Systems and methods for secure operation of an industrial controller
First Claim
Patent Images
1. A system, comprising:
- an industrial controller comprising a memory and a processor configured to;
operate the industrial controller in an open mode, wherein the open mode is configured to enable the processor of the industrial controller to receive instructions via an unauthenticated network connection or a local connection; and
subsequently operate the industrial controller in a secure mode instead of the open mode, wherein the secure mode is configured to enable the processor of the industrial controller to receive instructions only via an authenticated network connection.
2 Assignments
0 Petitions
Accused Products
Abstract
A system includes an industrial controller having a memory and a processor configured to operate the industrial controller in an open mode, wherein the open mode is configured to enable the industrial controller to receive instructions via unauthenticated network connection or a local connection. The processor of the industrial controller is further configured to operate the industrial controller in a secure mode, wherein the secure mode is configured to enable the industrial controller to receive instructions only via an authenticated network connection.
69 Citations
20 Claims
-
1. A system, comprising:
an industrial controller comprising a memory and a processor configured to; operate the industrial controller in an open mode, wherein the open mode is configured to enable the processor of the industrial controller to receive instructions via an unauthenticated network connection or a local connection; and subsequently operate the industrial controller in a secure mode instead of the open mode, wherein the secure mode is configured to enable the processor of the industrial controller to receive instructions only via an authenticated network connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method, comprising:
-
operating an industrial controller in an open mode, wherein the industrial controller is configured to mutually exclusively operate in one of the open mode, a negotiation mode, an authentication mode, or a secure mode, and wherein the open mode comprises a processor of the industrial controller communicating with a configuration tool using an unauthenticated network connection; receiving instructions from the configuration tool to operate the industrial controller in the secure more; operating the industrial controller in the negotiation mode, wherein the negotiation mode comprises the processor acquiring a security certificate from a certificate authority and disabling unauthenticated network connections; and operating the industrial controller in the authentication mode, wherein the authenticating mode comprises the processor establishing a certificate-authenticated network connection with the configuration tool; and operating the industrial controller in the secure mode, wherein the secure mode comprises the processor communicating with the configuration tool via the certificate-authenticated network connection. - View Dependent Claims (12, 13, 14)
-
-
15. A tangible, non-transitory, computer-readable medium configured to store instructions executable by a processor of an industrial controller, the instruction comprising:
instructions to cease operating in an open mode and to begin operating in a secure mode, comprising; instructions to block the processor from receiving instructions via unauthenticated network connections or via local ports; instructions to enable the processor to receive instructions via authenticated network connections; and instructions for the processor to verify that an executable file stored on the computer-readable medium has not been altered before executing the file. - View Dependent Claims (16, 17, 18, 19, 20)
Specification