Method and system for connecting a controller for a machine to a higher-level IT system
First Claim
Patent Images
1. A method for connecting at least one controller for a machine or plant to a higher-level IT system in a manufacturing environment, comprising:
- providing a integration layer,providing a controller image of the controller in the integration layer, said controller image having data describing a current state of the controller using parameters monitored by the higher-level IT system, wherein the integration layer comprises a configuration file defining characteristics of the controller image, said parameters including incoming sensor signals to the controller or outgoing actuator signals from the controller and being composed of a combination of a sum of the same or other parameters,accessing the controller image of the controller in the integration layer from the higher-level IT system,configuring the controller to initiate all communication with the integration layer and the controller so as to be invisible to the higher-level IT system in the computer network,prior to transmitting a controller-relevant data or data derived from the controller relevant data to the integration layer, filtering the controller relevant data or transforming the controller-relevant data into a generic data model, andback-transforming the controller-relevant data transmitted to the integration layer into a proprietary data model prior to forwarding the controller-relevant data to the integration layer,wherein the controller image is accessed in the integration layer via a Controller Data Access (CDA) interface, wherein the configuration file is accessed via a Controller data Configuration (CDC) interface, and wherein a complete separation is provided between a data transmission from the integration layer to the higher-level IT system via the Controller Data Access interface and a data transmission from the higher-level IT system to the integration layer via the Controller Data Configuration interface.
1 Assignment
0 Petitions
Accused Products
Abstract
In a method for securely connecting a controller for a machine or plant to a higher-level IT system, an integration layer is provided between the controller and the IT system, a controller image of the controller is generated in the integration layer, and the controller image is accessed from the IT system. The IT system thus always accesses the controller image rather than directly the controller. This prevents malware from gaining access to the controller e.g. via a network.
-
Citations
14 Claims
-
1. A method for connecting at least one controller for a machine or plant to a higher-level IT system in a manufacturing environment, comprising:
-
providing a integration layer, providing a controller image of the controller in the integration layer, said controller image having data describing a current state of the controller using parameters monitored by the higher-level IT system, wherein the integration layer comprises a configuration file defining characteristics of the controller image, said parameters including incoming sensor signals to the controller or outgoing actuator signals from the controller and being composed of a combination of a sum of the same or other parameters, accessing the controller image of the controller in the integration layer from the higher-level IT system, configuring the controller to initiate all communication with the integration layer and the controller so as to be invisible to the higher-level IT system in the computer network, prior to transmitting a controller-relevant data or data derived from the controller relevant data to the integration layer, filtering the controller relevant data or transforming the controller-relevant data into a generic data model, and back-transforming the controller-relevant data transmitted to the integration layer into a proprietary data model prior to forwarding the controller-relevant data to the integration layer, wherein the controller image is accessed in the integration layer via a Controller Data Access (CDA) interface, wherein the configuration file is accessed via a Controller data Configuration (CDC) interface, and wherein a complete separation is provided between a data transmission from the integration layer to the higher-level IT system via the Controller Data Access interface and a data transmission from the higher-level IT system to the integration layer via the Controller Data Configuration interface. - View Dependent Claims (2, 8, 12)
-
-
3. A system for connecting at least one controller for a machine or plant to a higher-level IT system in a manufacturing environment, comprising:
-
a controller, a higher-level IT system, a hardware integration layer connected between the controller and the IT system, and an image of the controller in said integration layer, said controller image having data describing a current state of the controller using parameters, monitored by the higher-level IT system, wherein the integration layer comprises a configuration file defining characteristics of the controller image, said parameters including incoming sensor signals to the controller or outgoing actuator signals from the controller and being composed of a combination of a sum of the same or other parameters, said controller being configured to initiate all communication between the integration layer and the controller so as to be invisible to the higher-level IT system in the computer network, wherein prior to transmitting a controller-relevant data or data derived from the controller relevant data to the integration layer the controller relevant data is filtered or transformed into a generic data model and back-transformed into a proprietary data model prior to being forwarded to the integration layer, and a Controller Data Access (CDA) interface for accessing the controller image and a Controller Data Configuration (CDC) interface for accessing the configuration file, wherein a complete separation is performed between a data transmission from the integration layer to the higher-level IT system via the Controller Data Access interface and a data transmission from the higher-level IT system to the integration layer via the Controller Data Configuration interface. - View Dependent Claims (4, 5, 6, 7, 9, 10, 13)
-
-
11. Apparatus for connecting at least one controller for a machine or plant to a higher-level IT system in a manufacturing environment, comprising:
-
a hardware integration layer adapted to be connected between the controller and the IT system, and an image of the controller adapted to be provided in said integration said integration layer, said controller image having data describing a current state of the controller using parameters, monitored by the higher-level IT system, wherein the integration layer comprises a configuration file defining characteristics of the controller image, said parameters including incoming sensor signals to the controller or outgoing actuator signals from the controller and being composed of a combination of a sum of the, same or other parameters, wherein the controller is configured to initiate all communication between it and the integration layer so as to be invisible in a computer network, the higher-level IT system accessing data describing a current state of the controller in the image of the controller in said integration layer, wherein prior to transmitting a controller-relevant data or data derived from the controller relevant data to the integration layer the controller relevant data is filtered or transformed into a generic data model and back-transformed into a proprietary data model prior to being forwarded to the integration layer, and a Controller Data Access (CDA) interface for accessing the controller image and a Controller Data Configuration (CDC) interface for accessing the configuration file, wherein a complete separation is performed between a data transmission from the integration layer to the higher-level IT system via the Controller Data Access interface and a data transmission from the higher-level IT system to the integration layer via the Controller Data Configuration interface. - View Dependent Claims (14)
-
Specification