CN106168757B - 工厂安全系统中的可配置鲁棒性代理 - Google Patents

工厂安全系统中的可配置鲁棒性代理 Download PDF

Info

Publication number
CN106168757B
CN106168757B CN201610339856.0A CN201610339856A CN106168757B CN 106168757 B CN106168757 B CN 106168757B CN 201610339856 A CN201610339856 A CN 201610339856A CN 106168757 B CN106168757 B CN 106168757B
Authority
CN
China
Prior art keywords
message
messages
network
module
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610339856.0A
Other languages
English (en)
Chinese (zh)
Other versions
CN106168757A (zh
Inventor
V·S·拉亚佩塔
J·B·佩先斯基
W·E·贝内特
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fisher Rosemount Systems Inc
Original Assignee
Fisher Rosemount Systems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fisher Rosemount Systems Inc filed Critical Fisher Rosemount Systems Inc
Publication of CN106168757A publication Critical patent/CN106168757A/zh
Application granted granted Critical
Publication of CN106168757B publication Critical patent/CN106168757B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B13/00Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion
    • G05B13/02Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric
    • G05B13/04Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric involving the use of models or simulators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • G05B19/4185Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication
    • G05B19/41855Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication by local area network [LAN], network structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Physics & Mathematics (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Manufacturing & Machinery (AREA)
  • Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Quality & Reliability (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Testing And Monitoring For Control Systems (AREA)
CN201610339856.0A 2015-05-22 2016-05-20 工厂安全系统中的可配置鲁棒性代理 Active CN106168757B (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14/719,946 US11363035B2 (en) 2015-05-22 2015-05-22 Configurable robustness agent in a plant security system
US14/719,946 2015-05-22

Publications (2)

Publication Number Publication Date
CN106168757A CN106168757A (zh) 2016-11-30
CN106168757B true CN106168757B (zh) 2022-03-18

Family

ID=56297397

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610339856.0A Active CN106168757B (zh) 2015-05-22 2016-05-20 工厂安全系统中的可配置鲁棒性代理

Country Status (5)

Country Link
US (1) US11363035B2 (enExample)
JP (1) JP6923265B2 (enExample)
CN (1) CN106168757B (enExample)
DE (1) DE102016109358B4 (enExample)
GB (1) GB2541493B (enExample)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6759572B2 (ja) 2015-12-15 2020-09-23 横河電機株式会社 統合生産システム
JP6693114B2 (ja) * 2015-12-15 2020-05-13 横河電機株式会社 制御装置及び統合生産システム
JP6613200B2 (ja) * 2016-04-18 2019-11-27 ファナック株式会社 生産管理装置からの指令に応じて製造セルを制御するセル制御装置
US10523635B2 (en) * 2016-06-17 2019-12-31 Assured Information Security, Inc. Filtering outbound network traffic
US20180083972A1 (en) * 2016-09-20 2018-03-22 Lg Electronics Inc. Method and apparatus for security configuration in wireless communication system
US10936955B1 (en) 2017-01-13 2021-03-02 Amazon Technologies, Inc. Computationally and network bandwidth-efficient technique to determine network-accessible content changes based on computed models
US10050987B1 (en) * 2017-03-28 2018-08-14 Symantec Corporation Real-time anomaly detection in a network using state transitions
US10951503B1 (en) 2017-04-21 2021-03-16 Amazon Technologies, Inc. Determining the validity of data collected by experiments performed at a network accessible site
US10185970B1 (en) * 2017-04-21 2019-01-22 Amazon Technologies, Inc. Determining a run time for experiments performed at a network accessible site
US10992652B2 (en) 2017-08-25 2021-04-27 Keysight Technologies Singapore (Sales) Pte. Ltd. Methods, systems, and computer readable media for monitoring encrypted network traffic flows
US10903985B2 (en) 2017-08-25 2021-01-26 Keysight Technologies Singapore (Sales) Pte. Ltd. Monitoring encrypted network traffic flows in a virtual environment using dynamic session key acquisition techniques
US11750623B2 (en) * 2017-09-04 2023-09-05 ITsMine Ltd. System and method for conducting a detailed computerized surveillance in a computerized environment
US10673871B2 (en) * 2017-10-04 2020-06-02 New Context Services, Inc. Autonomous edge device for monitoring and threat detection
US11184452B2 (en) * 2017-10-13 2021-11-23 Yokogawa Electric Corporation System and method for selecting proxy computer
US11113425B2 (en) 2018-01-17 2021-09-07 Crowd Strike, Inc. Security component for devices on an enumerated bus
CN110166343A (zh) * 2018-02-13 2019-08-23 贵州白山云科技股份有限公司 一种消息网关分发消息的方法及其消息网关
US11030413B2 (en) * 2018-06-27 2021-06-08 International Business Machines Corporation Recommending message wording based on analysis of prior group usage
US11463407B2 (en) * 2018-07-13 2022-10-04 Raytheon Company Policy engine for cyber anomaly detection
US10893030B2 (en) 2018-08-10 2021-01-12 Keysight Technologies, Inc. Methods, systems, and computer readable media for implementing bandwidth limitations on specific application traffic at a proxy element
US11768878B2 (en) * 2019-09-20 2023-09-26 Fisher-Rosemount Systems, Inc. Search results display in a process control system
US11768877B2 (en) * 2019-09-20 2023-09-26 Fisher-Rosemount Systems, Inc. Smart search capabilities in a process control system
US12160406B2 (en) * 2019-09-23 2024-12-03 Fisher-Rosemount Systems, Inc. Whitelisting for HART communications in a process control system
US11190417B2 (en) * 2020-02-04 2021-11-30 Keysight Technologies, Inc. Methods, systems, and computer readable media for processing network flow metadata at a network packet broker
US11424865B2 (en) * 2020-12-10 2022-08-23 Fisher-Rosemount Systems, Inc. Variable-level integrity checks for communications in process control environments
US11882013B2 (en) * 2021-08-18 2024-01-23 Hewlett Packard Enterprise Development Lp Network traffic monitoring for anomalous behavior detection
US12477364B2 (en) 2022-10-13 2025-11-18 T-Mobile Usa, Inc. Monitoring operation of multiple components associated with a wireless telecommunication network

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564508A (zh) * 2004-03-22 2005-01-12 西安电子科技大学 宽带无线ip网络匿名连接方法
CN103117993A (zh) * 2011-09-28 2013-05-22 费希尔-罗斯蒙特系统公司 用于提供过程控制系统的防火墙的方法、装置及制品
CN103430488A (zh) * 2010-11-05 2013-12-04 马克·卡明斯 编排无线网络运营
CN103493061A (zh) * 2011-02-15 2014-01-01 普瑞维克斯有限公司 用于应对恶意软件的方法和装置
CN103701824A (zh) * 2013-12-31 2014-04-02 大连环宇移动科技有限公司 一种安全隔离管控系统
CN104539625A (zh) * 2015-01-09 2015-04-22 江苏理工学院 一种基于软件定义的网络安全防御系统及其工作方法
CN104579784A (zh) * 2015-01-15 2015-04-29 珠海市鸿瑞信息技术有限公司 基于多维虚链路的电力工业控制系统网络管理方法

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020107953A1 (en) 2001-01-16 2002-08-08 Mark Ontiveros Method and device for monitoring data traffic and preventing unauthorized access to a network
US7743158B2 (en) 2002-12-04 2010-06-22 Ntt Docomo, Inc. Access network dynamic firewall
EP1544707A1 (en) * 2003-12-15 2005-06-22 Abb Research Ltd. Network security system
US8224902B1 (en) * 2004-02-04 2012-07-17 At&T Intellectual Property Ii, L.P. Method and apparatus for selective email processing
KR100609170B1 (ko) 2004-02-13 2006-08-02 엘지엔시스(주) 네트워크 보안 시스템 및 그 동작 방법
US7617531B1 (en) * 2004-02-18 2009-11-10 Citrix Systems, Inc. Inferencing data types of message components
US7774834B1 (en) * 2004-02-18 2010-08-10 Citrix Systems, Inc. Rule generalization for web application entry point modeling
US7890996B1 (en) * 2004-02-18 2011-02-15 Teros, Inc. Using statistical analysis to generate exception rules that allow legitimate messages to pass through application proxies and gateways
US8214438B2 (en) * 2004-03-01 2012-07-03 Microsoft Corporation (More) advanced spam detection features
JP4829223B2 (ja) 2004-05-25 2011-12-07 グーグル インコーポレイテッド 電子メッセージソース評判情報システム
US7607166B2 (en) 2004-07-12 2009-10-20 Cisco Technology, Inc. Secure manufacturing devices in a switched Ethernet network
US7343624B1 (en) 2004-07-13 2008-03-11 Sonicwall, Inc. Managing infectious messages as identified by an attachment
JP2006060306A (ja) 2004-08-17 2006-03-02 Nec Corp パケットフィルタリング方法およびパケットフィルタ装置
WO2006119506A2 (en) 2005-05-05 2006-11-09 Ironport Systems, Inc. Method of validating requests for sender reputation information
US8458262B2 (en) * 2006-12-22 2013-06-04 At&T Mobility Ii Llc Filtering spam messages across a communication network
JP2008278357A (ja) 2007-05-02 2008-11-13 Ionos:Kk 通信回線切断装置
US7814163B2 (en) * 2008-01-03 2010-10-12 Apple Inc. Text-based communication control for personal communication device
RU2487483C2 (ru) * 2008-03-10 2013-07-10 Роберт Бош Гмбх Способ и фильтрующее устройство для фильтрации сообщений, поступающих абоненту коммуникационной сети по последовательной шине данных этой сети
US8737398B2 (en) 2008-12-31 2014-05-27 Schneider Electric USA, Inc. Communication module with network isolation and communication filter
US8874663B2 (en) * 2009-08-28 2014-10-28 Facebook, Inc. Comparing similarity between documents for filtering unwanted documents
US9047441B2 (en) 2011-05-24 2015-06-02 Palo Alto Networks, Inc. Malware analysis system
US9282113B2 (en) 2013-06-27 2016-03-08 Cellco Partnership Denial of service (DoS) attack detection systems and methods
JP2014123996A (ja) 2014-04-02 2014-07-03 Mitsubishi Electric Corp ネットワーク監視装置及びプログラム
US10333877B2 (en) * 2014-04-29 2019-06-25 At&T Intellectual Property I, L.P. Methods of generating signatures from groups of electronic messages and related methods and systems for identifying spam messages

