intermediate interface. When each unit completes computing, the user can also make judgment through an interface to obtain computing data at each step. The acquisition of such data is generally done by calling an interface and finally reflected in final text output.
The addition of database elements supports SQL Server database data import and export, and previous preparation data and intermediate computing data of the model can be easily imported into the database.
When data is being outputted, the external framework is able to obtain intermediate data by calling an interface at each step during computing, realizing real-time display demand, and importing all computing data via analysis of a final computed result file for animation play browsing.
3.3.4 Algorithm and model encapsulation
In this part, the kernel model is encapsulated; mainly, the model code is encapsulated as a complete functional code. The model is divided into three parts: model preparation, model computing, and model resource release.
220.127.116.11 Model preparation phase
Model preparation phase needs basic engineering parameters and computing simulation parameters, which are imported into database by reading all element parameters of channel cross-section of the main canal in a text mode. The user manually inputs computing simulation parameters required for control model in the system interface and then imports them into the database.
18.104.22.168 Model computing
First, perform initialization of the parameters of the channel, check gate, release sluice, dividing gate, aqueduct, inverted siphon, then read the parameters needed for control model, entered by user and finally compute with with control algorithm . This computing unit is called by external logic and stores intermediate data computed so as to meet the demand for the next computing. When the computing is finished, the resources of various types of computing units can be released according to user demands.
22.214.171.124 Model resource release
The memory resource that is occupied by the model is released according to user demands.
3.3.5 Encapsulation of algorithm Web service
XML is used as the standard format for data exchange between systems; Web services are used to publish the service to the Internet; dynamic combination and integration of Web components are performed according to business and processes; data transmission is ensured by using a message queue mechanism, in order to achieve data exchange and sharing purposes. An integrated system with good expansibility, less resources occupation, loose coupling, strong reusability, and convenient maintenance can be built by using the general exchange platform.
3.4 Technical structure for system implementation
The design of the emergency management system will be developed by using an MVC three-layer structure. That is to say, the whole business application will be divided into a presentation layer, business logic layer, data access layer, and so on. Among them, the data access layer (DAL) is used to achieve the interaction with and access to the database and to obtain data from the database or save data to the database. The business logic layer (BLL) connects the preceding and the next and used for logical data processing of upper and lower interactive data to achieve business goals. The presentation layer (UI) mainly used to realize the interaction with the user, receive the user request, or return display of data result of the user request, while concrete data processing is handed over to the service logic layer and the data access layer to process. The business entity model used to encapsulate entity data structures, generally used to map the data tables or views of a database and to describe objects that exist objectively in the business. Model is separated for better decoupling, giving a better play to layering, better reuse and expansion, and enhancing flexibility. Common class library (Common): common utility helpers.
Visual Studio is the development environment launched by Microsoft Corp. At present, it is the most popular Windows platform application development environment. The system will use Visual Studio 2012 version for development and C# language.
4. System functions
The emergency management system includes four core modules: a data management module, a traceability simulation module, an emergency operation module, and an emergency consultation module.
4.1 Data management
4.1.1 Attribute data management
A node data management and maintenance module mainly include the data management and maintenance in the following aspects: channel node data, inverted siphon node data, transition section node data, connecting element node data, lateral bypass flow node data, check gate node data, aqueduct node data, tainter gate data, rectangular cross-section node data, etc . For details, see Table 3 below.
|Channel node data||Mainly includes basic node data, such as node name, node inlet/outlet pile no., channel bottom width, channel side slope, inlet bottom elevation, outlet bottom elevation, etc.|
|Inverted siphon node data||Mainly includes basic node data, such as node name, node inlet/outlet pile no., the number of parallel inverted siphons, channel bottom width, channel side slope, inlet bottom elevation, outlet bottom elevation, inlet sluice chamber loss coefficient, outlet sluice chamber loss coefficient, inlet pipe orifice loss coefficient, outlet pipe orifice loss coefficient, etc.|
|Transition section node data||Mainly includes basic node data, such as node name, node inlet/outlet pile no., area change loss coefficient, other loss coefficients, etc.|
|Connecting element node data||Mainly includes basic node data, such as node name, the number of inlet cross-sections, inlet cross-section bottom elevation, the number of outlet cross-sections, outlet cross-section bottom elevation, etc.|
|Lateral bypass flow node data||Mainly includes basic node data, such as element type, element no. node name, province/city where they are, etc.|
|Check gate node data||Mainly includes basic node data, such as node name, node inlet/outlet pile no., control water stage, sluice type, sluice parameters, initial opening, etc.|
|Aqueduct node data||Mainly includes basic node data, such as node name, node inlet/outlet pile no., the number of parallel aqueducts, inlet bottom elevation, outlet bottom elevation, roughness coefficient, etc.|
|Tainter gate data||Mainly includes basic node data, such as node name, the number of gate holes, gate bottom sill elevation, gate hole bottom width, height difference between tainter gate shaft and seating point when the tainter gate is closed, tainter gate radius, etc.|
|Rectangular cross-section node data||Mainly includes basic node data, such as the type, name, width, height, and the like of cross-section.|
The module function interface is displayed by taking tainter gate data management interface (Figure 2) for example.
4.1.2 Monitored data management
The monitored data of check gate, dividing gate, and release sluice under the project (at present, some release sluices are used as dividing gates) were reported artificially or automatically obtained from a sluice control system. For details, see Table 4.
|Type of structure||Monitored item||Monitoring frequency|
|Check gate||Upstream water stage of check gate, downstream water stage of check gate, gate hole opening, and flow||Every 2 hours||Every 10 minutes|
|Dividing gate||Upstream water stage of check gate, gate hole opening, flow and the quantity of divided water||At 8:00 AM every morning|
The module function interface is displayed by taking the flow data query interface for the check gate in Diaohe River (Figure 3) for example.
4.2 Traceability simulation
The traceability simulation module calls the pollution source information inversed by the sudden water pollution accidents traceability model depending on abnormal data of some cross-section water quality and then predicts the pollutant diffusion process by using a hydrodynamic water quality model . For details, see Table 5.
|Function name||Input item||Output item||Functional description||Effect display|
|Monitoring start time, monitored pile no., several monitored data at fixed interval||Pollution source intensity and position, release time||The model is called to calculate possible position of a pollution source according to monitoring start time, pollution source intensity and initial start location, and pollutant release time.||The error between simulate value and actual value through a chart.|
|Pollution source position pile no., pollution source intensity, and pollutant release time||The diffusion process and peak motion process of concentrations of pollutants in all channel sections of the whole main canal that change with time||Model simulation of pollutant diffusion range and effect is carried out according to pollution source position and intensity, and pollutant release time. The model is a precise simulation model, which can be used to simulate the diffusion process of pollutants in the channel of the whole main canal, peak arrival time, the change process of concentration of pollutants in channel section, etc.||Two methods are used to dynamically display the change in concentration of pollutants along the route. Because a concentration at a different level corresponds to a different color, one method visually displays such change via dynamic change of channel color; the other method displays the change process of pollutants along the route by using the change curve of concentration along the route at different times.|
The module function interface is displayed by taking the call interface of traceability model for example (Figure 4).
4.3 Emergency operation
The emergency operation module develops the emergency operation plan for accident channel pool, upstream, and downstream sections of accident channel pool and performs simulation calculation, based on simulation and prediction of sudden water pollution accidents events, in combination of contingency plan and other documents and by using a sluice emergency operation model, and then, it evaluates the effect of such plan .
The module function interface is displayed by taking the emergency operation plan setting interface (Figure 5) for example:
4.4 Emergency consultation
The emergency consultation module provides a consultation environment for management units and related decision makers according to the basic information of a sudden event and the simulation results of a professional model group. The module mainly has the following functions: consultation procedure management, consultation information collection and summary, group consultation, file management and information release, program review, and knowledge update.
4.4.1 Consultation procedure management
A decision consultation system should clearly carry out the specific process of consultation in order to make the system user know related information to be prepared and related work to be done at different stage of consultation and to make the system user able to understand progress of current consultation, realizing the management of the consultation process.
4.4.2 Collection and summary of information for consultation
Before the beginning of the consultation, the relevant information should be prepared for the topic of the consultation. According to actual situation, the consultation organization specifies requirements related to required information for units to participate in the consultation, which then submit related information to the consultation organization for review. After the review, the information is collected and arranged, and then it is uploaded to the decision consultation system for query and use in the consultation process.
4.4.3 Group consultation
Organize decision making personnel and assistants and other relevant personnel to carry out the consultation. During the consultation process, a template provided by the decision consultation system is used to display prepared information and other collected information related to such consultation; then, the decision making personnel carries out analysis, discussion, and the like according to the above information and current actual situation and develops one set or more sets of programs for selection, thus making decisions and obtaining the conclusion.
4.4.4 File management and information release
After completion of the consultation, the consultation result is arranged and summarized to form related information, and then, such information is arranged and filed by using the decision consultation system; at the same time, the information related to the consultation can be released as required.
4.4.5 Consultation review and knowledge update
After the consultation is finished, the files and information are reviewed and evaluated; useful information is extracted therefrom; and existing plans, rules, and knowledge are perfected, and the blank or missing parts are supplemented.
The module function interface is displayed by taking the event information input interface (Figure 6) for example:
5. System safety and maintenance
5.1 System safety
5.1.1 Network security design
The security measures of the system in the network layer mainly include firewall protection and intrusion detection technology. Connection with the Internet is done by using firewall protection; different types of firewall protection systems are used to protect the connection between Web server and back-end database.
Firewall protection functions include packet filtering based on state detection; multistage 3D access control mechanism; management mechanism oriented to objects; supporting multiple connection methods and transparent router; supporting OSPF, IPX, NETBEUI and SNMP and other protocols; having bidirectional address conversion ability; transparent application proxy; one-time password authentication mechanism; bandwidth management; having some built-in functions of intrusion detection or capacity to interact with intrusion detection equipment; remote management capacity; hot standby; load balancing; supporting dynamic IP address; embedded VPN function support; and flexible audit and log functions.
The functions provided by the network intrusion detection system include realizing real-time, distributed, and collaborative intrusion detection in the network environment to fully detect possible intrusion; timely identifying various hacker attacks, and when an attack is found, blocking and weakening attack behaviors, recording detailed records, creating an intrusion detection report, and timely giving a warning to the administrator; performing multilayer scan as required by the administrator, and configuring multiple scans according to specific time, width and fineness demands; supporting parallel detection and being able to perform multiple detection execution of a large network conveniently and simultaneously; detection and scan should not have an effect on normal network connection service and network efficiency; the feature library of detection should be comprehensive and can be updated timely; security detection strategy can be set by the user, the grades of detection intensity and disk degree are managed, and the user can choose detection strategies according to different needs; helping build security strategy, having detailed help database, and helping the administrator to realize network security and developing practical, enforceable network security policies.
5.1.2 Data security design
126.96.36.199 Database management
188.8.131.52.1 Security strategies for database user
The security policy of database users includes the security of general users and end users.
The security of general users is solved by password management and privilege management. If a user confirms its identity through a database, then connect to the database by using password encryption. Because of large number of users, rich data types, and a large amount of data in the system, a “role mechanism” is used to effectively manage authorities.
For security of end users, security policies must be developed for end users. The database has a certain scale. Security managers determine user group classification, create user roles for these user groups, grant required authorities and application roles to each user role, and assign an appropriate user role for each user. When dealing with special application requirements, security managers also must explicitly grant specific permission requirements to the user.
184.108.40.206.2 Security policies for database managers
After the database is created, immediately change the password of the user with management authorities to prevent illegal users’ access to the database; protect the connection of the administrator with database; and use roles to manage the authority of the administrator.
220.127.116.11.3 Security policies for application developers
Authorities for application developers: Database application developers are the unique database users who need special authorities to complete their work. However, only some special system authorities are granted to developers to limit their operation of the database. Application developers should not compete with end users for database resources and should not harm other applications for database.
18.104.22.168 Audit function
Audit function is a very important security measure, which is used to monitor the actions applied by users on the database. There are two ways of audit, namely user audit and system audit. During user audit, an audit system records all attempts to access their own tables or views (including successful and unsuccessful accesses, the user name, time, operation code of each operation, and other information). Such information is generally recorded in a system table, and by using the information, users can carry out audit analysis. System audit is carried out by the system administrator, and it mainly involves the Level 1 commands of the system and the use of the database.
22.214.171.124 Database backup
Hardware redundancy at any degree cannot completely guarantee single-point data security, so do RAID technology and mirror technology; and even dual machine backup cannot replace the importance of data backup. Remote backup of data is very effective and important when the client computer application system encounters a single point emergency or natural disaster. Good backup strategies and tools cannot only improve the degree of backup automation but also well recover data after they are destroyed.
The system adopts a backup plan, which combines complete backup and difference backup. Difference backup is performed every 12 hours; complete backup, every 7 days; offsite data backup, once a month.
5.1.3 Application safety design
126.96.36.199 Application server
The application-level security measures provided by a Web application server include SSL support (SSL protocol), authentication strategies (a group of strategies for user identity which provide view access network resource), authority strategy (providing the range of network resource accessed by a user or a user group and the definition of authorities), authorization policy (providing an authorization policy to make user temporarily access specific network resources after authorization), and secure API (providing a unified API for all security features).
188.8.131.52 Application service
According to system features, an enhanced, targeted security guarantee mechanism is provided, which includes program interface security, system login security, user role control security, input data security inspection, application system database access security, and the security strategies to prevent online password from being stolen.
According to role division, the system is divided into two roles: system administrator and system user.
The system administrator manages the users and authorities in the whole system.
All system users can use this system according to their authority assigned by the system administrator.
184.108.40.206 System monitoring and log
In addition to the use of security technology to ensure the security of the system, the system also uses system monitoring, log management, and other ways to ensure safe operation of the system. A good security monitoring function can greatly improve the overall security of the system so as to detect and eliminate security risks as soon as possible. By using a WWW server, a database server system, the system provides monitoring log for application access to understand who have visited the system, which services have been used, and whether there is someone trying to attack the system or violate the restrictions of the system.
5.2 Operation and maintenance
5.2.1 Operating environment
220.127.116.11 Hardware device
In order to obtain good operation effect, the hardware for operating this system should be up to the following standard:
CPU: above Intel Core i3
Internal memory: above 4G
Hard disk: above 320G
Graphics card: above 1G
CPU: above Intel Core i3
Internal memory: above 4G
Hard disk: above 500G.
Graphics card: above 1G
Note: the available space of the server hard disk is above 500G due to large amount of data in the database. If the amount of file data in the database is too large, the database should be backed up at intervals.
18.104.22.168 Support software
Operating system: Windows7 32-bit OS
Operating platform: .Net framework 4.0, Visual Studio, SQL, ArcGIS
5.2.2 System maintenance
In order to ensure normal operation of the platform, it is necessary to establish an efficient information system operation and maintenance mechanism, implement a responsibility system, and improve the level of operation and maintenance of the information system; improve the capacity and methods of monitoring and emergency response of the information system to ensure safe and stable operation of the information system; establish perfect system operation and maintenance methods and include operation and maintenance outlays of information system into departmental budget.
This chapter designs and develops an emergency management system of sudden water pollution with complete functions for the middle route under MRP depending on engineering characteristics, management department demands, and the emergency response procedures for sudden water pollution and through the integration of simulation model, traceability model, and control model. The system is deployed in each management department of the project, providing technical support for the management to scientifically cope with sudden water pollution events that may occur in the normal water supply process of the middle route.