System and methodology providing automation security analysis, validation, and learning in an industrial controller environment

Abstract

The present invention relates to a system and methodology facilitating automation security in a networked-based industrial controller environment. Various components, systems and methodologies are provided to facilitate varying levels of automation security in accordance with security analysis tools, security validation tools and / or security learning systems. The security analysis tool receives abstract factory models or descriptions for input and generates an output that can include security guidelines, components, topologies, procedures, rules, policies, and the like for deployment in an automation security network. The validation tools are operative in the automation security network, wherein the tools perform security checking and / or auditing functions, for example, to determine if security components are in place and / or in suitable working order. The security learning system monitors / learns network traffic patterns during a learning phase, fires alarms or events based upon detected deviations from the learned patterns, and / or causes other automated actions to occur.

Description

REFERENCE TO RELATED APPLICATION(S)[0001]This application is a continuation of, and claims priority to, U.S. patent application Ser. No. 10 / 661,696, filed on Sep. 12, 2003, and entitled “SYSTEM AND METHODOLOGY PROVIDING AUTOMATION SECURITY ANALYSIS, VALIDATION, AND LEARNING IN AN INDUSTRIAL CONTROLLER ENVIRONMENT,” which claims the benefit of U.S. Provisional Patent Application Ser. No. 60 / 420,006, filed Oct. 21, 2002, and entitled “SYSTEM AND METHODOLOGY PROVIDING AUTOMATION SECURITY IN AN INDUSTRIAL CONTROLLER ENVIRONMENT.” The entireties of these related applications are incorporated herein by reference.TECHNICAL FIELD[0002]The present invention relates generally to industrial control systems, and more particularly to a system and methodology to facilitate electronic and network security in an industrial automation system.BACKGROUND OF THE INVENTION[0003]Industrial controllers are special-purpose computers utilized for controlling industrial processes, manufacturing equipment, an...

AI Technical Summary

Benefits of technology

[0010]SAM can be modeled on a risk-based / cost-based approach, if desired. A suitable level of protection can be determined to facilitate integrity, privacy, and / or availability of assets based on risk and / or cost. In addition, descriptions of shop floor access, Intranet access, Internet access, and / or wireless access can also be processed by the tool. Since multiparty involvement can be accommodated (IT, Manufacturing, Engineering, etc.), the tool can be adapted for partitioned security specification entry and sign-off. The security data of the SAM tool can be generated in a structured security data format (e.g., XML, SQL) that facilitates further validation and compliance checking of the security data, if desired.

Problems solved by technology

Various remote applications or systems often attempt to update and / or acquire PLC information or related device information via a plurality of different, competing and often incompatible or insecure network technologies.

Thus, if a network-connected controller were inadvertently accessed, or even worse, intentional sabotage were to occur by a rogue machine or individual, potentially harmful results can occur.

These type passwords are highly prone to attack or discovery, however.

Even if a somewhat higher level of security is provided, parties employing sophisticated hacking techniques can often penetrate sensitive control systems, whereby access should be limited to authorized users and / or systems in order to mitigate potentially harmful consequences.

Images