Securing devices to process control systems

US 9,397,836 B2
Filed: 08/11/2014
Issued: 07/19/2016
Est. Priority Date: 08/11/2014
Status: Active Grant

First Claim

Patent Images

1. A process control device for use in a process control plant, the process control device comprising:

a processor;

a non-volatile memory storing data indicative of a set of necessary attributes that are required for the process control device to be allowed to communicate with another device using a network of the process control plant, the set of necessary attributes being descriptive of an environment of the process control plant in which the process control device is allowed to communicate with the another device, and the process control plant including at least one field device that performs a respective physical function to control one or more processes executing within the process control plant; and

computer-executable instructions stored on the non-volatile memory or on another memory of the process control device, the computer-executable instructions being executable by the processor after a boot up of the process control device and prior to the process control device communicating with any other device to at least one of;

(i) configure the process control device, or (ii) at least one of transmit or receive data used to control at least one of the one or more processes in the process control plant,wherein the computer-executable instructions, when executed by the processor, cause the process control device to;

determine a set of current attributes of a current environment of the process control plant in which the process control device is located after the boot up,determine, based on the data indicative of the set of necessary attributes, whether or not the set of current attributes of the current environment of the process control plant in which the process control device is located adheres to the set of necessary attributes,when the set of current attributes adheres to the set of necessary attributes, allow the process control device to communicate with the another device to at least one of;

(i) configure the process control device, or (ii) at least one of transmit or receive real-time data to cause the at least one of the one or more processes to be controlled, andwhen the set of current attributes does not adhere to the set of necessary attributes, prevent the process control device from communicating with the another device to at least one of;

(i) configure the process control device, or (ii) at least one of transmit or receive the real-time data to cause the at least one of the one or more processes to be controlled;

wherein the process control device is one of;

a field device that performs a respective physical function to control the at least one of the one or more processes executing within the process control plant, a process controller that transmits to or receives from the field device signals corresponding to respective physical function of the field device, or an input/output (I/O) card communicatively connecting the field device and the process controller; and

wherein a downloaded configuration configures the process control device with a definition of a behavior of the process control device to control, in conjunction with one or more other process control devices, the at least one of the one or more processes executing within the process control plant when the set of current attributes adheres to the set of necessary attributes.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for securing a device for use in or with a process plant include provisioning the device with a key generated at least in part from data indicative of necessary conditions and/or attributes that must be met before the device is allowed access to a network of the process plant. Upon initialization, the device determines, based on the key, whether or not the necessary conditions are met, and the device isolates itself or accesses the process control network accordingly. Keys and the necessary conditions/attributes indicated therein may be based on, for example, location, time, context, customer, supplier, particular plant, manufacturer, user, data type, device type, and/or other criteria. Additionally, sub-keys associated with a key may be generated from another set of necessary conditions/attributes. Sub-keys may be provided by a different entity than the key provider entity.

Citations

10 Claims

1. A process control device for use in a process control plant, the process control device comprising:
- a processor;
  
  a non-volatile memory storing data indicative of a set of necessary attributes that are required for the process control device to be allowed to communicate with another device using a network of the process control plant, the set of necessary attributes being descriptive of an environment of the process control plant in which the process control device is allowed to communicate with the another device, and the process control plant including at least one field device that performs a respective physical function to control one or more processes executing within the process control plant; and
  
  computer-executable instructions stored on the non-volatile memory or on another memory of the process control device, the computer-executable instructions being executable by the processor after a boot up of the process control device and prior to the process control device communicating with any other device to at least one of;
  
  (i) configure the process control device, or (ii) at least one of transmit or receive data used to control at least one of the one or more processes in the process control plant,wherein the computer-executable instructions, when executed by the processor, cause the process control device to;
  
  determine a set of current attributes of a current environment of the process control plant in which the process control device is located after the boot up,determine, based on the data indicative of the set of necessary attributes, whether or not the set of current attributes of the current environment of the process control plant in which the process control device is located adheres to the set of necessary attributes,when the set of current attributes adheres to the set of necessary attributes, allow the process control device to communicate with the another device to at least one of;
  
  (i) configure the process control device, or (ii) at least one of transmit or receive real-time data to cause the at least one of the one or more processes to be controlled, andwhen the set of current attributes does not adhere to the set of necessary attributes, prevent the process control device from communicating with the another device to at least one of;
  
