Protection against unauthorized access to automated system for control of technological processes

US 8,667,589 B1
Filed: 10/27/2013
Issued: 03/04/2014
Est. Priority Date: 10/27/2013
Status: Expired due to Fees

First Claim

Patent Images

1. A system for protection of an automated process control system (APCS), the system comprising:

at least one logical controller connected to a supervisory control and data acquisition (SCADA) module for receiving commands and data sent from the SCADA module through a data transmission line;

at least one programmable anti-intrusion module (PAI) connected to the data line below the (SCADA) module; and

a server for processing data provided by the PAI module,wherein;

the PAI module collects data from the data line and intercepts commands from the logical controller and provides the data to the server;

the PAI module makes a decision whether to allow the logical controller to send the data and the command to a plurality of field level automated modules; and

the server aggregates and analyzes data received from the PAI module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A protection system for an automate process control system (APCS) includes a plurality of programmable anti-intrusion (PAI) modules. The PAI modules are places throughout the APCS used for: analyzing a system for presence of un-authorized devices or un-authorized connections; detection of undocumented (i.e., not declared) devices and suspicious commands from connected devices; filtering various types of activities (i.e., wrong packets, unidentified activities, certain types of commands etc.); analyzing different network layers for un-authorized data transmissions; and maintaining device behavior (heuristic) logs.

Citations

16 Claims

1. A system for protection of an automated process control system (APCS), the system comprising:
- at least one logical controller connected to a supervisory control and data acquisition (SCADA) module for receiving commands and data sent from the SCADA module through a data transmission line;
  
  at least one programmable anti-intrusion module (PAI) connected to the data line below the (SCADA) module; and
  
  a server for processing data provided by the PAI module,wherein;
  
  the PAI module collects data from the data line and intercepts commands from the logical controller and provides the data to the server;
  
  the PAI module makes a decision whether to allow the logical controller to send the data and the command to a plurality of field level automated modules; and
  
  the server aggregates and analyzes data received from the PAI module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The system of claim 1, further comprising a plurality of logical controllers connected to data transmission lines.
  - 3. The system of claim 2, wherein a plurality of PAI modules are connected to the logical controllers throughout the APCS below a SCADA level.
  - 4. The system of claim 1, wherein the PAI module use any of:
    - a parallel connection to the data transmission line;
      
      a serial connection to the data transmission line;
      
      a parallel connection to the logical controller;
      
      a serial connection to the logical controller; and
      
      a connection to at least two data transmission lines.
  - 5. The system of claim 1, wherein the field level automated modules comprising any of:
    - an automated production line;
      
      tele-mechanical equipment;
      
      a power system protection;
      
      an actuator; and
      
      a device sensor.
  - 6. The system of claim 1, wherein the PAI module checks a source of the commands addressed to a particular device.
  - 7. The system of claim 1, wherein the PAI module checks electrical signals for hidden modulations.
  - 8. The system of claim 1, wherein the PAI module collects heuristic data of the logical controller.
  - 9. The system of claim 1, wherein the PAI module checks for presence of all declared devices of the APCS.
  - 10. The system of claim 1, wherein the server processes the data provided by the PAI module and detects any of:
    - data falsification;
      
      data modification;
      
      insertions of data into the data transmission lines;
      
      forbidden commands; and
      
      blocking of data.
  - 11. The system of claim 1, wherein the PAI duplicates the data received by the logical controller and determines detects whether the data can be sent to the field level modules.
  - 12. The system of claim 1, wherein the PAI module comprises a microprocessor with a digital and an analog I/O ports.

13. A method for protection of an automated process control system (APCS), the method comprising:
- connecting at least one programmable anti-intrusion module (PAI) to a data transmission line of the APCS below a supervisory control and data acquisition (SCADA) module level;
  
  analyzing the APCS for presence of unauthorized devices and un-authorized connections;
  
  detecting undocumented devices connected to the APCS;
  
  identifying suspicious commands from connected devices;
  
  analyzing the data transmission lines for unauthorized data transmissions;
  
  providing device activity data to a server; and
  
  analyzing the device activity and detecting suspicious behavior patterns.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13, further comprising encryption of the APCS data going through the data transmission line.
  - 15. The method of claim 13, wherein the PAI module is connected to a logical controller.
  - 16. The method of claim 15, wherein the PAI module duplicates data received by the logical controller and makes a decision whether to allow the data to be sent to a plurality of field level devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Konstantin Saprygin
Original Assignee
Konstantin Saprygin
Inventors
Zuykov, Alexander, Mikhailov, Dmitry, Saprygin, Konstantin, Fesenko, Stanislav
Primary Examiner(s)
McNally, Michael S

Application Number

US14/064,152
Time in Patent Office

128 Days
Field of Search

726/23
US Class Current

726/23
CPC Class Codes

G05B 19/058   Safety, monitoring

G06F 21/62   Protecting access to data v...

H04L 63/02   for separating internal fro...

H04L 63/0209   Architectural arrangements,...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/16   Implementing security featu...

Protection against unauthorized access to automated system for control of technological processes

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Protection against unauthorized access to automated system for control of technological processes

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links