WO2011086083A2 - Verfahren zur bedienung, beobachtung und/oder konfiguration eines automatisierungssystems einer technischen anlage - Google Patents
Verfahren zur bedienung, beobachtung und/oder konfiguration eines automatisierungssystems einer technischen anlage Download PDFInfo
- Publication number
- WO2011086083A2 WO2011086083A2 PCT/EP2011/050307 EP2011050307W WO2011086083A2 WO 2011086083 A2 WO2011086083 A2 WO 2011086083A2 EP 2011050307 W EP2011050307 W EP 2011050307W WO 2011086083 A2 WO2011086083 A2 WO 2011086083A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- software
- operating
- network
- monitoring
- configuration
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000012544 monitoring process Methods 0.000 title claims abstract description 14
- 238000004891 communication Methods 0.000 claims abstract description 48
- 230000006854 communication Effects 0.000 claims abstract description 48
- 238000004590 computer program Methods 0.000 claims description 4
- MEKOFIRRDATTAG-UHFFFAOYSA-N 2,2,5,8-tetramethyl-3,4-dihydrochromen-6-ol Chemical compound C1CC(C)(C)OC2=C1C(C)=C(O)C=C2C MEKOFIRRDATTAG-UHFFFAOYSA-N 0.000 claims 1
- FGUUSXIOTUKUDN-IBGZPJMESA-N C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 Chemical compound C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 FGUUSXIOTUKUDN-IBGZPJMESA-N 0.000 claims 1
- 238000009434 installation Methods 0.000 description 5
- 238000013475 authorization Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 238000009776 industrial production Methods 0.000 description 2
- 230000003449 preventive effect Effects 0.000 description 2
- 230000003416 augmentation Effects 0.000 description 1
- 150000001875 compounds Chemical class 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 150000001993 dienes Chemical class 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000004171 remote diagnosis Methods 0.000 description 1
- 230000014599 transmission of virus Effects 0.000 description 1
- 238000012384 transportation and delivery Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/418—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
- G05B19/4183—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by data acquisition, e.g. workpiece identification
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/418—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
- G05B19/4185—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/34—Signalling channels for network management communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/30—Nc systems
- G05B2219/31—From computer integrated manufacturing till monitoring
- G05B2219/31104—Remote configuration of parameters of controlled devices
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/30—Nc systems
- G05B2219/31—From computer integrated manufacturing till monitoring
- G05B2219/31186—TCP-IP internet protocol
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5038—Address allocation for local use, e.g. in LAN or USB networks, or in a controller area network [CAN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/80—Management or planning
Definitions
- the invention relates to a method for operating, monitoring and / or configuring an automation system ei ⁇ ner technical system according to the preamble of claim 1.
- the invention further relates to a control software for performing this method according to claim 9 and a computer program product with such a control software according to claim 10.
- an automation system of a technical installation e.g. an industrial production plant, a power plant, a
- WinCC distributed operating and monitoring software and distributed under the name “Step 7"ggiticians ⁇ or configuration software.
- These executable on a PC software solutions are installed, for example, on an engineering station (ie, a PC station for configuring the automation system), which is connected to a non-public internal data network (eg, an Industrial Ethernet) to the situation ⁇ , with the automation sys ⁇ tem the technical system is connected.
- the engineering station has in this case for communication with the network having a first network address that is addressable by the control and Obs ⁇ stream processing software and / or configuration of the software on Da ⁇ tenversand to the automation system via the network.
- the operating and monitoring software and / or the configuration software is installed on the remote device and the remote connection to the automation system is realized with dedicated modem connections and Layer-2 bridging connections.
- the HMI software and / or the configuration software is installed on a PC station in the system, such as an engineering ⁇ ring station, which is in the same plant-internal non-public data network such as the automation system, and that the device remote from the installation remotely controls the PC station and the software installed thereon by means of a terminal session.
- the remote device is connected via the public network by means of an encrypted point-to-point connection (eg a VPN tunnel) with the PC station.
- an encrypted point-to-point connection eg a VPN tunnel
- a control software ensures that the relevant for a com munication ⁇ through the public network software processes the control and monitoring software, and / or the configuration of software are completed,
- the remote device establishes a secure Kommunikati ⁇ onstress from a first endpoint in the device over the public network to a second endpoint in the automation system
- the first endpoint is assigned a second network address, the second one Network address is different from the first Netztechnikad ⁇ ress,
- the operating and monitoring software and / or the Konfigu ⁇ rationssoftware sends (send) data packets for Be ⁇ serve, monitoring and / or configuration of the automation system to the first network address
- control software redirects the data packets sent to the first network address to the second network address.
- the invention is based on the finding that commercially available operator control and monitoring software and / or configuration software often block data areas in the data packets sent (referred to as "ports" in connection with the TCP protocol), but these are for a secure connection via a public network, in particular via a secure communication platform
- Step is ensured that the relevant for communication through the non-secure network processes Be ⁇ viewing and observation software and / or the configuration software are completed, these data areas (ports) are free ⁇ given.
- a secure communication connection preferably via a secure communication platform, can then be established for these free data areas (ports). Only then, preferably by the Steueroft- would be the relevant for communication through the public network ⁇ software processes of the operating and monitoring software and / or the configuration software started. This can also include the start of all operating and monitoring software and / or the entire configuration software.
- control software sends data packets sent by the operating and monitoring software and / or the configuration software to the first network address for operating, monitoring and / or configuring the automation system to the second network address and thus to the automation system via the public network diverted into the safe Kommunikati ⁇ onstress to the automation system.
- control software thus controls both the allocation of the data ranges (ports) in the signals generated by the control and monitoring soft ⁇ ware and / or the configuration software pake ⁇ th as well as the way of this D atenwovene in the safe communi ⁇ nikationsitati. This makes safe operation, observation and / or configuration of an automation system via a public network possible.
- the data packets sent by the operating and monitoring software and / or the configuration software for identifying the addressee contain the first network address.
- Control software can then take place particularly easily in that the control software in the data packets the first network ⁇ network address replaced by the second network address. If the operating and monitoring software, and / or the confectionary ⁇ guration is already started before the establishment of the secure connection (are), as preferred by the control software in step a) which are relevant for a communication by the non-secure network software processes the loading diene and monitoring software and / or the configuration software ⁇ ended.
- the secure communication connection runs via a secure communication platform that is connected to the public network. This enables a secure connection is established from each terminal of the network into the system who ⁇ .
- a tunnel connection ie a compound in which an identification and authentication of the communication partner and by data caps ⁇ development data confidentiality (ie no access to the data for third parties ) and the integrity of the data (ie no modification of the data by third parties is possible).
- a tunnel connection is possible, for example via the Internet through a VPN (Virtual Pri vate ⁇ Network) connection that uses an Internet security protocol such as IPsec (Internet Protocol Security).
- control software ge ⁇ Frankfurtss claim 9 and a computer program product comprising egg ⁇ ner such control software according to claim 10 degrees.
- the automation system 2 for example, comprises a plurality of automation devices 3, a plant-internal, that is, a non-public, power plant ⁇ 4 are together and to an access router 5 in the data exchange.
- a distant from the facility 1 means 10 beispielswei ⁇ se an engineering station includes a control and monitoring software 11 for operation and monitoring of the automation ⁇ s istssystems 2, a configuration software 12 of example, as part of a project planning software, for
- Automation system and a control software 13 according to the invention.
- the operating and monitoring software 11 for example, remote monitoring, remote diagnosis, remote ⁇ control or preventive remote maintenance is possible.
- the configuration software 12 may, for example, changes to the software of the automation equipment 3 (for example Parameterän ⁇ requirements, functional changes, changes in the data communication between the automation devices 3) are Runaway ⁇ leads.
- the device 10 accesses via the Internet 20, i. a public network, and an on-premises access router 5 to the automation system 3 to.
- the device accesses via the Internet 20, i. a public network, and an on-premises access router 5 to the automation system 3 to.
- the device accesses via the Internet 20, i. a public network, and an on-premises access router 5 to the automation system 3 to.
- the device accesses via the Internet 20, i. a public network, and an on-premises access router 5 to the automation system 3 to.
