×

Secured process control communications

  • US 10,257,163 B2
  • Filed: 10/24/2016
  • Issued: 04/09/2019
  • Est. Priority Date: 10/24/2016
  • Status: Active Grant
First Claim
Patent Images

1. A system for securely transporting communications from a process plant to another system, the secured communications transport system comprising:

  • a data diode disposed between a network of the process plant and a network of the other system, the data diode including one or more input ports, one or more output ports, and a communication link interconnecting the one or more input ports to the one or more output posts;

    an edge gateway interconnecting the one or more output ports of the data diode and the network of the other system, the edge gateway storing a respective copy of a first key; and

    a field gateway interconnecting the process plant network and the one or more input ports of the data diode, the field gateway storing a respective copy of the first key and including one or more non-transitory memories storing computer-readable instructions thereon that, when executed by one or more processors of the field gateway, cause the field gateway to generate a second key, encrypt the second key using the first key, and transmit, via the data diode, the encrypted second key to the edge gateway,the computer-readable instructions of the field gateway are further executable to cause the field gateway to (i) encrypt, using the second key, data that is generated by devices of the process plant while the process plant is operating to control an industrial process, the data generated by the devices of the process plant while the process plant is operating to control the industrial process being process plant data, and the process plant data secured by the devices of the process plant for delivery, via the process plant network, to the field gateway, and (ii) transmit the encrypted process plant data across the data diode to the edge gateway, andthe edge gateway including one or more non-transitory memories storing computer-readable instructions thereon that, when executed by one or more processors of the edge gateway, cause the edge gateway to decrypt, using the second key, the encrypted process plant data received via the data diode, secure the decrypted process plant data, and transmit the secured process plant data to the network of the other system.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×