EP1711870A1 - Method for encoding data in a network used in process automation systems - Google Patents

Method for encoding data in a network used in process automation systems

Info

Publication number
EP1711870A1
EP1711870A1 EP04804867A EP04804867A EP1711870A1 EP 1711870 A1 EP1711870 A1 EP 1711870A1 EP 04804867 A EP04804867 A EP 04804867A EP 04804867 A EP04804867 A EP 04804867A EP 1711870 A1 EP1711870 A1 EP 1711870A1
Authority
EP
European Patent Office
Prior art keywords
data
process automation
software module
dtm
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP04804867A
Other languages
German (de)
French (fr)
Inventor
Martin Gehrke
Detlev Wittmer
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Endress and Hauser Conducta GmbH and Co KG
Original Assignee
Endress and Hauser Conducta Gesellschaft fuer Mess und Regeltechnik mbH and Co KG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Endress and Hauser Conducta Gesellschaft fuer Mess und Regeltechnik mbH and Co KG filed Critical Endress and Hauser Conducta Gesellschaft fuer Mess und Regeltechnik mbH and Co KG
Publication of EP1711870A1 publication Critical patent/EP1711870A1/en
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/24Pc safety
    • G05B2219/24167Encryption, password, user access privileges

Definitions

  • the invention relates to a method for encrypting data in a network of process automation technology.
  • field devices are used in many cases, which serve to record and / or influence process variables.
  • Examples of such field devices are level measuring devices, mass flow measuring devices, pressure and temperature measuring devices, pH redox potential measuring devices, conductivity measuring devices, etc., which as sensors detect the corresponding process variables level, flow, pressure, temperature, pH value or conductivity value.
  • So-called remote I / Os are also referred to as field devices.
  • actuators are used to influence process variables, e.g. B. valves that control the flow of a liquid in a pipe section or pumps that change the level in a container.
  • Field devices are often via a fieldbus (Profibus®, Foundation®-Fieldbus, HART® etc.) with higher-level units, for. B. control systems or control units connected. These higher-level units are used for process control, process visualization, process monitoring and for operating the field devices.
  • Profilebus® Foundation®-Fieldbus, HART® etc.
  • Device manufacturers have therefore recently been supplying device drivers to their field devices, e.g. B. DTMs (Device Type Managers), which encapsulate all data and functions of the respective field device and at the same time provide a graphical user interface supply.
  • B. DTMs Device Type Managers
  • the device drivers require a frame application as runtime environment. They enable access to various data of the field devices (e.g. device parameters, measured values, diagnostic information, status information, etc.).
  • the object of the invention is therefore a method for encrypting data in a network of process automation technology which can be carried out simply and inexpensively.
  • the essential idea of the invention is that the data which are exchanged via a communication network of the process automation technology are to be encrypted in the control unit with the aid of a separate exchangeable software module.
  • the software module is designed as a DTM (de vice type manager) in accordance with the FDT specifications. This makes it easy to integrate the software module into known FDT frame applications (PACTware®, FieldCare® etc.).
  • the FDT specifications which are considered to be the industry standard, were developed by the PNO Profibus® user organization in cooperation with the ZVEI (Central Association for the Electrical and Electronics Industries).
  • the current FDT specification 1.2 is available from the ZVEI.
  • FIG. 1 A communication network of process automation technology is shown in more detail in FIG. 1.
  • Several computer units workstations
  • WS1, WS2 are connected to a data bus D1.
  • These computer units serve as higher-level units (control system or control unit) for process visualization, process monitoring and for engineering, as well as for operating and monitoring field devices.
  • the data bus Dl works e.g. B. according to the Profibus® DP standard or the HSE (High Speed Ethernet) standard of the Foundation® Fieldbus.
  • the data bus D1 is connected to a fieldbus segment SM1 via a gateway 1, which is also referred to as a linking device or a segment coupler.
  • the fieldbus segment SM1 consists of several field devices FI, F2, F3, F4 which are connected to one another via a fieldbus FB.
  • the field devices FI, F2, F3, F4 can be sensors or actuators.
  • the fieldbus FB works according to one of the well-known fieldbus standards Profibus, Foundation Fieldbus or HART
  • the operating program which runs on one of the control units WS 1, WS2 or on the operating unit BE is shown schematically in FIG. 2.
  • the operating program can be the operating software PACTware (PACTware Consortium e.V.) or FieldCare® (company Endress + Hauser®), both of which require the Microsoft Windows®, 98NT, 2000 operating system and which serve as an FDT frame application.
  • the FDT frame application is especially responsible for the administration of the DTMs in a project database for the communication to the bus systems, for the administration of the device catalog, as well as for the administration of the users and the access rights etc.
  • a device DTM DTM-Fl In the FDT frame application, a device DTM DTM-Fl, an encryption DTM V and a communication DTM CommDTM run.
  • the device DTM DTM-Fl which is also referred to as the device driver, encapsulates the data and functions of the field device FI and requires the FDT as runtime environment Frame application. With the help of this DTM, cross-device and manufacturer-independent operation of the field device FI is possible. In particular, the DTM-Fl allows access to device parameters, device configuration, retrieval of diagnostic data and status information via a manufacturer-specific graphical user interface.
  • the FDT concept is based on the fact that different field devices DTMs from different manufacturers can be bound in a FDT frame application in a simple manner.
  • connection is made via a bus connection BA, the data bus D1, the gateway G1, the fieldbus FB to the field device FI.
  • the data that are exchanged between the operating program and the field device FI are encrypted.
  • Parameters can be changed in the field device FI via the encapsulated functions of the device DTM DTM-Fl.
  • the data required for this are encrypted in the encryption DTM V with an appropriate algorithm and transmitted to the field device FI via the data bus D1 and the fieldbus FB.
  • the data is decrypted in the FI field device and the corresponding commands are executed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Testing And Monitoring For Control Systems (AREA)
  • Programmable Controllers (AREA)

