Systems and methods for secure operation of an industrial controller
First Claim
1. A method of securing an industrial control system, comprising:
- operating the industrial control system in an open mode, wherein communications between two devices of the industrial control system are unencrypted when the industrial control system is in the open mode;
operating the industrial control system in a negotiation mode, wherein each of the two devices acquires a respective security token from a server of the industrial control system and exchanges the respective security token with the other of the two devices when the industrial control system is in the negotiation mode; and
ceasing operating the industrial control system in the open mode or the negotiation mode and instead operating the industrial control system in a secure mode, wherein the communications between the two devices of the industrial control system are encrypted using the security tokens when the industrial control system is operating in the secure mode.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of securing an industrial control system includes operating the industrial control system in an open mode, wherein communications between a plurality of devices of the industrial control system are unencrypted when the industrial control system is in the open mode. The method includes exchanging security tokens between the plurality of devices of the industrial control system. The method further includes ceasing operating the industrial control system in the open mode and instead operating the industrial control system in a secure mode, wherein the communications between the plurality of devices of the industrial control system are encrypted using the security tokens when the industrial control system is operating in the secure mode.
68 Citations
21 Claims
-
1. A method of securing an industrial control system, comprising:
-
operating the industrial control system in an open mode, wherein communications between two devices of the industrial control system are unencrypted when the industrial control system is in the open mode; operating the industrial control system in a negotiation mode, wherein each of the two devices acquires a respective security token from a server of the industrial control system and exchanges the respective security token with the other of the two devices when the industrial control system is in the negotiation mode; and ceasing operating the industrial control system in the open mode or the negotiation mode and instead operating the industrial control system in a secure mode, wherein the communications between the two devices of the industrial control system are encrypted using the security tokens when the industrial control system is operating in the secure mode. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of securing an industrial control system, comprising:
-
transmitting unencrypted data from a processor of a first device of an industrial control system to a processor of a second device of an industrial control system; requesting, via the processor of the first device, a first security token from a server of the industrial control system; receiving, at the processor of the first device, the first security token from the server of the industrial control system; sending, via the processor of the first device, the first security token to the processor of the second device; receiving, via the processor of the first device, a second security token from the processor of the second device; and ceasing transmitting unencrypted data and subsequently only transmitting encrypted data from the processor of the first device to the processor of the second device of the industrial control system, wherein the encrypted data is encrypted based on the first and second security tokens. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A system, comprising:
an industrial control network comprising a plurality of devices that includes an industrial controller, wherein the plurality of devices is configured to; receive respective security tokens from a server of the industrial controller; exchange respective security tokens between the plurality of devices over the industrial control network; cease exchanging unencrypted data over the industrial control network; and exchange encrypted data over the industrial control network, wherein the encrypted data is generated based on the respective security tokens. - View Dependent Claims (17, 18, 19, 20, 21)
Specification