EP3234707A1 - Procédé de vérification d'au moins un télégramme - Google Patents

Procédé de vérification d'au moins un télégramme

Info

Publication number
EP3234707A1
EP3234707A1 EP15795187.2A EP15795187A EP3234707A1 EP 3234707 A1 EP3234707 A1 EP 3234707A1 EP 15795187 A EP15795187 A EP 15795187A EP 3234707 A1 EP3234707 A1 EP 3234707A1
Authority
EP
European Patent Office
Prior art keywords
data
field device
block
telegram
received
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP15795187.2A
Other languages
German (de)
English (en)
Inventor
Michael Mayer
Ingomar Sotriffer
David Sutter
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Endress and Hauser Process Solutions AG
Original Assignee
Endress and Hauser Process Solutions AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Endress and Hauser Process Solutions AG filed Critical Endress and Hauser Process Solutions AG
Publication of EP3234707A1 publication Critical patent/EP3234707A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/04Programme control other than numerical control, i.e. in sequence controllers or logic controllers
    • G05B19/042Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
    • G05B19/0428Safety, monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements

Definitions

  • the invention relates to a method for checking at least one
  • Telegram as well as on a field device.
  • Field devices are used today for controlling, regulating or monitoring the processes taking place there.
  • Field devices are in principle all devices that are used close to the process and that provide or process process-relevant information.
  • Measuring devices / sensors, actuators and display / control units are generally referred to as field devices and such units that are, for example. Directly connected to a field bus and used to communicate with the parent units, such. Eg remote I / Os, gateways, linking devices and radio units. From the patent application DE 102010063773 A1 it has become known to provide two differently configured memory areas in a field device in which data can be stored. In this case, security-relevant data is written to a first memory area. Data that does not require special checking is written to the second memory area.
  • the object of the invention is to improve the information security in an industrial plant, in particular when transmitting data to a field device or from a field device.
  • the object is achieved by a method and a field device.
  • the object is achieved by a method for checking at least one telegram which is transmitted via a fieldbus according to a fieldbus protocol, wherein the telegram, which has at least one data block, is received by a field device, which field device receives a first
  • Function block for preprocessing of the received telegram, wherein it is checked by means of preprocessing, whether the data contained in the at least one data block predetermined in the field device stored criteria, for example.
  • a predetermined value or a predetermined range of values correspond, which is determined based on the review, whether the received data is forwarded to a second functional block for further processing of the received data in the field device.
  • the telegram can be constructed, for example, in accordance with a fieldbus protocol, such as, for example, HART, PROFIBUS, Foundation Fieldbus, or the like.
  • the telegram can thus have, for example, a header and a data block connected thereto.
  • the data block in turn may block a payload and possibly further data blocks, such as, for example, a first and a second data block and / or a data block, the one
  • the data block can, for example, a command gem. a fieldbus protocol included.
  • functions of a field device assigned to the command can be called up and / or data from a field device can be called
  • Field device can be retrieved.
  • the telegram can additionally contain field-device-related data, such as, for example, parameters or parameter values, which are to be transmitted to a field device or originate from a field device.
  • the data contained in the telegram and / or data block may be intended to be stored in the field device. In general, it is therefore field-device-related data which are either processed in the field device itself or used for identification and / or identification of the field device.
  • the field device may have one or more functional blocks that are used for processing, for example, the received or other field device-related data.
  • a function block may be provided which serves for the processing of measured values.
  • This function block can, for example, serve to convert a measurement signal into a measured value.
  • This may, for example, be the firmware or a part of the firmware of the field device. In general, this firmware can be used to provide and execute the functions and functionalities of the field device.
  • the first and / or the second function block may be part of this firmware.
  • Function block can, for example, also for preprocessing a, for example. Via a fieldbus to which the field device is connected, receive telegram serve.
  • the first functional block can also be integrated into another functional block or with this in a communication connection, via which a data exchange is possible stand.
  • the first function block can serve, for example, to process a received message and forward it to a communication stack, also called a protocol stack, which serves to identify the various data blocks and pass them on to the component or function block that is used for (continue
  • the first functional block (logically) can also be arranged between the communication stack and a second functional block
  • the data or the data blocks can be checked on the basis of the first function block and the criteria used, whether the data have a certain value or include or are within a certain range of values.
  • These criteria can be stored, for example, in a memory unit, for example in the form of a table. In this case, for example, a comparison of the received data of one or more data blocks with one or more of the stored criteria can be made.
  • Data blocks are collected a plurality of telegrams and, for example, before they are passed to the second function block or stored to a memory unit or a storage area to which the second function block has access, are checked.
  • the check may, for example, relate to the content of the received data, i.
  • a semantic analysis can be carried out - that is, whether there are valid data.
  • the content of the data block in terms of content, it is also possible to check for consistency, for example, for errors in the data transmission, of the received data.
  • The can, for example, by means of a check sum which has also been received from the field device in connection with the at least one telegram done.
  • the first functional block can also be used for checking telegrams or data which are to be transmitted by means of at least one telegram via a field bus.
  • the first function block thus checks data received and / or transmitted by the field device.
  • the first function block can forward the data contained in the data block to the second function block or into one Write memory unit or memory area.
  • a plurality of memory areas may be provided which are physically and / or logically separated from one another.
  • a first memory area may serve to store the data that does not satisfy the check, separately from data that can withstand a check by the first function block.
  • a physically separate memory area is provided, for example, on a separate memory unit.
  • the first function block may, for example, for copying the data from a first
  • Memory area serve in a second memory area.
  • the check on the basis of the first function block is intended to prevent the storage and / or processing of manipulated data.
  • information security and on the other hand as a result, the plant security is guaranteed.
  • the verification and the criteria used for the check should prevent the unauthorized execution of code or other attack scenarios such as a buffer overflow by at least a part of the data in the data block of the received at least one telegram, for example by the manufacturer of the field device established criteria.
  • the criteria may be protocol-specific criteria, such as the presence of
  • Function blocks are checked whether it is the data to non-protocol data, ie such data that is not in a range of values or not correspond to a command that / by the protocol, by means of which the field device communicates, is given or compliant. For example. It can be checked whether the data are commands or commands of an illegal format for which the field device is not set up, or another protocol.
  • the received data is stored in
  • Dependence of the check written in a first memory area or in a second memory area in the field device may be physically or locally separate storage units.
  • the first memory area is used to persistently store data that does not meet the predetermined criteria. These data can be later used to analyze an attempt to write or store data in a field device.
  • the second memory area serves to make the received data available to the second functional block in the field device, by means of which second functional block the received data is further processed.
  • the telegram thus comprises a first and a second data block, and wherein in the field device, a first set of criteria is deposited, based on which the first data block is checked, wherein in the field device, a second set of criteria are stored whose the second
  • Data block are checked, wherein the first and the second set of criteria differ from each other.
  • the telegram or the at least one data block is written to a third memory area of the field device before being checked by the first function block. In a further embodiment of the method, depending on the
  • the criteria by means of which the telegram or the data are checked are stored in a fourth memory area in the field device.
  • the data block is checked by the criteria whether the values contained in the data block lie within a predetermined value range, for example in a predetermined hexadecimal value range.
  • the data block can be divided into different subsets or subareas.
  • the object is achieved by a field device having a first function block, which is used to preprocess a received message, which telegram has at least one data block, the first function block also serving to check whether the data contained in the at least one data block is predetermined in the field device deposited criteria, for example.
  • a predetermined value or a predetermined range of values correspond, and whether the received data to a second function block for further processing of the received data in the field device are forwarded.
  • the field device has a first function block, which is used to preprocess a received message, which telegram has at least one data block, the first function block also serving to check whether the data contained in the at least one data block is predetermined in the field device deposited criteria, for example.
  • a predetermined value or a predetermined range of values correspond, and whether the received data to a second function block for further processing of the received data in the field device are forwarded.
  • the field device has a first function block, which is used to preprocess a received message, which telegram has at least one data
  • FIG. 1 shows a schematic representation of a field device
  • FIG. 2 shows a schematic representation of a field device with a first functional block for checking a received data block on the basis of predetermined criteria
  • FIG. 3 shows a schematic representation of an attack in which a buffer overflow in the field device is to be achieved
  • FIG. 4 shows a schematic representation of an attack on an operating device or an application for operating the field device
  • FIG. 5 shows a schematic representation of an arrangement comprising an operating device and an evaluation unit for evaluating the attacks on the field device detected by means of the first functional block
  • FIG. 6 shows a schematic representation of criteria for checking a telegram or data block received or transmitted by the field device.
  • FIG. 1 shows a field device FG with a measuring sensor MA, which converts a chemical and / or physical measured variable into an electrical signal, and a measured value-processing logic MV, by means of which a measured value is generated from this measuring signal.
  • the field device FG may, for example, be a temperature measuring device, a level measuring device or a flowmeter.
