CN101843033B - 针对自动化网络的实时通信安全性 - Google Patents
针对自动化网络的实时通信安全性 Download PDFInfo
- Publication number
- CN101843033B CN101843033B CN2007801012926A CN200780101292A CN101843033B CN 101843033 B CN101843033 B CN 101843033B CN 2007801012926 A CN2007801012926 A CN 2007801012926A CN 200780101292 A CN200780101292 A CN 200780101292A CN 101843033 B CN101843033 B CN 101843033B
- Authority
- CN
- China
- Prior art keywords
- module
- key
- fail safe
- plug
- broadcast
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims abstract description 86
- 238000000034 method Methods 0.000 claims abstract description 23
- 238000005516 engineering process Methods 0.000 claims abstract description 10
- 230000005540 biological transmission Effects 0.000 claims abstract description 6
- 230000007774 longterm Effects 0.000 claims description 9
- 230000007246 mechanism Effects 0.000 claims description 8
- 230000008569 process Effects 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 5
- 230000000712 assembly Effects 0.000 claims description 4
- 238000000429 assembly Methods 0.000 claims description 4
- 238000004519 manufacturing process Methods 0.000 claims description 4
- 238000009434 installation Methods 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 2
- 238000004804 winding Methods 0.000 claims description 2
- 238000004886 process control Methods 0.000 claims 5
- 230000004913 activation Effects 0.000 claims 3
- 239000000758 substrate Substances 0.000 claims 2
- 241001441724 Tetraodontidae Species 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 5
- 230000004044 response Effects 0.000 description 5
- 230000009471 action Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 230000035945 sensitivity Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 235000008331 Pinus X rigitaeda Nutrition 0.000 description 1
- 235000011613 Pinus brutia Nutrition 0.000 description 1
- 241000018646 Pinus brutia Species 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4604—LAN interconnection over a backbone network, e.g. Internet, Frame Relay
- H04L12/462—LAN interconnection over a bridge based backbone
- H04L12/4625—Single bridge functionality, e.g. connection of two networks over a single bridge
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/065—Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/4026—Bus for use in automation systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (26)
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/IB2007/002497 WO2009027756A2 (en) | 2007-08-28 | 2007-08-28 | Real-time communication security for automation networks |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101843033A CN101843033A (zh) | 2010-09-22 |
CN101843033B true CN101843033B (zh) | 2013-11-13 |
Family
ID=40387931
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2007801012926A Active CN101843033B (zh) | 2007-08-28 | 2007-08-28 | 针对自动化网络的实时通信安全性 |
Country Status (4)
Country | Link |
---|---|
US (1) | US9300467B2 (zh) |
EP (1) | EP2186251B1 (zh) |
CN (1) | CN101843033B (zh) |
WO (1) | WO2009027756A2 (zh) |
Families Citing this family (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8447039B2 (en) * | 2007-09-26 | 2013-05-21 | Cisco Technology, Inc. | Active-active hierarchical key servers |
EP2139162B1 (en) * | 2008-06-26 | 2011-11-16 | ABB Research Ltd. | Configuring of an intelligent electronic device |
DE102009055247A1 (de) * | 2009-12-23 | 2011-06-30 | Endress + Hauser Conducta Gesellschaft für Mess- und Regeltechnik mbH + Co. KG, 70839 | Anordnung mit einer übergeordneten Steuereinheit und zumindest einem mit der Steuereinheit verbindbaren intelligenten Feldgerät |
US8819855B2 (en) * | 2012-09-10 | 2014-08-26 | Mdi Security, Llc | System and method for deploying handheld devices to secure an area |
US8924899B2 (en) | 2013-05-23 | 2014-12-30 | Daniel Jakob Seidner | System and method for universal control of electronic devices |
CN103414625A (zh) * | 2013-06-14 | 2013-11-27 | 无锡拓能自动化科技有限公司 | 一种基于Modbus Tcp的以太网IO模块 |
DE102014004479A1 (de) * | 2014-03-28 | 2015-10-01 | Abb Technology Ag | Verfahren und Einrichtung zur Verwaltung und Konfiguration von Feldgeräten einer Automatisierungsanlage (II) |
CN104539573B (zh) * | 2014-10-30 | 2018-07-27 | 北京科技大学 | 一种基于嵌入式***的工业安全网关的通信方法及装置 |
US10726162B2 (en) * | 2014-12-19 | 2020-07-28 | Intel Corporation | Security plugin for a system-on-a-chip platform |
CN105897713A (zh) * | 2016-04-11 | 2016-08-24 | 福州华鹰重工机械有限公司 | 车际通信***安全协议设计方法及装置 |
US20180219695A1 (en) * | 2017-01-30 | 2018-08-02 | Brightswitch, Inc. | System and method for distributed home automation control |
US10802834B2 (en) * | 2018-06-11 | 2020-10-13 | Google Llc | Enabling multiple secure boot paths on a hardware platform |
KR20200034020A (ko) | 2018-09-12 | 2020-03-31 | 삼성전자주식회사 | 전자 장치 및 그의 제어 방법 |
KR102198178B1 (ko) * | 2018-10-31 | 2021-01-04 | 상명대학교 천안산학협력단 | 블록체인을 이용한 세션키 수립 방법 |
CN109491712B (zh) * | 2018-11-01 | 2021-09-10 | 北京京航计算通讯研究所 | 一种适用于VxWorks环境的可信引导方法 |
US11300950B2 (en) * | 2020-02-03 | 2022-04-12 | Rockwell Automation Technologies, Inc. | Systems and methods for automatic configuration of intelligent electronic devices |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1549493A (zh) * | 2003-05-23 | 2004-11-24 | 联想(北京)有限公司 | 一种计算机网络的网络安全***及其控制方法 |
CN1985462A (zh) * | 2004-07-09 | 2007-06-20 | 诺基亚公司 | 用于在终端中修改解密方法的软件插件框架 |
Family Cites Families (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5325432A (en) * | 1993-02-04 | 1994-06-28 | Motorola, Inc. | Method for updating encryption key information in communication units |
EP1050991A1 (en) * | 1999-04-27 | 2000-11-08 | Sientescom Developments Limited | A dynamic validation system |
US6760752B1 (en) * | 1999-06-28 | 2004-07-06 | Zix Corporation | Secure transmission system |
US6269349B1 (en) * | 1999-09-21 | 2001-07-31 | A6B2, Inc. | Systems and methods for protecting private information |
US6999996B2 (en) * | 2000-03-14 | 2006-02-14 | Hussmann Corporation | Communication network and method of communicating data on the same |
FR2841075B1 (fr) * | 2002-06-13 | 2004-12-24 | Systemig Sa | Dispositif de controle et/ou de surveillance utilisant au moins un controleur de transmission |
US7636840B2 (en) * | 2002-07-10 | 2009-12-22 | Dresser, Inc. | Secure communications and control in a fueling environment |
DE10305413B4 (de) * | 2003-02-06 | 2006-04-20 | Innominate Security Technologies Ag | Verfahren und Anordnung zur transparenten Vermittlung des Datenverkehrs zwischen Datenverarbeitungseinrichtungen sowie ein entsprechendes Computerprogramm und ein entsprechendes computerlesbares Speichermedium |
US20040176877A1 (en) * | 2003-03-05 | 2004-09-09 | Scott Hesse | Building automation system and method |
US7508801B1 (en) * | 2003-03-21 | 2009-03-24 | Cisco Systems, Inc. | Light-weight access point protocol |
US20050010649A1 (en) * | 2003-06-30 | 2005-01-13 | Ray Payne | Integrated security suite architecture and system software/hardware |
DE10331307A1 (de) * | 2003-07-10 | 2005-02-10 | Siemens Ag | Vorrichtung und Verfahren sowie Sicherheitsmodul zur Sicherung eines Datenzugriffs eines Kommunikationsteilnehmers auf mindestens eine Automatisierungskomponente eines Automatisierungssystems |
US7421578B1 (en) * | 2003-07-22 | 2008-09-02 | Cisco Technology, Inc. | Method and apparatus for electing a leader node in a computer network |
US7725933B2 (en) * | 2003-10-07 | 2010-05-25 | Koolspan, Inc. | Automatic hardware-enabled virtual private network system |
WO2005057341A2 (en) * | 2003-12-02 | 2005-06-23 | Koolspan, Inc. | Automatic hardware-enabled virtual private network system |
US20060136575A1 (en) * | 2004-05-11 | 2006-06-22 | Ray Payne | Integrated security suite architecture and system software/hardware |
US7530113B2 (en) * | 2004-07-29 | 2009-05-05 | Rockwell Automation Technologies, Inc. | Security system and method for an industrial automation system |
US7370202B2 (en) * | 2004-11-02 | 2008-05-06 | Voltage Security, Inc. | Security device for cryptographic communications |
ATE514269T1 (de) | 2005-01-06 | 2011-07-15 | Rockwell Automation Tech Inc | Firewall-verfahren und vorrichtung für industrielle systeme |
US7562211B2 (en) * | 2005-10-27 | 2009-07-14 | Microsoft Corporation | Inspecting encrypted communications with end-to-end integrity |
US7890612B2 (en) * | 2006-05-08 | 2011-02-15 | Electro Guard Corp. | Method and apparatus for regulating data flow between a communications device and a network |
US8451809B2 (en) * | 2007-04-13 | 2013-05-28 | Hart Communication Foundation | Wireless gateway in a process control environment supporting a wireless communication protocol |
US8266286B2 (en) * | 2007-06-05 | 2012-09-11 | Cisco Technology, Inc. | Dynamic key management server discovery |
-
2007
- 2007-08-28 CN CN2007801012926A patent/CN101843033B/zh active Active
- 2007-08-28 EP EP07825036.2A patent/EP2186251B1/en active Active
- 2007-08-28 WO PCT/IB2007/002497 patent/WO2009027756A2/en active Application Filing
-
2010
- 2010-02-26 US US12/713,779 patent/US9300467B2/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1549493A (zh) * | 2003-05-23 | 2004-11-24 | 联想(北京)有限公司 | 一种计算机网络的网络安全***及其控制方法 |
CN1985462A (zh) * | 2004-07-09 | 2007-06-20 | 诺基亚公司 | 用于在终端中修改解密方法的软件插件框架 |
Also Published As
Publication number | Publication date |
---|---|
US9300467B2 (en) | 2016-03-29 |
EP2186251A2 (en) | 2010-05-19 |
EP2186251A4 (en) | 2012-02-08 |
CN101843033A (zh) | 2010-09-22 |
EP2186251B1 (en) | 2019-10-09 |
US20100217967A1 (en) | 2010-08-26 |
WO2009027756A2 (en) | 2009-03-05 |
WO2009027756A3 (en) | 2009-09-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101843033B (zh) | 针对自动化网络的实时通信安全性 | |
CN107976972B (zh) | 安全的过程控制通信 | |
CN107976967B (zh) | 跨用于安全过程控制通信的数据二极管发布数据 | |
US9710984B2 (en) | Method for the authentication of at least one first unit on at least one second unit | |
CN101631080B (zh) | 基于epa协议的工业以太网交换机和报文转发方法 | |
CN101300806B (zh) | 用于处理安全传输的***和方法 | |
CN101159718B (zh) | 嵌入式工业以太网安全网关 | |
CN100392626C (zh) | 网络化设备的访问和控制*** | |
CN101535948B (zh) | 保护分布式应用程序信息传递 | |
CN100380870C (zh) | 利用继承的安全属性来管理安全网络中的代理请求的***和方法 | |
WO2003107155A1 (en) | Dongle for a secured data communications network | |
CN107113319A (zh) | 一种虚拟网络计算认证中应答的方法、装置、***和代理服务器 | |
CN1842993A (zh) | 提供证书 | |
CN102984045A (zh) | 虚拟专用网的接入方法及虚拟专用网客户端 | |
US8014406B2 (en) | System and method of inserting a node into a virtual ring | |
CN107277058A (zh) | 一种基于bfd协议的接口认证方法及*** | |
Niemann | IT security extensions for PROFINET | |
EP2728833B1 (en) | Time-locked network and nodes for exchanging secure data packets | |
US20060143701A1 (en) | Techniques for authenticating network protocol control messages while changing authentication secrets | |
Shokeen et al. | Vulnerabilities analysis and security assessment framework for the internet of things | |
CN110679129B (zh) | 保护第一与第二通信装置之间的通信的方法和通信装置 | |
EP3849144A2 (en) | Network architecture with fixed routing | |
EP1879350A1 (en) | Distributed computer system with a local area network | |
Åkerberg et al. | Introducing security modules in profinet io | |
Cagalaban et al. | Scada network insecurity: Securing critical infrastructures through scada security exploitation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20191128 Address after: Baden, Switzerland Patentee after: ABB Switzerland Co.,Ltd. Address before: Zurich Patentee before: ABB RESEARCH Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210705 Address after: Baden, Switzerland Patentee after: ABB grid Switzerland AG Address before: Baden, Switzerland Patentee before: ABB Switzerland Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: Swiss Baden Patentee after: Hitachi energy Switzerland AG Address before: Swiss Baden Patentee before: ABB grid Switzerland AG |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20231231 Address after: Zurich, SUI Patentee after: Hitachi Energy Co.,Ltd. Address before: Swiss Baden Patentee before: Hitachi energy Switzerland AG |