JP5634047B2 - プロセス制御データの安全な通信方法、及び装置 - Google Patents

プロセス制御データの安全な通信方法、及び装置 Download PDF

Info

Publication number
JP5634047B2
JP5634047B2 JP2009221205A JP2009221205A JP5634047B2 JP 5634047 B2 JP5634047 B2 JP 5634047B2 JP 2009221205 A JP2009221205 A JP 2009221205A JP 2009221205 A JP2009221205 A JP 2009221205A JP 5634047 B2 JP5634047 B2 JP 5634047B2
Authority
JP
Japan
Prior art keywords
network
process control
network device
address
control network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2009221205A
Other languages
English (en)
Japanese (ja)
Other versions
JP2010081610A (ja
JP2010081610A5 (enExample
Inventor
ディー.シュライス トレバー
ディー.シュライス トレバー
ケント フーバ ロバート
ケント フーバ ロバート
Original Assignee
フィッシャー−ローズマウント システムズ,インコーポレイテッド
フィッシャー−ローズマウント システムズ,インコーポレイテッド
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by フィッシャー−ローズマウント システムズ,インコーポレイテッド, フィッシャー−ローズマウント システムズ,インコーポレイテッド filed Critical フィッシャー−ローズマウント システムズ,インコーポレイテッド
Publication of JP2010081610A publication Critical patent/JP2010081610A/ja
Publication of JP2010081610A5 publication Critical patent/JP2010081610A5/ja
Application granted granted Critical
Publication of JP5634047B2 publication Critical patent/JP5634047B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/04Programme control other than numerical control, i.e. in sequence controllers or logic controllers
    • G05B19/042Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
    • G05B19/0428Safety, monitoring
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • G05B19/4185Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/24Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using dedicated network management hardware
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/28Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Manufacturing & Machinery (AREA)
  • Quality & Reliability (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)
  • Computer And Data Communications (AREA)
JP2009221205A 2008-09-25 2009-09-25 プロセス制御データの安全な通信方法、及び装置 Active JP5634047B2 (ja)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US10024008P 2008-09-25 2008-09-25
US61/100,240 2008-09-25
US12/475,889 2009-06-01
US12/475,889 US8590033B2 (en) 2008-09-25 2009-06-01 One button security lockdown of a process control network

Publications (3)

Publication Number Publication Date
JP2010081610A JP2010081610A (ja) 2010-04-08
JP2010081610A5 JP2010081610A5 (enExample) 2012-11-08
JP5634047B2 true JP5634047B2 (ja) 2014-12-03

Family

ID=41347821

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2009221205A Active JP5634047B2 (ja) 2008-09-25 2009-09-25 プロセス制御データの安全な通信方法、及び装置

Country Status (5)

Country Link
US (1) US8590033B2 (enExample)
EP (3) EP2611108B1 (enExample)
JP (1) JP5634047B2 (enExample)
CN (4) CN106371359B (enExample)
GB (2) GB2463791B (enExample)

Families Citing this family (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102007025892A1 (de) * 2007-06-01 2008-12-11 Phoenix Contact Gmbh & Co. Kg Werkzeugerkennung im Profinet
US8590033B2 (en) 2008-09-25 2013-11-19 Fisher-Rosemount Systems, Inc. One button security lockdown of a process control network
US8321926B1 (en) * 2008-12-02 2012-11-27 Lockheed Martin Corporation System and method of protecting a system that includes unprotected computer devices
US8549201B2 (en) * 2010-06-30 2013-10-01 Intel Corporation Interrupt blocker
US9525647B2 (en) 2010-07-06 2016-12-20 Nicira, Inc. Network control apparatus and method for creating and modifying logical switching elements
US8837493B2 (en) 2010-07-06 2014-09-16 Nicira, Inc. Distributed network control apparatus and method
US10103939B2 (en) 2010-07-06 2018-10-16 Nicira, Inc. Network control apparatus and method for populating logical datapath sets
DE102011006668B3 (de) * 2011-04-01 2012-09-13 Siemens Aktiengesellschaft Schnittstellenmodul für ein modulares Steuerungsgerät
JP5821576B2 (ja) * 2011-11-30 2015-11-24 株式会社バッファロー 中継装置および電子機器の起動方法
ES2530391T3 (es) 2012-05-31 2015-03-02 Siemens Ag Aparato de comunicación para un sistema de automatización industrial
US20140143864A1 (en) * 2012-11-21 2014-05-22 Snoopwall Llc System and method for detecting, alerting and blocking data leakage, eavesdropping and spyware
US9177163B1 (en) 2013-03-15 2015-11-03 Google Inc. Data access lockdown
DE102013216501A1 (de) * 2013-08-20 2015-02-26 Vega Grieshaber Kg Messgerätezugangsvorrichtung, Feldgerät und Verfahren zum Steuern des Zugangs zu einem Messgerät
US9912612B2 (en) * 2013-10-28 2018-03-06 Brocade Communications Systems LLC Extended ethernet fabric switches
US20150161404A1 (en) * 2013-12-06 2015-06-11 Barrett N. Mayes Device initiated auto freeze lock
US20160036843A1 (en) * 2014-08-01 2016-02-04 Honeywell International Inc. Connected home system with cyber security monitoring
US9208349B1 (en) 2015-01-13 2015-12-08 Snoopwall, Inc. Securing data gathering devices of a personal computing device while performing sensitive data gathering activities to prevent the misappropriation of personal user data gathered therewith
US9686316B2 (en) * 2015-09-25 2017-06-20 Cisco Technology, Inc. Layer-2 security for industrial automation by snooping discovery and configuration messages
US10447722B2 (en) * 2015-11-24 2019-10-15 Bank Of America Corporation Proactive intrusion protection system
JP6759572B2 (ja) 2015-12-15 2020-09-23 横河電機株式会社 統合生産システム
JP6693114B2 (ja) * 2015-12-15 2020-05-13 横河電機株式会社 制御装置及び統合生産システム
JP2017163508A (ja) * 2016-03-11 2017-09-14 オムロン株式会社 マスタースレーブ制御システム、マスタースレーブ制御システムの制御方法、情報処理プログラム、および記録媒体
US9692784B1 (en) 2016-10-25 2017-06-27 Fortress Cyber Security, LLC Security appliance
EP3373544A1 (en) * 2017-03-07 2018-09-12 ABB Schweiz AG Automatic communication network system hardening
PE20200163A1 (es) * 2017-05-05 2020-01-21 Bosch Solua‡A•Es Integradas Brasil Ltda Sistema de gestion de mantenimiento de equipos
US11196711B2 (en) * 2017-07-21 2021-12-07 Fisher-Rosemount Systems, Inc. Firewall for encrypted traffic in a process control system
EP3439259B1 (de) * 2017-08-02 2019-11-27 Siemens Aktiengesellschaft Härten eines kommunikationsgerätes
US11038887B2 (en) * 2017-09-29 2021-06-15 Fisher-Rosemount Systems, Inc. Enhanced smart process control switch port lockdown
GB2567556B (en) 2017-09-29 2022-07-13 Fisher Rosemount Systems Inc Enhanced smart process control switch port lockdown
GB2568145B (en) 2017-09-29 2022-08-03 Fisher Rosemount Systems Inc Lockdown protection for process control switches
WO2019087849A1 (ja) * 2017-10-31 2019-05-09 村田機械株式会社 通信システム、被制御機器、及び、通信システムの制御方法
CN111149077A (zh) * 2018-01-25 2020-05-12 英特尔公司 分立式通信端口组件的电源管理
CN108965170A (zh) * 2018-06-13 2018-12-07 四川微迪智控科技有限公司 一种用于边缘安全接入的工业交换机系统及运行方法
CN108900481A (zh) * 2018-06-13 2018-11-27 四川微迪智控科技有限公司 一种交换机安全接入系统和方法
US11281877B2 (en) * 2018-06-26 2022-03-22 Columbia Insurance Company Methods and systems for guided lock-tag-try process
CN109391548B (zh) * 2018-11-06 2021-12-17 迈普通信技术股份有限公司 表项迁移方法、装置及网络通信系统
US11016135B2 (en) * 2018-11-28 2021-05-25 Cummins Power Generation Ip, Inc. Systems and methods for ground fault detection in power systems using communication network
US11627049B2 (en) * 2019-01-31 2023-04-11 Hewlett Packard Enterprise Development Lp Failsafe firmware upgrade for cloud-managed devices
JP7484252B2 (ja) * 2020-03-13 2024-05-16 オムロン株式会社 端末監視装置
US20230206368A1 (en) * 2021-12-29 2023-06-29 Advanced Micro Devices, Inc. Disabling selected ip
US12332292B2 (en) 2022-11-18 2025-06-17 Cummins Power Generation Inc. System for locating power faults based on a direction of current flow

