Secure industrial control system
First Claim
1. A secure industrial control system, comprising:
- at least one control module provisioned with a first unique security credential, the at least one control module including a first memory device and a first processor coupled to the first memory device; and
at least one input/output module provisioned with a second unique security credential, the at least one input/output module including a second memory device and a second processor coupled to the second memory device, the at least one input/output module being operable to receive industrial sensor information or send control information to an industrial actuator or motor,wherein the at least one control module and the at least one input/output module are operable to bi-directionally communicate with one another based on the first and second unique security credentials,wherein the at least one control module and the at least one input/output module are configured to receive the first and second unique security credentials at respective points of manufacture from a key management entity, the first and second unique security credentials being stored in respective ones of the first and second memory devices, andwherein the second processor is configured to implement a modification, authentication or revocation of the second unique security credential in response to a communication received from the key management entity while the at least one input/output module is operated at a site different from the respective point of manufacture of the at least one input/output module, the second processor configured to selectively one of enable, partially enable, or disable the at least one input/output module in response to the communication received from the key management entity, the second processor configured to selectively partially enable the at least one input/output module when a determination is made that the at least one input/output module is supplied but not manufactured by an original equipment manufacturer.
4 Assignments
0 Petitions
Accused Products
Abstract
A secure industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the secure industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the secure industrial control system are provisioned with the security credentials for providing security at multiple (e.g., all) levels of the system.
291 Citations
16 Claims
-
1. A secure industrial control system, comprising:
-
at least one control module provisioned with a first unique security credential, the at least one control module including a first memory device and a first processor coupled to the first memory device; and at least one input/output module provisioned with a second unique security credential, the at least one input/output module including a second memory device and a second processor coupled to the second memory device, the at least one input/output module being operable to receive industrial sensor information or send control information to an industrial actuator or motor, wherein the at least one control module and the at least one input/output module are operable to bi-directionally communicate with one another based on the first and second unique security credentials, wherein the at least one control module and the at least one input/output module are configured to receive the first and second unique security credentials at respective points of manufacture from a key management entity, the first and second unique security credentials being stored in respective ones of the first and second memory devices, and wherein the second processor is configured to implement a modification, authentication or revocation of the second unique security credential in response to a communication received from the key management entity while the at least one input/output module is operated at a site different from the respective point of manufacture of the at least one input/output module, the second processor configured to selectively one of enable, partially enable, or disable the at least one input/output module in response to the communication received from the key management entity, the second processor configured to selectively partially enable the at least one input/output module when a determination is made that the at least one input/output module is supplied but not manufactured by an original equipment manufacturer. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A secure industrial control system, comprising:
-
at least one control module provisioned with a first unique security credential, the at least one control module including a first memory device and a first processor coupled to the first memory device; and at least one input/output module provisioned with a second unique security credential, the at least one input/output module including a second memory device and a second processor coupled to the second memory device, the at least one input/output module being operable to receive industrial sensor information or send control information to an industrial actuator or motor, wherein the at least one control module and the at least one input/output module are operable to bi-directionally communicate with one another based on the first and second unique security credentials, the first and second unique security credentials being stored in respective ones of the first and second memory devices, wherein the at least one control module and the at least one input/output module are configured to receive the first and second unique security credentials at respective points of manufacture from a key management entity, the first and second unique security credentials being stored in respective ones of the first and second memory devices, wherein the first processor is configured to implement an authentication or revocation of the first unique security credential in response to a first communication received from the key management entity while the at least one control module is operated at a site different from the respective point of manufacture of the at least one control module, the first processor configured to selectively one of enable, partially enable, or disable the at least one control module in response to the first communication received from the key management entity, the first processor configured to selectively partially enable the at least one control module when a determination is made that the at least one control module is supplied but not manufactured by an original equipment manufacturer, and wherein the second processor is configured to implement an authentication or revocation of the second unique security credential in response to a second communication received from the key management entity while the at least one input/output module is operated at a site different from the respective point of manufacture of the at least one input/output module, the second processor configured to selectively one of enable, partially enable, or disable the at least one input/output module in response to the second communication received from the key management entity, the second processor configured to selectively partially enable the at least one input/output module when a determination is made that the at least one input/output module is supplied but not manufactured by an original equipment manufacturer. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A secure industrial control system, comprising:
-
at least one control module provisioned with a first unique security credential, the at least one control module including a first memory device and a first processor coupled to the first memory device; at least one input/output module provisioned with a second unique security credential, the at least one input/output module including a second memory device and a second processor coupled to the second memory device, the at least one input/output module being operable to receive industrial sensor information or send control information to an industrial actuator or motor; a power module provisioned with a third unique security credential, the power module including a third memory device and a third processor coupled to the third memory device, the power module being configured to supply power for at least one of the input/output module or the control module; and a backplane including a communications link that physically and communicatively couples the control module, the input/output module, and the power module; wherein the at least one control module and the at least one input/output module are operable to bi-directionally communicate with one another based on the first and second unique security credentials, wherein the at least one control module and the power module are operable to bi-directionally communicate with one another based on the first and third unique security credentials, wherein the at least one control module, the at least one input/output module, and the power module are configured to receive the first, second, and third unique security credentials at respective points of manufacture from a key management entity, the first, second, and third unique security credentials being stored in respective ones of the first, second, and third memory devices, and wherein the second processor is configured to implement an authentication or revocation of the second unique security credential in response to a first communication received from the key management entity while the at least one input/output module is operated at a site different from the respective point of manufacture of the at least one input/output module, the second processor configured to selectively one of enable, partially enable, or disable the at least one input/output module in response to the first communication received from the key management entity, the second processor configured to selectively partially enable the at least one input/output module when a determination is made that the at least one input/output module is supplied but not manufactured by an original equipment manufacturer. - View Dependent Claims (12, 13, 14, 15, 16)
-
Specification