WO2024116305A1 - 制御装置及び制御システム - Google Patents

制御装置及び制御システム Download PDF

Info

Publication number
WO2024116305A1
WO2024116305A1 PCT/JP2022/044094 JP2022044094W WO2024116305A1 WO 2024116305 A1 WO2024116305 A1 WO 2024116305A1 JP 2022044094 W JP2022044094 W JP 2022044094W WO 2024116305 A1 WO2024116305 A1 WO 2024116305A1
Authority
WO
WIPO (PCT)
Prior art keywords
worker
information
authentication
unit
portable device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2022/044094
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
祥吾 井上
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fanuc Corp
Original Assignee
Fanuc Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fanuc Corp filed Critical Fanuc Corp
Priority to PCT/JP2022/044094 priority Critical patent/WO2024116305A1/ja
Priority to JP2024561042A priority patent/JPWO2024116305A1/ja
Publication of WO2024116305A1 publication Critical patent/WO2024116305A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Definitions

  • This disclosure relates to a control device and a control system.
  • a single worker in charge of industrial machinery is responsible for multiple pieces of industrial machinery.
  • the normal operation is for the worker to display and operate multiple pieces of industrial machinery using a mobile device dedicated to that worker.
  • multiple workers may be in charge of multiple pieces of industrial machinery.
  • different users may be in charge of multiple pieces of industrial machinery during the day and at night.
  • the control system disclosed herein authenticates workers by using a portable device equipped with a biometric authentication function to perform biometric authentication. Then, information related to the worker is exchanged between the portable device and the industrial machine, and the industrial machine recognizes the worker, thereby resolving the above-mentioned problem.
  • One aspect of the present disclosure is a system that includes at least one portable device carried by a worker and a control device that controls at least one industrial machine, the portable device includes a sensor that detects biometric information of the worker, and a worker identification unit that transmits to the control device first user device information that is a set of the biometric information of the worker, a first login ID, and device information that uniquely identifies the portable device, and the control device includes device authentication information that associates second worker authentication information including a second login ID and a second password that uniquely identify the worker with second user device information that is a set of the biometric information of the worker, the second login ID, and device information of the portable device carried by the worker.
  • a device authentication unit that authenticates a portable device carried by a worker by referring to the device authentication information storage unit; and a worker authentication unit that authenticates the worker based on the result of authentication of the portable device by the device authentication unit, in which the device authentication unit authenticates the portable device when second user device information corresponding to first user device information transmitted from the portable device is stored in the device authentication information storage unit, and the worker authentication unit authenticates the worker using a second login ID and a second password associated with the second user device information when the portable device is authenticated.
  • FIG. 2 is a schematic hardware configuration diagram of a control system according to the first embodiment of the present disclosure.
  • FIG. 2 is a block diagram showing schematic functions of a control system according to a first embodiment of the present disclosure.
  • 10 is a table illustrating an example of authentication information stored in a worker authentication information storage unit.
  • FIG. 11 is a table illustrating an example of device authentication information stored in a device authentication information storage unit.
  • FIG. 11 is a table illustrating an example of connection information stored in a connection information storage unit.
  • FIG. 11 is a sequence diagram showing the operation flow of a pairing process between a portable device and a control device.
  • FIG. 11 is a sequence diagram showing the flow of operations of a process when a portable device and a control device are connected to each other;
  • FIG. 11 is a sequence diagram showing the flow of operations of a process when a portable device and a control device are connected to each other;
  • FIG. 11 is a sequence diagram showing the flow of operations of a process when a portable device
  • FIG. 1 is a schematic hardware configuration diagram showing a main part of a control system according to a first embodiment of the present disclosure.
  • a control system 300 is composed of a control device 1 and a portable device 8.
  • the control device 1 controls an industrial machine 3 installed at a manufacturing site such as a factory based on an operation by an operator.
  • the portable device 8 is, for example, a terminal owned by an operator who performs work using the control device 1. Note that, although only one control device 1 and one portable device 8 are shown in Fig. 1, a plurality of control devices 1 and a plurality of portable devices 8 may actually be included in the control system 300.
  • the CPU 11 provided in the control device 1 is a processor that controls the entire control device 1.
  • the CPU 11 reads the system program stored in the ROM 12 via the bus 22, and controls the entire control device 1 according to the system program.
  • the RAM 13 temporarily stores temporary calculation data, display data, various data input from outside, etc.
  • the non-volatile memory 14 is composed of, for example, a memory backed up by a battery (not shown) or an SSD (Solid State Drive), and retains its memory state even when the power to the control device 1 is turned off.
  • the non-volatile memory 14 stores data acquired from the industrial machine 3, programs and data read from the external device 72 via the interface 15, programs and data input via the input device 71, programs and data acquired from other devices via the network 5, etc.
  • the programs and data stored in the non-volatile memory 14 may be expanded into the RAM 13 when executed/used.
  • various system programs such as well-known analysis programs are written in advance into the ROM 12.
  • the interface 15 is an interface for connecting the CPU 11 of the control device 1 to an external device 72 such as a USB device.
  • the external device 72 may be an external storage means such as a memory reader that reads and writes recording media such as CompactFlash (registered trademark) and SD cards, or a disk drive that reads and writes recording media such as CDs, DVDs, and BDs.
  • programs and setting data are read from the external device 72.
  • programs and setting data edited within the control device 1 can be stored in the external storage means via the external device 72.
  • the interface 19 is an interface for communication between the control device 1 and the portable device 8 when they are in close proximity.
  • the interface 19 may be an interface for short-range wireless communication such as Bluetooth communication or NFC (Near Field Communication).
  • Bluetooth communication or NFC (Near Field Communication).
  • NFC Near Field Communication
  • the interface 20 is an interface for connecting the CPU 11 of the control device 1 to a wired or wireless network 5.
  • the network 5 is connected to other industrial machine control devices, fog computers 6, cloud servers 7, portable devices 8 carried and operated by workers, etc., and exchanges data with the control device 1.
  • the display device 70 displays the various data loaded into the memory and the data obtained as a result of executing programs, etc., output via the interface 17.
  • the display device 70 may also be equipped with an LED indicator or warning lamp that shows the state of the machine.
  • the input device 71 which is composed of a keyboard, pointing device, card reader, etc., passes commands and data based on operations by the operator to the CPU 11 via the interface 18.
  • the control device 1 controls the industrial machinery 3 based on a control program, an external signal, an instruction from an operator, etc.
  • the industrial machinery 3 is a machine tool, an injection molding machine, a robot, etc. that is installed at a manufacturing site such as a factory.
  • the mobile device 8 carried by the worker may be, for example, a tablet terminal, a smartphone, smart glasses, a smart watch, or other mobile device, or a wearable terminal.
  • the CPU 811 provided in the portable device 8 is a processor that controls the entire portable device 8.
  • the CPU 811 reads the system program stored in the ROM 812 via the bus 822, and controls the entire portable device 8 in accordance with the system program.
  • the RAM 813 temporarily stores temporary calculation data, display data, and various data input from outside.
  • the non-volatile memory 814 is composed of, for example, a memory backed up by a battery (not shown) or an SSD (Solid State Drive), and retains its memory state even when the portable device 8 is powered off.
  • the non-volatile memory 814 stores programs and data acquired from the control device 1 or other devices via the network 5, and programs and data input via the input device 871.
  • the programs and data stored in the non-volatile memory 814 may be expanded in the RAM 813 when executed/used.
  • various system programs such as well-known image processing programs are written in advance in the ROM 812.
  • the interface 819 is an interface for mutual communication when the portable device 8 is in the vicinity of the control device 1.
  • the interface 819 may be an interface for short-range wireless communication such as Bluetooth communication or NFC (Near Field Communication).
  • Bluetooth communication or NFC (Near Field Communication).
  • NFC Near Field Communication
  • the interface 820 is an interface for connecting the CPU 811 of the portable device 8 to the wired or wireless network 5.
  • the control device 1, industrial machinery 3, fog computer 6, cloud server 7, etc. are connected to the network 5, and data is exchanged between the network 5 and the portable device 8.
  • the interface 820 is not necessarily required for the portable device 8, which is one element of the control system 300.
  • the portable device 8 fully functions in the control system 300 according to this embodiment even when it is not connected to the network 5.
  • the sensor 821 detects biometric information of the worker carrying the portable device 8.
  • the sensor 821 may be, for example, a fingerprint sensor that detects fingerprint information, an iris sensor that detects iris information, or an image sensor that captures the worker's facial information.
  • the sensor 821 passes the obtained biometric information of the worker to the CPU 811.
  • the display device 870 displays the various data loaded into the memory, data obtained as a result of executing programs, etc., output via the interface 817.