Abstract

The invention relates to a method for encoding data in a network used in process automation systems. According to said method, the data is encoded in a separately replaceable software module, in a control unit connected to the network.

Description

Beschreibung Verfahren zum Verschlüsseln von Daten in einem Netzwerlώer Pro- zessautomatisierungstechnik Description Method for encrypting data in a network process automation technology
[001] Die Erfindung betrifft ein Verfahren zum Verschlüsseln von Daten in einem Netzwerk der Prozessautomatisierungstechnik.The invention relates to a method for encrypting data in a network of process automation technology.
[002] In der Prozessautomatisierungstechnik werden vielfach Feldgeräte eingesetzt, die zur Erfassung und / oder Beeinflussung von Prozessvariablen dienen. Beispiele für derartige Feldgeräte sind Füllstandsmessgeräte, Massendurchflussmessgeräte, Druck- und Temperaturmessgeräte, pH-Redoxpotential- Messgeräte, Leitfähigkeitsmessgeräte etc., die als Sensoren die entsprechenden Prozessvariablen Füllstand, Durchfluss, Druck, Temperatur, pH- Wert bzw. Leitfähigkeitswert erfassen.[002] In process automation technology, field devices are used in many cases, which serve to record and / or influence process variables. Examples of such field devices are level measuring devices, mass flow measuring devices, pressure and temperature measuring devices, pH redox potential measuring devices, conductivity measuring devices, etc., which as sensors detect the corresponding process variables level, flow, pressure, temperature, pH value or conductivity value.
[003] Neben derartigen reinen Messgeräten sind auch Systeme bekannt, die noch zusä tzliche weitere Aufgaben erfüllen. Zu nennen sind hier Elektrodenreinigungssysteme, Kalibriersysteme sowie Probennehmer.[003] In addition to such pure measuring devices, systems are also known which perform additional additional tasks. Electrode cleaning systems, calibration systems and samplers should be mentioned here.
[004] Ebenfalls als Feldgeräte werden EinJAusgabeeinheiten sogenannte Remote I/Os bezeichnet.[004] So-called remote I / Os are also referred to as field devices.
[005] Zur Beeinflussung von Prozessvariablen dienen sogenannte Aktoren, z. B. Ventile, die den Durchfluss einer Flüssigkeit in einem Rohrleitungsabschnitt steuern oder Pumpen, die den Füllstand in einem Behälter verändern.So-called actuators are used to influence process variables, e.g. B. valves that control the flow of a liquid in a pipe section or pumps that change the level in a container.
[006] Eine Vielzahl solcher Feldgeräte wird von der Firma Endress + Hauser® hergestellt und vertrieben.A large number of such field devices is manufactured and sold by Endress + Hauser®.
[007] Häufig sind Feldgeräte über einen Feldbus (Profibus®, Foundation®-Fieldbus, HART® etc.) mit übergeordneten Einheiten z. B. Leitsystemen bzw. Steuereinheiten verbunden. Diese übergeordneten Einheiten dienen zur Prozesssteuerung, Prozessvisualisierung, Prozessüberwachung sowie zur Bedienung der Feldgeräte.Field devices are often via a fieldbus (Profibus®, Foundation®-Fieldbus, HART® etc.) with higher-level units, for. B. control systems or control units connected. These higher-level units are used for process control, process visualization, process monitoring and for operating the field devices.
[008] Zur Bedienung der Feldgeräte sind entsprechende Bedienprogramme (Bedientools) im Leitsystem bzw. in der Steuereinheit notwendig. Diese Bedienprogramme können eigenständig ablaufen oder aber auch in Leitsystem- Anwendungen integriert sein.Corresponding operating programs (operating tools) in the control system or in the control unit are necessary to operate the field devices. These operating programs can run independently or can also be integrated in control system applications.
[009] Eine eingeschränkte Bedienung von Feldgeräten ist mit herkömmlichen vielfach verwendeten Gerätebeschreibungen (Device Descriptions) möglich.Restricted operation of field devices is possible with conventional device descriptions (device descriptions) which are frequently used.
[010] Für eine vollumfängliche Bedienung der Feldgeräte müssen alle Funktionen und Parameter einschließlich der graphischen Bedienelemente dem Bedienprogramm (Bedientool) bekannt gemacht werden.For full operation of the field devices, all functions and parameters including the graphical control elements must be made known to the operating program (operating tool).