  • Messwertver toden logic MV can also be provided an operating system that manages the hardware of the field device FG and makes resources available to applications such as, for example, the measured-value-processing logic MV. Furthermore, a
  • Communication interface (hardware) and an application 10 (software) to operate the communication interface to be provided.
  • applications 10, MV can be implemented as separate function blocks or integrated as function blocks in the firmware of the field device.
  • Firmware and functional blocks 10, MV can, as shown in FIG. 1, be executed in hardware by a microprocessor ⁇ . But it is also possible that a first microprocessor ⁇ for executing the function block IO and a second microprocessor ⁇ for executing the
  • the field device FG has a memory unit S1.
  • the memory unit S1 has one or more memory areas which are accessed by the function block IO and the function block MV. For example.
  • a measuring signal can be transmitted from the measuring sensor MA to the functional block MV and a measured value determined by means of the measured-value-processing logic MV can be written into a memory area of the memory unit S1.
  • the memory unit S1 can others
  • field device related data such as parameters, parameter values,
  • the function block MV can access this data to perform the measurement signal processing.
  • the functional block IO can also access the memory unit S1 and the memory areas of the memory unit S1, for example to store received data there, or to read data from the memory unit in order to transfer it to another location, for example a controller or an operator panel or a Transfer operating application.
  • the function block IO in which, for example, a protocol stack according to. a fieldbus protocol that call data from the memory unit S1 and pack in one or more telegrams.
  • this function block IO can also one or more data blocks from a telegram, via the
  • Communication interface is received, extracted and this one or more data blocks are written in the memory unit S1.
  • a further function block which performs a specific, predetermined function may be provided, which accesses the memory unit S1 in order to read and / or store data therefrom.
  • one or more of these functional blocks may be integrated in the firmware of the field device FG and / or with this in one
  • Communication link for example, via a field device internal data bus, for example.
  • An Inter-Integrated Circuit bus stand.
  • data received via different communication interfaces of the field device may be written to the memory unit S1.
  • a plurality of protocol stacks may be provided, which each serve to process telegrams which are received or transmitted via a specific communication interface in a specific format.
  • the data received from the field device FG in step 1 are neither checked in terms of content, nor monitored in terms of content, nor checked in terms of content.
  • the received data is stored in the memory unit S1 in a step 2.
  • Data may also be stored in this memory unit S1 by a function block MV in a step 3.
  • the data may, for example, be a measured value determined from a measurement signal in a step 4.
  • the data contained in the storage unit can be in one step. 5 are transmitted again via the fieldbus to another participant of the fieldbus.
  • the measured value can be a chemical and / or physical variable of a medium ME.
  • FIG. 2 shows a field device FG with a plurality of logically and / or physically separate memory units S1, S2, S3, S4.
  • Embodiment in Figure 2 the function block IO supplied. This can receive the received telegram according to the protocol used
  • a first functional block RE which preprocesses the received telegram and checks whether the telegram or the content of the telegram, for example, the information content of a
  • This function block RE and the associated (content-related) checking of the received data can still be before processing by the function block IO.
  • the checking of the received data can also take place after the processing by the function block IO.
  • the data consistency is not checked by means of a checksum, for example, but it is checked whether the received data has a value or value range valid according to one criterion or several criteria.
  • a checksum for example, but it is checked whether the received data has a value or value range valid according to one criterion or several criteria.
  • Write memory area S1 to which also the function block MV has access is a logically and / or physically separate memory area or memory unit S2 in the field device, for example.
  • a housing of the field device FG Provided within a housing of the field device FG.
  • An example received by means of the communication stack telegram is then written, for example, by means of the function block RE in this memory area ⁇ .
  • the received data can then be checked against the criteria and, for example, in the event that the data does not meet the criteria, be written into a memory unit or memory area S4. Meet the received and verified
  • the data is written to the memory unit or the memory area S1.
  • the criterion can be, for example, a data length, for example the number of expected bits or bytes, a character code, such as ASCII, and / or a range of numbers expected for one or more or all parameters of the field device ,
  • a telegram transmitted to the field device via the fieldbus shown in FIG. 2 or a data block contained therein has a specific length which, however, is greater than the expected data length.
  • a first part D1 can, for example, a
  • Command gem. the field bus protocol
  • the second part D2 contains additional, unexpected data.
  • these data D2 may serve to create a memory overflow (buffer overflow).
  • an optical signaling for example triggered by the function block RE, can take place.
  • a first telegram T1 received data for example, in one or more data blocks D1, D2 to check based on a first criterion.
  • the second criterion can be based on a
  • the telegram T1 can be received by the field device in a step 1 and written to a memory unit S2 in a second step 2.
  • criteria are loaded from a storage area S3 and from the
  • Function block RE used to check the received data.
  • the data not satisfying the check can be stored in a memory S4. These data are excluded from further processing.
  • data can also be stored or read out from the function block MV in a step 5.
  • the data may be, for example, a measured value determined from a measuring signal in a step 6 or data required for calculating the measured value, such as, for example, parameters / values.
  • FIG. 3 is a schematic representation of an attack in which a buffer overflow (buffer overflow) is to be achieved in the field device FG.
  • a telegram received in a step 1 has a first part D1 which contains, for example, a fieldbus command.
  • This part and an adjoining second part D2 are then written into the memory unit S1 (in a step 2.) without being checked.
  • the memory in the memory unit S1 can additionally be overwritten on the basis of the data in the data block D2 and thereby possibly the function of the function block MV be influenced, for example. if this data is retrieved from a memory area following that for subsequent storage of the data D1 in a step 3. *** "
  • FIG. 4 shows a further scenario of an attack on or by means of a field device FG.
  • a first operating application for example on a first operator control device, in a step 1.
  • Data are transmitted to a field device FG by means of a telegram T1.
  • the data contained in this telegram T1 can, for example, on
  • a so-called TAG which identifies the measuring point at which the field device is used, should be identified.
  • This tag can be stored in the field device FG.
  • a telegram T1 containing a command for setting the TAG is transmitted to the field device FG.
  • the TAG is now executed by another operating application BG 2, which is executed, for example, on an operating device, or the control of a system in a step 2. Inquired and read in a step 3., the code contained therein is transmitted to the operating application.
  • a malicious code can be executed or loaded into the operating application BG2 or even the controller. This can endanger the plant safety or the information security of the system.
  • criteria can be stored in the field device FG, on the basis of which the received and / or transmitted telegrams are checked in terms of content.
  • Memory area stored in the field device FG For example. can the information contained in the telegram T1 in connection with other such as the
  • Source address and / or a time at which the telegram was received done.
  • a counter may also be provided which indicates how many times a particular type of telegram or data block has been received. Based on the counter can then be decided whether the acceptance of further telegrams should be blocked. For example.
  • the counter can then indicate that 100 of these telegrams have already been received, after which the field device can decide that the processing of further telegrams is completely stopped in order to preemptively prevent overloading the microprocessor iC by incorrect telegrams For example, to prevent a denial of service, this can either affect all telegrams received (with HART, the primary reading would still be above 4-20mA) or the field device would simply discard one type of request immediately, but others continue to process (eg telegrams from a specific address are discarded immediately without further checking).
  • Memory area S4 stored data by means of an operating application. For example. Such a reading may be reserved for the field device manufacturer. In particular, this can only be done via an on-site interface of the field device. These discarded data can then be evaluated, for example, in order to avoid future attacks or to be able to exclude. For example. a database may be provided in the segregated data from various field devices
  • FIG. 6 shows a so-called whitelist which contains criteria for checking received data. Only data meeting these criteria will be released to a second function block for further processing. All other data are, for example, discarded in a separate memory unit or a Speicherberiech S4.
  • blacklist can be used, which releases all data for further processing and excludes only the data that meets the criteria of the blacklist.
  • the whitelist indicated in FIG. 5 defines attributes (criteria) which are a first
  • the whitelist contains attributes regarding a second command. If a telegram is received which contains the command "1" or the command "130", the attributes relating to this command, which concern, for example, the data contained in a payload data block of the telegram, are used to check this data.
  • a data block following a command has a length of a certain number of bytes, for example a maximum of 10 bytes.
  • a maximum of 10 bytes for checking a
  • Telegram or one following a command data block several, here two, criteria are used. This (useful) data block of a telegram can be checked for further
  • Subdata blocks for example, data volumes are subdivided.
  • a first criterion may refer to a first set of data consisting, for example, of bytes 0-5 as shown in FIG. 6, and a second set of data consisting of bytes 6-9. Based on empirical values or on the basis of specifications of the protocol used or on the type of field device used, it can be determined whether the data contained in the first subset has a specific, valid value, such as a specific, valid hexadecimal value. For this purpose, a range of values for the first subset and for the second subset can be determined.
  • the second table in FIG. 6 schematically shows the structure of criteria which are used to check received data, for example by means of the
  • Function block RE For example. a command can be specified to which the check relates. For example. This can be used to check commands that require write access to the memory of the field device. Furthermore, it can be specified that these commands and / or the subsequent user data do not exceed a certain length. Furthermore, values or ranges of values can be predefined for specific subsets. Furthermore, it can be checked whether individual bytes, such as, for example, start and / or end bytes, have a specific subset, a specific value. This can be done for different subset and or commands.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Automation & Control Theory (AREA)
  • Bioethics (AREA)
  • Programmable Controllers (AREA)
  • Computer And Data Communications (AREA)

Abstract

L'invention concerne un procédé de vérification d'au moins un télégramme (T1) qui est transmis par un bus de terrain selon un protocole de bus de terrain. Ledit télégramme (T1), qui comprend au moins un bloc de données (D1, D2), est reçu par un appareil de terrain (FG) qui comprend un premier bloc fonctionnel (RE) pour le prétraitement du télégramme reçu (T1). Le prétraitement permet de vérifier si les données contenues dans le ou les blocs de données (D1, D2) correspondent à des critères prédéfinis déposés dans l'appareil de terrain, respectivement à une valeur prédéfinie ou à une plage prédéfinie de valeurs (Cmd #, longueur, octet de début, etc.). La vérification permet de déterminer si les données reçues sont transférées à un deuxième bloc fonctionnel (MV, IO) pour poursuivre le traitement des données reçues dans l'appareil de terrain (FG).
EP15795187.2A 2014-12-19 2015-11-18 Procédé de vérification d'au moins un télégramme Withdrawn EP3234707A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102014119214.1A DE102014119214A1 (de) 2014-12-19 2014-12-19 Verfahren zur Überprüfung wenigstens eines Telegramms
PCT/EP2015/076904 WO2016096298A1 (fr) 2014-12-19 2015-11-18 Procédé de vérification d'au moins un télégramme

Publications (1)

Publication Number Publication Date
EP3234707A1 true EP3234707A1 (fr) 2017-10-25

Family

ID=54548189

Family Applications (1)

Application Number Title Priority Date Filing Date
EP15795187.2A Withdrawn EP3234707A1 (fr) 2014-12-19 2015-11-18 Procédé de vérification d'au moins un télégramme

Country Status (4)

Country Link
US (1) US20170357235A1 (fr)
EP (1) EP3234707A1 (fr)
DE (1) DE102014119214A1 (fr)
WO (1) WO2016096298A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102016117073B4 (de) * 2016-09-12 2024-09-26 Samson Aktiengesellschaft Steuerungs-Interaktions-Verfahren und Kommunikationsvorrichtung zum Durchführen einer Steuerungs-Interaktion zwischen einer Bedienelektronik und einem Stellgerät
DE102020109696A1 (de) * 2020-04-07 2021-10-07 Endress + Hauser Process Solutions Ag Verfahren zum Anbinden eines Feldgeräts an eine Cloud
FR3129551A1 (fr) * 2021-11-19 2023-05-26 Electricite De France procédé et dispositif de surveillance de commandes HART

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130094500A1 (en) * 2011-10-13 2013-04-18 Rosemount Inc. Process installation network intrusion detection and prevention