  • the input device 871 which is composed of a touch panel or the like, passes instructions and data based on operations by the operator to the CPU 811 via the interface 818.
  • FIG. 2 is a schematic block diagram showing the functions of the control device 1 and the portable device 8 according to this embodiment.
  • the functions of the control device 1 and the portable device 8 according to this embodiment are realized by the CPU 11 of the control device 1 and the CPU 811 of the portable device 8 shown in FIG. 1 executing system programs and controlling the operation of each part of the control device 1 and the portable device 8.
  • the control device 1 includes an operator authentication information registration unit 100, an operator authentication unit 105, a device authentication unit 110, a connection unit 120, a control unit 130, and a communication unit 140 that controls communication with the portable device 8 via the interface 19.
  • a control program 200 used to operate the industrial machine 3 is pre-stored in the RAM 13 to the non-volatile memory 14 of the control device 1, and also includes an operator authentication information storage unit 210, which is an area for storing authentication information required to authenticate the operator who operates each function of the control device 1 and the industrial machine 3, a device authentication information storage unit 220, which is an area for storing information for authenticating the portable device 8 carried by the operator, and a connection information storage unit 230, which is an area for storing connection information for the portable device 8.
  • the worker authentication information registration unit 100 accepts the registration of the worker's authentication information (c2) and stores it in the worker authentication information storage unit 210.
  • the worker authentication information registration unit 100 may, for example, display a registration screen for the worker's authentication information (c2) on the display device 70 and accept the worker's authentication information (c2) input by the worker operating the input device 71.
  • the worker authentication information registration unit 100 may accept the registration of the worker's authentication information (c2) from the fog computer 6 or the cloud server 7.
  • FIG. 3 is a table diagram showing an example of authentication information (c2) stored in the worker authentication information storage unit 210.
  • the worker authentication information (c2) may be a set of a login ID (L2) and a password (P2).
  • the worker authentication unit 105 authenticates the worker who operates the control device 1. For example, the worker authentication unit 105 displays a worker authentication screen on the display device 70 and accepts the worker authentication information (c2) input by the worker operating the input device 71. Then, it checks whether the accepted authentication information is stored in the worker authentication information storage unit 210. For example, if the worker authentication information (c2) is a set of a login ID (L2) and a password (P2), the worker authentication unit 105 displays an authentication screen on the display device 70 for inputting the login ID (L2) and the password (P2).
  • the worker authentication information (c2) is a set of a login ID (L2) and a password (P2)
  • the worker authentication unit 105 When the worker operates the input device 71 to input the set of the login ID (L2) and the password (P2), it is determined whether the input set of the login ID (L2) and the password (P2) matches the authentication information (c2) stored in the worker authentication information storage unit 210. Then, if it matches the authentication information (c2), the worker authentication unit 105 authenticates that the worker is the worker corresponding to the login ID. When the worker authentication unit 105 receives a worker authentication request from the device authentication unit 110 via the connection unit 120, the worker authentication unit 105 may perform authentication using the worker authentication information (c2) included in the authentication request. The worker authentication unit 105 cancels the worker's authentication state when the worker performs an operation to cancel the authentication state or when the worker continues not to operate the control device and the industrial machine 3 for a predetermined period of time.
  • the device authentication unit 110 manages the authentication of the portable device 8.
  • the device authentication unit 110 operates in at least two operation modes.
  • One of the operation modes is a pairing mode in which the control device 1 and the portable device 8 are paired.
  • the other operation mode is a connection mode.
  • the device authentication unit 110 operating in the pairing mode executes a pairing process to create device authentication information linking the portable device 8 with the worker carrying the portable device 8.
  • the device authentication unit 110 operating in the pairing mode identifies the authentication information (c2) of the worker performing the pairing process.
  • the device authentication unit 110 may, for example, display a screen on the display device 70 for identifying the worker authentication information (c2) stored in the worker authentication information storage unit 210, and have the worker specify the authentication information (c2).
  • the device authentication unit 110 may specify the authentication information (c2) by instructing the worker authentication information registration unit 100 to register the worker authentication information (c2).
  • the device authentication unit 110 instructs the communication unit 140 to detect the nearby portable device 8 via the interface 19.
  • the device authentication unit 110 executes a provisional authentication process between the portable device 8 and the portable device 8 using the identified worker authentication information (c2).
  • This provisional authentication process may be, for example, a challenge-and-response authentication. If the provisional authentication process is successful, the device authentication unit 110 requests the portable device 8 for user device information (ud).
  • This user device information (ud) is, for example, a set of biometric information (b) of the worker of the portable device 8, the login ID (L1) of the worker of the portable device 8, and device information (d) of the portable device 8. It is preferable that the user device information (ud) is encrypted using a predetermined key.
  • the control device 1 can decrypt the worker's biometric information (b), the worker's login ID (L1) of the portable device 8, and the device information (d) of the portable device 8 from the user device information (ud) using the same worker's authentication information (c2).
  • the device authentication unit 110 decrypts the obtained user device information (ud) and extracts the worker's login ID (L1).
  • FIG. 4 is a table diagram showing an example of device authentication information stored in the device authentication information storage unit 220. Then, it instructs the communication unit 140 to transmit to the portable device 8 a message indicating that the pairing process has been successful.
  • the device authentication unit 110 operating in the connection mode periodically instructs the communication unit 140 to wait for the transmission of user device information (ud) from the nearby portable device 8 via the interface 19.
  • the device authentication unit 110 refers to the device authentication information storage unit 220 to verify whether there is device authentication information including the transmitted user device information (ud). If there is device authentication information including the transmitted user device information (ud), the device authentication unit 110 executes an authentication process with the portable device 8 using the worker authentication information (c2) included in the device authentication information.
  • This authentication process may be, for example, challenge-and-response authentication.
  • the device authentication unit 110 instructs the worker authentication unit 105 via the connection unit 120 to request authentication of the worker using the worker authentication information (c2). Then, if the worker authentication by the worker authentication unit 105 is successful, the device authentication unit 110 instructs the communication unit 140 to transmit to the portable device 8 a message indicating that the worker authentication was successful.
  • connection unit 120 manages the connected portable device 8 and the authentication status of the worker in the control device 1 in association with each other.
  • the connection unit 120 mediates an authentication request for the worker from the device authentication unit 110 to the worker authentication unit 105. If the authentication of the worker is successful, the connection unit 120 manages the portable device 8 authenticated by the device authentication unit 110 by storing the portable device 8 and the worker authenticated by the worker authentication unit 105 in association with each other in the connection information storage unit 230.
  • FIG. 5 is a table diagram showing an example of the connection information stored in the connection information storage unit 230.
  • the connection information includes at least information (device information (d)) that uniquely identifies the connection of the portable device 8 acquired from the communication unit 140, and information (login ID (L2)) that uniquely identifies the worker authenticated by the worker authentication unit 105.
  • the connection information may include, for example, information such as the connection start time, the last operation time, and whether the connection is valid or invalid. If the connection with the portable device 8 is disconnected, the connection unit 120 instructs the worker authentication unit 105 to cancel the authentication status of the worker associated with the portable device 8. Then, the connection information related to the portable device 8 stored in the connection information storage unit 230 is deleted. Also, if the authentication state of the worker is cancelled in the worker authentication unit 105 for some reason, the device authentication unit 110 is instructed to cancel the authentication state of the portable device 8. Then, the connection information related to the worker stored in the connection information storage unit 230 is deleted.
  • connection unit 120 When the connection unit 120 receives a request to execute a command of the control device 1 from a portable device 8 connected to the control device 1 via the communication unit 140, it checks whether the portable device 8 that sent the execution request has been authenticated.
  • the connection unit 120 may check whether the portable device 8 has been authenticated, for example, by referring to the connection information stored in the connection information storage unit 230.
  • the connection unit 120 may further check with the worker authentication unit 105 whether the worker included in the referenced connection information is in an authenticated state.
  • the connection unit 120 outputs the execution request to the control unit 130.
  • the connection unit 120 receives a response to the execution request from the control unit 130 and transmits it to the portable device 8 via the communication unit 140.
  • the control unit 130 has general functions required to control the industrial machine 3. It controls the industrial machine 3 based on given commands. For example, if the industrial machine 3 is a machine tool equipped with a spindle that rotates an attached tool and a moving axis that moves the spindle and the workpiece relatively, the control unit 130 analyzes the given movement command and spindle rotation command, and controls the operation of the spindle and moving axis of the industrial machine 3 based on the analysis results.
  • the command to control the industrial machine 3 may be, for example, a command read out from the control program 200. Also, the command to control the industrial machine 3 may be an execution request command requested to be executed via the connection unit 120.
  • the control unit 130 may be configured to check whether a command execution request is made when the worker is authenticated. For example, when a command execution request is made, the control unit 130 may check with the worker authentication unit 105 of the control device 1 whether the worker is in an authenticated state in the worker authentication unit 105. When the control unit 130 receives a command execution request when the worker is authenticated, it accepts the request and executes the command. On the other hand, when the control unit 130 receives a command execution request when the worker is not authenticated, it may reject the request and not execute the command.
  • the portable device 8 includes a worker identification unit 882 and a communication unit 884 that controls communication with the control device 1 via the interface 819.
  • the RAM 813 to the non-volatile memory 814 of the portable device 8 are provided with a device information storage unit 890 in which device information, which is information for uniquely identifying the portable device 8, is stored in advance, and a worker identification information storage unit 892, which is an area for storing worker identification information required to identify the worker carrying the portable device.
  • the worker identification unit 882 identifies the worker carrying the portable device 8.
  • the worker identification unit 882 operates in at least two operating modes. One of the operating modes is a pairing mode in which the portable device 8 and the control device 1 are paired. The other operating mode is a connection mode.
  • the worker identification unit 882 executes a temporary authentication process with the control device 1 using the worker's authentication information (c1).
  • This temporary authentication process may be, for example, a challenge-and-response authentication in which the control device 1 is the subject. If the temporary authentication is successful, the worker identification unit 882 transmits the created user device information (ud) as a response to the request for user device information (ud) from the control device 1. Then, if the control device 1 transmits a notification that the pairing process was successful, the worker identification unit 882 stores the worker identification information in which the user device information (ud) and the worker's authentication information (c1) are associated in the worker identification information storage unit 892.
  • the worker identification unit 882 operating in the connection mode displays a screen on the display device 870 for inputting the worker's login ID (L1). Then, the login ID (L1) is acquired from the input device 871 operated by the worker. The worker identification unit 882 also displays a screen on the display device 870 for prompting the input of the worker's biometric information (b), and acquires the biometric information (b) from the sensor 821. Next, the worker identification unit 882 creates user device information (ud) using the acquired worker's biometric information (b), the worker's login ID (L1), and the device information (d) of the portable device 8 acquired from the device information storage unit 890.
  • authentication processing is performed between the control device 1 and the worker using the worker's authentication information (c1) included in the acquired worker authentication information.
  • This authentication processing may be, for example, challenge-and-response authentication in which the control device 1 is the subject of a challenge. If the authentication processing is successful, the worker identification unit 882 displays on the display device 70 that authentication of the portable device 8 and the worker has been successful.
  • FIG. 6 is a sequence diagram showing the flow of operations in the pairing process between the portable device 8 and the control device 1.
  • the worker identification unit 882 of the portable device 8 operating in the pairing mode acquires the worker authentication information (c1) and the biometric information (b) from the worker (step SA01).
  • the device authentication unit 110 of the control device 1 operating in the pairing mode acquires the worker authentication information (c2) from the worker (step SA02). For example, this work may be performed by the worker carrying the portable device 8 performing each operation input in front of the control device 1 to be paired.