- control software 13 ensures in a first step that the communication is for a communication 20 relevant software processes of the operating and monitoring software 11 and / or the Konfigu ⁇ rationssoftware 12 are completed by the Internet. Provided that these processes are be ⁇ already started, they are by the control software 20 finished. Alternatively, the entire control and monitoring software 11 and / or configuration software 12 can be completed by the control software ⁇ det instead of individual processes also the same.
- a secure communications link is established 6 in the form of a tunnel connection from the device 10 via the Internet 20 to the automation system 3 then in a second step by the control software ⁇ 20th
- the tunnel connection runs via a secure communication ⁇ platform 21, for example, the platform with the name "cRSP" (Common Remote Service Platform) of the Applicant.
- cRSP Common Remote Service Platform
- the IPSec protocol is preferably used.
- IPSec end point 14 in the device 10 there is an IPSec end point 14 in the device 10 and an IPSec end point 15 on the side of the device 1 in the access router 5.
- ISAKMP Internet Security Association and Key Management Protocol
- the secure communication platform 21 comprises an access server 22 and a data server 23. It is located in a demilitarized zone 24.
- the communication connection 6 is not “switched through” in the secure communication platform 21, but rather in the access server 22 by a "reverse -Proxy "functionality interrupted.
- One of said at position 1 ⁇ established by means of the access router 5 or of the device 10 connection is terminated in the access server 22nd
- the data transmitted thereby are stored in the data server 23.
- the access server 22 then sets up the further connection to the device 10 or to the system 1 and, via it, transmits the data stored in the data server 23.
- the incoming communication is thus "mirrored" in the secure communication platform 21.
- the aforementioned mirroring and the establishment of a connection to the system 1 or to the device 10 takes place only after successful authentication and authorization at the access router 5, wherein the necessary connection information and passwords are securely transmitted.
- This architecture provides reliable protection against unauthorized access from device 10 to device 1, and vice versa, from accessing the Internet 20, transmission of viruses and similar malicious programs from device 10 to device 1 and vice versa, as well as before Misuse of confidential access data.
- the access router 5 verifies the authorization of the service provider to access the system 1. In the case of authorization, it hands the device 10 a temporary password for access to the access server 22. The device 10 forwards access data and the temporary password to access server 22. Facility 10 requests access to server 1 at access server 22 by entering its password. The access server 22 compares this
- the first IPSec end point 14 is now assigned a second IP address, preferably a loopback IP address, the second IP address being different from the first IP address. This is done, for example, by a browser, via which the operator starts the control software 13 and thus the secure communication connection 6 has built up. The browser searches for a free loopback IP address and assigns it to the first IPSec endpoint 14.
- a fourth step the software processes of the operating and monitoring software 11 and / or the configuration software 12 that are relevant for communication through the Internet 20 are started either manually by the operator or automatically by the control software 13. However, these processes do not receive any exclusive rights for the ports required for the communication via the secure communication platform 21.
- the operating and monitoring software 11 and / or the configuration software 12 can send data packets for operator control, monitoring and / or configuration of the automation system 3 to the first IP address.
- the data packets contain this first IP address for addressing.
- a delivery of the data packets directly to the second IP address is for the operating and Beobachtungssoft- would be 11 and / or a configuration software 12 of an automation ⁇ tretessystems often not possible, since they usually can not communicate with a loopback IP address. Therefore, the STEU ⁇ ersoftware 13 redirects the ge ⁇ sent to the first IP address data packets to the second IP address, in which it replaces in the data packets, the first IP address with the second IP address.
- the data packets are thus routed to the secure communication link 6.
