Organisational unit and system for data backup and data recovery

The organizational unit provides a secret key to data units for encryption, ensuring secure data backup and restoration by preventing unauthorized access, addressing security risks in existing systems.

WO2026130772A1PCT designated stage Publication Date: 2026-06-25SIEMENS MOBILITY GMBH

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
SIEMENS MOBILITY GMBH
Filing Date
2025-09-29
Publication Date
2026-06-25

AI Technical Summary

Technical Problem

Existing data backup systems face security risks due to compromised backup and recovery systems accessing encryption keys, leading to potential cyberattacks and inability to restore backups on replacement devices without private keys.

Method used

An organizational unit provides a secret key to data units for encryption, ensuring only the data units can decrypt backups, while the data backup unit stores encrypted data without the key, allowing secure transfer and restoration to both original and replacement devices.

Benefits of technology

This approach ensures data confidentiality and integrity by preventing unauthorized access to backups, enabling secure restoration to both original and replacement devices, even in the event of a system compromise.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure EP2025077833_25062026_PF_FP_ABST
    Figure EP2025077833_25062026_PF_FP_ABST
Patent Text Reader

Abstract

The invention relates to a method comprising: i) providing a secret (G) from an organisational unit (120) to a data backup unit (130) and / or to a data unit (110), the secret (G) being usable by means of a secret key (K_G), and the data backup unit (130) not possessing the secret key (K_G); ii) providing the secret key (K_G) from the organisational unit (120) to the data unit (110) and / or to a data exchange unit (140); iii) applying the secret key (K_G) to data (D) in the data unit (110) in order to provide secret-protected data (D-G-K_G); and iv) providing the secret-protected data (D-G-K_G) to the data backup unit (130) and storing the secured data (D-G-K_G) in the data backup unit (130).
Need to check novelty before this filing date? Find Prior Art

Description

[0001] 202419757

[0002] 1

[0003] Description

[0004] Organizational unit and system for data backup and data recovery

[0005] Technical field

[0006] The invention relates to an organizational unit for providing a secret to a data backup unit and / or a data unit, wherein the secret is applicable by means of a secret key, and the secret key is not provided to the data backup unit, and for providing the secret key to the data unit so that the data unit can apply the secret to data (in particular backup data or data of a backup archive) and then transfer the secret-protected data (in particular an encrypted backup archive) to the data backup unit. The invention further relates to a system comprising the organizational unit, the data unit, and the data backup unit. The invention also relates to a method for organizing data.

[0007] The invention can therefore relate to the technical field of data backup or data recovery, particularly in the context of rail vehicles.

[0008] Technical background

[0009] With increasing automation and digitalization, interest in data organization and data security is also steadily growing, with data security potentially including data recovery. Particularly in safety-critical areas, such as signals in railway vehicles, data security can be of fundamental importance. Accordingly, high data security requirements can be placed on the devices used, even if they are relatively simple devices such as sensors. Cryptographic methods can be used to secure data, for example...

[0010] Encryption and signing based on the application of a secret 202419757

[0011] 2. Securing such secrets or cryptographic keys is now frequently required, for example by means of a hardware security anchor.

[0012] When backups are created from data-generating units such as field devices, a backup system (e.g., a data backup unit) can encrypt the backups and restore them to replacement devices, since the backup system possesses the encryption keys. However, this can pose a security risk, especially if the backup system is compromised.

[0013] If, however, the backup is encrypted on the field devices using their own private keys, a backup and recovery system cannot decrypt or modify the backup. A compromised backup and recovery system would therefore be unable to modify or restore backups on other field devices. This method also prevents the installation or restoration of data on a replacement device, as the replacement device lacks the private keys, which cannot be extracted from the original device.

[0014] Conventional approaches to device backup either don't encrypt the backup or use an encryption scheme that the backup and recovery system can access. If no encryption is used, an attacker could use the information for a cyberattack (e.g., a man-in-the-middle attack). The latter poses a security risk if the backup and recovery system is compromised.

[0015] A key problem with data backup lies in organizing (encrypted) backups of data (e.g., files like ZIP files). Ideally, neither the personnel operating the backup server nor potential intruders (e.g., cybersecurity attacks) should be able to access the contents of the backup archives. 202419757

[0016] 3 ii) Backups can be restored to the original device (i.e., decrypted there) as well as restored to new devices (e.g., replacement devices used as exchanges).

[0017] Nowadays, the following solutions 1 to 3 are particularly well known:

[0018] Solution 1: Backup server encrypted with its own keys. a. The transmission channel must be encrypted (TLS). b. The backup server can read backups from all devices in plaintext. c. Metadata for backups is created on the backup server (self-managed data structure).

[0019] Solution 2: Field device encrypted with its own keys. a. Backup is encrypted; the transmission path does not require encryption. b. Backup server cannot read backups from any device in plaintext. c. No way to transfer backups to other devices.

[0020] Solution 3: Field device encrypted with a key provided by the backup server. a. The backup is encrypted; the transmission path does not require encryption. b. The backup server can read backups from all devices in plaintext. c. Only metadata re-encryption with the SMC of the new device is necessary.

[0021] However, objectives i) and ii) are not fulfilled by any of the currently known solutions 1 to 3.

[0022] Summary of the invention

[0023] There may be a need to organize data efficiently and securely, especially regarding data backup and data recovery (particularly backup).

[0024] An organizational unit, a system, and a procedure are described below. 202419757

[0025] 4

[0026] According to a first aspect of the invention, a (data) organization unit (e.g., a development tool, hardware and / or software, etc.) (in particular comprising a processor and / or memory) is described, configured for: i) providing a secret (e.g., a private key) to a data backup unit (e.g., a backup server) and / or a data unit (e.g., a field device), wherein the secret is applicable by means of a secret key (e.g., a PIN), and the secret key is in particular not provided (by the organization unit) to the data backup unit (or the data backup unit remains free of the secret key), and ii) providing the secret key to the data unit and / or an exchange data unit (e.g., a replacement device) so that the data unit and / or the exchange data unit can apply the secret to data (e.g., encryption, decryption, signing, etc.)., in particular a backup archive), to provide and / or use / process confidential data (in particular backup data or a backup archive).

[0027] According to a second aspect of the invention, a data backup system is described, comprising: i) an organizational unit as described above, and at least one of the following units: ii) the data unit (in particular comprising a processor and / or a memory), configured to apply the secret to the data (of the data unit) by means of the secret key, and / or to provide the secret-protected data (in particular encrypted (backup) data) to the data backup unit. iii) the data backup unit (in particular comprising a processor and / or a memory), configured to store the secret-protected data (in particular as an encrypted backup archive), wherein the data backup unit is free of the secret key, in particular cannot apply the secret-protected data (e.g., decrypt the backup archive and read it in plaintext).iv) the exchange data unit (in particular comprising a processor and / or memory), configured for: receiving the secret-protected data (from the data backup unit), and applying the secret key to 202419757.

[0028] 5. the confidential data (in particular restoring, decrypting, reading in plaintext, etc.; e.g. decrypting and restoring the encrypted backup archive), especially to use / edit the confidential data.

[0029] According to a further aspect of the invention, a rail vehicle or rail (vehicle) infrastructure is described which at least temporarily incorporates the organizational unit or system, or is connectable to the organizational unit or system. For example, the units can be mounted within a train and communicate with each other. In another example, the data unit can be a sensor device such as an axle counter, while the data backup unit is a backup server (inside or outside the train).

[0030] According to a fourth aspect of the invention, a (computer-implemented) method (for organizing / backing up / restoring data) is described, comprising: i) providing a secret from an organizational unit to a data backup unit and / or a data unit, wherein the secret is applicable by means of a secret key, and wherein the data backup unit is free of the secret key; ii) providing the secret key from the organizational unit to the data unit and / or an exchange data unit; iii) applying the secret key to data in the data unit (e.g., for encryption) and / or the exchange data unit (e.g., for decryption and restoration) in order to provide (in particular, through the data unit) and / or use (in particular, through the exchange data unit) secret-protected data (in particular, a backup archive).

[0031] According to a further aspect of the invention, a computer program product is described which includes instructions that, when the program is executed by a computer, cause it to perform the method described above. 202419757

[0032] 6

[0033] In the context of this document, the term "secret" can refer to secret (cryptographic) information. In this context, this secret is such that it can only be used, e.g., encrypted / decrypted or signed, by means of a secret key. The secret could, for example, be a password, a cryptographic key, a confidential message, or another form of sensitive data that must be protected from unauthorized access. The integrity and confidentiality of the secret can be crucial to ensuring the security and protection of the data. In a preferred embodiment, the secret is applied to (backup) data, in particular a backup archive. For example, a backup archive can be encrypted, decrypted, or signed using the secret.

[0034] In the context of this document, the term "confidential data" can refer in particular to data that is protected by a secret, e.g., encrypted and / or signed. In a preferred embodiment, the data is backup data or a backup archive. Accordingly, the confidential data can, for example, be an encrypted / signed backup archive. Such confidential data can, for example, be made available and / or used or edited / processed.

[0035] In the context of this document, the term "backup" can refer specifically to a copy of data created to enable the restoration of the original data in the event of data loss, technical errors, or cyberattacks; in other words, to ensure data integrity and availability. Such a backup can also be used to set up the data on a storage device. Backups can be performed regularly and automatically, with the backup data being stored on an external device, particularly a data backup unit.

[0036] In one example, a backup (archive) can contain metadata in addition to the actual data. With a protected backup, the metadata may or may not be protected / encrypted. If the metadata is not end-to-end encrypted (202419757)

[0037] 7

[0038] If the data (end) is encrypted, the data backup unit can use it (e.g., to manage backups).

[0039] In the present context, the term "secret key" can refer to a cryptographic (especially private) key required for the application of the secret described above. This secret key can be generated and / or stored within an organizational unit. Storage is preferably secure, particularly in accordance with a security standard. The secret key is preferably only released to the data unit and / or the exchange data unit, not to the data backup unit. In a simple embodiment, the secret key could, for example, be a PIN or a password. In a more complex embodiment, the original secret key remains within the organizational unit, and only a derived key (especially a session key) is released to the data unit and / or the exchange data unit.

[0040] In this context, the term "key derivation" can refer to a process in which a secure key is generated from a specific secret key (e.g., as an initial value with or without a seed). This derivation is performed, for example, by applying a mathematical function or an algorithm to generate a key that meets the intended security requirements. Such a derived key can preferably be a (temporarily valid) session key.

[0041] In the present context, the term "organizational unit" can refer in particular to hardware and / or software configured to generate and / or store a secret and / or a secret key. Furthermore, the organizational unit can be configured to provide or transfer the secret to a data backup unit, a data unit, or an exchange data unit. In particular, the organizational unit can be configured not to provide the secret key to the data backup unit or to keep the data backup unit free of the secret key. In one embodiment, the organizational unit can be hardware and / or software. 202419757

[0042] The organizational unit must be set up as an 8-based tool. In one embodiment, the organizational unit can be part of a security infrastructure, a server, or a network. In another embodiment, the organizational unit can also be a portable storage device such as a USB flash drive. In yet another embodiment, the organizational unit can be a maintenance / diagnostic device used for initial setup or replacement of devices. In a preferred embodiment, the organizational unit is intended for the context of backing up / restoring backup data / archives.

[0043] According to an exemplary embodiment, the invention can be based on the idea that (backup) data can be organized efficiently and securely, particularly with regard to data backup and data recovery, if an organizational unit (as an independent entity) provides a secret to a data backup unit (e.g., a backup server) and / or a data unit (e.g., a field device without a backup storage function), but provides a secret key for applying the secret only to the data unit. The data unit can thus provide (and also restore) secret-protected data. In this way, the data backup unit can securely store the secret-protected data encrypted (by the secret and the secret key) for backup purposes, but, lacking the secret key, has no access to the data itself or cannot read it in plaintext.If the backed-up data is needed, it can be securely transferred back to the data unit or an exchange data unit and only then processed / restored by the organizational unit using the secret key.

[0044] In a visual representation, the data backup unit containing the secret features a safe in which data can be securely stored / transported. However, the key to this safe is not located on the data backup unit, meaning that the safe can only be stored within the data backup unit, while its contents are accessible only to the data unit and / or the exchange data unit. 202419757

[0045] 9

[0046] In one embodiment, the backups are thus protected at all times (during transport, storage, and in standby mode), meaning that confidentiality and integrity are guaranteed, since the data protection unit (backup and restore system) is unable to decrypt or modify backups. A successful attack on a backup and restore system (compromise) is therefore unable to compromise the backups or the integrity of the system or the data units. Furthermore, this approach enables not only the restoration of existing data units but also the restoration of replacement devices or exchange data units, which may be unknown at the time the backup was created.

[0047] Exemplary implementation examples

[0048] According to one embodiment, the secret key comprises at least one of the following: a private key, a derived key, a password, a temporary key, a session key, a PIN, a token, or a secret value. This can increase the system's versatility, as it can work with different types of secrets. In a simple example, the secret key can be implemented as a PIN or password. In a more complex example, the secret key can be an asymmetric private key. In another embodiment, the secret key can remain within the organizational unit, and a derived key is provided as the data unit's secret key.

[0049] According to one embodiment, the secret comprises at least one of the following: a (cryptographic) key, a secret value, a token, a password, or a PIN. In another embodiment, the secret is device-specific or device-type-specific. This can have the advantage of allowing for a wide variety of implementations. By providing a device specification, the secret can be specifically designated for a particular device (e.g., a specific data unit), thereby increasing security and efficiency. 202419757

[0050] 10

[0051] In one implementation, the secret can be imported by the data backup unit; that is, it is provided by the server for both the backup and restore processes. The secret is imported, for example, during the commissioning of the device (along with the secret key).

[0052] According to one embodiment, the application of the secret comprises at least one of the following: encrypting the secret, decrypting the secret, encrypting data, decrypting data, signing, decrypting a backup archive, encrypting a backup archive, or signing a backup archive. Accordingly, a variety of important security applications (particularly cryptographic) can be performed using the secret, provided the secret key is accessible.

[0053] According to one embodiment, the organizational unit is configured to provide the secret key to an exchange data unit, so that the exchange data unit can use the secret-protected data with the secret key. This can have the advantage that another data unit can decrypt, open, or recover the secret-protected data.

[0054] In the present context, the term "exchange data unit" can refer in particular to a data unit as described above, which replaces another data unit. An exchange data unit can thus also be called a "replacement data unit." For example, a data unit can be replaced or supplemented by an exchange data unit, e.g., when an update is performed or a new version of the data unit is available. Conventionally, transferring backup archives to the exchange data unit was quite problematic (see above). According to the invention, however, the exchange data unit can be established efficiently and securely by receiving the secret key from the organizational unit, thereby enabling the restoration of the confidential data. In this way, a large number of exchange data units can also be used.

[0055] 11 need backup data to be provided so that they can have access to all essential data from the predecessor devices.

[0056] According to one embodiment, the organizational unit is configured to derive a derived key, in particular a session key, from the secret key. According to another embodiment, the organizational unit is configured to provide the session key to the data unit and / or the exchange unit as a secret key. This significantly increases security because the original secret key does not need to leave the organizational unit. In a specific embodiment, security can be further enhanced by providing the derived key as a session key, meaning it expires or is deleted after a certain period.

[0057] In one embodiment, the data unit is enabled to perform cryptographic operations by providing the derived key from the organizational unit, without the secret key being directly present in the data unit.

[0058] In one embodiment, the organizational unit has a memory for storing the secret and / or the secret key. In one embodiment, the memory meets a security standard and is, in particular, a hardware memory.

[0059] In one embodiment, the organizational unit is configured as at least one of the following: an engineering tool, hardware and / or software, a processor, a user interface, a network interface, a mobile data storage device, a factory infrastructure, a security infrastructure, a central computer, a coupling computer, a gateway, a domain controller, a train control system, a trade controller, or a maintenance / diagnostic device. The organizational unit can thus be flexibly configured for the desired application. In one example, the organizational unit could be a mobile and practically deployable storage unit, such as a USB stick, that can be used by an operator. In another example, the 202419757

[0060] 12

[0061] An organizational unit can be part of a network or network interface, for example, in a train network. In another example, the organizational unit can be part of a larger control unit, such as a trade controller.

[0062] In one embodiment, the secret key can be manually entered, for example, during the installation of the device in the system (e.g., train) by a commissioning engineer (who uses the organizational unit as a tool). This can be done, for example, via one of the following: user interface, network interface, ID plug (encrypted data storage, e.g., a USB stick that can only be read by a specific device).

[0063] In one implementation example, the secret key can be introduced automatically, e.g., via a license file and / or configuration file that is specifically programmed into a new device by the manufacturer for the customer or by the customer's security infrastructure. Here, the organizational unit can be part of the manufacturer's factory infrastructure or the operator's security infrastructure.

[0064] In one embodiment, the data unit comprises at least one of the following: a field device, an outdoor device, an end device, a control unit, an input / output device, a sensor device, or an IoT device. This is a (non-exhaustive) list of examples of data unit implementations. In one example, the data unit might be a smaller or less complex device for which dedicated backup management is not usually technically or economically feasible. In another embodiment (e.g., an IoT network), multiple data units communicate with a further unit (e.g., the same data backup unit), which essentially acts as a controller for the data units.

[0065] In one embodiment, the data unit has a safety-relevant function, particularly in the area of ​​rail vehicles and / or rail vehicle infrastructure. For example, the data unit can be a control unit for signal processing (e.g., traffic light red or green). In a 202419757

[0066] In 13 further examples, the data unit could be an output device that, for instance, switches lights on and off. Despite a relatively low level of complexity and security, the data unit can fulfill (safety-)relevant functions. In the context of rail transport, this can play a particularly important role, as incorrect signals can quickly claim many lives. Accordingly, it can be advantageous to protect the data unit with a data backup to enable rapid replacement in case of a failure or the setup of redundant installations.

[0067] In one embodiment, the data backup unit comprises at least one of the following: a database, a storage unit, a backup / restore system, or a server. This can have the advantage of providing secure and established data backup and recovery functionality. Established structures, such as a backup server, can advantageously be used as the data backup unit. Preferably, the data backup unit can securely store the data but not read it. This allows for particularly secure and reliable data storage.

[0068] In one embodiment, the organizational unit, system, or process is used in the context of rail vehicles and / or rail vehicle infrastructure. In this area, safety-related aspects can play a particularly important role. Accordingly, the described data organization can be advantageous in this context. Communication between the units can take place via various communication interfaces common in rail vehicle technology, such as Ethernet, fieldbuses, or wireless connections. The choice of communication method can be crucial to ensuring reliable and secure transmission of the cryptographic keys. An advantage of this specific application in rail vehicles can be the ability to utilize existing infrastructure to meet the security requirements without the need for extensive hardware upgrades.

[0069] In one embodiment, the system further comprises: the exchange data unit, in particular configured for: receiving the secret-protected data from the data backup unit and / or applying the secret key to the 202419757

[0070] 14

[0071] Secret-protected data, in particular decryption. Using the secret-protected data, the data of the data unit can be easily and securely transferred to the exchange or backup unit. Although the data backup unit cannot open the secret-protected data, this is possible on the exchange data unit, which, like the data unit, has access to the secret key from the organizational unit.

[0072] In one embodiment, the data backup unit is configured to provide the secret to the data unit and / or the exchange data unit. In another embodiment, the data backup unit is configured to provide the secret-protected data to the data unit and / or the exchange data unit. In another embodiment, the data backup unit is configured to provide a data backup request to the data unit. In another embodiment, the data backup unit is configured to provide a data recovery request to the exchange data unit. The data backup unit can thus be efficiently integrated into the communication process. Providing data can, for example, involve transferring or sending it.

[0073] In one embodiment, the data unit and / or the exchange data unit is configured to restore the secret-protected data using the secret key. This ultimately provides an efficient data backup and recovery concept.

[0074] In one embodiment, separating the secret key and the secret into different units achieves a higher level of security, since the secret key is stored and processed in a trusted environment.

[0075] In one embodiment, the secret key, in particular the session key, can also be used in the data unit to generate further keys in the data unit by means of key derivation. These could be used, among other things, for 202419757

[0076] 15 will be used to additionally protect the integrity of data using Integrity Check Value.

[0077] In one embodiment, at least one of the units is configured to authenticate at least one other unit for communication. In one embodiment, this can be achieved through the use of keys, certificates, or other authentication mechanisms that confirm the identity of the unit(s). In one embodiment, the authentication could help prevent man-in-the-middle attacks, in which an attacker attempts to intercept the communication between the units. In another embodiment, the authentication could also ensure that only authorized units have access to the secret key and the session keys derived from it. In one embodiment, the authentication can be standards-compliant.

[0078] In one embodiment, communication authentication data (communication credentials), such as exchanging keys / signatures, can be used for such authentication (to provide secure, trustworthy, and integrity-based communication).

[0079] In one embodiment, the initial provisioning of the secret key can only take place during commissioning and pairing of the devices by an engineer on site. This engineer can generate, sign, and provision the secret key. Alternatively, they can verify and sign secret keys automatically generated on the devices on site. This step audits the extension of the chain of trust and also allows the pairing to be documented in external documentation or data management tools.

[0080] In one embodiment, at least two of the units are configured to communicate wirelessly and / or via wired connections. In another embodiment, at least two of the units are (temporarily) in close proximity or remote operation to each other. Accordingly, a variety of flexible applications are possible. In one example, the units can be in direct contact or arranged close to each other (e.g., 202419757).

[0081] 16 in the same carriage / train). In another example, the units can be spatially far apart, e.g., a sensor on the track and a control center. In one embodiment, the organizational unit can only be connected / coupled temporarily, e.g., by an operator / engineer during commissioning or a replacement.

[0082] In one embodiment, the organizational unit can be understood as a more secure / complex device than the data unit. For example, the data unit can be hierarchically subordinate to the organizational unit.

[0083] In one exemplary implementation, the step can input the secret key (PIN) into the data unit (field device) in such a way that certifiable hardware protection can be used for the secret. This solution can increase the security level, for example, if the secret and secret key are permanently stored on the device. This would prevent the secret key from being stored in plaintext on the devices, and the combination of secret and secret key would not be easily stolen.

[0084] In one exemplary implementation, the security standard (of the organizational unit) includes at least one of the following (exemplary, non-exhaustive list): certification, hardware security anchor, trusted hardware component, hardware-secure module (HSM), trusted platform module (TPM), trusted execution environment (TEE), FIPS 140-3. This can have the advantage that a large number of (security-)relevant security standards (from the field of rail vehicles) can be directly addressed.

[0085] In one embodiment, at least one storage unit of the organizational unit is designed as a hardware component. In this embodiment, designing the storage unit as a hardware component enables increased security, since hardware components are generally more resistant to attacks than software-based solutions.

[0086] In one embodiment, the organizational unit, in particular the at least one storage unit, is configured not to share the secret key, 202419757

[0087] 17. In particular, not to disclose it from the organizational unit. In one embodiment, by configuring the organizational unit not to share the secret key, security is further increased, since the secret key never leaves the secure environment of the storage unit.

[0088] In one embodiment, the data unit or the exchange data unit does not meet the security standard. However, by providing the secret key (in particular a session key), the data unit can be raised to a similar security level as the organizational unit.

[0089] In one embodiment, the organizational unit is configured to generate the secret and transfer it to at least one other unit. In this embodiment, the organizational unit's ability to generate and transfer the secret increases the system's flexibility, as another unit, such as the data unit, does not need to have the same security measures as the organizational unit.

[0090] In one embodiment, the organizational unit is configured to generate the secret key in response to contact with the data unit. In another embodiment, the secret key can be initially generated on the organizational unit when the devices are first paired. Alternatively, it can be provisioned into the system during commissioning. This also allows for the replacement (e.g., in case of a defect) of the organizational unit within the system, followed by the provisioning of the known, system-specific secret key.

[0091] In one embodiment, the system has two or more data units. In another embodiment, the organizational unit is configured to communicate with two or more data units, in particular to derive a key (or two or more keys) from the secret key for each of the two or more data units. In another embodiment, the two or more derived keys are identical or different. In another embodiment, the same 202419757

[0092] 18 secret keys are used, or different secret keys are used for the data units.

[0093] In one embodiment, the data unit and / or the exchange data unit is configured to provide the confidential data (or the backup archive) exclusively to the data backup unit or to send it only to this unit. In this embodiment, neither the data backup unit nor the organizational unit, nor any operator / engineer, has access to the backup archive. If the devices are designed to deliver their backup archive only to the data backup unit, the contents cannot be accessed.

[0094] It should be noted that embodiments of the invention have been described with reference to different subject matter. In particular, some embodiments have been described with reference to method claims, while other embodiments have been described with reference to apparatus claims. However, a person skilled in the art will understand from the foregoing and the following description that, unless otherwise stated, in addition to any combination of features belonging to one type of subject matter, any combination of features relating to different subject matter is also deemed to be disclosed by this document. This applies in particular to features of the method claims and features of the apparatus claims.

[0095] The aspects defined above and further aspects of the present invention will become apparent from the examples of embodiments described below and will be explained with reference to these examples. The invention will be described in more detail below with reference to embodiments to which, however, the invention is not limited.

[0096] Brief description of the drawings

[0097] Figure 1 schematically shows a system according to an exemplary embodiment of the invention. 202419757

[0098] 19

[0099] Figure 2 shows a system according to a further exemplary embodiment of the invention.

[0100] Detailed description of the drawings

[0101] The representations in the drawings are schematic. It should be noted that in different illustrations, similar or identical elements or features are designated with the same reference numerals or with reference numerals that differ from the corresponding reference numerals only in the first digit. To avoid unnecessary repetition, elements or features that have already been explained in relation to a previously described embodiment will not be explained again later in this description.

[0102] Furthermore, spatially relative terms such as "front" and "back," "top" and "bottom," "left" and "right," etc., are used to describe the relationship of one element to another, as illustrated in the figures. Thus, these spatially relative terms may apply to orientations used that differ from the orientation shown in the figures. Obviously, these spatially relative terms merely serve to simplify the description and the orientation shown in the figures and are not necessarily restrictive, since a device according to an embodiment of the invention may assume orientations other than those shown in the figures, particularly when in use.

[0103] Figure 1 schematically shows a system 100 according to an exemplary embodiment of the invention, comprising a data unit 110, an organizational unit 120, and a data backup unit 130. The organizational unit 120 is configured to generate and store a secret G and a secret key K_G, wherein the secret G is usable only (exclusively) by means of the secret key K_G. The organizational unit 120 provides or transmits the secret G to the data backup unit 130 and optionally to the data unit 110. Then the 202419757

[0104] 20

[0105] Organizational unit 120 provided the secret key K_G of data unit 110, but not of data backup unit 130.

[0106] The diagram shows that data backup unit 130 can request backup data D (i.e., a backup) from data unit 110. Data unit 110 is configured to apply the secret G (from organizational unit 120 or data backup unit 130) to the data D using the secret key K_G and to provide secret-protected data DG-K_G (i.e., an encrypted backup archive) that can be transferred to data backup unit 130. Data backup unit 130 stores the secret-protected data DG-K_G (the encrypted backup archive) so that it can be retrieved when needed (e.g., for recovery). Data backup unit 130 does not possess the secret key K_G, so the data cannot be read if data backup unit 130 is compromised. In particular, the data backup unit 130 and / or an operator 150 cannot open / read the secret-protected data.

[0107] In a specific embodiment, Figure 1 can also be described as follows. A key G for the backup is generated externally (in Engineering Tool 120) and separately deployed to the participating devices 110 and 130. The PIN or passphrase K_G, required to use the key G, is deployed to device 110 and the replacement device 140, but not to the backup server 130. This can be done through a separate commissioning process and not by the regular operating personnel. The backup DG-K_G is encrypted, and the transmission path does not require encryption. The backup server 130 cannot read backups from any of the devices 110 in plaintext.

