Industrial protocol system authentication and firewall

US 9,485,245 B2
Filed: 05/06/2015
Issued: 11/01/2016
Est. Priority Date: 09/04/2012
Status: Active Grant

First Claim

Patent Images

1. An industrial controller comprising a processor executing a program stored in a non-transitory computer-readable storage medium operable to:

determine whether an authenticated network connection has been established between the industrial controller and a client device; and

if an authenticated network connection has been established, allow the client device to access to the industrial controller, and if an authenticated network connection has not been established;

(a) randomly generate an exchange key;

(h) send the exchange key to the client device;

(c) combine the exchange key with a locally stored pass key to produce an authentication code;

(d) compare a challenge key received from the client device to the authentication code to determine whether a match between the challenge key and the authentication code exists; and

(e) if a match between the challenge key and the authentication code exists, allow the client device to access to the industrial controller.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects of the present invention provide machines, systems, and methods in which industrial control systems may be secured from compromise and/or disruption via authentication and firewall. In particular, an industrial controller may: randomly generate an exchange key and send the exchange key to a client device in response to a transaction request originating from the client device; combine the exchange key with a locally stored pass key to produce an authentication code; and compare a challenge key received from the client device to the authentication code to determine a match between the challenge key and the authentication code. A successful match between the challenge key and the authentication code may allow the client device to further access the industrial controller using a common industrial protocol (CIP), and a failed match between the challenge key and the authentication code may prevent the client device from further access to the industrial controller.

Citations

20 Claims

1. An industrial controller comprising a processor executing a program stored in a non-transitory computer-readable storage medium operable to:
- determine whether an authenticated network connection has been established between the industrial controller and a client device; and
  
  if an authenticated network connection has been established, allow the client device to access to the industrial controller, and if an authenticated network connection has not been established;
  
  (a) randomly generate an exchange key;
  
  (h) send the exchange key to the client device;
  
  (c) combine the exchange key with a locally stored pass key to produce an authentication code;
  
  (d) compare a challenge key received from the client device to the authentication code to determine whether a match between the challenge key and the authentication code exists; and
  
  (e) if a match between the challenge key and the authentication code exists, allow the client device to access to the industrial controller.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The industrial controller of claim 1, further comprising being operable to communicate with the client device over a control network that allows real-time control of an industrial process or machine.
  - 3. The industrial controller of claim 1, further comprising being operable to communicate with the client device over an EtherNet/IP network.
  - 4. The industrial controller of claim 3, wherein the authenticated network connection is a Common Industrial Protocol (CIP) connection.
  - 5. The industrial controller of claim 1, further comprising being operable to use a cryptographic hash function to combine the exchange key with a locally stored pass key.
  - 6. The industrial controller of claim 1, further comprising, if a match exists, being operable to allow the client device to alter a control program for controlling an industrial process.
  - 7. The industrial controller of claim 1, further comprising, after sending the exchange key to the client device in step (b), being operable to add delay for a predetermined amount of time.
  - 8. The industrial controller of claim 1, further comprising being operable to keep the exchange key valid for combining with a locally stored pass key for only a predetermined amount of time.
  - 9. The industrial controller of claim 1, further comprising being operable to stop sending an exchange key to the client device after a predetermined number of failed matches between the challenge key and the authentication code.

10. A secure method for communicating with an industrial controller comprising:
- determining whether an authenticated network connection has been established between the industrial controller and a client device; and
  
  if an authenticated network connection has been established, allowing the client device to access to the industrial controller, and if an authenticated network connection has not been established;
  
  (a) randomly generating an exchange key;
  
  (b) sending the exchange key to the client device;
  
  (c) combining the exchange key with a locally stored pass key to produce an authentication code;
  
  (d) comparing a challenge key received from the client device to the authentication code to determine whether a match between the challenge key and the authentication code exists; and
  
  (e) if a match between the challenge key and the authentication code exists, allowing the client device to access to the industrial controller.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method of claim 10, further comprising communicating with the client device over a control network that allows real-time control of an industrial process or machine.
  - 12. The method of claim 10, further comprising communicating with the client device over an EtherNet/IP network.
  - 13. The method of claim 12, wherein the authenticated network connection is a Common Industrial Protocol (CIP) connection.
  - 14. The method of claim 10, further comprising, after sending the exchange key to the client device in step (b), adding delay for a predetermined amount of time.
  - 15. The method of claim 10, further comprising keeping the exchange key valid for combining with a locally stored pass key for only a predetermined amount of time.
  - 16. The method of claim 10, further comprising no longer sending an exchange key to the client device after a predetermined number of failed matches between the challenge key and the authentication code.

17. A programmable logic controller (PLC) for controlling an industrial process or machine, the PLC comprising a processor executing a program stored in a non-transitory computer-readable storage medium operable to:
- in response to a transaction request from a client device over a network, determine whether an authenticated network connection has been established between the PLC and the client device; and
  
  if an authenticated network connection has been established, allow the client device to access to the PLC, and if an authenticated network connection has not been established;
  
  (a) randomly generate an exchange key;
  
  (b) send the exchange key to the client device;
  
  (c) combine the exchange key with a locally stored pass key to produce an authentication code;
  
  (d) compare a challenge key received from the client device to the authentication code to determine whether a match between the challenge key and the authentication code exists; and
  
  (e) if a match between the challenge key and the authentication code exists, allow the client device to access to the PLC.
- View Dependent Claims (18, 19, 20)
- - 18. The PLC of claim 17, wherein the network is a control network allowing real-time control of an industrial process or machine.
  - 19. The PLC of claim 17, wherein the network implements EtherNet/IP.
  - 20. The PLC of claim 19, wherein the authenticated network connection is a Common Industrial Protocol (CIP) connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Rockwell Automation Asia Pacific Business Center Pte Ltd (Rockwell Automation, Inc.)
Original Assignee
Rockwell Automation Asia Pacific Business Center PTD Limited
Inventors
Ng, Pei Sin, Sinclair, James Andrew, Jasper, Taryl
Primary Examiner(s)
Scott, Randy

Application Number

US14/705,133
Publication Number

US 20150237036A1
Time in Patent Office

545 Days
Field of Search

726/2, 726/6, 726/12, 726/17, 380/30, 380/44, 380/282
US Class Current

1/1
CPC Class Codes

G05B 19/054   Input/output

G05B 2219/1105   I-O

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 9/0891   Revocation or update of sec...

H04L 9/3271   using challenge-response

Industrial protocol system authentication and firewall

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Industrial protocol system authentication and firewall

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links