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564508A (zh) * 2004-03-22 2005-01-12 西安电子科技大学 宽带无线ip网络匿名连接方法
CN103430488A (zh) * 2010-11-05 2013-12-04 马克·卡明斯 编排无线网络运营
CN103493061A (zh) * 2011-02-15 2014-01-01 普瑞维克斯有限公司 用于应对恶意软件的方法和装置
CN103117993A (zh) * 2011-09-28 2013-05-22 费希尔-罗斯蒙特系统公司 用于提供过程控制系统的防火墙的方法、装置及制品
CN103701824A (zh) * 2013-12-31 2014-04-02 大连环宇移动科技有限公司 一种安全隔离管控系统
CN104539625A (zh) * 2015-01-09 2015-04-22 江苏理工学院 一种基于软件定义的网络安全防御系统及其工作方法
CN104579784A (zh) * 2015-01-15 2015-04-29 珠海市鸿瑞信息技术有限公司 基于多维虚链路的电力工业控制系统网络管理方法

Also Published As

Publication number Publication date
JP6923265B2 (ja) 2021-08-18
US11363035B2 (en) 2022-06-14
US20160344754A1 (en) 2016-11-24
GB2541493A (en) 2017-02-22
JP2016220213A (ja) 2016-12-22
DE102016109358B4 (de) 2025-05-22
GB201608102D0 (en) 2016-06-22
CN106168757A (zh) 2016-11-30
GB2541493B (en) 2022-04-13
DE102016109358A1 (de) 2016-11-24

Similar Documents

Publication Publication Date Title
CN106168757B (zh) 工厂安全系统中的可配置鲁棒性代理
CN105939334B (zh) 工业通信网络中的异常检测
US11818098B2 (en) Security system, device, and method for protecting control systems
US8949668B2 (en) Methods and systems for use in identifying abnormal behavior in a control system including independent comparisons to user policies and an event correlation model
KR101977731B1 (ko) 제어 시스템의 이상 징후 탐지 장치 및 방법
Flaus Cybersecurity of industrial systems
EP2866407A1 (en) Protection of automated control systems
US10530749B1 (en) Security system, device, and method for operational technology networks
EP2767057B1 (en) Process installation network intrusion detection and prevention
CN105981079A (zh) 网络保护
KR102232078B1 (ko) 부정 침입 방지 장치, 부정 침입 방지 방법 및 부정 침입 방지 프로그램
Januário et al. Security challenges in SCADA systems over Wireless Sensor and Actuator Networks
Corbò et al. Smart behavioural filter for industrial internet of things: A security extension for plc
IL259472A (en) Anomaly detection system and method
US20240430232A1 (en) Security system, device, and method for protecting control systems
WO2023039676A1 (en) Methods and systems for assessing and enhancing cybersecurity of a network
Colelli et al. Securing connection between IT and OT: the Fog Intrusion Detection System prospective
CN114600424B (zh) 用于过滤数据流量的安全系统、方法和计算机可读存储介质
EP3704618B1 (en) Cyber security system for networked devices
Goltz Securing Building Automation Systems
US20250063365A1 (en) Modular edge network security
Krimmling et al. 18 Intrusion Detection Systems for (Wireless) Automation Systems
Karthika et al. Safeguarding Scada Network by Captious State Based Filter
CN117255994A (zh) 关键基础设施中控制系统的自动防火墙配置
Kumar et al. ANALYSIS OF SECURITY SOLUTIONS FOR INDUSTRIAL CONTROL SYSTEMS

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant