KR20170092907A - PLC system and Method for USB communication using the same - Google Patents

PLC system and Method for USB communication using the same Download PDF

Info

Publication number
KR20170092907A
KR20170092907A KR1020160014175A KR20160014175A KR20170092907A KR 20170092907 A KR20170092907 A KR 20170092907A KR 1020160014175 A KR1020160014175 A KR 1020160014175A KR 20160014175 A KR20160014175 A KR 20160014175A KR 20170092907 A KR20170092907 A KR 20170092907A
Authority
KR
South Korea
Prior art keywords
plc
usb
memory card
usb communication
authentication
Prior art date
Application number
KR1020160014175A
Other languages
Korean (ko)
Inventor
최기홍
Original Assignee
엘에스산전 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 엘에스산전 주식회사 filed Critical 엘에스산전 주식회사
Priority to KR1020160014175A priority Critical patent/KR20170092907A/en
Publication of KR20170092907A publication Critical patent/KR20170092907A/en

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/04Programme control other than numerical control, i.e. in sequence controllers or logic controllers
    • G05B19/05Programmable logic controllers, e.g. simulating logic interconnections of signals according to ladder diagrams or function charts
    • G05B19/058Safety, monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/382Information transfer, e.g. on bus using universal interface adapter
    • G06F13/385Information transfer, e.g. on bus using universal interface adapter for adaptation of a particular data processing system to different peripheral devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/40Bus structure
    • G06F13/4004Coupling between buses
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Automation & Control Theory (AREA)
  • Programmable Controllers (AREA)

Abstract

The present invention relates to a PLC system and a USB communication method using the same and, more specifically, to a PLC system and a USB communication method using the same in order to allow an access to the storage data of the PLC system through the USB communication method with reinforced security. The USB communication method for data input and output between a storage medium of the PLC system and a PC comprises: a first step of performing a physical contact through a USB terminal between the PC and the PLC; a second step of verifying whether the PC is an authenticated PC by the PLC in the USB contact through the first step; and a third step of connecting a USB communication between the PC and the PLC when the PC is confirmed as an authenticated PC through the second step, wherein the storage medium of the PLC can provide the USB communication method using the PLC system formed with an SD memory card.

Description

[0001] The present invention relates to a PLC system and a USB communication method using the same,

The present invention relates to a PLC system and a USB communication method using the PLC system. More particularly, the present invention relates to a PLC system for allowing access to stored data of a PLC system through a USB communication method with enhanced security, And a USB communication method.

PLC (Programmable Logic Controller) is a core product that collectively manages various control devices from small scale plant to large scale plant according to purpose of use by organizing system with various function modules gathered.

In such a PLC system, an input condition is logically processed according to a user program, and then the corresponding data is output to control external devices connected to the PLC. In addition, a storage medium for storing information generated by the PLC in the process or information generated from the outside of the PLC as a file in the PLC is provided.

However, when the data stored in the PLC is to be used externally in this way, that is, when the administrator has to perform processing work on the PLC stored data by using a personal computer or the like, the PLC does not have an online connection environment There is a problem in that it is not easy to carry out data.

Accordingly, in recent years, it has been proposed to use an SD memory card as a storage medium of a PLC, but in this case, it is necessary to provide a security means in order to manage important data.

SUMMARY OF THE INVENTION The present invention is conceived to solve the problems described above and provides a PLC system for allowing access to stored data of a PLC system through a USB communication method with enhanced security and a USB communication method using the PLC system .

According to an aspect of the present invention, there is provided a USB communication method for data input / output between a storage medium of a PLC system and a PC, the method comprising: a first step of physically connecting a PC and a PLC via a USB terminal; A second step of verifying whether or not the PC is an authenticated PC by the PLC connected to the USB through the first step; And a third step of connecting a USB communication between the PC and the PLC when it is confirmed as a PC authenticated through the second step, wherein the storage medium of the PLC is a PLC system constituted by an SD memory card Can be provided.

Here, it may be preferable that the verification of whether or not the PC is the authenticated PC in the second step is performed by checking whether or not the authentication software (S / W) is executed in the PC.

At this time, it is preferable that the authentication software is installed so as to correspond to the PLC and the PC, and performs verification by generating real-time organic data.

In addition, the PC, which has been verified through the second step, can be configured to recognize the SD memory card as a disk drive of the PC through a USB connection with the PLC.

In addition, the present invention may further include a fourth step of requesting the PC for additional authentication by inputting user authentication information in the case of re-access after periodic or unused for a predetermined period of time or longer.

According to the present invention as described above, an SD memory card is used as a storage medium of a PLC system, and an easy and convenient access to stored data of an SD memory card is enabled through a USB communication method.

In addition, in this process, an organic security authentication between the PLC system and the PC connected thereto is performed, thereby accessing the data of the SD memory card only to the PC permitted to access, And so on, and so on.

1 is an explanatory diagram conceptually showing a PLC system according to an embodiment of the present invention.
2 is a conceptual diagram for explaining a USB communication method between a PLC and a PC.
3 is a block diagram illustrating a USB communication method using a PLC system according to an embodiment of the present invention.
4 is a flowchart illustrating a USB communication method using a PLC system according to an embodiment of the present invention.
5 is a flowchart for explaining an additional authentication process applied to the embodiment of FIG.

The above and other objects, features, and advantages of the present invention will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings, which are not intended to limit the scope of the present invention. In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the drawings, the same reference numerals are used to denote the same or similar elements.

1 is an explanatory diagram conceptually showing a PLC system according to an embodiment of the present invention.

1, a PLC system 110 to which the present invention is applied includes a communication unit 130, a file application function unit 140, a file processing function unit 150, and an SD memory card 160 Can be confirmed.

The communication unit 130 serves as a communication interface between an external device such as the PC 120 and the PLC, and can support communication between them using a method such as Ethernet communication or USB communication.

The file application function unit 140 performs application functions such as various operations by using a drive file and the file processing function unit 150 is adapted to correspond to a request of the file application function unit 140 and the communication unit 130 And performs reading / writing operations on the SD memory card 160.

The SD memory card 160 performs functions such as providing or recording data corresponding to the operation of the file processing function unit 150. The SD memory card refers to a standard of a flash memory card developed for use in a small portable device such as a digital camera, a handheld computer, a PDA, or a GPS device. SD memory cards are widely used as a main storage device for smart devices (smart phones, tablets, etc.) since they have the advantages of nonvolatile large memory and small mechanical size.

The data generated by the PLC user is written to the SD memory card 160 as a file and the PLC 110 reads the corresponding file of the SD memory card 160 and uses the file through the file application function unit 140 of the PLC .

Alternatively, on the contrary, the information generated by the file application function unit 140 of the PLC may be recorded as a file in the SD memory card 160, and the user may read the file for use thereof. The file transferred between the user and the PLC 110 through the SD memory card 160 may be important information that must be secured in some cases.

A method for a user to read or write a file to or from the SD memory card 160 may be via communication or through physical separation of the SD memory card. At this time, the access method through physical separation may be performed by an operation such that the user removes the SD memory card 160 mounted on the PLC 110 and moves the SD memory card 160 to the PC 120 and mounts it. As a security measure applicable to such a method, there is a method of placing the PLC 110 in a storage means such as a cabinet provided with a locking device for controlling physical access.

In the communication access method, a user's PC is connected through a communication unit 130 incorporated in the PLC to read or write a file of the SD memory card 160. [ Communication functions built in the PLC include Ethernet communication and USB communication, as shown in the figure. The Ethernet communication method usually uses FTP (File Transfer Protocol), and FTP has security measures such as user ID and password confirmation.

Accordingly, in the present invention, among the methods of accessing the files in the SD memory card 160 using the communication function of the PLC, in particular, the files in the SD memory card 160 can be accessed using the USB communication method with enhanced security And to provide a way to make it happen.

2 is a conceptual diagram for explaining a USB communication method between a PLC and a PC.

As described above, a method for accessing a file in the SD memory card 160 has some countermeasures against security for a physical access method or a method using Ethernet communication.

However, in the case of the USB communication method, there is no countermeasure against security. Therefore, if only a USB cable is connected, any PC can connect to the PLC to read or write data stored in the SD memory card 160 There is a security problem. Such a problem may cause serious damage in some cases.

2, when the PLC 110 and the PC 120 are connected to each other via USB, the SD memory card 160 of the PLC 110 is recognized as a single disk drive in the PC, . The user can read or write the files (b) of the SD memory card recognized as the disk drive through the file-browser of the PC.

Therefore, in the following process, in order to ensure security of the security by ensuring that the authorized PC alone can read / write the file via the USB communication with the PLC, the embodiment of the present invention So that it can be explained through the drawings.

3 is a block diagram illustrating a USB communication method between a PLC and a PC according to an exemplary embodiment of the present invention.

Referring to FIG. 3, a system to which a USB communication method between a PLC and a PC according to an embodiment of the present invention is applied includes an SD memory card 320, a file processing function unit 330, a first security control unit 340, A PLC 360 having a first communication function unit 350 and the like and a PC 360 having a second security control unit 370 and a second communication function unit 380 .

That is, the present invention further includes first and second security controllers 340 and 370 for the PLC 310 and the PC 360, respectively, and performs a security process such as mutual authentication through the first and second security controllers 340 and 370, Whether or not the connection is permitted to the connected PC through a process of confirming whether or not the PC 360 is pre-registered with the PC 360, and the like.

Referring to the drawings, it can be confirmed that the security control unit is divided into the PLC 310 and the PC 360, respectively.

The authentication S / W is a software module executed on the PC 360 to inform the PLC 310 that the PC is an authorized PC. In order to access the SD memory card 320 via the USB connection with the PLC 310, the authentication S / W must be installed in the PC 360 and the authentication S / W must be executed before the USB connection with the PLC 310 .

The PLC side security control unit 340 is located between the PLC side communication function unit 350 and the file processing function unit 330. The PLC side security control unit 340 determines whether or not the authenticated PC is connected, And a file processing function unit 330. [

The PC side security control unit 370 confirms whether the authentication S / W, which is the security status information of the PC requested by the PLC side security control unit 340, is executed and replies.

The communication function units 350 and 380 can communicate with the security control units 340 and 370 located in the PC and the PLC respectively and the SD memory card of the PLC through the file browser of the PC, And is used as a communication means for reading and writing data. Here, the authentication software may be configured by a method such as OTP (One Time Password) or the like, which is installed so as to correspond to PLC and PC and performs verification through generation of real-time organic data.

The function and detailed operation of each of the above components will be described in more detail with reference to the following drawings.

4 is a flowchart illustrating a USB communication method using a PLC system according to an embodiment of the present invention.

Referring to FIG. 4, a USB communication method between a PLC and a PC applied to a USB communication method using a PLC system according to an embodiment of the present invention includes a step of connecting a PC and a PLC (S410) (S420) of checking whether the / w is being executed and a step (S430) of connecting the USB communication to the file processing function unit of the PLC.

That is, when the connection between the PC and the PLC via the USB is completed (S410), the PLC side security control unit confirms the connection of the authenticated PC to the PC side security control unit.

Then, the PC side security control unit processes the security policy decision logic in response to the inquiry of the PLC side security control unit, and transmits the result to the PLC side security control unit (S420). The processing of the security policy decision logic serves to check whether the authentication software is running on the PC.

That is, the PLC side security control unit determines whether to connect the file processing function unit with the USB communication according to the execution of the authentication S / W of the PC side through the SD memory card access control logic (S430). That is, it can be confirmed that the PLC system according to the embodiment of the present invention functions to access the file of the SD memory card only when the PC in which the authentication S / W is installed and running is connected to the PLC via USB. The fact that such an authentication S / W is installed so as to correspond to PLC and PC and can be configured by a method such as OTP (One Time Password) or the like which performs verification through generation of real-time organic data, There is one.

5 is a flowchart for explaining an additional authentication process applied to the embodiment of FIG.

Referring to FIG. 5, the present invention includes a step S510 of inputting user authentication information, a step S520 of determining whether the authentication information is valid, and a step S530 of continuing the operation when validity is verified. And an additional authentication process including the authentication process.

That is, in the PLC system of the present invention, when the PC connected to the PLC is periodically or periodically reconnected after a certain period of time or when reconnection is performed, the user authentication information is inputted (S510) (S530) can be performed only when the input user authentication information is valid (S520).

As described above, according to the present invention, a security control unit is divided into a PLC and a PC in order to secure security in a file access method in an SD memory card by USB communication, and authentication software implemented by the security control unit Provides access to the SD memory card only to PCs whose authentication conditions have been verified.

Accordingly, the present invention can provide an advantage such as securing a stable level of security in allowing access to a file in the SD memory card by a USB communication method that provides excellent usability and the like.

The present invention is not limited to the above-described embodiments, and various changes, substitutions, and alterations can be made hereto without departing from the scope of the present invention. But the present invention is not limited thereto.

310: PLC 320: SD memory card
330: file processing function unit 340: first security control unit
350: first communication function unit 360: PC
370: second security control unit 380: second communication function unit

Claims (8)

In a PLC system supporting the USB communication method,
A memory unit having an SD memory card;
A communication function unit for performing USB communication through an USB connection to an external device that supports a data input / output function for the memory unit; And
And a security control unit for performing a security authentication function for an external device to which a USB connection is made through the communication function unit,
Wherein the security control unit performs a security authentication function by verifying whether the external device is an authenticated device.
The method according to claim 1,
Wherein the security control unit verifies whether or not the external device is authenticated based on whether or not authentication software (S / W) is executed in the external device.
3. The method of claim 2,
Wherein the authentication software is installed so as to correspond to the PLC and the external device, and performs verification by generating real-time organic data.
A USB communication method for data input / output between a storage medium of a PLC system and a PC,
A physical connection between a PC and a PLC via a USB terminal;
A second step of verifying whether or not the PC is an authenticated PC by the PLC connected to the USB through the first step; And
And a third step of connecting a USB communication between the PC and the PLC when it is confirmed as a PC authenticated through the second step,
Wherein the storage medium of the PLC is configured by an SD memory card.
5. The method of claim 4,
The verification of whether or not the PC is an authenticated PC in the second step,
(S / W) is executed in the personal computer (PC).
6. The method of claim 5,
Wherein the authentication software is installed so as to correspond to the PLC and the PC, and performs verification through generation of real-time organic data.
7. The method according to any one of claims 4 to 6,
Wherein the PC having been verified through the second step recognizes the SD memory card as a disk drive of the PC through a USB connection with the PLC.
7. The method according to any one of claims 4 to 6,
And requesting additional authentication by inputting user authentication information to the PC in the case of reconnection after periodically or unused for a predetermined time or longer.
KR1020160014175A 2016-02-04 2016-02-04 PLC system and Method for USB communication using the same KR20170092907A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160014175A KR20170092907A (en) 2016-02-04 2016-02-04 PLC system and Method for USB communication using the same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160014175A KR20170092907A (en) 2016-02-04 2016-02-04 PLC system and Method for USB communication using the same

Publications (1)

Publication Number Publication Date
KR20170092907A true KR20170092907A (en) 2017-08-14

Family

ID=60142303

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160014175A KR20170092907A (en) 2016-02-04 2016-02-04 PLC system and Method for USB communication using the same

Country Status (1)

Country Link
KR (1) KR20170092907A (en)

Similar Documents

Publication Publication Date Title
KR102453780B1 (en) Apparatuses and methods for securing an access protection scheme
CN103597494A (en) Method and device for managing digital usage rights of documents
RU2013135240A (en) METHOD AND DEVICE FOR MANAGING ACCESS TO COMPUTER SYSTEM
US11681637B2 (en) Memory controller, storage device including the same, and operating method of the memory controller
KR20200092421A (en) Secure subsystem
CN102184143B (en) Data protection method, device and system for storage device
CN100583119C (en) Mobile memory and method for controlling data download of computer
CN101615161A (en) A kind of encryption of hard disk and decryption method, hard disk drive and hard disk
TWI446172B (en) Memory storage device, memory controller thereof, and access method thereof
CN107644173A (en) Method and apparatus for controlling application program to access memory
US20150370482A1 (en) Storage apparatus, communication apparatus, and storage control system
KR20170092907A (en) PLC system and Method for USB communication using the same
CN101533372B (en) Data accessing system
CN104243151A (en) Mobile device-based authentication method and authentication apparatus
KR102590439B1 (en) Memory system
CN101576857A (en) Automatic locking device and automatic locking method for storage medium
KR100811161B1 (en) Devices for Electronic Disk and Recording Medium
JP5883424B2 (en) Portable semiconductor memory device
CN104361278A (en) Computer user identity authentication method
KR100811159B1 (en) Devices for Electronic Disk and Recording Medium
KR101023100B1 (en) Device for USB Banking
TWI472921B (en) Portable storage device and access control method thereof
KR101069321B1 (en) Method for Controling Data Attribute of Electronic Disk
KR100832820B1 (en) Devices for Electronic Disk and Recording Medium
JP2010079388A (en) Ic chip, external apparatus, system and program