会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 3. 发明公开
    • Securing Access of a Process Control or Automation System
    • US20240028011A1
    • 2024-01-25
    • US18223395
    • 2023-07-18
    • FISHER-ROSEMOUNT SYSTEMS, INC.
    • Brian LamotheNarayanan DoraiswamyMark J. NixonAaron C. JonesAntonio UbachSean HernandezSireesha DakojuKrishna JoshiMatthew Villarrubia
    • G05B19/418H04L9/40
    • G05B19/4185H04L63/08
    • A process plant and industrial control system architecture includes a generalized compute fabric that is agnostic or indifferent to the physical location at which the compute fabric is implemented, includes one or more physical control or field devices located at one or more specific sites at which a product or process is being manufactured and further includes a transport network that securely provides communications between the compute fabric and the pool of physical devices. The compute fabric includes an application layer that includes configured containers or containerized software modules that perform various control, monitoring and configuration activities with respect to one or more devices, control strategies and control loops, sites, plants, or facilities at which control is performed, and includes a physical layer including computer processing and data storage equipment that can be located at any desired location, including at or near a site, plant, or facility at which control is being performed, at a dedicated location away from the location at which control is being performed, in re-assignable computer equipment provided in the cloud, or any combination thereof. This control architecture enables significant amounts of both computer processing and IT infrastructure that is used to support a process plant, an industrial control facility or other automation facility to be implemented in a shared, in an offsite and/or in a virtualized manner that alleviates many of the communications and security issues present in current process and industrial control systems that attempt to implement control with shared or virtualized computing resources set up according to the well-known Purdue model.
      The industrial control system architecture is protected via more secure and customizable techniques as compared to those used in Purdue model-based control systems. For example, communications between any (and in some cases, all) endpoints of the system may be protected via one or more virtual private networks to which authenticated endpoints must be authorized to access. Endpoints may include, for example, containerized components, physical components, devices, sites or locations, the compute fabric, and the like, and the VPNs may include mutually-exclusive and/or nested VPNs. External applications and services, whether automated or executing under the purview of a person, may access information and services provided by the system via only APIs, and different sets of APIs may be exposed to different users that have been authenticated and authorized to access respective sets of APIs.
      A configuration system operates within the compute fabric to enable a user to easily make configuration changes to the compute fabric as the user does not generally need to specify the computer hardware within the compute fabric to use to make the configuration changes, making it possible for the user to deploy new configuration elements with simple programming steps, and in some cases with the push of a button.