System and method for authentication and fail-safe transmission of safety messages
First Claim
1. A safety message generation apparatus comprising:
- a sensor disposed to generate state information; and
a safety layer for creating a safety message using said state information and for generating a digital signature based upon said safety message, said digital signature enabling authentication of said safety message subsequent to transmission through a communications network.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for fail-safe transmission of safety messages through communication channels containing non-safety-certified equipment is disclosed herein. Consistent with the disclosed method, digital signatures and/or encryption are used to authenticate both the origin and content of the safety messages. A watchdog timer ensures transition to a safe state if authenticated messages are not received periodically. In a particular implementation, the disclosed method includes generating a safety message indicating the state of a sensor. A digital signature is then generated to sign this safety message. The method further includes communicating the safety message and the digital signature to an actuator. Upon receipt, the safety message is authenticated using the digital signature. A watchdog timer ensures transition to a safe state if authenticated messages are not received periodically.
26 Citations
18 Claims
-
1. A safety message generation apparatus comprising:
-
a sensor disposed to generate state information; and
a safety layer for creating a safety message using said state information and for generating a digital signature based upon said safety message, said digital signature enabling authentication of said safety message subsequent to transmission through a communications network. - View Dependent Claims (2, 3, 4, 5, 6, 16, 18)
-
-
7. A method for fail-safe transmission of safety messages in a network environment said method comprising:
-
generating a safety message at a source node;
creating a digital signature based upon said safety message; and
communicating said safety message and said digital signature to a destination node, said digital signature enabling authentication of said safety message as received. - View Dependent Claims (8, 9, 10, 11, 12, 17)
-
-
13. A system for fail-safe transmission of safety messages in a network environment including a communications network, said system comprising:
-
an intelligent sensor apparatus including a sensor and;
a first safety-certified application, a first safety-certified layer, a first non-safety-certified layer wherein said first safety-certified layer is operative to generate a safety message and associated digital signature based upon state information received from said sensor;
means for transmitting said safety message and said associated digital signature over said communications network; and
an intelligent actuator apparatus communicatively coupled to said intelligent sensor via said communications network, said intelligent actuator including an actuator, and a second safety-certified application, a second safety-certified layer and a second non-safety-certified layer wherein said second safety-certified layer is operative to use said digital signature in order to verify authenticity of said safety message communicated over said network and thereby enable said actuator to perform an action in accordance with said state information.
-
-
14. A method for fail-safe transmission of safety messages from a sensor to an actuator entity, said method comprising the steps of:
-
generating a safety message representative of a status of said sensor;
creating a message digest based upon said safety message;
generating a digital signature using said message digest; and
communicating said digital signature and said safety message to said actuator entity, said digital signature enabling authentication of said safety message as received at said actuator entity. - View Dependent Claims (15)
-
Specification