JP6923265B2 - プラントセキュリティシステムにおける構成可能なロバスト性エージェント - Google Patents

プラントセキュリティシステムにおける構成可能なロバスト性エージェント Download PDF

Info

Publication number
JP6923265B2
JP6923265B2 JP2016102096A JP2016102096A JP6923265B2 JP 6923265 B2 JP6923265 B2 JP 6923265B2 JP 2016102096 A JP2016102096 A JP 2016102096A JP 2016102096 A JP2016102096 A JP 2016102096A JP 6923265 B2 JP6923265 B2 JP 6923265B2
Authority
JP
Japan
Prior art keywords
message
network
messages
communication
filtering
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2016102096A
Other languages
English (en)
Japanese (ja)
Other versions
JP2016220213A5 (enExample
JP2016220213A (ja
Inventor
エス. レイアペタ ヴィナヤ
エス. レイアペタ ヴィナヤ
ビー. レスチャンスキー ヤコブ
ビー. レスチャンスキー ヤコブ
イー. ベネット ウィリアム
イー. ベネット ウィリアム
Original Assignee
フィッシャー−ローズマウント システムズ,インコーポレイテッド
フィッシャー−ローズマウント システムズ,インコーポレイテッド
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by フィッシャー−ローズマウント システムズ,インコーポレイテッド, フィッシャー−ローズマウント システムズ,インコーポレイテッド filed Critical フィッシャー−ローズマウント システムズ,インコーポレイテッド
Publication of JP2016220213A publication Critical patent/JP2016220213A/ja
Publication of JP2016220213A5 publication Critical patent/JP2016220213A5/ja
Application granted granted Critical
Publication of JP6923265B2 publication Critical patent/JP6923265B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B13/00Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion
    • G05B13/02Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric
    • G05B13/04Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric involving the use of models or simulators
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • G05B19/4185Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication
    • G05B19/41855Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication by local area network [LAN], network structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Physics & Mathematics (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Manufacturing & Machinery (AREA)
  • Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Quality & Reliability (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Testing And Monitoring For Control Systems (AREA)
JP2016102096A 2015-05-22 2016-05-23 プラントセキュリティシステムにおける構成可能なロバスト性エージェント Active JP6923265B2 (ja)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14/719,946 US11363035B2 (en) 2015-05-22 2015-05-22 Configurable robustness agent in a plant security system
US14/719946 2015-05-22

Publications (3)

Publication Number Publication Date
JP2016220213A JP2016220213A (ja) 2016-12-22
JP2016220213A5 JP2016220213A5 (enExample) 2019-06-27
JP6923265B2 true JP6923265B2 (ja) 2021-08-18

Family

ID=56297397

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2016102096A Active JP6923265B2 (ja) 2015-05-22 2016-05-23 プラントセキュリティシステムにおける構成可能なロバスト性エージェント

Country Status (5)