- a secure operation, observation and / or configuration of the automation system 3 via the Internet 20 is possible.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Quality & Reliability (AREA)
- Manufacturing & Machinery (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Testing And Monitoring For Control Systems (AREA)
- Selective Calling Equipment (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/522,131 US9088429B2 (en) | 2010-01-13 | 2011-01-12 | Method for operating, monitoring and/or configuring an automation system of a technical plant |
CN201180005950.8A CN102859968B (zh) | 2010-01-13 | 2011-01-12 | 用于操作、观察和/或配置技术设备的自动化系统的方法 |
BR112012017305-7A BR112012017305B1 (pt) | 2010-01-13 | 2011-01-12 | Processo para pelo menos um dentre o comando, monitoramento ou configuração de um sistema de automatização de uma instalação técnica |
EP11700405.1A EP2524488B1 (de) | 2010-01-13 | 2011-01-12 | Verfahren zur bedienung, beobachtung und/oder konfiguration eines automatisierungssystems einer technischen anlage |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102010000849.4 | 2010-01-13 | ||
DE102010000849A DE102010000849A1 (de) | 2010-01-13 | 2010-01-13 | Verfahren zur Bedienung, Beobachtung und/oder Konfiguration eines Automatisierungssystems einer technischen Anlage |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2011086083A2 true WO2011086083A2 (de) | 2011-07-21 |
WO2011086083A3 WO2011086083A3 (de) | 2012-04-19 |
Family
ID=44304721
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2011/050307 WO2011086083A2 (de) | 2010-01-13 | 2011-01-12 | Verfahren zur bedienung, beobachtung und/oder konfiguration eines automatisierungssystems einer technischen anlage |
Country Status (6)
Country | Link |
---|---|
US (1) | US9088429B2 (de) |
EP (1) | EP2524488B1 (de) |
CN (1) | CN102859968B (de) |
BR (1) | BR112012017305B1 (de) |
DE (1) | DE102010000849A1 (de) |
WO (1) | WO2011086083A2 (de) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103699059A (zh) * | 2012-09-20 | 2014-04-02 | 洛克威尔自动控制亚太业务中心有限公司 | 呈现用于工业自动化装置的参数集合的系统、方法及软件 |
US9088429B2 (en) | 2010-01-13 | 2015-07-21 | Siemens Aktiengesellschaft | Method for operating, monitoring and/or configuring an automation system of a technical plant |
US9940116B2 (en) | 2010-01-12 | 2018-04-10 | Siemens Aktiengesellchaft | System for performing remote services for a technical installation |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TR201906576T4 (tr) | 2015-03-27 | 2019-05-21 | Buehler Ag Geb | Adapte edilebilir çapraz tesis kontrolü ve yönlendirme sistemi ve ilgili yöntemi. |
EP3422657A1 (de) * | 2017-06-26 | 2019-01-02 | Siemens Aktiengesellschaft | Verfahren und sicherheits-steuerungseinrichtungen zum senden und empfangen kryptographisch geschützter netzwerkpakete |
DE102018215420A1 (de) * | 2018-09-11 | 2020-03-12 | Siemens Aktiengesellschaft | Vorrichtung zum Überwachen eines Zustands einer in einem ersten Netzwerk angeordneten ersten Komponente |
US11178107B2 (en) * | 2019-09-30 | 2021-11-16 | Michael Schloss | System and method for detecting surreptitious packet rerouting |
Family Cites Families (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE19627464A1 (de) * | 1996-07-08 | 1998-01-15 | Siemens Ag | Prozeßautomatisierungssystem |
DE19715503A1 (de) * | 1997-04-14 | 1998-10-15 | Siemens Ag | Integriertes Rechner- und Kommunikationssystem für den Anlagenbereich |
US7162510B2 (en) * | 1998-03-16 | 2007-01-09 | Schneider Automation Inc. | Communication system for a control system over Ethernet and IP networks |
US20020007348A1 (en) * | 2000-01-28 | 2002-01-17 | Ali Mohamed Ahmed | System and method for performing engineering design |
US20060089977A1 (en) | 2001-06-15 | 2006-04-27 | Spencer Cramer | System and method for providing virtual online engineering of a production environment |
US7447901B1 (en) | 2002-06-25 | 2008-11-04 | Cisco Technology, Inc. | Method and apparatus for establishing a dynamic multipoint encrypted virtual private network |
US8942375B2 (en) | 2002-09-17 | 2015-01-27 | Broadcom Corporation | Method and system for providing multiple encryption in a multi-band multi-protocol hybrid wired/wireless network |
DE10305637A1 (de) * | 2003-02-11 | 2004-08-26 | Siemens Ag | Verfahren zur Projektierung eines elektrischen Systems |
US7389534B1 (en) * | 2003-06-27 | 2008-06-17 | Nortel Networks Ltd | Method and apparatus for establishing virtual private network tunnels in a wireless network |
DE10331309A1 (de) | 2003-07-10 | 2005-02-10 | Siemens Ag | Vorrichtung und Koppelgerät, so genannter transparenter Tunnel-Proxy, zur Sicherung eines Datenzugriffs |
FR2862299B1 (fr) * | 2003-11-14 | 2005-12-30 | Inst Francais Du Petrole | Zeolithe de type structural euo contenant le structurant alkylquinuclidinium, procede de preparation et utilisation en tant que catalyseur |
JP2005341084A (ja) | 2004-05-26 | 2005-12-08 | Nec Corp | Vpnシステム、リモート端末及びそれらに用いるリモートアクセス通信方法 |
US7530113B2 (en) * | 2004-07-29 | 2009-05-05 | Rockwell Automation Technologies, Inc. | Security system and method for an industrial automation system |
US7310669B2 (en) | 2005-01-19 | 2007-12-18 | Lockdown Networks, Inc. | Network appliance for vulnerability assessment auditing over multiple networks |
US7685316B2 (en) | 2005-06-16 | 2010-03-23 | Cisco Technology, Inc. | System and method for coordinated network configuration |
CN1909501A (zh) | 2005-08-05 | 2007-02-07 | 华为技术有限公司 | 一种端到端业务快速收敛的方法和路由设备 |
WO2007078789A2 (en) | 2005-12-15 | 2007-07-12 | Lehman Brothers Inc. | System and method for secure remote desktop access |
US8510812B2 (en) | 2006-03-15 | 2013-08-13 | Fortinet, Inc. | Computerized system and method for deployment of management tunnels |
US7742833B1 (en) * | 2006-09-28 | 2010-06-22 | Rockwell Automation Technologies, Inc. | Auto discovery of embedded historians in network |
US7864762B2 (en) | 2007-02-14 | 2011-01-04 | Cipheroptics, Inc. | Ethernet encryption over resilient virtual private LAN services |
JP4957660B2 (ja) | 2008-06-20 | 2012-06-20 | 富士通株式会社 | ラベルスイッチングネットワークにおける通信装置 |
US7860944B2 (en) * | 2008-09-30 | 2010-12-28 | Rockwell Automation Technologies, Inc. | Aggregation server with information visualization panel subscription model |
DE102010000824A1 (de) | 2010-01-12 | 2011-07-14 | Siemens Aktiengesellschaft, 80333 | System zur Durchführung von Ferndienstleistungen für eine technische Anlage |
DE102010000849A1 (de) | 2010-01-13 | 2011-07-14 | Siemens Aktiengesellschaft, 80333 | Verfahren zur Bedienung, Beobachtung und/oder Konfiguration eines Automatisierungssystems einer technischen Anlage |
-
2010
- 2010-01-13 DE DE102010000849A patent/DE102010000849A1/de not_active Withdrawn
-
2011
- 2011-01-12 BR BR112012017305-7A patent/BR112012017305B1/pt active IP Right Grant
- 2011-01-12 US US13/522,131 patent/US9088429B2/en active Active
- 2011-01-12 EP EP11700405.1A patent/EP2524488B1/de active Active
- 2011-01-12 CN CN201180005950.8A patent/CN102859968B/zh active Active
- 2011-01-12 WO PCT/EP2011/050307 patent/WO2011086083A2/de active Application Filing
Non-Patent Citations (1)
Title |
---|
None |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9940116B2 (en) | 2010-01-12 | 2018-04-10 | Siemens Aktiengesellchaft | System for performing remote services for a technical installation |
US9088429B2 (en) | 2010-01-13 | 2015-07-21 | Siemens Aktiengesellschaft | Method for operating, monitoring and/or configuring an automation system of a technical plant |
CN103699059A (zh) * | 2012-09-20 | 2014-04-02 | 洛克威尔自动控制亚太业务中心有限公司 | 呈现用于工业自动化装置的参数集合的系统、方法及软件 |
CN107272610A (zh) * | 2012-09-20 | 2017-10-20 | 洛克威尔自动控制亚太业务中心有限公司 | 呈现用于工业自动化装置的参数集合的系统、方法及软件 |
CN107272610B (zh) * | 2012-09-20 | 2019-10-25 | 洛克威尔自动控制亚太业务中心有限公司 | 呈现用于工业自动化装置的参数集合的系统、方法及软件 |
Also Published As
Publication number | Publication date |
---|---|
CN102859968B (zh) | 2015-06-24 |
BR112012017305A2 (pt) | 2016-04-19 |
US20120290105A1 (en) | 2012-11-15 |
EP2524488B1 (de) | 2014-03-05 |
BR112012017305B1 (pt) | 2022-05-31 |
EP2524488A2 (de) | 2012-11-21 |
US9088429B2 (en) | 2015-07-21 |
CN102859968A (zh) | 2013-01-02 |
DE102010000849A1 (de) | 2011-07-14 |
WO2011086083A3 (de) | 2012-04-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2011086083A2 (de) | Verfahren zur bedienung, beobachtung und/oder konfiguration eines automatisierungssystems einer technischen anlage | |
EP1715395B1 (de) | Vorrichtung für sicheren Fernzugriff | |
EP1540433B1 (de) | System zur virtuellen prozessanbindung über remote desktop protocol (rdp) | |
EP3129888B2 (de) | Übermittlung von daten aus einem gesicherten speicher | |
EP2442527A2 (de) | Verfahren zum Aufbau einer VPN-Verbindung zwischen zwei Netzwerken | |
EP2304558B1 (de) | System und verfahren zur fernkommunikation zwischen einem zentralen computer und einer maschinensteuerung | |
EP2448182B1 (de) | Verfahren zur Kommunikation in einem Automatisierungssystem | |
DE10200681B4 (de) | Temporäre Zugansberechtigung zum Zugriff auf Automatisierungseinrichtungen | |
WO2017041831A1 (de) | Verfahren zum betreiben eines industrienetzwerks und industrienetzwerk | |
DE102020109294A1 (de) | Verfahren zum Betrieb eines Systems | |
EP2680497A1 (de) | Externer Zugriff auf IP-basierte Haussteuereinheit in lokalem Netzwerk | |
EP1496664A2 (de) | Vorrichtung und Verfahren sowie Sicherheitsmodul zur Sicherung eines Datenzugriffs eines Kommunikationsteilnehmers auf mindestens eine Automatisierungskomponente eines Automatisierungssystems | |
EP2524487B1 (de) | System zur durchführung von ferndienstleistungen für eine technische anlage | |
EP2898649B1 (de) | Überwachungssystem mit nachrichtenweiterleitung, verfahren sowie computerprogramm | |
DE102010052054A1 (de) | Fernwartungssystem für Geräte | |
EP3435619A1 (de) | Pairingverfahren von iot-geräten zu clouddiensten | |
WO2013041360A1 (de) | System und verfahren zur bereitstellung eines steuerungsprogrammcodes | |
EP1496666A1 (de) | Vorrichtung und Koppelgerät, so genannter transparenter Tunnel-Proxy, zur Sicherung eines Datenzugriffs | |
DE102016108303B4 (de) | Verfahren zum Herstellen eines Fernzugriffes auf einen Gebäudeinstallationsbus | |
EP2898635B1 (de) | System und verfahren zur wartung einer werkzeugmaschine | |
DE102006056566B3 (de) | Netzwerk und Verfahren zum Aufbau einer Datenverbindung mit einem mobilen Endgerät | |
EP2056535A2 (de) | Verbinder und Verfahren zum Bereitstellen eines Zugangs zu einem Datenverarbeitungsnetz für eine Datenverarbeitungseinrichtung | |
DE10146397A1 (de) | Verfahren, Rechnerprogramm, Datenträger und Datenverarbeitungseinrichtung zum Konfigurieren einer Firewall oder eines Routers | |
WO2018133973A1 (de) | Verfahren zur gerätabhängigen bereitstellung von downloadressourcen | |
EP1748619A1 (de) | Verfahren zum Aufbau einer direkten, netzübergreifenden und abhörsicheren Kommunikationsverbindung |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201180005950.8 Country of ref document: CN |
|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1691/KOLNP/2012 Country of ref document: IN |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 13522131 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2011700405 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: BR Ref legal event code: B01A Ref document number: 112012017305 Country of ref document: BR |
|
ENP | Entry into the national phase |
Ref document number: 112012017305 Country of ref document: BR Kind code of ref document: A2 Effective date: 20120712 |