System and Method for Providing the Status of Safety Critical Systems to Untrusted Devices
First Claim
Patent Images
1. A system comprising:
- a first network, the first network comprising a first communications bus over which a plurality of trusted devices and systems are adapted to communicate, the plurality of devices and systems comprising at least one safety critical system;
a second network, the second network comprising a second communications bus over which at least one untrusted device is adapted to communicate;
a monitor device which is connected to and can communicate on both the first communications bus and the second communications bus, the monitor device having a data structure that represents various states of one or more the plurality of trusted devices or systems on the first network, the monitor device updating the data structure when an update about the state of one of the plurality of trusted devices or systems is received via the first network;
a processor which, when the monitor device receives, from the at least one untrusted device, a request for the state of one of the trusted devices or systems, replies to the at least one untrusted device with the state of the one of the trusted devices or systems from the internal data structure that represents the states of each trusted device on the first network.
6 Assignments
0 Petitions
Accused Products
Abstract
A system and method is described for providing the status of safety critical systems to untrusted devices.
-
Citations
14 Claims
-
1. A system comprising:
-
a first network, the first network comprising a first communications bus over which a plurality of trusted devices and systems are adapted to communicate, the plurality of devices and systems comprising at least one safety critical system; a second network, the second network comprising a second communications bus over which at least one untrusted device is adapted to communicate; a monitor device which is connected to and can communicate on both the first communications bus and the second communications bus, the monitor device having a data structure that represents various states of one or more the plurality of trusted devices or systems on the first network, the monitor device updating the data structure when an update about the state of one of the plurality of trusted devices or systems is received via the first network; a processor which, when the monitor device receives, from the at least one untrusted device, a request for the state of one of the trusted devices or systems, replies to the at least one untrusted device with the state of the one of the trusted devices or systems from the internal data structure that represents the states of each trusted device on the first network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A monitor device comprising:
-
a connection to a first network external to the monitor device, the first network comprising a first communications bus adapted to communicate with a plurality of trusted devices and systems are connected, the plurality of devices comprising at least one safety critical system; a first communication port adapted to receive messages sent to the trusted network, and is thereby able to receive messages sent from one trusted device on the first network to a second trusted device on the first network; a data structure that represent the state of at least one or more of the plurality of trusted devices and systems on the first network; a processor which updates the data structure each time an update about the state of one of the plurality of trusted devices and systems is received over the first network, wherein the message may either have been directly sent to the monitor device or the message may have been sent to one of the plurality of the trusted devices and systems on the first network to a second trusted device on the first network; and a connection to a second network external to the monitor device, the second network comprising a second communications bus adapted to communicate with at least one untrusted device, wherein when the monitor device receives a request for the state of one of the plurality of trusted devices and systems on the trusted network from the at least one untrusted device, the monitor device replies to the at least one untrusted device with a state of the one of the plurality of trusted devices and systems from the internal data structure that represents the states of each trusted device and system on the first network. - View Dependent Claims (12, 13)
-
-
14. A method comprising:
-
receiving, over a first network, a state update from at least one of a plurality of trusted devices and systems, the first network comprising a first communications bus over which the plurality of trusted devices and systems are adapted to communicate, the plurality of devices and systems comprising at least one safety critical system; transmitting the state update to a monitor device, the monitor device having a data structure that represents various states of one or more of the plurality of trusted devices or systems on the first network, the monitor device updating the data structure when an update about the state of one of the plurality of trusted devices or systems is received via the first network; receiving, at the monitor device, over a second network, a request from at least one untrusted device for the state of one of the trusted devices or systems, the second network comprising a second communications bus over which the at least one untrusted device is adapted to communicate; replying to the request from the at least one untrusted device with the state of the one of the trusted devices or systems from the internal data structure that represents the states of each trusted device on the first network.
-
Specification