Method and system for transmitting control data in a manner that is secured against manipulation
First Claim
1. A method for recognizing manipulation during transmission of control data from a first controller to a second controller via a transmission network, the first controller including a processor and memory and being connected to a first control network including a first gateway, the second control network including a second gateway, the first and second control networks comprising production cells in a production plant, the method comprising the steps of:
- (a) generating, by an integrity check generator arranged in the first gateway, integrity check information data on a transmitter side for the control data transmitted by the first controller connected to the first control network, the first controller transmitting the control data;
(b) calculating a cryptographic checksum for the integrity check information data generated on the transmitter side by the integrity check generator using a cryptographic key;
(c) transmitting, via the transmission network, the integrity check information data generated on the transmitter side and the corresponding cryptographic checksum calculated by the integrity check generator to an integrity check verifier arranged in the second gateway, the integrity check verifier verifying the cryptographic checksum on a receiver side using the cryptographic key;
(d) generating, by the integrity check verifier, integrity check information data on the receiver side for the control data received by the second controller connected to the second control network; and
(e) comparing, by the integrity check verifier, the integrity check information data generated on the receiver side by the integrity check verifier and the integrity check information data generated on the transmitter side and received together with the cryptographic checksum which is verified by the integrity check verifier to detect manipulation of the transmitted control data.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for detecting manipulation when control data are transmitted from a first control unit to a second control unit via a network, which includes generating integrity check information data for the control data transmitted by the first control unit via an integrity check generating unit on the transmitter side, calculating a cryptographic checksum for the integrity check information data generated on the transmitter side via the integrity check generating unit, transmitting the integrity check information data and the cryptographic checksum to an integrity check verifying unit that verifies the cryptographic checksum on the receiver side, generating integrity check information data on the receiver side for the control data received by the second control unit using the integrity check verifying unit, and comparing the integrity check information data and the integrity check information data with the cryptographic checksum to detect the manipulation of the transmitted control data.
-
Citations
21 Claims
-
1. A method for recognizing manipulation during transmission of control data from a first controller to a second controller via a transmission network, the first controller including a processor and memory and being connected to a first control network including a first gateway, the second control network including a second gateway, the first and second control networks comprising production cells in a production plant, the method comprising the steps of:
-
(a) generating, by an integrity check generator arranged in the first gateway, integrity check information data on a transmitter side for the control data transmitted by the first controller connected to the first control network, the first controller transmitting the control data; (b) calculating a cryptographic checksum for the integrity check information data generated on the transmitter side by the integrity check generator using a cryptographic key; (c) transmitting, via the transmission network, the integrity check information data generated on the transmitter side and the corresponding cryptographic checksum calculated by the integrity check generator to an integrity check verifier arranged in the second gateway, the integrity check verifier verifying the cryptographic checksum on a receiver side using the cryptographic key; (d) generating, by the integrity check verifier, integrity check information data on the receiver side for the control data received by the second controller connected to the second control network; and (e) comparing, by the integrity check verifier, the integrity check information data generated on the receiver side by the integrity check verifier and the integrity check information data generated on the transmitter side and received together with the cryptographic checksum which is verified by the integrity check verifier to detect manipulation of the transmitted control data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A data transmission system for transmitting control data from a first controller to a second controller via a transmission network, the first controller including a processor and memory and being connected to a first control network including a first gateway, the second controller being connected to a second control network including a second gateway, the first and second control networks comprising production cells in a production plant, the data transmission system comprising:
-
(a) at least one integrity check generator arranged in the first gateway and configured to generate integrity check information data on a transmitter side for the control data transmitted by the first controller connected to the first control network and calculate a cryptographic checksum for the integrity check information data generated using a cryptographic key, the first controller transmitting the control data via the transmission network; and (b) at least one integrity check verifier arranged in the second gateway and configured to receive the integrity check information data generated by the integrity check generator arranged in the first gateway on the transmitter side, receive an associated calculated cryptographic checksum and verify the cryptographic checksum using the cryptographic key; wherein the integrity check verifier generates the integrity check information data for the control data received by the second controller connected to the second control network on the receiver side and compares the integrity check information data generated on the receiver side with the integrity check information data received and generated on the transmitter side together with the verified cryptographic checksum to detect manipulation of the transmitted control data. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification