Secure industrial control system

US 10,824,711 B2
Filed: 09/27/2017
Issued: 11/03/2020
Est. Priority Date: 08/06/2013
Status: Active Grant

First Claim

Patent Images

1. A secure industrial control system, comprising:

at least one control module provisioned with a first unique security credential, the at least one control module including a first memory device and a first processor coupled to the first memory device; and

at least one input/output module provisioned with a second unique security credential, the at least one input/output module including a second memory device and a second processor coupled to the second memory device, the at least one input/output module being operable to receive industrial sensor information or send control information to an industrial actuator or motor,wherein the at least one control module and the at least one input/output module are operable to bi-directionally communicate with one another based on the first and second unique security credentials,wherein the at least one control module and the at least one input/output module are configured to receive the first and second unique security credentials at respective points of manufacture from a key management entity, the first and second unique security credentials being stored in respective ones of the first and second memory devices, andwherein the second processor is configured to implement a modification, authentication or revocation of the second unique security credential in response to a communication received from the key management entity while the at least one input/output module is operated at a site different from the respective point of manufacture of the at least one input/output module, the second processor configured to selectively one of enable, partially enable, or disable the at least one input/output module in response to the communication received from the key management entity, the second processor configured to selectively partially enable the at least one input/output module when a determination is made that the at least one input/output module is supplied but not manufactured by an original equipment manufacturer.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the secure industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the secure industrial control system are provisioned with the security credentials for providing security at multiple (e.g., all) levels of the system.

291 Citations

16 Claims

1. A secure industrial control system, comprising:
- at least one control module provisioned with a first unique security credential, the at least one control module including a first memory device and a first processor coupled to the first memory device; and
  
  at least one input/output module provisioned with a second unique security credential, the at least one input/output module including a second memory device and a second processor coupled to the second memory device, the at least one input/output module being operable to receive industrial sensor information or send control information to an industrial actuator or motor,wherein the at least one control module and the at least one input/output module are operable to bi-directionally communicate with one another based on the first and second unique security credentials,wherein the at least one control module and the at least one input/output module are configured to receive the first and second unique security credentials at respective points of manufacture from a key management entity, the first and second unique security credentials being stored in respective ones of the first and second memory devices, andwherein the second processor is configured to implement a modification, authentication or revocation of the second unique security credential in response to a communication received from the key management entity while the at least one input/output module is operated at a site different from the respective point of manufacture of the at least one input/output module, the second processor configured to selectively one of enable, partially enable, or disable the at least one input/output module in response to the communication received from the key management entity, the second processor configured to selectively partially enable the at least one input/output module when a determination is made that the at least one input/output module is supplied but not manufactured by an original equipment manufacturer.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The secure industrial control system as recited in claim 1, wherein at least one of the first and second unique security credentials comprises a public security credential.
  - 3. The secure industrial control system as recited in claim 1, wherein at least one of the first and second unique security credentials comprises a secret security credential.
  - 4. The secure industrial control system as recited in claim 1, wherein at least one of the first and second unique security credentials comprises an encryption key.
  - 5. The secure industrial control system as recited in claim 1, wherein at least one of the first and second unique security credentials comprises at least one of a certificate or an identification number.

6. A secure industrial control system, comprising:
- at least one control module provisioned with a first unique security credential, the at least one control module including a first memory device and a first processor coupled to the first memory device; and
  
