Methods and apparatus to identify a degradation of integrity of a process control system
First Claim
Patent Images
1. A method to identify a degradation of integrity of a process control system, the method comprising:
- monitoring, with a processor, a file on a file system of the process control system;
verifying, with the processor, if the file is identified in a system profile, the system profile identifying files expected to be present on the file system;
identifying, with the processor, a degradation of integrity of the process control system when the file is not identified in the system profile;
alerting a process control system provider when the degradation of integrity is identified to indicate that a process control system administrator has attempted to modify the process control system, the process control system provider to supply the process control system to the process control system administrator; and
terminating an illegitimate process associated with the file identified in the system profile when the degradation of integrity is identified.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus to identify a degradation of integrity of a process control system are disclosed. An example method includes identifying a file on a file system of the process control system. The example method further includes determining if the file is identified in a system profile, the system profile identifying files expected to be present. A degradation of integrity of the process control system is identified when the file is not identified in the system profile.
19 Citations
21 Claims
-
1. A method to identify a degradation of integrity of a process control system, the method comprising:
-
monitoring, with a processor, a file on a file system of the process control system; verifying, with the processor, if the file is identified in a system profile, the system profile identifying files expected to be present on the file system; identifying, with the processor, a degradation of integrity of the process control system when the file is not identified in the system profile; alerting a process control system provider when the degradation of integrity is identified to indicate that a process control system administrator has attempted to modify the process control system, the process control system provider to supply the process control system to the process control system administrator; and terminating an illegitimate process associated with the file identified in the system profile when the degradation of integrity is identified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method to identify a degradation of integrity of a process control system, the method comprising:
-
identifying, with a processor, a file on a file system of the process control system; computing a hash value of the file; comparing the computed hash value to a value associated with the file in a system profile, wherein the value associated with the file in the system profile is a previously computed hash value; identifying, with the processor, a degradation of integrity of the process control system when the computed hash value does not match the value associated with the file; alerting a process control system provider when the degradation of integrity is identified to indicate that a process control system administrator has attempted to modify the process control system, the process control system provider to supply the process control system to the process control system administrator; and terminating an illegitimate process associated with the file when the degradation of integrity is identified.
-
-
10. An apparatus to identify a degradation of integrity of a process control system, the apparatus comprising:
-
a file system verifier to monitor a difference between a property of a file stored on a file system of a process control node and a first stored value as a degradation of integrity; an active process verifier to identify a difference between a property of an active process executed by the process control node and a second stored value as the degradation of integrity; and an alerter to alert a process control system provider when the degradation of integrity is identified to indicate that a customer has attempted to modify the process control system, the alerter to terminate an illegitimate process associated with the file when the degradation of integrity is identified, the process control system provider to provide the process control system to a process control system administrator of the process control system, wherein at least one of the file system verifier, the active process verifier, or the alerter is implemented by hardware. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A tangible computer-readable storage disk or storage device storing instructions which, when executed, cause a machine to at least:
-
monitor a file on a file system of a process control system; verify whether the file is identified in a system profile, the system profile identifying files expected to be present on the file system; identify a degradation of integrity of the process control system when the file is not identified in the system profile; alert a process control system provider when the degradation of integrity is identified to indicate that a process control system administrator has attempted to modify the process control system, the process control system provider to supply the process control system to the process control system administrator; and terminate an illegitimate process associated with the file when the degradation of integrity is identified. - View Dependent Claims (17, 18, 19)
-
-
20. A tangible computer-readable storage disk or storage device storing instructions which, when executed, cause a machine to at least:
-
identify a file on a file system of a process control system; compute a hash value of the file; compare the computed hash value to a value associated with the file in a system profile, wherein the value associated with the file in the system profile is a previously computed hash value; identify a degradation of integrity of the process control system when the computed hash value does not match the value associated with the file; alert a process control system provider when the degradation of integrity is identified to indicate that a process control system administrator has attempted to modify the process control system, the process control system provider to supply the process control system to the process control system administrator; and terminate an illegitimate process associated with the file when the degradation of integrity is identified.
-
-
21. A method to identify a degradation of integrity of a process control system, the method comprising:
-
monitoring, with a processor, a file on a file system of the process control system, the process control system to control at least one of industrial or utility service facilities; verifying, with the processor, if the file is identified in a system profile, the system profile identifying files expected to be present on the file system; identifying, with the processor, a degradation of integrity of the process control system when the file is not identified in the system profile; alerting a process control system provider when the degradation of integrity is identified to indicate that a customer operator has modified the process control system, the process control system provider to configure and supply the process control system to the customer operator; and terminating an illegitimate process associated with the file when the degradation of integrity is identified.
-
Specification