[011] Die Gerätehersteller liefern deshalb seit kurzem zu ihren Feldgeräten Gerätetreiber z. B. DTMs (Device Type Manager), die alle Daten und Funktionen des jeweiligen Feldgeräts kapseln und gleichzeitige eine graphische Benutzeroberfläche zur Verfü gung stellen.Device manufacturers have therefore recently been supplying device drivers to their field devices, e.g. B. DTMs (Device Type Managers), which encapsulate all data and functions of the respective field device and at the same time provide a graphical user interface supply.
[012] Mit Hilfe dieser Gerätetreiber ist eine gerate- und herstellerübergreifende Bedienung von Feldgeräten mit einem Bedienprogramm möglich.With the help of these device drivers, device and device-independent operation of field devices is possible with an operating program.
[013] Die Gerätetreiber benötigen als Laufzeitumgebung eine Rahmenapplikation (Frame- Application). Sie ermöglichen einen Zugriff auf verschiedene Daten der Feldgeräte (z.B. Geräteparameter, Messwerte,- Diagnoseinformationen, Statusinformationen etc.).[013] The device drivers require a frame application as runtime environment. They enable access to various data of the field devices (e.g. device parameters, measured values, diagnostic information, status information, etc.).
[014] Diese Daten werden in der Regel unverschlüsselt über den Feldbus und gegebenenfalls weiter Kommunikationsnetzwerke übertragen. Dies bedeutet dass dieser Datenaustausch nicht gegen Missbrauch gesichert ist. Unberechtigte, die Zugriff auf die Kommunikationsverbindung zwischen Steuereinheit und Feldgerät haben, können Manipulationen an Feldgeräten vornehmen, ohne dass der Anlagenbetreiber davon Kenntnis erlangt.[014] These data are generally transmitted unencrypted over the fieldbus and possibly further communication networks. This means that this data exchange is not secured against misuse. Unauthorized persons who have access to the communication link between the control unit and the field device can manipulate field devices without the plant operator becoming aware of it.
[015][015]
[016] Dies ist insbesondere im Hinblick auf die Prozesssicherheit sehr problematisch. Je größer das Kommunikationsnetzwerk ist über das die Daten übertragen werden, desto größer wird die Gefahr von unberechtigten Zugriffen.[016] This is very problematic in particular with regard to process security. The larger the communication network over which the data is transmitted, the greater the risk of unauthorized access.
[017] Dies gilt vor allem wenn auch öffentliche Netzwerke für die Datenübertragung benö tigt werden.[017] This applies especially if public networks are also required for the data transmission.
[018][018]
[019] Aufgabe der Erfindung ist es deshalb ein Verfahren zum Verschlüsseln von Daten in einem Netzwerk der Prozessautomatisierungstechnik, das einfach und kostengünstig durchführbar ist.The object of the invention is therefore a method for encrypting data in a network of process automation technology which can be carried out simply and inexpensively.
[020] Gelöst wir diese Aufgabe durch die im Anspruch 1 angegebenen Merkmale.We solved this problem by the features specified in claim 1.
[021] Vorteilhafte Weiterentwicklungen der Erfindung sind in den Unteransprüchen angegeben.Advantageous further developments of the invention are specified in the subclaims.
[022] Die wesentliche Idee der Erfindung besteht darin, dass die Daten die über ein Kommunikationsnetzwerk der Prozessautomatisierungstechnik ausgetauscht werden, in der Steuereinheit mit Hilfe eines separaten austauschbaren Softwaremoduls zu verschlü sseln.The essential idea of the invention is that the data which are exchanged via a communication network of the process automation technology are to be encrypted in the control unit with the aid of a separate exchangeable software module.
[023][023]
[024] In einer Weiterbildung der Erfindung ist das Softwaremodul als DTM (de vice type manager) gemäß den FDT-Spezifikationen ausgebildet. Dadurch lässt sich das Softwaremodul leicht in bekannte FDT-Frame- Applikationen (PACTware®, FieldCare® etc.) einbinden.[024] In a further development of the invention, the software module is designed as a DTM (de vice type manager) in accordance with the FDT specifications. This makes it easy to integrate the software module into known FDT frame applications (PACTware®, FieldCare® etc.).