  (i) configure the process control device, or (ii) at least one of transmit or receive the real-time data to cause the at least one of the one or more processes to be controlled;
  
  wherein the process control device is one of;
  
  a field device that performs a respective physical function to control the at least one of the one or more processes executing within the process control plant, a process controller that transmits to or receives from the field device signals corresponding to respective physical function of the field device, or an input/output (I/O) card communicatively connecting the field device and the process controller; and
  
  wherein a downloaded configuration configures the process control device with a definition of a behavior of the process control device to control, in conjunction with one or more other process control devices, the at least one of the one or more processes executing within the process control plant when the set of current attributes adheres to the set of necessary attributes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The process control device of claim 1, further comprising a geo-spatial receiver, and wherein:
    - the computer-executable instructions are further executable by the processor to cause the process control device to determine, using the geo-spatial receiver, a current geo-spatial position of process control device, andthe set of necessary attributes corresponding to the environment of the process control plant in which the process control device is located includes a particular geo-spatial area.
  - 3. The process control device of claim 2, wherein:
    - the computer-executable instructions are further executable to cause the process control device to determine a current time, andthe set of necessary attributes corresponding to the environment of the process control plant in which the process control device is located further include a particular time interval corresponding to the particular geo-spatial area.
  - 4. The process control device of claim 1, wherein the non-volatile memory is provisioned with a key for use for use in authenticating the process control device to the network of the process control plant, the key is generated based on a seed, the seed comprises key generation data and a number that is randomly generated or pseudo-randomly generated, and the key generation data is indicative of the set of necessary attributes that are required for the process control device to be allowed to communicate with the another device using the network of the process control plant.
  - 5. The process control device of claim 4, wherein:
    - the key provisioned into the non-volatile memory of the process control device is an encrypted key,the encrypted key is generated by encrypting an unencrypted key, andthe seed is used to generate the unencrypted key.
  - 6. The process control device of claim 4, further comprising additional computer executable instructions that, when executed by the processor, cause the process control device to authenticate with the another device or with a certificate authority using the key provisioned into the non-volatile memory after the set of current attributes have been determined to adhere to the set of necessary attributes and prior to the process control device communicating with the another device to at least one of:
    - (i) configure the device, or (ii) at least one of transmit or receive the real-time data to cause the at least one of the one or more processes to be controlled.
  - 7. The process control device of claim 1, wherein at least a portion of the transmitted or received real-time data is included in a content of a message, and wherein data included in a message integrity field of the message to validate the content of the message is based on the key or is based on a sub-key generated based on the key.
  - 8. The process control device of claim 1, wherein the set of necessary attributes includes at least one of:
    - a type of data transmitted by the process control device to control the at least one of the one or more processes, a type of data received by the process control device to control the at least one of the one or more processes, a manufacturer of the process control device, an identification of the process control plant, an identification of an area of the process control plant, an identification of an organizational entity operating the process control plant, or an identification of a country in which the process control plant is located.
  - 9. The process control device of claim 8,wherein the set of necessary attributes further includes an attribute of a user.
  - 10. The process control device of claim 1, further comprising an interface communicatively connecting the process control device to a centralized or distributed big data appliance, and wherein the process control device provides the real-time data to the centralized or distributed big data appliance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fisher-Rosemount Systems Incorporated (Emerson Electric Company)
Original Assignee
Fisher-Rosemount Systems Incorporated (Emerson Electric Company)
Inventors
Nixon, Mark J., Beoughter, Ken J., Christensen, Daniel D., Chen, Deji, Moore, James H. Jr.
Primary Examiner(s)
ZAIDI, SYED A

Application Number

US14/456,763
Publication Number

US 20160043866A1
Time in Patent Office

708 Days
Field of Search

713/168
US Class Current

1/1
CPC Class Codes

G05B 19/418   Total factory control, i.e....

G05B 19/41855   by local area network [LAN]...

G05B 2219/24167   Encryption, password, user ...

H04L 9/0869   involving random numbers or...

H04L 9/0872   using geo-location informat...

H04L 9/32   including means for verifyi...

H04L 9/3226   using a predetermined code,...

Securing devices to process control systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Securing devices to process control systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links