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10148029A1 (de) 2001-09-28 2003-04-24 Endress & Hauser Gmbh & Co Kg Verfahren zur Datensicherung bei einem Feldgerät
US7231666B2 (en) * 2002-06-20 2007-06-12 International Business Machines Corporation Method and apparatus for preventing buffer overflow security exploits
US7748038B2 (en) * 2004-06-16 2010-06-29 Ironport Systems, Inc. Method and apparatus for managing computer virus outbreaks
DE102005063052A1 (de) * 2005-12-29 2007-07-05 Endress + Hauser Process Solutions Ag Verfahren zum Schutz von Feldgeräten der Prozessautomatisierungstechnik
GB2474545B (en) * 2009-09-24 2015-06-24 Fisher Rosemount Systems Inc Integrated unified threat management for a process control system
DE102010063773A1 (de) 2010-12-21 2012-07-12 Endress + Hauser Wetzer Gmbh + Co. Kg Feldgerät mit einem semi-permanenten elektronischen Speicher und Verfahren zum Betreiben eines solchen Feldgerätes
US8984641B2 (en) * 2012-10-10 2015-03-17 Honeywell International Inc. Field device having tamper attempt reporting
US8667589B1 (en) * 2013-10-27 2014-03-04 Konstantin Saprygin Protection against unauthorized access to automated system for control of technological processes

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130094500A1 (en) * 2011-10-13 2013-04-18 Rosemount Inc. Process installation network intrusion detection and prevention

Also Published As

Publication number Publication date
WO2016096298A1 (fr) 2016-06-23
US20170357235A1 (en) 2017-12-14
DE102014119214A1 (de) 2016-06-23

Similar Documents

Publication Publication Date Title
DE102004003605B4 (de) Integriertes Diagnosesystem in einer Prozessanlage mit einem Prozesssteuerungssystem und einem Sicherheitssystem
DE102017102677A1 (de) Verfahren zur Authentifizierung eines Feldgeräts der Automatisierungstechnik
DE102004003569A1 (de) Integriertes Sicherungssystem in einer Prozessanlage mit einem Prozesssteuerungssystem und einem Sicherheitssystem
DE102016124350A1 (de) Verfahren und System zum Überwachen einer Anlage der Prozessautomatisierung
EP2595016A1 (fr) Procédé, programme informatique, support lisible sur ordinateur et unité de calcul pour la commande d'appareils de terrain
EP3136285A1 (fr) Procédé et module de stockage pour des processus d'écriture et/ou processus de lecture protégés sur le module de stockage
DE102016220895A1 (de) Erkennung von Manipulationen in einem CAN-Netzwerk
EP3726408A1 (fr) Appareil industriel d'automatisation comprenant une unité de surveillance permettant de vérifier et de surveiller un état d'intégrité de l'appareil industriel d'automatisation
DE102014111361A1 (de) Verfahren zum Betreiben einer Sicherheitssteuerung und Automatisierungsnetzwerk mit einer solchen Sicherheitssteuerung
EP3607405B1 (fr) Procédé de paramétrage d'un appareil de terrain et appareil de terrain paramétrable
EP3234707A1 (fr) Procédé de vérification d'au moins un télégramme
EP3122016B1 (fr) Reseau d'automatisation et procede de surveillance de la securite de la transmission de paquets de donnees
WO2016081970A1 (fr) Système d'automatisation et son procédé de fonctionnement
DE102016107450A1 (de) Sicheres Gateway
EP3469429A1 (fr) Procédé pour empêcher un accès non autorisé à des applications logicielles dans des appareils de terrain
DE102010028152B4 (de) Aufzeichnung von History-Informationen in einem Feldgerät
WO2014122063A1 (fr) Dispositif et procédé de détection de manipulations non autorisée de l'état du système d'une unité de commande et de régulation d'une installation nucléaire
DE102016119744A1 (de) Verfahren und System zum Verhindern eines unerwünschten Zugriffs auf ein Feldgerät
DE112013006925T5 (de) Programmierbares Anzeigegerät
DE102021132493A1 (de) Integritätsprüfungen auf variablenebene für die kommunikation in prozesssteuerungsumgebungen
DE102009027168B4 (de) Verfahren zum Ermitteln einer übermittelten Telegramm-Datenlänge
DE112018007548B4 (de) Datenkommunikationssteuerungseinrichtung, Datenkommunikationssteuerprogramm und Datensteuerungssystem
DE102010003741A1 (de) Verfahren zum Datenaustausch
EP2618114B1 (fr) Extraction de valeurs de mesure, d'informations de diagnostic ou de paramètres d'appareils
DE102014215580B4 (de) Verfahren und System zum Programmieren eines Sensornetzwerks

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20170517

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20190829

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20210601