  at least one input/output module provisioned with a second unique security credential, the at least one input/output module including a second memory device and a second processor coupled to the second memory device, the at least one input/output module being operable to receive industrial sensor information or send control information to an industrial actuator or motor,wherein the at least one control module and the at least one input/output module are operable to bi-directionally communicate with one another based on the first and second unique security credentials, the first and second unique security credentials being stored in respective ones of the first and second memory devices,wherein the at least one control module and the at least one input/output module are configured to receive the first and second unique security credentials at respective points of manufacture from a key management entity, the first and second unique security credentials being stored in respective ones of the first and second memory devices,wherein the first processor is configured to implement an authentication or revocation of the first unique security credential in response to a first communication received from the key management entity while the at least one control module is operated at a site different from the respective point of manufacture of the at least one control module, the first processor configured to selectively one of enable, partially enable, or disable the at least one control module in response to the first communication received from the key management entity, the first processor configured to selectively partially enable the at least one control module when a determination is made that the at least one control module is supplied but not manufactured by an original equipment manufacturer, andwherein the second processor is configured to implement an authentication or revocation of the second unique security credential in response to a second communication received from the key management entity while the at least one input/output module is operated at a site different from the respective point of manufacture of the at least one input/output module, the second processor configured to selectively one of enable, partially enable, or disable the at least one input/output module in response to the second communication received from the key management entity, the second processor configured to selectively partially enable the at least one input/output module when a determination is made that the at least one input/output module is supplied but not manufactured by an original equipment manufacturer.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The secure industrial control system as recited in claim 6, wherein at least one of the first and second unique security credentials comprises a public security credential.
  - 8. The secure industrial control system as recited in claim 6, wherein at least one of the first and second unique security credentials comprises a secret security credential.
  - 9. The secure industrial control system as recited in claim 6, wherein at least one of the first and second unique security credentials comprises an encryption key.
  - 10. The secure industrial control system as recited in claim 6, wherein at least one of the first and second unique security credentials comprises at least one of a certificate or an identification number.

11. A secure industrial control system, comprising:
- at least one control module provisioned with a first unique security credential, the at least one control module including a first memory device and a first processor coupled to the first memory device;
  
  at least one input/output module provisioned with a second unique security credential, the at least one input/output module including a second memory device and a second processor coupled to the second memory device, the at least one input/output module being operable to receive industrial sensor information or send control information to an industrial actuator or motor;
  
  a power module provisioned with a third unique security credential, the power module including a third memory device and a third processor coupled to the third memory device, the power module being configured to supply power for at least one of the input/output module or the control module; and
  
  a backplane including a communications link that physically and communicatively couples the control module, the input/output module, and the power module;
  
  wherein the at least one control module and the at least one input/output module are operable to bi-directionally communicate with one another based on the first and second unique security credentials,wherein the at least one control module and the power module are operable to bi-directionally communicate with one another based on the first and third unique security credentials,wherein the at least one control module, the at least one input/output module, and the power module are configured to receive the first, second, and third unique security credentials at respective points of manufacture from a key management entity, the first, second, and third unique security credentials being stored in respective ones of the first, second, and third memory devices, andwherein the second processor is configured to implement an authentication or revocation of the second unique security credential in response to a first communication received from the key management entity while the at least one input/output module is operated at a site different from the respective point of manufacture of the at least one input/output module, the second processor configured to selectively one of enable, partially enable, or disable the at least one input/output module in response to the first communication received from the key management entity, the second processor configured to selectively partially enable the at least one input/output module when a determination is made that the at least one input/output module is supplied but not manufactured by an original equipment manufacturer.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The secure industrial control system as recited in claim 11, wherein the first processor is configured to implement an authentication or revocation of the first unique security credential in response to a second communication received from the key management entity while the at least one control module is operated at a site different from the respective point of manufacture of the at least one control module.
  - 13. The secure industrial control system as recited in claim 11, wherein the third processor is configured to implement an authentication or revocation of the third unique security credential in response to a second communication received from the key management entity while the power module is operated at a site different from the respective point of manufacture of the power module.
  - 14. The secure industrial control system as recited in claim 11, wherein at least one of the first and second unique security credentials comprises at least one of a public security credential or a secret security credential.
  - 15. The secure industrial control system as recited in claim 11, wherein at least one of the first and second unique security credentials comprises an encryption key.
  - 16. The secure industrial control system as recited in claim 11, wherein at least one of the first and second unique security credentials comprises at least one of a certificate or an identification number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Analog Devices, Inc.
Original Assignee
Bedrock Automation Platforms, Inc. (Analog Devices, Inc.)
Inventors
Rooyakkers, Albert, Calvin, James G., Galpin, Samuel, Clish, Timothy
Primary Examiner(s)
Leung, Robert B

Application Number

US15/717,452
Publication Number

US 20180089416A1
Time in Patent Office

1,133 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/6218   to a system of files or obj...

G06F 2212/175   Industrial control system

H04L 9/083   involving central third par...

H04L 9/3263   involving certificates, e.g...

Secure industrial control system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

291 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Secure industrial control system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

291 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others