Country Link
US (1) US11363035B2 (enExample)
JP (1) JP6923265B2 (enExample)
CN (1) CN106168757B (enExample)
DE (1) DE102016109358B4 (enExample)
GB (1) GB2541493B (enExample)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6759572B2 (ja) 2015-12-15 2020-09-23 横河電機株式会社 統合生産システム
JP6693114B2 (ja) * 2015-12-15 2020-05-13 横河電機株式会社 制御装置及び統合生産システム
JP6613200B2 (ja) * 2016-04-18 2019-11-27 ファナック株式会社 生産管理装置からの指令に応じて製造セルを制御するセル制御装置
US10523635B2 (en) * 2016-06-17 2019-12-31 Assured Information Security, Inc. Filtering outbound network traffic
US20180083972A1 (en) * 2016-09-20 2018-03-22 Lg Electronics Inc. Method and apparatus for security configuration in wireless communication system
US10936955B1 (en) 2017-01-13 2021-03-02 Amazon Technologies, Inc. Computationally and network bandwidth-efficient technique to determine network-accessible content changes based on computed models
US10050987B1 (en) * 2017-03-28 2018-08-14 Symantec Corporation Real-time anomaly detection in a network using state transitions
US10951503B1 (en) 2017-04-21 2021-03-16 Amazon Technologies, Inc. Determining the validity of data collected by experiments performed at a network accessible site
US10185970B1 (en) * 2017-04-21 2019-01-22 Amazon Technologies, Inc. Determining a run time for experiments performed at a network accessible site
US10992652B2 (en) 2017-08-25 2021-04-27 Keysight Technologies Singapore (Sales) Pte. Ltd. Methods, systems, and computer readable media for monitoring encrypted network traffic flows
US10903985B2 (en) 2017-08-25 2021-01-26 Keysight Technologies Singapore (Sales) Pte. Ltd. Monitoring encrypted network traffic flows in a virtual environment using dynamic session key acquisition techniques
US11750623B2 (en) * 2017-09-04 2023-09-05 ITsMine Ltd. System and method for conducting a detailed computerized surveillance in a computerized environment
US10673871B2 (en) * 2017-10-04 2020-06-02 New Context Services, Inc. Autonomous edge device for monitoring and threat detection
US11184452B2 (en) * 2017-10-13 2021-11-23 Yokogawa Electric Corporation System and method for selecting proxy computer
US11113425B2 (en) 2018-01-17 2021-09-07 Crowd Strike, Inc. Security component for devices on an enumerated bus
CN110166343A (zh) * 2018-02-13 2019-08-23 贵州白山云科技股份有限公司 一种消息网关分发消息的方法及其消息网关
US11030413B2 (en) * 2018-06-27 2021-06-08 International Business Machines Corporation Recommending message wording based on analysis of prior group usage
US11463407B2 (en) * 2018-07-13 2022-10-04 Raytheon Company Policy engine for cyber anomaly detection
US10893030B2 (en) 2018-08-10 2021-01-12 Keysight Technologies, Inc. Methods, systems, and computer readable media for implementing bandwidth limitations on specific application traffic at a proxy element
US11768878B2 (en) * 2019-09-20 2023-09-26 Fisher-Rosemount Systems, Inc. Search results display in a process control system
US11768877B2 (en) * 2019-09-20 2023-09-26 Fisher-Rosemount Systems, Inc. Smart search capabilities in a process control system
US12160406B2 (en) * 2019-09-23 2024-12-03 Fisher-Rosemount Systems, Inc. Whitelisting for HART communications in a process control system
US11190417B2 (en) * 2020-02-04 2021-11-30 Keysight Technologies, Inc. Methods, systems, and computer readable media for processing network flow metadata at a network packet broker
US11424865B2 (en) * 2020-12-10 2022-08-23 Fisher-Rosemount Systems, Inc. Variable-level integrity checks for communications in process control environments
US11882013B2 (en) * 2021-08-18 2024-01-23 Hewlett Packard Enterprise Development Lp Network traffic monitoring for anomalous behavior detection
US12477364B2 (en) 2022-10-13 2025-11-18 T-Mobile Usa, Inc. Monitoring operation of multiple components associated with a wireless telecommunication network

