| 发明名称 | Industrial automation system and method for safeguarding the system | ||
| 摘要 | An industrial automation system comprising a digital fingerprint that is allocated to a unit requesting access to the automation system and which is based on one or more parameters of a communication between the unit and a fingerprint-determining component of the automation system, wherein the industrial automation system additional comprises the fingerprint-determining component which, during the operation of the automation system, grants the requesting unit access to the automation system and compares the determined fingerprint of the requesting unit with a stored fingerprint. | ||
| 申请公布号 | US9124581(B2) | 申请公布日期 | 2015.09.01 |
| 申请号 | US201313739696 | 申请日期 | 2013.01.11 |
| 申请人 | Siemens Aktiengesellschaft | 发明人 | Akil Yahya;Müller Jörg |
| 分类号 | G06F21/44;H04L29/06;G05B19/048;G05B19/418;H04L12/22;G05B19/042;G06F21/31;H04L12/40 | 主分类号 | G06F21/44 |
| 代理机构 | Cozen O'Connor | 代理人 | Cozen O'Connor |
| 主权项 | 1. An industrial automation system, comprising: a requesting unit; a fingerprint-determining component; and a digital fingerprint assigned to the requesting unit requesting access to the industrial automation system and based on at least one parameter of a communication between the requesting unit and the fingerprint-determining component; wherein during operation of the industrial automation system, the fingerprint-determining component grants the requesting unit access to the industrial automation system and compares a determined fingerprint of the requesting unit with a stored fingerprint, said determining and comparing being continually performed during at least predefined intervals to ensure that the requesting unit is authorized to access the industrial automation system; wherein a total number of parameters are determined for determining the fingerprint, and wherein the fingerprint is formed from a configurable partial number of parameters of the total number of parameters of the communication of the requesting unit; and wherein the total number of parameters comprises: a protocol used by the requesting unit for communication with the fingerprint-determining component;ports of the fingerprint-determining component used by the requesting unit for the communication;addresses queried by the requesting unit in a context of the communication;a length of data frames produced by the requesting unit;a time duration between successive transmission of two data frames; anda Media Access Control (MAC) address of the requesting unit. | ||
| 地址 | Munich DE | ||