[025] Die als Industriestandard geltenden FDT-Spezifikationen wurden von der PNO Profibus® Nutzerorganisation in Zusammenarbeit mit dem ZVEI (Zentralverband Elektrotechnik- und Elektronikindustrie) entwickelt. Die aktuelle FDT-Spezifikation 1.2 ist über den ZVEI erhältlich.The FDT specifications, which are considered to be the industry standard, were developed by the PNO Profibus® user organization in cooperation with the ZVEI (Central Association for the Electrical and Electronics Industries). The current FDT specification 1.2 is available from the ZVEI.
[026] Mit Hilfe des erfindungsgemäßen Softwaremoduls können schnell und einfach neue Verschlüsselungsalgorithmen eingesetzt werden, ohne dass umfangreiche Umprogram- mierungen z.B. für das Bedientool notwendig werden.[026] With the aid of the software module according to the invention, new encryption algorithms can be used quickly and easily without extensive reprogramming, e.g. become necessary for the operating tool.
[027] Nachfolgend ist die Erfindung anhand den in der Zeichnung dargestellten Ausfü hrungsbeispiele näher erläutert.The invention is explained in more detail below with reference to the exemplary embodiments shown in the drawing.
[028] Es zeigen:[028] The figures show:
[029] Fig. 1 schematische Darstellung eines Netzwerks der1 shows a schematic representation of a network of
[030] Prozessautomatisierungstechnik mit mehreren[030] Process automation technology with multiple
[031] Feldgeräten;Field devices;
[032] Fig. 2 schematische Darstellung einer Kommunikations-2 schematic representation of a communication
[033] Verbindung zu einem Feldgeräte;[033] Connection to a field device;
[034] In Fig. 1 ist ein Kommunikationsnetzwerk der Prozessautomatisierungstechnik nä her dargestellt. An einen Datenbus Dl sind mehrere Rechnereinheiten (Workstations) WSl, WS2 angeschlossen. Diese Rechnereinheiten dienen als übergeordnete Einheiten (Leitsystem bzw. Steuereinheit) zur Prozessvisualisierung, Prozessüberwachung und zum Engineering sowie zum Bedienen und Überwachen von Feldgeräten. Der Datenbus Dl arbeitet z. B. nach dem Profibus® DP-Standard oder nach dem HSE (High Speed Ethernet)- Standard der Foundation® Fieldbus. Über ein Gateway 1, das auch als Linking Device oder als Segmentkoppler bezeichnet wird, ist der Datenbus Dl mit einem Feldbussegment SM1 verbunden. Das Feldbussegment SM1 besteht aus mehreren Feldgeräten FI, F2, F3, F4 die über einen Feldbus FB miteinander verbunden sind. Bei den Feldgeräten FI, F2, F3, F4 können es sich sowohl um Sensoren oder um Aktoren handeln. Der Feldbus FB arbeitet entsprechend nach einem der bekannten Feldbus-Standards Profibus, Foundation Fieldbus oder HART.A communication network of process automation technology is shown in more detail in FIG. 1. Several computer units (workstations) WS1, WS2 are connected to a data bus D1. These computer units serve as higher-level units (control system or control unit) for process visualization, process monitoring and for engineering, as well as for operating and monitoring field devices. The data bus Dl works e.g. B. according to the Profibus® DP standard or the HSE (High Speed Ethernet) standard of the Foundation® Fieldbus. The data bus D1 is connected to a fieldbus segment SM1 via a gateway 1, which is also referred to as a linking device or a segment coupler. The fieldbus segment SM1 consists of several field devices FI, F2, F3, F4 which are connected to one another via a fieldbus FB. The field devices FI, F2, F3, F4 can be sensors or actuators. The fieldbus FB works according to one of the well-known fieldbus standards Profibus, Foundation Fieldbus or HART.
[035] In Fig. 2 ist ein Bedienprogramm, das auf einer der Steuereinheiten WS 1, WS2 bzw. auf der Bedieneinheit BE abläuft, schematisch dargestellt. Bei dem Bedienprogramm kann es sich um die Bediensoftware PACTware (PACTware Consortium e.V.) oder FieldCare® (Firma Endress + Hauser®) handeln, die beide als Betriebssystem Microsoft Windows®, 98NT, 2000 benötigen und die als FDT- Frame-Applikation dienen. Die FDT-Frame- Applikation ist insbesondere verantwortlich für die Verwaltung der DTMs in einer Projektdatenbank (projekt database) für die Kommunikation zu den Bussystemen, für die Verwaltung des Gerätekatalogs, sowie für die Verwaltung der Benutzer und der Zugriffsrechte etc..An operating program which runs on one of the control units WS 1, WS2 or on the operating unit BE is shown schematically in FIG. 2. The operating program can be the operating software PACTware (PACTware Consortium e.V.) or FieldCare® (company Endress + Hauser®), both of which require the Microsoft Windows®, 98NT, 2000 operating system and which serve as an FDT frame application. The FDT frame application is especially responsible for the administration of the DTMs in a project database for the communication to the bus systems, for the administration of the device catalog, as well as for the administration of the users and the access rights etc.
[036] In der FDT-Frame- Applikation laufen ein Geräte-DTM DTM-Fl ein Verschlü sselungs-DTM V und ein Kommunikations-DTM CommDTM. Der Geräte-DTM DTM-Fl, der auch als Gerätetreiber bezeichnet wird, kapselt die Daten und Funktionen des Feldgerätes FI und benötigt als Laufzeitumgebung die FDT- Frame- Applikation. Mit Hilfe dieses DTMs ist eine gerate- und herstellerübergreifende Bedienung des Feldgerätes FI möglich. Insbesondere erlaubt der DTM-Fl Zugriff auf Geräteparameter, Gerätekonfiguration, Abruf von Diagnosedaten und Statusinformationen über eine herstellerspezifische graphische Benutzeroberfläche.In the FDT frame application, a device DTM DTM-Fl, an encryption DTM V and a communication DTM CommDTM run. The device DTM DTM-Fl, which is also referred to as the device driver, encapsulates the data and functions of the field device FI and requires the FDT as runtime environment Frame application. With the help of this DTM, cross-device and manufacturer-independent operation of the field device FI is possible. In particular, the DTM-Fl allows access to device parameters, device configuration, retrieval of diagnostic data and status information via a manufacturer-specific graphical user interface.
[037] Das FDT-Konzept basiert darauf, dass in eine FDT-Frame-Applikation unterschiedliche Feldgeräte DTMs von unterschiedlichen Herstellern in einfacher Weise gebunden werden können.[037] The FDT concept is based on the fact that different field devices DTMs from different manufacturers can be bound in a FDT frame application in a simple manner.
[038] Hardwaremäßig erfolgt die Verbindung über eine Busanschaltung BA, den Datenbus Dl, das Gateway Gl, den Feldbus FB zum Feldgerät FI.In terms of hardware, the connection is made via a bus connection BA, the data bus D1, the gateway G1, the fieldbus FB to the field device FI.
[039] Nachfolgend ist die Funktionsweise der Erfindung näher erläutert.The operation of the invention is explained in more detail below.
[040] Im Verschlüsselungs-DTM V, das als eigenständiges Softwaremodul ausgebildet ist, werden die Daten, die zwischen dem Bedienprogramm und dem Feldgerät FI ausgetauscht werden, verschlüsselt.In the encryption DTM V, which is designed as an independent software module, the data that are exchanged between the operating program and the field device FI are encrypted.
[041] Über die gekapselten Funktionen des Geräte DTMs DTM-Fl können Parameter im Feldgerät FI geändert werden. Die hierfür notwendigen Daten werden im Verschlü sselungs-DTM V mit einem entsprechenden Algorithmus verschlüsselt und über den Datenbus Dl und den Feldbus FB zum Feldgerät FI übertragen. Im Feldgerät FI werden die Daten entschlüsselt und die entsprechenden Befehle ausgeführt.[041] Parameters can be changed in the field device FI via the encapsulated functions of the device DTM DTM-Fl. The data required for this are encrypted in the encryption DTM V with an appropriate algorithm and transmitted to the field device FI via the data bus D1 and the fieldbus FB. The data is decrypted in the FI field device and the corresponding commands are executed.
[042] Dadurch dass die Daten in einem separaten austauschbaren Softwaremodul verschlü sselt werden, ist eine einfache Anpassung an neue Verschlüsselungsverfahren möglich. Hierzu muss nur das entsprechende Softwaremodul V ausgetauscht werden. [042] The fact that the data is encrypted in a separate interchangeable software module enables simple adaptation to new encryption methods. To do this, only the corresponding software module V has to be replaced.

Claims

AnsprücheExpectations
[001] Verfahren zum Verschlüsseln von Daten in einem Netzwerk der Prozessautomatisierungstechnik , dadurch gekennzeichnet, dass die Daten in einer Steuereinheit, die mit dem Netzwerk verbunden ist, in einem separaten austauschbaren Softwaremodul verschlüsselt werden.Method for encrypting data in a network of process automation technology, characterized in that the data in a control unit which is connected to the network are encrypted in a separate interchangeable software module.
[002] Verfahren nach Anspruch 1, dadurch gekennzeichnet, dass das Softwaremodul dem FDT/DTM Standard entspricht.[002] The method according to claim 1, characterized in that the software module corresponds to the FDT / DTM standard.
[003] Verfahren nach Anspruch 1, dadurch gekennzeichnet, dass als Laufzeitumgebung für das Softwaremodul eine FDT-Rahmenapplikation dient, die in der Steuereinheit abläuft. [003] The method according to claim 1, characterized in that an FDT frame application which runs in the control unit serves as the runtime environment for the software module.
EP04804867A 2004-01-12 2004-12-15 Method for encoding data in a network used in process automation systems Ceased EP1711870A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102004001755A DE102004001755A1 (en) 2004-01-12 2004-01-12 Method for encrypting data in a network of process automation technology
PCT/EP2004/053519 WO2005066729A1 (en) 2004-01-12 2004-12-15 Method for encoding data in a network used in process automation systems

Publications (1)

Publication Number Publication Date
EP1711870A1 true EP1711870A1 (en) 2006-10-18

Family

ID=34744692

Family Applications (1)

Application Number Title Priority Date Filing Date
EP04804867A Ceased EP1711870A1 (en) 2004-01-12 2004-12-15 Method for encoding data in a network used in process automation systems

Country Status (4)

