Endpoints for performing distributed sensing and control and methods of operating the same
First Claim
1. An endpoint comprising:
- a connection to a field device;
a communication interface for communicating with a remote server;
a single-chip device defining a protected boundary of the endpoint co-incident with a boundary of the single-chip device;
an electronic processor located within the protected boundary of the endpoint;
memory located within the protected boundary of the endpoint, the memory storing a unique identifier associated with a single-writer thread at the remote server writing data associated with the field device and an output thread at the remote server; and
a cryptographic hardware component located within the protected boundary,wherein the electronic processor is configured to encrypt the unique identifier and data associated with the field device with the cryptographic hardware component for transmission outside the protected boundary over the communication interface even when the communication interface employs an encryption protocol and to explicitly omit unencrypted transmission of the unique identifier and the data outside the protected boundary, wherein the output thread is associated with private data, wherein the endpoint does not include an association between the unique identifier and the private data, wherein the endpoint and the remote server explicitly omit the association between the unique identifier and the private data from any communication with the endpoint, wherein the endpoint and the remote server explicitly omit the unique identifier from any communications not with the endpoint.
2 Assignments
0 Petitions
Accused Products
Abstract
An endpoint and methods of operating the same. In one embodiment, an endpoint is connected to one or more sensors and/or actuators. The endpoint is also connected through a communication channel to a server. Each endpoint uses a unique identifier (“ID”) hidden within a protected boundary of the endpoint to associate with a lockless, single-writer thread on the server dedicated to the endpoint. The endpoint ID is encrypted within the protected boundary of the endpoint and is not communicated unencrypted. Furthermore, no association between the ID and private information associated with reader, analysis, or control threads at the server is available outside of a protected boundary of the server and this association is never transmitted on a communication channel. The endpoint can include one or more communication interfaces (e.g., of different modalities) to provide resilience to failures, errors, and computer network attacks.
63 Citations
27 Claims
-
1. An endpoint comprising:
-
a connection to a field device; a communication interface for communicating with a remote server; a single-chip device defining a protected boundary of the endpoint co-incident with a boundary of the single-chip device; an electronic processor located within the protected boundary of the endpoint; memory located within the protected boundary of the endpoint, the memory storing a unique identifier associated with a single-writer thread at the remote server writing data associated with the field device and an output thread at the remote server; and a cryptographic hardware component located within the protected boundary, wherein the electronic processor is configured to encrypt the unique identifier and data associated with the field device with the cryptographic hardware component for transmission outside the protected boundary over the communication interface even when the communication interface employs an encryption protocol and to explicitly omit unencrypted transmission of the unique identifier and the data outside the protected boundary, wherein the output thread is associated with private data, wherein the endpoint does not include an association between the unique identifier and the private data, wherein the endpoint and the remote server explicitly omit the association between the unique identifier and the private data from any communication with the endpoint, wherein the endpoint and the remote server explicitly omit the unique identifier from any communications not with the endpoint. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. An endpoint comprising:
-
a connection to a field device; a communication interface for communicating with a remote server; an electronic processor located within a protected boundary of the endpoint, wherein the protected boundary is coincident with a physical boundary of a single chip; memory located within the protected boundary of the endpoint, the memory storing a unique identifier associated with a single-writer thread at the remote server writing data associated with the field device and an output thread at the remote server; and a cryptographic hardware component located within the protected boundary, wherein the electronic processor is configured to encrypt the unique identifier and data associated with the field device with the cryptographic hardware component for transmission outside the protected boundary over the communication interface even when the communication interface employs an encryption protocol and to explicitly omit unencrypted transmission of the unique identifier and the data outside the protected boundary, wherein the output thread is associated with private data, wherein the endpoint does not include an association between the unique identifier and the private data, wherein the endpoint and the remote server explicitly omit the association between the unique identifier and the private data from any communication with the endpoint, wherein the endpoint and the remote server explicitly omit the unique identifier from any communications not with the endpoint.
-
-
22. A system comprising:
-
an endpoint; and a server remote from the endpoint, the endpoint including a connection to a field device; a communication interface for communicating with the server; a single-chip device defining a protected boundary of the endpoint co-incident with a boundary of the single-chip device; an electronic processor located within the protected boundary of the endpoint; memory located within the protected boundary of the endpoint, the memory storing a unique identifier associated with a single-writer thread at the server writing data associated with the field device and an output thread at the server; and a cryptographic hardware component located within the protected boundary, wherein the electronic processor is configured to encrypt the unique identifier and data associated with the field device with the cryptographic hardware component for transmission outside the protected boundary over the communication interface even when the communication interface employs an encryption protocol and to explicitly omit unencrypted transmission of the unique identifier and the data outside the protected boundary, wherein the output thread is associated with private data, wherein the endpoint does not include an association between the unique identifier and the private data, wherein the endpoint and the server explicitly omit the association between the unique identifier and the private data from any communication with the endpoint, wherein the endpoint and the server explicitly omit the unique identifier from any communications not with the endpoint, and the server generating the single-writer thread, wherein the single-writer thread writes the data associated with the field device to a file uniquely identified by the unique identifier without placing restrictions to prevent any other writer threads from writing to the file. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification