PRODUCTION PROCESS KNOWLEDGE-BASED INTRUSION DETECTION FOR INDUSTRIAL CONTROL SYSTEMS
First Claim
Patent Images
1. A system for threat detection in an industrial production environment, the system comprising:
- a programmable logic controller comprising;
a process image updated according to a scan cycle with process data associated with one or more field devices;
a program configured to operate the one or more field devices using the process data; and
one or more function blocks configured to;
monitor the process data in the process image during each scan cycle, andidentify a possible cyberattack based on the process data.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for threat detection in an industrial production environment comprises a programmable logic controller. This programmable logic controller includes a process image updated according to a scan cycle with process data associated with one or more field devices, a program configured to operate the one or more field devices using the process data, and one or more function blocks. These function blocks are configured to monitor the process data in the process image during each scan cycle, and identify a possible cyberattack based on the process data.
34 Citations
20 Claims
-
1. A system for threat detection in an industrial production environment, the system comprising:
a programmable logic controller comprising; a process image updated according to a scan cycle with process data associated with one or more field devices; a program configured to operate the one or more field devices using the process data; and one or more function blocks configured to; monitor the process data in the process image during each scan cycle, and identify a possible cyberattack based on the process data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
13. A method for cyberattack detection in an industrial production environment, the method comprising:
-
updating, by a programmable logic controller, a process image according to a scan cycle with process data associated with one or more field devices; operating, by the programmable logic controller, the one or more field devices using the process data; monitoring, by the programmable logic controller, the process data in the process image during each scan cycle; identifying, by the programmable logic controller, a possible cyberattack based on the process data; and transmitting, by the programmable logic controller, a message with information related to the possible cyberattack to one or more other production devices. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. An article of manufacture for intrusion detection in an industrial production environment, the article of manufacture comprising a non-transitory, tangible computer-readable medium holding computer-executable instructions for performing a process comprising:
-
updating a process image according to a scan cycle with process data associated with one or more field devices; operating the one or more field devices using the process data; monitoring the process data in the process image during each scan cycle; and identifying a possible cyberattack based on the process data.
-
Specification