Securing devices to process control systems
First Claim
1. A process control device for use in a process control plant, the process control device comprising:
- a processor;
a non-volatile memory storing data indicative of a set of necessary attributes that are required for the process control device to be allowed to communicate with another device using a network of the process control plant, the set of necessary attributes being descriptive of an environment of the process control plant in which the process control device is allowed to communicate with the another device, and the process control plant including at least one field device that performs a respective physical function to control one or more processes executing within the process control plant; and
computer-executable instructions stored on the non-volatile memory or on another memory of the process control device, the computer-executable instructions being executable by the processor after a boot up of the process control device and prior to the process control device communicating with any other device to at least one of;
(i) configure the process control device, or (ii) at least one of transmit or receive data used to control at least one of the one or more processes in the process control plant,wherein the computer-executable instructions, when executed by the processor, cause the process control device to;
determine a set of current attributes of a current environment of the process control plant in which the process control device is located after the boot up,determine, based on the data indicative of the set of necessary attributes, whether or not the set of current attributes of the current environment of the process control plant in which the process control device is located adheres to the set of necessary attributes,when the set of current attributes adheres to the set of necessary attributes, allow the process control device to communicate with the another device to at least one of;
(i) configure the process control device, or (ii) at least one of transmit or receive real-time data to cause the at least one of the one or more processes to be controlled, andwhen the set of current attributes does not adhere to the set of necessary attributes, prevent the process control device from communicating with the another device to at least one of;
(i) configure the process control device, or (ii) at least one of transmit or receive the real-time data to cause the at least one of the one or more processes to be controlled;
wherein the process control device is one of;
a field device that performs a respective physical function to control the at least one of the one or more processes executing within the process control plant, a process controller that transmits to or receives from the field device signals corresponding to respective physical function of the field device, or an input/output (I/O) card communicatively connecting the field device and the process controller; and
wherein a downloaded configuration configures the process control device with a definition of a behavior of the process control device to control, in conjunction with one or more other process control devices, the at least one of the one or more processes executing within the process control plant when the set of current attributes adheres to the set of necessary attributes.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for securing a device for use in or with a process plant include provisioning the device with a key generated at least in part from data indicative of necessary conditions and/or attributes that must be met before the device is allowed access to a network of the process plant. Upon initialization, the device determines, based on the key, whether or not the necessary conditions are met, and the device isolates itself or accesses the process control network accordingly. Keys and the necessary conditions/attributes indicated therein may be based on, for example, location, time, context, customer, supplier, particular plant, manufacturer, user, data type, device type, and/or other criteria. Additionally, sub-keys associated with a key may be generated from another set of necessary conditions/attributes. Sub-keys may be provided by a different entity than the key provider entity.
-
Citations
10 Claims
-
1. A process control device for use in a process control plant, the process control device comprising:
-
a processor; a non-volatile memory storing data indicative of a set of necessary attributes that are required for the process control device to be allowed to communicate with another device using a network of the process control plant, the set of necessary attributes being descriptive of an environment of the process control plant in which the process control device is allowed to communicate with the another device, and the process control plant including at least one field device that performs a respective physical function to control one or more processes executing within the process control plant; and computer-executable instructions stored on the non-volatile memory or on another memory of the process control device, the computer-executable instructions being executable by the processor after a boot up of the process control device and prior to the process control device communicating with any other device to at least one of;
(i) configure the process control device, or (ii) at least one of transmit or receive data used to control at least one of the one or more processes in the process control plant,wherein the computer-executable instructions, when executed by the processor, cause the process control device to; determine a set of current attributes of a current environment of the process control plant in which the process control device is located after the boot up, determine, based on the data indicative of the set of necessary attributes, whether or not the set of current attributes of the current environment of the process control plant in which the process control device is located adheres to the set of necessary attributes, when the set of current attributes adheres to the set of necessary attributes, allow the process control device to communicate with the another device to at least one of; (i) configure the process control device, or (ii) at least one of transmit or receive real-time data to cause the at least one of the one or more processes to be controlled, and when the set of current attributes does not adhere to the set of necessary attributes, prevent the process control device from communicating with the another device to at least one of;
(i) configure the process control device, or (ii) at least one of transmit or receive the real-time data to cause the at least one of the one or more processes to be controlled;wherein the process control device is one of;
a field device that performs a respective physical function to control the at least one of the one or more processes executing within the process control plant, a process controller that transmits to or receives from the field device signals corresponding to respective physical function of the field device, or an input/output (I/O) card communicatively connecting the field device and the process controller; andwherein a downloaded configuration configures the process control device with a definition of a behavior of the process control device to control, in conjunction with one or more other process control devices, the at least one of the one or more processes executing within the process control plant when the set of current attributes adheres to the set of necessary attributes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification