CN101843033A - 针对自动化网络的实时通信安全性 - Google Patents
针对自动化网络的实时通信安全性 Download PDFInfo
- Publication number
- CN101843033A CN101843033A CN200780101292A CN200780101292A CN101843033A CN 101843033 A CN101843033 A CN 101843033A CN 200780101292 A CN200780101292 A CN 200780101292A CN 200780101292 A CN200780101292 A CN 200780101292A CN 101843033 A CN101843033 A CN 101843033A
- Authority
- CN
- China
- Prior art keywords
- module
- key
- fail safe
- communication
- plug
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 89
- 238000000034 method Methods 0.000 claims abstract description 20
- 230000005540 biological transmission Effects 0.000 claims abstract description 10
- 238000005516 engineering process Methods 0.000 claims abstract description 10
- 230000007774 longterm Effects 0.000 claims description 9
- 230000007246 mechanism Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 5
- 230000000712 assembly Effects 0.000 claims description 4
- 238000000429 assembly Methods 0.000 claims description 4
- 238000004519 manufacturing process Methods 0.000 claims description 4
- 238000003860 storage Methods 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 2
- 230000004913 activation Effects 0.000 claims 3
- 238000004886 process control Methods 0.000 claims 3
- 239000000758 substrate Substances 0.000 claims 2
- VIEYMVWPECAOCY-UHFFFAOYSA-N 7-amino-4-(chloromethyl)chromen-2-one Chemical compound ClCC1=CC(=O)OC2=CC(N)=CC=C21 VIEYMVWPECAOCY-UHFFFAOYSA-N 0.000 claims 1
- 101100217298 Mus musculus Aspm gene Proteins 0.000 claims 1
- 241001441724 Tetraodontidae Species 0.000 claims 1
- 230000005465 channeling Effects 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 5
- 230000004044 response Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 230000035945 sensitivity Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 235000008331 Pinus X rigitaeda Nutrition 0.000 description 1
- 235000011613 Pinus brutia Nutrition 0.000 description 1
- 241000018646 Pinus brutia Species 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4604—LAN interconnection over a backbone network, e.g. Internet, Frame Relay
- H04L12/462—LAN interconnection over a bridge based backbone
- H04L12/4625—Single bridge functionality, e.g. connection of two networks over a single bridge
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/065—Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/4026—Bus for use in automation systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (27)
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/IB2007/002497 WO2009027756A2 (en) | 2007-08-28 | 2007-08-28 | Real-time communication security for automation networks |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101843033A true CN101843033A (zh) | 2010-09-22 |
CN101843033B CN101843033B (zh) | 2013-11-13 |
Family
ID=40387931
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2007801012926A Active CN101843033B (zh) | 2007-08-28 | 2007-08-28 | 针对自动化网络的实时通信安全性 |
Country Status (4)
Country | Link |
---|---|
US (1) | US9300467B2 (zh) |
EP (1) | EP2186251B1 (zh) |
CN (1) | CN101843033B (zh) |
WO (1) | WO2009027756A2 (zh) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104951303A (zh) * | 2014-03-28 | 2015-09-30 | Abb技术股份公司 | 用于管理和配置自动化设施的现场设备的方法和装置 |
CN105897713A (zh) * | 2016-04-11 | 2016-08-24 | 福州华鹰重工机械有限公司 | 车际通信系统安全协议设计方法及装置 |
CN109491712A (zh) * | 2018-11-01 | 2019-03-19 | 北京京航计算通讯研究所 | 一种适用于VxWorks环境的可信引导方法 |
CN111859472A (zh) * | 2014-12-19 | 2020-10-30 | 英特尔公司 | 用于片上系统平台的安全插件 |
CN113282059A (zh) * | 2020-02-03 | 2021-08-20 | 罗克韦尔自动化技术公司 | 用于智能电气设备的自动配置的系统和方法 |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8447039B2 (en) * | 2007-09-26 | 2013-05-21 | Cisco Technology, Inc. | Active-active hierarchical key servers |
ATE534211T1 (de) * | 2008-06-26 | 2011-12-15 | Abb Research Ltd | Konfigurierung eines intelligenten elektronischen geräts |
DE102009055247A1 (de) * | 2009-12-23 | 2011-06-30 | Endress + Hauser Conducta Gesellschaft für Mess- und Regeltechnik mbH + Co. KG, 70839 | Anordnung mit einer übergeordneten Steuereinheit und zumindest einem mit der Steuereinheit verbindbaren intelligenten Feldgerät |
US8819855B2 (en) * | 2012-09-10 | 2014-08-26 | Mdi Security, Llc | System and method for deploying handheld devices to secure an area |
US8924899B2 (en) | 2013-05-23 | 2014-12-30 | Daniel Jakob Seidner | System and method for universal control of electronic devices |
CN103414625A (zh) * | 2013-06-14 | 2013-11-27 | 无锡拓能自动化科技有限公司 | 一种基于Modbus Tcp的以太网IO模块 |
CN104539573B (zh) * | 2014-10-30 | 2018-07-27 | 北京科技大学 | 一种基于嵌入式系统的工业安全网关的通信方法及装置 |
US20180219695A1 (en) * | 2017-01-30 | 2018-08-02 | Brightswitch, Inc. | System and method for distributed home automation control |
US10802834B2 (en) * | 2018-06-11 | 2020-10-13 | Google Llc | Enabling multiple secure boot paths on a hardware platform |
KR20200034020A (ko) | 2018-09-12 | 2020-03-31 | 삼성전자주식회사 | 전자 장치 및 그의 제어 방법 |
KR102198178B1 (ko) * | 2018-10-31 | 2021-01-04 | 상명대학교 천안산학협력단 | 블록체인을 이용한 세션키 수립 방법 |
Family Cites Families (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5325432A (en) * | 1993-02-04 | 1994-06-28 | Motorola, Inc. | Method for updating encryption key information in communication units |
EP1050991A1 (en) * | 1999-04-27 | 2000-11-08 | Sientescom Developments Limited | A dynamic validation system |
US6760752B1 (en) * | 1999-06-28 | 2004-07-06 | Zix Corporation | Secure transmission system |
US6269349B1 (en) * | 1999-09-21 | 2001-07-31 | A6B2, Inc. | Systems and methods for protecting private information |
US6999996B2 (en) * | 2000-03-14 | 2006-02-14 | Hussmann Corporation | Communication network and method of communicating data on the same |
FR2841075B1 (fr) * | 2002-06-13 | 2004-12-24 | Systemig Sa | Dispositif de controle et/ou de surveillance utilisant au moins un controleur de transmission |
US7636840B2 (en) * | 2002-07-10 | 2009-12-22 | Dresser, Inc. | Secure communications and control in a fueling environment |
DE10305413B4 (de) * | 2003-02-06 | 2006-04-20 | Innominate Security Technologies Ag | Verfahren und Anordnung zur transparenten Vermittlung des Datenverkehrs zwischen Datenverarbeitungseinrichtungen sowie ein entsprechendes Computerprogramm und ein entsprechendes computerlesbares Speichermedium |
US20040176877A1 (en) * | 2003-03-05 | 2004-09-09 | Scott Hesse | Building automation system and method |
US7508801B1 (en) * | 2003-03-21 | 2009-03-24 | Cisco Systems, Inc. | Light-weight access point protocol |
CN1309208C (zh) * | 2003-05-23 | 2007-04-04 | 联想(北京)有限公司 | 一种计算机网络的网络安全系统及其控制方法 |
US20050010649A1 (en) * | 2003-06-30 | 2005-01-13 | Ray Payne | Integrated security suite architecture and system software/hardware |
DE10331307A1 (de) * | 2003-07-10 | 2005-02-10 | Siemens Ag | Vorrichtung und Verfahren sowie Sicherheitsmodul zur Sicherung eines Datenzugriffs eines Kommunikationsteilnehmers auf mindestens eine Automatisierungskomponente eines Automatisierungssystems |
US7421578B1 (en) * | 2003-07-22 | 2008-09-02 | Cisco Technology, Inc. | Method and apparatus for electing a leader node in a computer network |
US7725933B2 (en) * | 2003-10-07 | 2010-05-25 | Koolspan, Inc. | Automatic hardware-enabled virtual private network system |
WO2005057341A2 (en) * | 2003-12-02 | 2005-06-23 | Koolspan, Inc. | Automatic hardware-enabled virtual private network system |
US20060136575A1 (en) * | 2004-05-11 | 2006-06-22 | Ray Payne | Integrated security suite architecture and system software/hardware |
US8379864B2 (en) * | 2004-07-09 | 2013-02-19 | Nokia Corporation | Software plug-in framework to modify decryption methods in terminals |
US7530113B2 (en) * | 2004-07-29 | 2009-05-05 | Rockwell Automation Technologies, Inc. | Security system and method for an industrial automation system |
US7370202B2 (en) * | 2004-11-02 | 2008-05-06 | Voltage Security, Inc. | Security device for cryptographic communications |
US7990967B2 (en) | 2005-01-06 | 2011-08-02 | Rockwell Automation Technologies, Inc. | Firewall method and apparatus for industrial systems |
US7562211B2 (en) * | 2005-10-27 | 2009-07-14 | Microsoft Corporation | Inspecting encrypted communications with end-to-end integrity |
US7890612B2 (en) * | 2006-05-08 | 2011-02-15 | Electro Guard Corp. | Method and apparatus for regulating data flow between a communications device and a network |
US8942219B2 (en) * | 2007-04-13 | 2015-01-27 | Hart Communication Foundation | Support for network management and device communications in a wireless network |
US8266286B2 (en) * | 2007-06-05 | 2012-09-11 | Cisco Technology, Inc. | Dynamic key management server discovery |
-
2007
- 2007-08-28 CN CN2007801012926A patent/CN101843033B/zh active Active
- 2007-08-28 WO PCT/IB2007/002497 patent/WO2009027756A2/en active Application Filing
- 2007-08-28 EP EP07825036.2A patent/EP2186251B1/en active Active
-
2010
- 2010-02-26 US US12/713,779 patent/US9300467B2/en active Active
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104951303A (zh) * | 2014-03-28 | 2015-09-30 | Abb技术股份公司 | 用于管理和配置自动化设施的现场设备的方法和装置 |
CN111859472A (zh) * | 2014-12-19 | 2020-10-30 | 英特尔公司 | 用于片上系统平台的安全插件 |
CN111859472B (zh) * | 2014-12-19 | 2024-01-16 | 英特尔公司 | 用于片上系统平台的安全插件 |
CN105897713A (zh) * | 2016-04-11 | 2016-08-24 | 福州华鹰重工机械有限公司 | 车际通信系统安全协议设计方法及装置 |
CN109491712A (zh) * | 2018-11-01 | 2019-03-19 | 北京京航计算通讯研究所 | 一种适用于VxWorks环境的可信引导方法 |
CN109491712B (zh) * | 2018-11-01 | 2021-09-10 | 北京京航计算通讯研究所 | 一种适用于VxWorks环境的可信引导方法 |
CN113282059A (zh) * | 2020-02-03 | 2021-08-20 | 罗克韦尔自动化技术公司 | 用于智能电气设备的自动配置的系统和方法 |
CN113282059B (zh) * | 2020-02-03 | 2024-01-30 | 罗克韦尔自动化技术公司 | 用于智能电气设备的自动配置的系统和方法 |
Also Published As
Publication number | Publication date |
---|---|
WO2009027756A2 (en) | 2009-03-05 |
EP2186251A4 (en) | 2012-02-08 |
US9300467B2 (en) | 2016-03-29 |
CN101843033B (zh) | 2013-11-13 |
US20100217967A1 (en) | 2010-08-26 |
EP2186251A2 (en) | 2010-05-19 |
WO2009027756A3 (en) | 2009-09-17 |
EP2186251B1 (en) | 2019-10-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101843033A (zh) | 针对自动化网络的实时通信安全性 | |
US11977622B2 (en) | Authentication between industrial elements in an industrial control system | |
CN107976972B (zh) | 安全的过程控制通信 | |
US9710984B2 (en) | Method for the authentication of at least one first unit on at least one second unit | |
Dawson et al. | SKMA-A key management architecture for SCADA systems | |
CN101300806B (zh) | 用于处理安全传输的系统和方法 | |
CN100392626C (zh) | 网络化设备的访问和控制系统 | |
CN101631080B (zh) | 基于epa协议的工业以太网交换机和报文转发方法 | |
DK3245775T3 (en) | One-way switching device with sub-question device for retroactive transmission of data | |
EP3687108A1 (en) | Industrial control system redundant communications/control modules authentication | |
WO2003107155A1 (en) | Dongle for a secured data communications network | |
CN101836422A (zh) | 具有增强的安全级别的双向网关 | |
CN102984045A (zh) | 虚拟专用网的接入方法及虚拟专用网客户端 | |
CN102761494A (zh) | 一种ike协商处理方法及装置 | |
EP1665725B1 (en) | Remote ipsec security association management | |
Niemann | IT security extensions for PROFINET | |
CN112015457A (zh) | 软件更新机制 | |
CN110120866B (zh) | 现场设备的用户管理方法 | |
US20230359642A1 (en) | Method, devices and system for data exchange between a distributed database system and devices | |
Åkerberg et al. | Introducing security modules in profinet io | |
Sveda et al. | Design of networked embedded systems: An approach for safety and security | |
CN102148704A (zh) | 一种加密型交换机通用网管接口的软件实现方法 | |
Sveda et al. | Dependability-driven Embedded Systems Networking | |
Adalier et al. | Cross-domain Autonomous Communication Protocol for Delay Tolerant Networks | |
DE102020004128A1 (de) | Kryptographisches Verfahren zum sicheren und autorisierten Anmelden und Authentifizieren von Geräten in einem Netzwerk, unter Verwendung von Geheimnissen und durch den Austausch geheimer Schlüssel |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20191128 Address after: Baden, Switzerland Patentee after: ABB Switzerland Co.,Ltd. Address before: Zurich Patentee before: ABB RESEARCH Ltd. |
|
TR01 | Transfer of patent right |
Effective date of registration: 20210705 Address after: Baden, Switzerland Patentee after: ABB grid Switzerland AG Address before: Baden, Switzerland Patentee before: ABB Switzerland Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
CP01 | Change in the name or title of a patent holder |
Address after: Swiss Baden Patentee after: Hitachi energy Switzerland AG Address before: Swiss Baden Patentee before: ABB grid Switzerland AG |
|
CP01 | Change in the name or title of a patent holder | ||
TR01 | Transfer of patent right |
Effective date of registration: 20231231 Address after: Zurich, SUI Patentee after: Hitachi Energy Co.,Ltd. Address before: Swiss Baden Patentee before: Hitachi energy Switzerland AG |
|
TR01 | Transfer of patent right |