Publishing data across a data diode for secured process control communications
First Claim
1. A method for securely transporting communications from a process plant to another system, the method comprising:
- at a field gateway interconnecting a network of the process plant and a data diode configured to prevent two-way communications between the field gateway and an edge gateway, recurrently announcing, during each context-setting phase of a plurality of context-setting phases, to the edge gateway across the data diode, respective context information descriptive of each of one or more devices included in a current set of data-generating devices of the process plant, the recurrently announcing including;
recurrently sending an indication of a respective identifier of the each of the one or more devices and an indication of a respective rate at which data generated by the each of the one or more devices is to be provided by the field gateway to the edge gateway across the data diode, andsending the respective context information descriptive of a specific device included in the current set of data-generating devices each time a pre-defined period of time elapses, a duration of the pre-defined period of time based on a tolerance of an application for lost data, the application being a consumer of the data generated by the specific device, and the application communicatively connected to the edge gateway,thereby causing the edge gateway to discover the current set of data-generating devices; and
during a respective data delivery phase occurring subsequent to the each context-setting phase, (i) receiving, at the field gateway via the process plant network, data generated by at least some of the one or more devices included in the current set of data-generating devices of the process plant while the process plant operates to control a process, and (ii) publishing, by the field gateway to the edge gateway across the data diode, the received process plant data generated by the at least some of the one or more devices included in the current set of data-generating devices.
1 Assignment
0 Petitions
Accused Products
Abstract
To secure communications from a process plant across a unidirectional data diode to a remote system, a sending device at the plant end publishes data across the diode to a receiving device at the remote end. The publication of various data is respectively in accordance with context information (e.g., identification of data sources, respective expected rate of data generation/arrival, etc.) that is descriptive of data sources of the plant and that is recurrently provided by the sending device across the diode. A recurrence interval may be based on a tolerance for lost data or another characteristic of an application, service, or consumer of data at the remote system. The publishing may leverage an industrial communication protocol (e.g., HART-IP) and/or a suitable general-purpose communication protocol (e.g., JSON).
-
Citations
43 Claims
-
1. A method for securely transporting communications from a process plant to another system, the method comprising:
-
at a field gateway interconnecting a network of the process plant and a data diode configured to prevent two-way communications between the field gateway and an edge gateway, recurrently announcing, during each context-setting phase of a plurality of context-setting phases, to the edge gateway across the data diode, respective context information descriptive of each of one or more devices included in a current set of data-generating devices of the process plant, the recurrently announcing including; recurrently sending an indication of a respective identifier of the each of the one or more devices and an indication of a respective rate at which data generated by the each of the one or more devices is to be provided by the field gateway to the edge gateway across the data diode, and sending the respective context information descriptive of a specific device included in the current set of data-generating devices each time a pre-defined period of time elapses, a duration of the pre-defined period of time based on a tolerance of an application for lost data, the application being a consumer of the data generated by the specific device, and the application communicatively connected to the edge gateway, thereby causing the edge gateway to discover the current set of data-generating devices; and during a respective data delivery phase occurring subsequent to the each context-setting phase, (i) receiving, at the field gateway via the process plant network, data generated by at least some of the one or more devices included in the current set of data-generating devices of the process plant while the process plant operates to control a process, and (ii) publishing, by the field gateway to the edge gateway across the data diode, the received process plant data generated by the at least some of the one or more devices included in the current set of data-generating devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
wherein receiving, at the field gateway, the data generated by the each of the one or more devices comprises receiving, at the field gateway, data generated by the particular device in response to the poll.
-
-
5. The method of claim 1, wherein receiving the data generated by the each of the one or more devices comprises receiving data indicative of a diagnostic result.
-
6. The method of claim 1, wherein recurrently announcing the respective context information of the each of the one or more devices comprises recurrently sending the respective context information for the each of the one or more devices using at least one HART protocol command from a group of HART protocol commands including command 0, command 20, command 50, command 74, or command 105.
-
7. The method of claim 1, wherein publishing the process plant data across the data diode comprises publishing the process plant data across the data diode using a HART-IP®
- protocol.
-
8. The method of claim 1, wherein publishing the process plant data across the data diode comprises publishing the process plant data across the data diode using a JSON format.
-
9. The method of claim 1, wherein recurrently announcing the respective context information descriptive of the one or more devices comprises announcing updated context information respectively descriptive of at least one of the one or more devices.
-
10. The method of claim 1, further comprising sending, by the field gateway to the edge gateway across the data diode, updated context information descriptive of a particular device of the process plant upon an occurrence of a change corresponding to the particular device, the change corresponding to the particular device comprising an addition of the particular device to the current set of data-generating devices, a removal of the particular device from the current set of data-generated devices, a change in the respective rate at which data is generated by the particular device, or a change in a status of the particular device.
-
11. The method of claim 1, further comprising sending, by the field gateway to the edge gateway across the data diode and based on a user command, updated context information descriptive of a particular device of the process plant.
-
12. A system for securely transporting communications from a process plant to another system, the system comprising:
-
a field gateway communicatively coupled to a network of the process plant; an edge gateway communicatively coupled to the another system; and a data diode interconnecting the field gateway and the edge gateway, the data diode implemented in hardware, firmware, and/or software that is particularly configured to prevent communications transmitted by the edge gateway from being ingressed into the field gateway, wherein; during a respective data delivery phase that occurs subsequent to each context-setting phase of a plurality of context-setting phases, data generated during run-time operations of the process plant by one or more devices included in the process plant is received at the field gateway via the process plant network and is published, by the field gateway, across the data diode to the edge gateway in accordance with respective context information descriptive of each of the one or more devices; and during the each context-setting phase, the respective context information is published, by the field gateway across the data diode to the edge gateway, in accordance with respective tolerances of one or more applications for lost data, the respective context information descriptive of the each of the one or more devices including an indication of a respective identifier of the each of the one or more devices and an indication of a respective rate at which data generated by the each of the one or more devices is to be provided by the field gateway to the edge gateway across the data diode, the one or more applications being consumers of the data generated by the one or more devices, and the one or more applications executing at the another system, and the respective context information of a specific device of the one or more devices is published, by the field gateway across the data diode to the edge gateway, each time a pre-defined period of time elapses, a duration of the pre-defined period of time based on a tolerance of a specific application of the one or more applications for lost data, the specific application being a consumer of the data generated by the specific device. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A method for securely transporting communications from a process plant to another system, the method comprising:
-
during each context-setting phase of a plurality of context-setting phases, at a field gateway interconnecting a network of the process plant and a data diode configured to prevent two-way communications between the field gateway and an edge gateway, announcing, to the edge gateway across the data diode, respective context information descriptive of each of one or more devices of the process plant, the respective context information including an indication of a respective identifier of the each of the one or more devices and an indication of a respective rate at which data generated by the each of the one or more devices is to be provided by the field gateway to the edge gateway across the data diode, and the respective context information descriptive of a specific device included in the one or more devices announced each time a pre-defined period of time elapses, a duration of the pre-defined period of time based on a tolerance of an application for lost data, the application being a consumer of the data generated by the specific device, and the application communicatively connected to the edge gateway; and during a respective data delivery phase subsequent to the each context-setting phase, (i) receiving, at the field gateway via the process plant network, data generated by the each of the one or more devices while the process plant operates to control a process, and (ii) publishing, by the field gateway, the process plant data to the edge gateway across the data diode at a rate at which the data generated by the each of the one or more devices is received at the field gateway, the edge gateway being communicatively connected to the other system. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
-
Specification