Protection against unauthorized access to automated system for control of technological processes
First Claim
Patent Images
1. A system for protection of an automated process control system (APCS), the system comprising:
- at least one logical controller connected to a supervisory control and data acquisition (SCADA) module for receiving commands and data sent from the SCADA module through a data transmission line;
at least one programmable anti-intrusion module (PAI) connected to the data line below the (SCADA) module; and
a server for processing data provided by the PAI module,wherein;
the PAI module collects data from the data line and intercepts commands from the logical controller and provides the data to the server;
the PAI module makes a decision whether to allow the logical controller to send the data and the command to a plurality of field level automated modules; and
the server aggregates and analyzes data received from the PAI module.
1 Assignment
0 Petitions
Accused Products
Abstract
A protection system for an automate process control system (APCS) includes a plurality of programmable anti-intrusion (PAI) modules. The PAI modules are places throughout the APCS used for: analyzing a system for presence of un-authorized devices or un-authorized connections; detection of undocumented (i.e., not declared) devices and suspicious commands from connected devices; filtering various types of activities (i.e., wrong packets, unidentified activities, certain types of commands etc.); analyzing different network layers for un-authorized data transmissions; and maintaining device behavior (heuristic) logs.
-
Citations
16 Claims
-
1. A system for protection of an automated process control system (APCS), the system comprising:
-
at least one logical controller connected to a supervisory control and data acquisition (SCADA) module for receiving commands and data sent from the SCADA module through a data transmission line; at least one programmable anti-intrusion module (PAI) connected to the data line below the (SCADA) module; and a server for processing data provided by the PAI module, wherein; the PAI module collects data from the data line and intercepts commands from the logical controller and provides the data to the server; the PAI module makes a decision whether to allow the logical controller to send the data and the command to a plurality of field level automated modules; and the server aggregates and analyzes data received from the PAI module. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for protection of an automated process control system (APCS), the method comprising:
-
connecting at least one programmable anti-intrusion module (PAI) to a data transmission line of the APCS below a supervisory control and data acquisition (SCADA) module level; analyzing the APCS for presence of unauthorized devices and un-authorized connections; detecting undocumented devices connected to the APCS; identifying suspicious commands from connected devices; analyzing the data transmission lines for unauthorized data transmissions; providing device activity data to a server; and analyzing the device activity and detecting suspicious behavior patterns. - View Dependent Claims (14, 15, 16)
-
Specification