  • the worker identification unit 882 of the portable device 8 creates user device information (ud) based on the biometric information (b), the login ID (L1) included in the worker authentication information (c1), and the device information (d) (step SA03). Meanwhile, the device authentication unit 110 of the control device 1 performs provisional authentication with the worker identification unit 882 of the portable device 8 (step SA04). For provisional authentication, a challenge-and-response authentication using the worker authentication information (c1) and the worker authentication information (c2) may be used.
  • step SA06 If they match, the device authentication is successful, and device authentication information linking the acquired user device information (ud) and the worker authentication information (c2) used in the provisional authentication is created and stored in the device authentication information storage unit 220 (step SA06). Then, a message indicating that pairing has been successful is transmitted to the worker identification unit 882 of the portable device 8 (step SA07). The worker identification unit 882 of the portable device 8 receives this and stores it in the worker identification information storage unit 892 as worker identification information that associates the user device information (ud) with the worker's authentication information (c1) (step SA08).
  • the worker identification unit 882 of the portable device 8 operating in the connection mode acquires the login ID (L1) and biometric information (b) from the worker (step SB01).
  • the worker identification unit 882 of the portable device 8 creates user device information (ud) based on the biometric information (b), the login ID (L1), and the device information (d) (step SB02).
  • the worker identification unit 882 executes device authentication of the portable device 8 with the device authentication unit 110 of the control device 1 (step SB03). In the device authentication, the worker identification unit 882 of the portable device 8 transmits the created user device information (ud) to the control device 1.
  • the device authentication unit 110 of the control device 1 that has received the user device information (ud) refers to the device authentication information storage unit 220 and verifies whether there is device authentication information including the received user device information (ud). If there is device authentication information including the transmitted user device information (ud), the authentication process is executed with the portable device 8 using the worker authentication information (c2) included in the device authentication information (step SB04). This authentication process may be, for example, challenge-and-response authentication. If the authentication process is successful, the device authentication unit 110 executes worker authentication using the worker's authentication information (c2) (step SB05). In the worker authentication, a request to authenticate the worker using the worker's authentication information (c2) is issued to the worker authentication unit 105 via the connection unit 120. Then, if the worker authentication by the worker authentication unit 105 is successful, a message indicating that the worker authentication was successful is transmitted to the portable device 8 (step SB06).
  • the control system 300 can utilize portable devices 8 such as tablet terminals, smartphones, smart glasses, and smart watches, in addition to displays dedicated to industrial machines, as terminals for displaying and operating the industrial machines 3.
  • portable devices 8 such as tablet terminals, smartphones, smart glasses, and smart watches
  • a user of an industrial machine 3 can carry a portable device 8 dedicated to the user and monitor the status of the industrial machines 3 while temporarily connecting to multiple industrial machines 3.
  • multiple users of the industrial machine 3 can share a single portable device 8 and monitor the status of the industrial machines 3 while temporarily connecting to multiple industrial machines 3. Even when different users share a portable device 8 or when each user has a different portable device 8, it is possible to identify the user in charge of the industrial machine 3.
  • the user of the industrial machine 3 can reduce the effort of user authentication such as entering a password by using a tablet terminal that has been biometrically authenticated.
  • the worker authentication information (c2) stored in the worker authentication information storage unit 210 may be stored together with the device authentication information storage unit 220.
  • the device authentication information stored in the device authentication information storage unit 220 includes the worker authentication information (c2). Therefore, at the stage of registering the worker authentication information, the device authentication information storage unit 220 is configured to store device authentication information with the user device information field blank, and at the stage of performing the pairing process, the user device information (ud) is associated and stored, thereby eliminating the need to prepare a storage area for the worker authentication information storage unit 210 and saving memory usage.
  • a control system (300) includes at least one portable device (8) carried by a worker, and a control device (1) that controls at least one industrial machine (3).
  • the portable device (8) includes a sensor (821) that detects biometric information of the worker, and a worker identification unit (882) that transmits to the control device (1) first user device information that is a set of the biometric information of the worker, a first login ID, and device information that uniquely identifies the portable device.
  • the control device (1) transmits device authentication information that associates second worker authentication information including a second login ID and a second password that uniquely identify the worker with second user device information that is a set of the biometric information of the worker, the second login ID, and device information of the portable device (8) carried by the worker.
  • a device authentication unit (110) that authenticates a portable device (8) carried by a worker by referring to the device authentication information storage unit (220); and an operator authentication unit (105) that authenticates the worker based on a result of authentication of the portable device (8) by the device authentication unit (110), wherein the device authentication unit (110) authenticates the portable device when second user device information corresponding to first user device information transmitted from the portable device (8) is stored in the device authentication information storage unit (220), and when the portable device (8) is authenticated, the operator authentication unit (105) authenticates the worker by using a second login ID and a second password associated with the second user device information.
  • the portable device (8) further includes a worker identification information storage unit (892) that stores worker identification information that associates first worker authentication information including a first login ID and a first password that uniquely identify a worker, and first user device information that is a set of biometric information of the worker, the first login ID, and device information that uniquely identifies the portable device, and the worker identification unit (882) refers to the worker identification information storage unit (892) and identifies the worker based on whether or not first user device information corresponding to the first login ID and the biometric information of the worker inputted by the worker is stored.
  • a worker identification information storage unit (892) that stores worker identification information that associates first worker authentication information including a first login ID and a first password that uniquely identify a worker, and first user device information that is a set of biometric information of the worker, the first login ID, and device information that uniquely identifies the portable device
  • the worker identification unit (882) refers to the worker identification information storage unit (892) and identifies the worker based on whether or not first user device information
  • each piece of user device information is encrypted using worker authentication information corresponding to the user device information as a predetermined key.
  • a control system (300) according to another aspect of the present disclosure utilizes a challenge-and-response authentication mechanism for authentication between the portable device (8) and the control device (1).
  • a control device (1) includes a device authentication information storage unit (220) that stores second worker authentication information including a second login ID and a second password that uniquely identify a worker, and second user device information that is a set of biometric information of the worker, the second login ID, and device information of a portable device carried by the worker, and a device authentication unit (110) that authenticates a portable device carried by the worker by referring to the device authentication information storage unit (220), and authenticates the worker based on a result of authentication of the portable device (8) by the device authentication unit (110).
  • a device authentication information storage unit (220) that stores second worker authentication information including a second login ID and a second password that uniquely identify a worker, and second user device information that is a set of biometric information of the worker, the second login ID, and device information of a portable device carried by the worker
  • a device authentication unit (110) that authenticates a portable device carried by the worker by referring to the device authentication information storage unit (220), and authenticates the worker based on a result of authentication of the portable
  • an operator authentication unit (105) for authenticating the portable device (8) when second user device information corresponding to first user device information, which is a set of biometric information of the worker, a first login ID, and device information that uniquely identifies the portable device, transmitted from the portable device (8) is stored in the device authentication information storage unit (220), and when the portable device (8) is authenticated, the operator authentication unit (105) authenticates the worker using a second login ID and a second password associated with the second user device information.
  • Control device 3 Industrial machine 5 Network 6 Fog computer 7 Cloud server 8 Mobile device 11 CPU 12 ROM 13 RAM 14 Non-volatile memory 15, 17, 18, 19, 20 Interface 22 Bus 70 Display device 71 Input device 72 External device 100 Worker authentication information registration unit 105 Worker authentication unit 110 Device authentication unit 120 Connection unit 130 Control unit 140 Communication unit 200 Control program 210 Worker authentication information storage unit 220 Device authentication information storage unit 230 Connection information storage unit 300 Control system 811 CPU 812 ROM 813 RAM 814 Non-volatile memory 815, 817, 818, 819, 820 Interface 821 Sensor 822 Bus 870 Display device 871 Input device 872 External device 882 Worker identification unit 884 Communication unit 890 Device information storage unit 892 Worker identification information storage unit