Country Link
US (1) US20090210692A1 (en)
EP (1) EP1711870A1 (en)
DE (1) DE102004001755A1 (en)
WO (1) WO2005066729A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102005048996A1 (en) * 2005-10-11 2007-04-12 Endress + Hauser Gmbh + Co. Kg Method for the secure transmission of data of a field device of process automation technology
DE102007029136A1 (en) * 2007-06-25 2009-01-02 Vega Grieshaber Kg Apparatus and method for generating a user interface configuration for a field device
US8543741B2 (en) * 2007-08-16 2013-09-24 Fisher Controls International Llc Network scanning and management in a device type manager of type device
US8195590B1 (en) 2008-09-17 2012-06-05 Varec, Inc. Method and system for measuring and managing inventory of product in a collapsible tank
US9513152B1 (en) 2011-12-20 2016-12-06 Varec, Inc. Liquid level transmitter utilizing low cost, capacitive, absolute encoders

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6202157B1 (en) * 1997-12-08 2001-03-13 Entrust Technologies Limited Computer network security system and method having unilateral enforceable security policy provision
US6674767B1 (en) * 1999-10-04 2004-01-06 Microsoft Corporation Flexible system and method for communicating between a broad range of networks and devices
FR2813151B1 (en) * 2000-08-18 2002-12-20 Schneider Electric Ind Sa SECURE COMMUNICATION IN AUTOMATION EQUIPMENT
EP1249747A1 (en) * 2001-04-09 2002-10-16 Patria Ailon Control system and method for controlling processes
DE10144971A1 (en) * 2001-09-12 2003-03-27 Endress & Hauser Gmbh & Co Kg Method for securing data exchange between an external access unit and a field bus device that is used in monitoring a physical or chemical process variable, particularly for securing data exchange between a WAN and a LAN field bus
EP1479007B1 (en) * 2002-02-07 2018-01-10 Invensys Systems, Inc. System and method for authentication and fail-safe transmission of safety messages

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2005066729A1 *

Also Published As

Publication number Publication date
WO2005066729A1 (en) 2005-07-21
DE102004001755A1 (en) 2005-08-11
US20090210692A1 (en) 2009-08-20

Similar Documents

Publication Publication Date Title
EP1872180B1 (en) Method for safely operating an automation technology field device
EP1606673B1 (en) Method for transmitting a software code from a control unit to a field device of process automation technology
EP1558975B1 (en) Method for the offline parameterisation of a field appliance used in process automation technology
EP2247987A1 (en) Method for operating a field device
DE102010062266A1 (en) Method for implementing at least one additional function of a field device in automation technology
EP2597819B1 (en) Method for controlling a field device
WO2008012164A1 (en) Method for isolating special functionalities in field devices used in automation technology
EP1653306B1 (en) Method for operating a field device in automation technology
EP1946191A1 (en) Method for operating a field device in automation engineering with special functionalities
DE102007060990A1 (en) Method for generating an application-specific installation package of device objects
EP1735671A2 (en) Method for remotely operating a field device of process automation technology
DE102012109348A1 (en) Method for operating field device e.g. volumetric flow meter, in automatic control engineering, involves linking permissible parameters with user role by role-parameter-matrix, where parameters are determined based on user role
EP1431877A2 (en) Parameterizing-/diagnostic system for a field device
EP1682952B1 (en) Method for maintaining field devices used for process automation technology by means of a maintenance computer
EP1518153B1 (en) Method providing protection from unauthorized access to a field device used in process automation technology
DE102016107045B4 (en) Method and system for securely configuring a process automation field device
EP3469429B1 (en) Method for preventing an unauthorised access to software applications in field devices, and communication network
DE102004055814A1 (en) Method for commissioning a field device of process automation technology
DE102005023938B4 (en) Integration of field devices in an automation system
EP1711870A1 (en) Method for encoding data in a network used in process automation systems
EP3555717B1 (en) Operator control unit for a field device used in automation technology
WO2007077080A1 (en) Access control for a field transmitter in process automation engineering
EP2095193B1 (en) Method for operating a block model-based field device for a distributed automation system
DE102022133650A1 (en) System and method for accessing a control unit to at least one field device
DE102011089213A1 (en) System for displaying information or operating field device of automation equipment used in factory, has controller that identifies respective connected communication unit and enables communication protocol using keypad

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20060518

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR

17Q First examination report despatched

Effective date: 20061207

DAX Request for extension of the european patent (deleted)
REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20160208