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6124692A (en) * 1996-08-22 2000-09-26 Csi Technology, Inc. Method and apparatus for reducing electrical power consumption in a machine monitor
US6934260B1 (en) * 2000-02-01 2005-08-23 Advanced Micro Devices, Inc. Arrangement for controlling learning of layer 3 network addresses in a network switch
US20020156888A1 (en) * 2001-04-23 2002-10-24 Lee Man-Ho L. Method and apparatus for detecting and reporting configuration errors in a multi-component switching fabric
US7187648B1 (en) * 2001-11-26 2007-03-06 Ranch Networks, Inc. Redundancy in packet routing devices
US7836160B2 (en) * 2002-01-08 2010-11-16 Verizon Services Corp. Methods and apparatus for wiretapping IP-based telephone lines
US7782813B2 (en) * 2002-06-07 2010-08-24 Ember Corporation Monitoring network traffic
JP4553565B2 (ja) * 2002-08-26 2010-09-29 パナソニック株式会社 電子バリューの認証方式と認証システムと装置
US20040153700A1 (en) * 2003-01-02 2004-08-05 Nixon Mark J. Redundant application stations for process control systems
US7761923B2 (en) * 2004-03-01 2010-07-20 Invensys Systems, Inc. Process control methods and apparatus for intrusion detection, protection and network hardening
JP4148931B2 (ja) * 2004-08-16 2008-09-10 富士通株式会社 ネットワークシステム、監視サーバ及び監視サーバプログラム
US20060250983A1 (en) * 2005-03-31 2006-11-09 Iris Corporation Berhad Method of and arrangement for establishing network connections in an ethernet environment
US20060250966A1 (en) * 2005-05-03 2006-11-09 Yuan-Chi Su Method for local area network security
JP2006332997A (ja) * 2005-05-25 2006-12-07 Nec Corp 通信管理装置、ネットワークシステム、ネットワークシステムにおける通信遮断方法、およびプログラム
US7774089B2 (en) * 2005-08-18 2010-08-10 Rockwell Automation Technologies, Inc. Method and apparatus for disabling ports in a motor control system
US8594084B2 (en) * 2005-09-09 2013-11-26 Intellectual Ventures I Llc Network router security method
ES2346447T3 (es) 2005-12-09 2010-10-15 Abb Research Ltd. Metodo de aseguramiento de los datos de configuracion de la red en las redes de automatizacion.
JP2008167119A (ja) * 2006-12-28 2008-07-17 Fujitsu Ltd ネットワーク装置、ネットワーク装置の制御装置及びその制御方法
CN101132364B (zh) * 2007-08-23 2012-02-29 新动力(北京)建筑科技有限公司 控制网络中数据寻址和转发的方法及系统
US8590033B2 (en) 2008-09-25 2013-11-19 Fisher-Rosemount Systems, Inc. One button security lockdown of a process control network

Also Published As

Publication number Publication date
JP2010081610A (ja) 2010-04-08
US20100077471A1 (en) 2010-03-25
EP2611108A1 (en) 2013-07-03
CN101686260B (zh) 2014-05-07
EP2816779B1 (en) 2015-09-02
GB2493479B (en) 2013-05-22
CN106411859B (zh) 2020-04-10
CN106371359B (zh) 2019-07-05
GB2463791A (en) 2010-03-31
GB0916858D0 (en) 2009-11-11
EP2169904B1 (en) 2013-08-28
GB2463791B (en) 2013-01-02
CN101686260A (zh) 2010-03-31
EP2611108B1 (en) 2018-12-05
CN106371359A (zh) 2017-02-01
EP2816779A1 (en) 2014-12-24
GB201220624D0 (en) 2013-01-02
US8590033B2 (en) 2013-11-19
CN106411859A (zh) 2017-02-15
CN103888474B (zh) 2018-07-06
CN103888474A (zh) 2014-06-25
GB2493479A (en) 2013-02-06
EP2169904A1 (en) 2010-03-31

Similar Documents

Publication Publication Date Title
JP5634047B2 (ja) プロセス制御データの安全な通信方法、及び装置
JP7534067B2 (ja) プロセス制御スイッチの中毒防止
US11695621B2 (en) Control device and method for controlling a redundant connection in a flat network
JP5411916B2 (ja) 保護継電器とこれを備えるネットワークシステム
JP6975846B2 (ja) ネットワークセキュリティ用l2スイッチ及びこれを用いた遠隔監視制御システム
CN115996170B (zh) 网络管理系统和网元通信的方法、装置及系统
GB2568145A (en) Poisoning protection for process control switches
GB2567556A (en) Enhanced smart process control switch port lockdown

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20120924

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20120924

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20140219

A602 Written permission of extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A602

Effective date: 20140224

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140317

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20140610

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140903

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20140924

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20141014

R150 Certificate of patent or registration of utility model

Ref document number: 5634047

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250