×

Active response security system for industrial control infrastructure

  • US 9,904,785 B2
  • Filed: 06/02/2015
  • Issued: 02/27/2018
  • Est. Priority Date: 06/02/2015
  • Status: Active Grant
First Claim
Patent Images

1. A security controller for an industrial control system, the security controller comprising:

  • (a) a network port for communicating with control elements of the industrial control system;

    (b) at least one processor communicating with the network port; and

    (c) an electronic memory system accessible by the processor and holding a security program executing on the processor to;

    (i) receive from a given control element of the control elements of the industrial control system a security thumbprint providing an encrypted compressed representation of a current state of the given control element;

    (ii) analyze the security thumbprint against a stored benchmark thumbprint representing a security thumbprint of the given control element when the given control element is properly operating;

    (iii) when the security thumbprint does not match the stored benchmark thumbprint, assess the mismatch to produce a severity assessment having a multi-value range; and

    (iv) implement a security response action selected from among multiple security response actions to respond to the mismatch based on the severity assessment,wherein the security thumbprint is compressed from a control program of the given control element, a certification code embedded in the given control element, and wire connection states of the given control element, wherein the control program is configured to control an industrial process or machine, and the wire connection states indicate conductors connected to the given control element that are in communication with the industrial process or machine, andwherein the security thumbprint includes a digital signature allowing the security controller to detect tampering.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×