Industrial protocol system authentication and firewall

US 9,054,863 B2
Filed: 09/04/2012
Issued: 06/09/2015
Est. Priority Date: 09/04/2012
Status: Active Grant

First Claim

Patent Images

1. An industrial controller with a processor executing a program stored in a non-transitory computer-readable storage medium wherein the program instructs the processor to perform the following steps:

(a) in response to a transaction request to the industrial controller from a client device, determine if an authenticated common industrial protocol (CIP) connection has been established with the client device, and allow further access to the industrial controller by the client device if an authenticated CIP connection has been established;

(b) if an authenticated CIP connection has not been established, randomly generate an exchange key and send the exchange key to the client device in response to the transaction request;

(c) combine the exchange key with a locally stored pass key to produce an authentication code; and

(d) compare a challenge key received from the client device to the authentication code to determine a match between the challenge key and the authentication code;

wherein a successful match between the challenge key and the authentication code allows the client device to further access the industrial controller using a CIP connection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects of the present invention provide machines, systems, and methods in which industrial control systems may be secured from compromise and/or disruption via authentication and firewall. In particular, an industrial controller may: randomly generate an exchange key and send the exchange key to a client device in response to a transaction request originating from the client device; combine the exchange key with a locally stored pass key to produce an authentication code; and compare a challenge key received from the client device to the authentication code to determine a match between the challenge key and the authentication code. A successful match between the challenge key and the authentication code may allow the client device to further access the industrial controller using a common industrial protocol (CIP), and a failed match between the challenge key and the authentication code may prevent the client device from further access to the industrial controller.

9 Citations

View as Search Results

20 Claims

1. An industrial controller with a processor executing a program stored in a non-transitory computer-readable storage medium wherein the program instructs the processor to perform the following steps:
- (a) in response to a transaction request to the industrial controller from a client device, determine if an authenticated common industrial protocol (CIP) connection has been established with the client device, and allow further access to the industrial controller by the client device if an authenticated CIP connection has been established;
  
  (b) if an authenticated CIP connection has not been established, randomly generate an exchange key and send the exchange key to the client device in response to the transaction request;
  
  (c) combine the exchange key with a locally stored pass key to produce an authentication code; and
  
  (d) compare a challenge key received from the client device to the authentication code to determine a match between the challenge key and the authentication code;
  
  wherein a successful match between the challenge key and the authentication code allows the client device to further access the industrial controller using a CIP connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The industrial controller of claim 1, wherein the exchange key is combined with the locally stored pass key using a cryptographic hash function.
  - 3. The industrial controller of claim 2, wherein the cryptographic hash function is MD5.
  - 4. The industrial controller of claim 2, wherein the cryptographic hash function is SHA-1.
  - 5. The industrial controller of claim 1, wherein the industrial controller communicates with the client device over a Universal Serial Bus (USB) network.
  - 6. The industrial controller of claim 1, wherein the industrial controller communicates with the client device over an Ethernet network.
  - 7. The industrial controller of claim 1, wherein the industrial controller communicates with a plurality of I/O modules over a. control network using a CIP connection to thereby control an industrial process.
  - 8. The industrial controller of claim 7, wherein after a successful match between the challenge key and the authentication code, the client device is allowed to alter a control program for controlling the industrial process.
  - 9. The industrial controller of claim 7, wherein the client device and the plurality of I/O modules are on the same control network.
  - 10. The industrial controller of claim 9, wherein the control network is an EtherNet/IP network.
  - 11. The industrial controller of claim 1, wherein the industrial controller adds delay for a predetermined amount of time after sending the exchange key to the client device.
  - 12. The industrial controller of claim 1, wherein the exchange key is valid for combining with a locally stored pass key to produce the authentication code for only a predetermined amount of time.
  - 13. The industrial controller of claim 1, further comprising the step of no longer sending an exchange key to the client device after a predetermined number of failed matches between the challenge key and the authentication code.
  - 14. The industrial controller of claim 1, further comprising the following steps:
    - (a) applying a decryption algorithm on an encrypted replacement pass key received from the client device to produce a decrypted replacement pass key; and
      
      (b) replacing the locally stored pass key with the decrypted replacement pass key following a successful match between the challenge key and the authentication code.
  - 15. The industrial controller of claim 1, wherein the industrial controller identifies cryptographic capabilities of the client device based on information contained in the transaction request originating from the client device.
  - 16. The industrial controller of claim 15, wherein the industrial controller sends to the client device identification of the strongest cryptographic capability supported by both the industrial controller and the client device based on the information contained, in the transaction request originating from the client device.
  - 17. The industrial controller of claim 1, wherein the further access to the industrial controller using a CIP connection is not the complete available access.
  - 18. The industrial controller of claim 17, wherein the industrial controller combines an exchange key with a different locally stored pass key to produce a different authentication code, wherein a successful match between the challenge key and the different authentication code allows the client device to further access different functionality of the industrial controller using a common industrial protocol.

19. A secure method for communicating with an industrial controller comprising:
- (a) in response to a transaction request to the industrial controller from a client device, determining if an authenticated common industrial protocol (CIP) connection has been established with the client device, and allowing further access to the industrial controller by the client device if an authenticated CIP connection has been established;
  
  (b) if an authenticated CIP connection has not been established, randomly generating an exchange key and sending the exchange key to the client device in response to the transaction request;
  
  (c) combining the exchange key with a locally stored pass key to produce an authentication code;
  
  (d) comparing a challenge key received from the client device to the authentication code to determining a match between the challenge key and the authentication code; and
  
  (e) allowing the client device to further access the industrial controller using a CIP connection following a successful match between the challenge key and the authentication code.
- View Dependent Claims (20)
- - 20. The method of claim 19, further comprising:
    - (a) applying a decryption algorithm on an encrypted replacement pass key received from the client device to produce a decrypted replacement pass key; and
      
      (b) replacing the locally stored pass key with the decrypted replacement pass key following a successful match between the challenge key and the authentication code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Rockwell Automation Asia Pacific Business Center Pte Ltd (Rockwell Automation, Inc.)
Original Assignee
Rockwell Automation Asia Pacific Business Center Pte Ltd (Rockwell Automation, Inc.)
Inventors
Sin, Ng Pei, Jasper, Taryl, Sinclair, James A.
Primary Examiner(s)
SCOTT, RANDY A

Application Number

US13/603,102
Publication Number

US 20140064482A1
Time in Patent Office

1,008 Days
Field of Search

380/44, 380/282, 726/20, 726/5
US Class Current

1/1
CPC Class Codes

G05B 19/054   Input/output

G05B 2219/1105   I-O

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 9/0891   Revocation or update of sec...

H04L 9/3271   using challenge-response

Industrial protocol system authentication and firewall

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

9 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Industrial protocol system authentication and firewall

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others