Scalable and flexible information security for industrial automation
First Claim
Patent Images
1. A system, comprising:
- a memory that stores computer executable instructions; and
a processor, communicatively coupled to the memory, that facilitates execution of thecomputer executable instructions to at least;
associate a factory floor security policy comprising security settings with a plurality of devices on a factory floor;
receive a request to disable security settings of a first device of the plurality of devices on the factory floor for testing, debugging or maintenance, wherein disabling security settings of the first device comprise disabling a first alarm associated with the first device;
determine a security zone comprising the first device and a second device of the plurality of devices,verify the request to disable the security settings within the security zone based on the factory floor security policy;
disable security settings within the security zone and maintain security settings to all other devices of the plurality of devices; and
reinstate the security settings within the security zone in response to completion of the testing, debugging or maintenance,wherein reinstating security settings within the security zone comprise enabling the first alarm associated with the first device and enabling a second alarm associated with the second device within the security zone.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system that relates to industrial automation security comprises a component that receives a request to modify security relating to a zone of a factory floor, the zone being less than an entirety of the factory floor. A zonal security component generates security procedures for the zone, the security procedures differ from security procedures implemented on the factory floor outside the zone.
46 Citations
19 Claims
-
1. A system, comprising:
-
a memory that stores computer executable instructions; and a processor, communicatively coupled to the memory, that facilitates execution of the computer executable instructions to at least; associate a factory floor security policy comprising security settings with a plurality of devices on a factory floor; receive a request to disable security settings of a first device of the plurality of devices on the factory floor for testing, debugging or maintenance, wherein disabling security settings of the first device comprise disabling a first alarm associated with the first device; determine a security zone comprising the first device and a second device of the plurality of devices, verify the request to disable the security settings within the security zone based on the factory floor security policy; disable security settings within the security zone and maintain security settings to all other devices of the plurality of devices; and reinstate the security settings within the security zone in response to completion of the testing, debugging or maintenance, wherein reinstating security settings within the security zone comprise enabling the first alarm associated with the first device and enabling a second alarm associated with the second device within the security zone. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus, comprising:
-
a memory that stores a hierarchically structured representation of a factory floor comprising a plurality of devices and computer executable instructions; and a processor, coupled to the memory, that facilitates execution of the computer executable instructions to at least; apply security settings associated with a factory floor security policy to the plurality of devices according to the hierarchically structured representation; receive a request to disable security settings of a first device of the plurality of devices, wherein the request is related to a testing procedure of the first device, a debugging procedure of the first device or a maintenance procedure of the first device, wherein disabling security settings of the first device comprise disabling a first alarm associated with the first device; determine a security zone comprising the first device and a second device of the plurality of devices based on a relationship between the first device and the second device defined in the hierarchically structured representation; verify the request to disable the security settings within the security zone based on the factory floor security policy; disable security settings within the security zone, wherein disabling security settings within the security zone comprise disabling first alarm associated with the first device and disabling a second alarm associated with the second device within the security zone; maintain security settings to other devices of the plurality of devices; and reinstate the security settings within the security zone after completion of the testing procedure of the first device, the debugging procedure of the first device or the maintenance procedure of the first device; wherein reinstating security settings within the security zone comprise enabling the first alarm associated with the first device and enabling a second alarm associated with the second device within the security zone. - View Dependent Claims (12, 13)
-
-
14. A method, comprising:
-
receiving, by a system comprising a processing device, a request to disable security procedures of a first device on a factory floor, wherein the request is related to a testing procedure of the first device, a debugging procedure of the first device or a maintenance procedure of the first device, wherein the security procedures of the first device comprise a first alarm associated with the first device; querying a hierarchical data representation of a plurality of devices on the factory floor for a second device linked to the first device in a manufacturing operation based on the request;
setting a security zone comprising the first device and the second device;verifying the request to disable the security settings within the security zone based on the factory floor security policy; disabling security procedures of other devices within the security zone, wherein disabling the security settings within the security zone comprise disabling the first alarm associated with the first device and disabling a second alarm associated with the second device within the security zone; maintaining security procedures for other devices of the plurality of devices; and reinstating the security procedures within the security zone in response to determining that the testing procedure of the first device, the debugging procedure of the first device or the maintenance procedure of the first device has completed; wherein reinstating security settings within the security zone comprise enabling the first alarm associated with the first device and enabling a second alarm associated with the second device within the security zone. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification