SYSTEM AND METHOD FOR LOGGING SECURITY EVENTS FOR AN INDUSTRIAL CONTROL SYSTEM
First Claim
Patent Images
1. A system, comprising:
- a security server comprising a memory and a processor configured to;
receive a first set of communications from a human machine interface (HMI) device, wherein the first set of communications relates to HMI device security events;
receive a second set of communications from an industrial controller, wherein the second set of communications relates to industrial controller security events; and
package and send the received first and second sets of communications to a remote managed security service provider (MSSP) for analysis.
4 Assignments
0 Petitions
Accused Products
Abstract
A system includes a security server including a memory and a processor configured to receive a first set of communications from a human machine interface (HMI) device, wherein the first set of communications relates to HMI device security events. The security server is also configured to receive a second set of communications from an industrial controller, wherein the second set of communications relates to industrial controller security events. The security server is further configured to package and send the received first and second sets of communications to a remote managed security service provider (MSSP) for analysis.
-
Citations
20 Claims
-
1. A system, comprising:
a security server comprising a memory and a processor configured to; receive a first set of communications from a human machine interface (HMI) device, wherein the first set of communications relates to HMI device security events; receive a second set of communications from an industrial controller, wherein the second set of communications relates to industrial controller security events; and package and send the received first and second sets of communications to a remote managed security service provider (MSSP) for analysis. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method, comprising:
-
aggregating security logs comprising security events for a plurality of devices associated with an industrial system; and packaging and sending the aggregated security logs to a managed security service provider (MSSP), wherein the MSSP is configured to determine trends in the security logs. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A tangible, non-transitory, computer-readable medium configured to store instructions executable by a processor of an electronic device, the instructions comprising:
-
instructions to receive security notifications from a human machine interface (HMI) device and an industrial controller, wherein the HMI device is configured to execute a configuration tool that provides instructions to the industrial controller; instructions to send the received security notifications to a remote processor, wherein the remote processor is configured to analyze and compare the security notifications from the HMI device and the industrial controller; and instructions to provide an alert when the remote processor indicates a security problem with the HMI device, the industrial controller, or both, based on the security notifications. - View Dependent Claims (19, 20)
-
Specification