| 发明名称 | Industrial protocol system authentication and firewall | ||
| 摘要 | Aspects of the present invention provide machines, systems, and methods in which industrial control systems may be secured from compromise and/or disruption via authentication and firewall. In particular, an industrial controller may: randomly generate an exchange key and send the exchange key to a client device in response to a transaction request originating from the client device; combine the exchange key with a locally stored pass key to produce an authentication code; and compare a challenge key received from the client device to the authentication code to determine a match between the challenge key and the authentication code. A successful match between the challenge key and the authentication code may allow the client device to further access the industrial controller using a common industrial protocol (CIP), and a failed match between the challenge key and the authentication code may prevent the client device from further access to the industrial controller. | ||
| 申请公布号 | US9054863(B2) | 申请公布日期 | 2015.06.09 |
| 申请号 | US201213603102 | 申请日期 | 2012.09.04 |
| 申请人 | Rockwell Automation Asia Pacific Business Center PTE. LTD. | 发明人 | Sin Ng Pei;Sinclair James A.;Jasper Taryl |
| 分类号 | H04L9/00;H04L9/08;H04L9/32 | 主分类号 | H04L9/00 |
| 代理机构 | Boyle Fredrickson, S.C. | 代理人 | Boyle Fredrickson, S.C. |
| 主权项 | 1. An industrial controller with a processor executing a program stored in a non-transitory computer-readable storage medium wherein the program instructs the processor to perform the following steps: (a) in response to a transaction request to the industrial controller from a client device, determine if an authenticated common industrial protocol (CIP) connection has been established with the client device, and allow further access to the industrial controller by the client device if an authenticated CIP connection has been established: (b) if an authenticated CIP connection has not been established, randomly generate an exchange key and send the exchange key to the client device in response to the transaction request; (c) combine the exchange key with a locally stored pass key to produce an authentication code; and (d) compare a challenge key received from the client device to the authentication code to determine a match between the challenge key and the authentication code; wherein a successful match between the challenge key and the authentication code allows the client device to further access the industrial controller using a CIP connection. | ||
| 地址 | Singapore SG | ||