[0108] If the backup archive metadata is not encrypted, the Data Backup Unit 130 can use it (e.g., to manage backups). For this purpose, metadata re-encryption (type-specific key) can be performed using the SMC of the new device. Encrypting this metadata with the SMC can protect this data from attacks during transport or storage (on the Data Backup Unit 130 or the Exchange Data Unit 202419757).

[0109] 21

[0110] 140). The term “SMC” can refer to a device certificate that identifies a device and can be used for device-specific encryption.

[0111] Figure 2 shows a system 100 according to a further exemplary embodiment of the invention. The system 100 is structured as in Figure 1, with further details shown. The organizational unit has a first memory 121 for the secret G and a second memory 122 for the secret key K_G. Preferably, the second memory 122 is configured according to a security standard, e.g., as a trusted hardware anchor.

[0112] Data unit 110 has a first memory 111 for the secret G, a first backup function 112, and a first restore function 113. Data unit 110 also has a first memory for the data 115 and / or restored data. Exchange data unit 140 has a third memory 141 for the secret G, a third backup function 142, and a third restore function 143. Exchange data unit 140 also has a third memory for restored data 145. Backup unit 130 has a second memory 131 for the secret G, a second backup function 132, and a second restore function 133. Backup unit 130 also has a second memory for (backed-up) data 135.

[0113] A Backup Manager 150 can be an operator or engineer who has access to the data backup unit 130. For example, they can send a data backup request to data unit 110 or restore data on data unit 110 or the exchange data unit 140. However, Backup Manager 150 cannot read the data on data backup unit 130 in plaintext because they do not have access to the secret key K_G.

[0114] Another operator (e.g., a commissioning engineer and / or field personnel) can use organizational unit 120 or secret 121 and / or secret 202419757.

[0115] 22

[0116] Copy key 122, e.g., in the case of an exchange, into the exchange data unit 140. In one example, the backup manager / operator 150 can have access to the data D, but not to the secret G, while the other operator has access to the secret G and its secret key K_G, but not to the data D.

[0117] In an exemplary embodiment, communication in system 100 can be carried out as follows:

[0118] Step 1: A device-type-specific key G is generated by an external engineering tool 120 and stored password-protected by a PIN K_G. G can, for example, be an asymmetric key containing a public and a PIN-protected private part. The device-type-specific (backup) keys G are distributed / installed on the backup and recovery system 130.

[0119] Step 2: The engineering tool 120 configures the PIN K_G (122) for the field devices 110 (e.g. via device type-specific configuration files).

[0120] Step 3: A backup manager 150 triggers a backup of a field device 110 or a group of field devices 110 (alternatively, backups can also be created by a trigger within the field device 110 or by a timer of the backup and restore system 130). The backup and restore system 130 calls a function on the field device 110 to create a backup and provides the device-type-specific key (public and PIN-protected private part) G.

[0121] Step 4: The field device 110 uses the device type-specific key G to encrypt the backup data D and sign it with the private part of the key (using the PIN / passphrase from 122, K_G).

[0122] Step 5: The backup and recovery system 130 stores the encrypted backup DG-K_G in its file system 135. Optionally, metadata about the backup (such as creation date, device type, device serial number) can be additionally stored for the backup and recovery system 130 202419757.

[0123] 23 readable files can be sent along. This can simplify the management of backups on 130.

[0124] In an exemplary embodiment, a recovery on a replacement device 140 is carried out as follows:

[0125] Step 1: The engineering tool 110 configures the PIN K_G for the replacement field devices 140 (e.g. via device type-specific configuration files).

[0126] Step 2: A Backup Manager 150 triggers the restoration of a backup field device 140. The backup and recovery system 130 calls a function on the field device 140 to restore an encrypted backup and provides the device-type-specific key G (public and PIN-protected private part). Optionally, the backup archive metadata can be additionally encrypted using the SMC.

[0127] Step 3: The field device 140 uses the device-type-specific public key G to verify the signature and the private part of the key to decrypt the backup data DG-K_G (using the PIN K_G from the device configuration) and restores the files.

[0128] It should be noted that the term "comprising" does not exclude other elements or steps, and the use of the article "a" does not exclude a plurality. Elements described in connection with different embodiments may also be combined. It should also be noted that reference numerals in the claims should not be interpreted as limiting the scope of the claims.

[0129] Regardless of the grammatical gender of a given term, persons with male, female, or other gender identities are included. 202419757

[0130] 24

[0131] Reference mark

[0132] 100 System

[0133] 110 data unit, field device

[0134] 111 First Storage Secret

[0135] 112 First backup function

[0136] 113 First recovery function

[0137] 115 First backup data

[0138] 120 Organizational Unit, Engineering Tool

[0139] 121 Memory Secret

[0140] 122 Hardware memory secret key

[0141] 130 Data backup unit, backup / restore system

[0142] 131 Second storage secret key

[0143] 132 Second backup function

[0144] 133 Second recovery function

[0145] 135 Second backup data

[0146] 140 replacement data units, replacement devices

[0147] 141 Third storage of secret key

[0148] 142 Third safety function

[0149] 143 Third recovery function

[0150] 145 recovery data

[0151] 150 back-up manager, operator, engineer

[0152] D data

[0153] DG-K_G - Confidential data

[0154] G secret

[0155] K_G Secret key (PI N) for accessing G

Claims

202419757 25 Patent claims 1. An organizational unit (120), established for: Providing a secret (G) to a data backup unit (130) and / or a data unit (110), wherein the secret (G) is applicable by means of a secret key (K_G), and the secret key (K_G) is not provided to the data backup unit (130); and Providing the secret key (K_G) to the data unit (110) and / or an exchange data unit (140) so that the data unit (110) and / or the exchange data unit (140) can apply the secret (G) to data (D), in particular a backup archive, in order to provide and / or use secret-protected data (DG-K_G).

2. The organizational unit (100) according to claim 1, wherein the secret key (K_G) comprises at least one of the following: a private key, a session key, a password, a PIN, a token.

3. The organizational unit (100) according to claim 1 or 2, wherein the secret (G) comprises at least one of the following: a key, a secret value, a token, a password, a PIN, in particular wherein the secret (G) is device type specific.

4. The organizational unit (100) according to one of the preceding claims, wherein the application of the secret (G) comprises at least one of the following: encrypting data, decrypting data, signing, encrypting a backup archive, decrypting a backup archive, signing a backup archive.

5. The organizational unit (100) according to one of the preceding claims, wherein the organizational unit (120) has a memory (121, 122) for Saving the secret (G) and / or the secret key (K_G), 202419757 26 where the storage meets a security standard, in particular hardware storage.

6. The organizational unit (100) according to one of the preceding claims, configured as at least one of the following: a development tool, a Hardware and / or software, a user interface, a network interface, a data storage device, a factory infrastructure, a security infrastructure, a central computer, a coupling computer, a gateway, a domain controller, a train control system, a trade controller, a maintenance device, a diagnostic device, a commissioning device, a mobile device.

7. A data backup system (100) comprising: an organizational unit (120) according to one of the preceding claims; the data unit (110) configured for Applying the secret (G) to the data (D) using the secret key (K_G) to provide the secret-protected data (DG-K_G), and providing the secret-protected data (DG-K_G) to the data backup unit (130); and / or the data backup unit (130), configured for Storing the secret-protected data (DG-K_G), wherein the data backup unit (130) is free of the secret key (K_G), in particular cannot apply the secret-protected (DG-K_G).

8. The system (100) according to claim 7, wherein the data unit (110) comprises at least one of the following: a field device, an outdoor device, a terminal device, a control unit, an input / output device, a sensor device, an IoT device.

9. The system (100) according to claim 7 or 8, wherein the data unit (110) has a safety-relevant function, in particular in the field of rail vehicles and / or rail vehicle infrastructure. 202419757 27 10. The system (100) according to any one of claims 7 to 9, wherein the data backup unit (130) comprises at least one of the following: a database, a storage unit, a backup and / or restore system, a server.

11. The system (100) according to any one of the preceding claims 7 to 10, wherein the system (100) in the context of rail vehicles and / or Rail vehicle infrastructure is used.

12. The system (100) according to any one of the preceding claims 7 to 11, further comprising: the exchange data unit (140), configured for: Receiving the confidential data (DG-K_G) from the data backup unit (130), and Applying the secret key (K_G) to the secret-protected data (DG-K_G), in particular to use the secret-protected data.

13. The system (100) according to any one of the preceding claims 7 to 12, wherein the data backup unit (130) is configured to perform at least one of the following: providing the secret (G) to the data unit (110); providing the secret-protected data (DG-K_G) to the data unit (110) and / or the exchange data unit (140); providing a data request regarding a data backup to the data unit (110); providing a recovery request regarding a data recovery to the exchange data unit (140).

14. The system (100) according to any one of the preceding claims 7 to 13, wherein the data unit (110) and / or the exchange data unit (140) is configured to restore the secret-protected data using the secret key (K_G). 202419757 28 15. A process comprising: Providing a secret (G) from an organizational unit (120) to a data backup unit (130) and / or a data unit (110), wherein the secret (G) is applicable by means of a secret key (K_G), and wherein the data backup unit (130) is free of the secret key (K_G); Providing the secret key (K_G) from the organizational unit (120) to the data unit (110) and / or an exchange data unit (140); Applying the secret key (K_G) to data (D) in the data unit (110) and / or the exchange data unit (140) to access secret-protected data (D- to provide and / or use G-K_G).