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020107953A1 (en) 2001-01-16 2002-08-08 Mark Ontiveros Method and device for monitoring data traffic and preventing unauthorized access to a network
US7743158B2 (en) 2002-12-04 2010-06-22 Ntt Docomo, Inc. Access network dynamic firewall
EP1544707A1 (en) * 2003-12-15 2005-06-22 Abb Research Ltd. Network security system
US8224902B1 (en) * 2004-02-04 2012-07-17 At&T Intellectual Property Ii, L.P. Method and apparatus for selective email processing
KR100609170B1 (ko) 2004-02-13 2006-08-02 엘지엔시스(주) 네트워크 보안 시스템 및 그 동작 방법
US7617531B1 (en) * 2004-02-18 2009-11-10 Citrix Systems, Inc. Inferencing data types of message components
US7774834B1 (en) * 2004-02-18 2010-08-10 Citrix Systems, Inc. Rule generalization for web application entry point modeling
US7890996B1 (en) * 2004-02-18 2011-02-15 Teros, Inc. Using statistical analysis to generate exception rules that allow legitimate messages to pass through application proxies and gateways
US8214438B2 (en) * 2004-03-01 2012-07-03 Microsoft Corporation (More) advanced spam detection features
CN100370724C (zh) * 2004-03-22 2008-02-20 西安电子科技大学 宽带无线ip网络匿名连接方法
JP4829223B2 (ja) 2004-05-25 2011-12-07 グーグル インコーポレイテッド 電子メッセージソース評判情報システム
US7607166B2 (en) 2004-07-12 2009-10-20 Cisco Technology, Inc. Secure manufacturing devices in a switched Ethernet network
US7343624B1 (en) 2004-07-13 2008-03-11 Sonicwall, Inc. Managing infectious messages as identified by an attachment
JP2006060306A (ja) 2004-08-17 2006-03-02 Nec Corp パケットフィルタリング方法およびパケットフィルタ装置
WO2006119506A2 (en) 2005-05-05 2006-11-09 Ironport Systems, Inc. Method of validating requests for sender reputation information
US8458262B2 (en) * 2006-12-22 2013-06-04 At&T Mobility Ii Llc Filtering spam messages across a communication network
JP2008278357A (ja) 2007-05-02 2008-11-13 Ionos:Kk 通信回線切断装置
US7814163B2 (en) * 2008-01-03 2010-10-12 Apple Inc. Text-based communication control for personal communication device
RU2487483C2 (ru) * 2008-03-10 2013-07-10 Роберт Бош Гмбх Способ и фильтрующее устройство для фильтрации сообщений, поступающих абоненту коммуникационной сети по последовательной шине данных этой сети
US8737398B2 (en) 2008-12-31 2014-05-27 Schneider Electric USA, Inc. Communication module with network isolation and communication filter
US8874663B2 (en) * 2009-08-28 2014-10-28 Facebook, Inc. Comparing similarity between documents for filtering unwanted documents
US9268578B2 (en) * 2010-11-05 2016-02-23 Mark Cummings Integrated circuit design and operation for determining a mutually compatible set of configuration for cores using agents associated with each core to achieve an application-related objective
US9413721B2 (en) * 2011-02-15 2016-08-09 Webroot Inc. Methods and apparatus for dealing with malware
US9047441B2 (en) 2011-05-24 2015-06-02 Palo Alto Networks, Inc. Malware analysis system
PH12012000283A1 (en) * 2011-09-28 2014-04-28 Fisher Rosemount Systems Inc Methods, apparatus, and articles of manufacture to provide firewalls for process control systems
US9282113B2 (en) 2013-06-27 2016-03-08 Cellco Partnership Denial of service (DoS) attack detection systems and methods
CN103701824B (zh) * 2013-12-31 2017-06-06 大连环宇移动科技有限公司 一种安全隔离管控系统
JP2014123996A (ja) 2014-04-02 2014-07-03 Mitsubishi Electric Corp ネットワーク監視装置及びプログラム
US10333877B2 (en) * 2014-04-29 2019-06-25 At&T Intellectual Property I, L.P. Methods of generating signatures from groups of electronic messages and related methods and systems for identifying spam messages
CN104539625B (zh) * 2015-01-09 2017-11-14 江苏理工学院 一种基于软件定义的网络安全防御系统及其工作方法
CN104579784B (zh) * 2015-01-15 2017-12-22 珠海市鸿瑞信息技术股份有限公司 基于多维虚链路的电力工业控制系统网络管理方法

Also Published As

Publication number Publication date
US11363035B2 (en) 2022-06-14
US20160344754A1 (en) 2016-11-24
CN106168757B (zh) 2022-03-18
GB2541493A (en) 2017-02-22
JP2016220213A (ja) 2016-12-22
DE102016109358B4 (de) 2025-05-22
GB201608102D0 (en) 2016-06-22
CN106168757A (zh) 2016-11-30
GB2541493B (en) 2022-04-13
DE102016109358A1 (de) 2016-11-24

Similar Documents

Publication Publication Date Title
JP6923265B2 (ja) プラントセキュリティシステムにおける構成可能なロバスト性エージェント
JP6749106B2 (ja) 産業用通信ネットワークにおける異常検出、異常検出システム、及び異常検出を行う方法
EP2382512B1 (en) Communication module with network isolation and communication filter
EP3175304B1 (en) Apparatus and method for security of industrial control networks
EP2767057B1 (en) Process installation network intrusion detection and prevention
KR102232078B1 (ko) 부정 침입 방지 장치, 부정 침입 방지 방법 및 부정 침입 방지 프로그램
US12407650B2 (en) Smart network switching systems and related methods
Mahan et al. Secure data transfer guidance for industrial control and SCADA systems
CN114600424B (zh) 用于过滤数据流量的安全系统、方法和计算机可读存储介质
EP3704618B1 (en) Cyber security system for networked devices
Tsiknas et al. Cyber Threats to Industrial IoT: A Survey on Attacks and Countermeasures. IoT. 2020, 17, 163–188
WO2022187579A1 (en) Automatic firewall configuration for control systems in critical infrastructure
Al-Douri et al. Information security in e-Maintenance–a study of SCADA security
Krimmling et al. 18 Intrusion Detection Systems for (Wireless) Automation Systems
Anitha et al. MISBEHAVIOUR NODE PREDICTION BY USING STATE MACHINE ALGORITHM IN COGNITIVE RADIO NETWORK

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20190523

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20190523

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20200319

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20200331

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20200630

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20200930

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20210216

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20210514

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20210629

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20210726

R150 Certificate of patent or registration of utility model

Ref document number: 6923265

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250