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Factory Administration (AREA)
PCT/JP2022/044094 2022-11-30 2022-11-30 制御装置及び制御システム Ceased WO2024116305A1 (ja)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2022/044094 WO2024116305A1 (ja) 2022-11-30 2022-11-30 制御装置及び制御システム
JP2024561042A JPWO2024116305A1 (https=) 2022-11-30 2022-11-30

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/044094 WO2024116305A1 (ja) 2022-11-30 2022-11-30 制御装置及び制御システム

Publications (1)

Publication Number Publication Date
WO2024116305A1 true WO2024116305A1 (ja) 2024-06-06

Family

ID=91323431

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/044094 Ceased WO2024116305A1 (ja) 2022-11-30 2022-11-30 制御装置及び制御システム

Country Status (2)

Country Link
JP (1) JPWO2024116305A1 (https=)
WO (1) WO2024116305A1 (https=)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000276445A (ja) * 1999-03-23 2000-10-06 Nec Corp バイオメトリクス識別を用いた認証方法、装置、認証実行機、認証プログラムを記録した記録媒体
JP2003140765A (ja) * 2001-11-06 2003-05-16 Nec Corp パスワード管理装置、パスワード管理システム、パスワード管理方法、およびそのプログラム
JP2018521417A (ja) * 2015-07-02 2018-08-02 アリババ グループ ホウルディング リミテッド 生体特徴に基づく安全性検証方法、クライアント端末、及びサーバ

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000276445A (ja) * 1999-03-23 2000-10-06 Nec Corp バイオメトリクス識別を用いた認証方法、装置、認証実行機、認証プログラムを記録した記録媒体
JP2003140765A (ja) * 2001-11-06 2003-05-16 Nec Corp パスワード管理装置、パスワード管理システム、パスワード管理方法、およびそのプログラム
JP2018521417A (ja) * 2015-07-02 2018-08-02 アリババ グループ ホウルディング リミテッド 生体特徴に基づく安全性検証方法、クライアント端末、及びサーバ

Also Published As

Publication number Publication date
JPWO2024116305A1 (https=) 2024-06-06

Similar Documents

Publication Publication Date Title
JP5941089B2 (ja) 生体認証により作業者を判別するロボットシステム
JP6328053B2 (ja) 可搬式操作指示入力装置および可搬式操作指示入力装置を備えた装置
CN102473006B (zh) 机床遥控操作系统
JP6351536B2 (ja) エレベータ用保守端末装置システム
US20150296324A1 (en) Method and Apparatus for Interacting Between Equipment and Mobile Devices
JP6457471B2 (ja) 操作者識別システム
CN103802117A (zh) 机器人系统
JP2017213645A (ja) 教示装置
WO2015079725A1 (ja) プログラマブルコントローラ
US10831871B2 (en) Robot system having biometric authentication function
WO2024116305A1 (ja) 制御装置及び制御システム
JP2014063423A (ja) 加工装置
JP6426565B2 (ja) 作業者に応じて機械の操作情報を表示器に表示させる機械制御システム
EP3049925B1 (en) Systems and methods for session state transfer to a mobile device
TW201421959A (zh) 數控裝置管理系統及方法
JP4548784B2 (ja) ロボット制御装置、ロボットシステム及びプログラム
JP7359992B1 (ja) 認証処理を実行する機械操作システム、制御装置及びコンピュータプログラム
JP2021157284A (ja) 情報処理装置、情報処理システム、及びプログラム
WO2015013958A1 (zh) 可编程逻辑控制器及其用户身份识别系统与方法
KR102669947B1 (ko) 휴대 단말기를 이용한 로봇 사용자 인증 장치 및 방법
JP2005038294A (ja) 制御装置管理システム
JP7521928B2 (ja) 制御装置及び認証システム
CN113678072B (zh) 操作管理系统及可编程显示器
JP7549959B2 (ja) 通信中継装置
JP2019045897A (ja) 判定システム、判定方法及び判定プログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22967138

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2024561042

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 22967138

Country of ref document: EP

Kind code of ref document: A1