Method and device for providing a cryptographic key for a field device

US 9,026,806 B2
Filed: 12/15/2011
Issued: 05/05/2015
Est. Priority Date: 01/14/2011
Status: Active Grant

First Claim

Patent Images

1. A security device assembly for providing a cryptographic key for a field device, comprising:

a security device configured for receiving from at least one tamper sensor assigned to the field device a manipulation message emitted by the at least one tamper sensor upon detecting a physical manipulation carried out on the field device by an attacker accessing the field device;

said security device being configured to make the cryptographic key available to the field device only if the security device does not receive a manipulation message from the at least one tamper sensor assigned to the field device;

wherein the at least one tamper sensor is configured to obtain an energy supply for generating the manipulation message to said security device from energy produced during the physical manipulation carried out on the field device by the attacker accessing the field device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security device and a method provide a cryptographic key for a field device. The security device is connected to at least one tamper sensor which is associated with the field device and which, when a physical manipulation carried out on the field device is detected, a manipulation message is emitted. The cryptographic key is only provided to the field device by the security device if the security device does not receive a manipulation message from the tamper sensors associated with the field device.

23 Citations

View as Search Results

15 Claims

1. A security device assembly for providing a cryptographic key for a field device, comprising:
- a security device configured for receiving from at least one tamper sensor assigned to the field device a manipulation message emitted by the at least one tamper sensor upon detecting a physical manipulation carried out on the field device by an attacker accessing the field device;
  
  said security device being configured to make the cryptographic key available to the field device only if the security device does not receive a manipulation message from the at least one tamper sensor assigned to the field device;
  
  wherein the at least one tamper sensor is configured to obtain an energy supply for generating the manipulation message to said security device from energy produced during the physical manipulation carried out on the field device by the attacker accessing the field device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The security device assembly according to claim 1, wherein the at least one tamper sensor is connected to said security device wirelessly or hardwired.
  - 3. The security device assembly according to claim 1, wherein said at least one tamper sensor is connected directly to the field device or is attached to a closed housing or control cabinet in which the field device is disposed.
  - 4. The security device assembly according to claim 1, wherein said security device is configured to make the cryptographic key available to the field device when the field device logs onto a network only after the field device has successfully authenticated itself to said security device.
  - 5. The security device assembly according to claim 1, wherein the cryptographic key made available by said security device is used by the field device for encrypting or decrypting messages which the field device exchanges with other field devices or with a gateway node of a network.
  - 6. The security device assembly according to claim 1, wherein said security device includes a reading unit receiving messages from the tamper sensors wirelessly.
  - 7. The security device assembly according to claim 1, wherein the at least one tamper sensor connected to said security device are active or passive sensors for registering physical manipulations carried out on the field device.
  - 8. The security device assembly according to claim 7, wherein the at least one tamper sensor is one or more tamper sensors selected from the group consisting of:
    - electric or magnetic switches,sensors for registering electromagnetic radiation,sensors for registering ion beams,temperature sensors for registering changes in temperature,proximity sensors for registering an approaching object,motion sensors, andwire-mesh sensors.
  - 9. The security device assembly according to claim 7, further comprising at least one additional tamper sensor configured for obtaining an energy supply for generating the manipulation message to said security device from a field emitted by said security device.
  - 10. The security device assembly according to claim 1, wherein the at least one tamper sensor assigned to the respective field device is reported to said security device by the field device or said at least one tamper sensor is interrogated by said security device from a database on the basis of a device ID of the respective field device.
  - 11. The security device assembly according to claim 10, wherein said at least one tamper sensor assigned to the field device is coded into a digital device certificate of the respective field device.

12. A method of providing a cryptographic key for a field device, the method which comprises:
- monitoring with one or more tamper sensors a potential physical manipulation carried out on the field device;
  
  providing a security device; and
  
  making the cryptographic key available to the field device by the security device only if, within a specified period of time, the security device does not receive from the one or more tamper sensors assigned to the field device a manipulation message reporting a physical manipulation carried out on the field device by an attacker accessing the field device;
  
  wherein at least one of the tamper sensors obtains energy for generating a manipulation message from energy produced during the physical manipulation carried out on the field device by the attacker accessing the field device.
- View Dependent Claims (13, 14, 15)
- - 13. The method according to claim 12, which comprises making the cryptographic key available to the field device by the security device only after successful authentication of the field device to the security device.
  - 14. The method according to claim 12, wherein at least one of the tamper sensors obtains energy for generating a manipulation message from a field radiated by the security device.
  - 15. The method according to claim 12, wherein the cryptographic key made available by the security device is a session key used by the field device for communicating with other field devices or with a gateway of a network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Siemens AG
Original Assignee
Siemens AG
Inventors
Falk, Rainer, Fries, Steffen
Primary Examiner(s)
Abrishamkar, Kaveh

Application Number

US13/979,729
Publication Number

US 20130311791A1
Time in Patent Office

1,237 Days
Field of Search

None
US Class Current

713/194
CPC Class Codes

G05B 19/0425   Safety, monitoring

G05B 2219/25428   Field device

G06F 21/55   Detecting local intrusion o...

G06F 21/72   in cryptographic circuits

G06F 21/86   Secure or tamper-resistant ...

H04L 63/061   for key exchange, e.g. in p...

H04L 67/12   specially adapted for propr...

H04W 12/041   Key generation or derivation

H04W 12/122   Counter-measures against at...

Method and device for providing a cryptographic key for a field device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Method and device for providing a cryptographic key for a field device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links