公开(公告)号：US20170237752A1

公开(公告)日：2017-08-17

申请号：US15042054

申请日：2016-02-11

Applicant: Honeywell International Inc.

Inventor： Ritwik Ganguly ,  Avinash Rajan ,  Praveen R. Shetty ,  Ganesh P. Gadhe

IPC: H04L29/06 ,  G06N5/04 ,  H04L12/58 ,  G06F21/57

CPC classification number: H04L63/1416 ,  G06F21/577 ,  G06F2221/034 ,  G06N5/04 ,  H04L51/046 ,  H04L51/16 ,  H04L63/1433

Abstract: This disclosure provides systems and methods for prediction of potential cyber security threats and risks in an industrial control system using predictive cyber analytics. A method includes receiving, by a risk manager system, real-time data from a plurality of connected devices. The method includes creating, by the risk manager system, a data model based on the real-time data. The method includes analyzing, by the risk manager system, the data model to identify potential current threats. The method includes predicting, by the risk manager system, potential threats. The method includes notifying a user, by the risk manager system, of the potential threats.

公开(公告)号：US10244000B2

公开(公告)日：2019-03-26

申请号：US14460256

申请日：2014-08-14

Applicant: Honeywell International Inc.

Inventor： Brian Reynolds ,  Senthilkumar Dhanagopalan ,  Ritwik Ganguly

IPC: H04L29/06 ,  G05B19/042 ,  G05B19/418

Abstract: A method includes establishing, using a connection policy at a first device, a security association with a second device of an industrial process control and automation system. The method also includes, once the security association is established, activating a process data policy at the first device. The security association is established during first and second types of negotiations. The process data policy is activated during the second type of negotiation without the first type of negotiation. The second type of negotiation is faster than the first type of negotiation. The connection policy defines a communication channel between the devices using a non-process communication port of the first device. The process data policy defines a communication channel between the devices for real-time industrial process data. The first type of negotiation could include an IKE main mode negotiation, and the second type of negotiation could include an IKE quick mode negotiation.

公开(公告)号：US20150244742A1

公开(公告)日：2015-08-27

申请号：US14460256

申请日：2014-08-14

Applicant: Honeywell International Inc.

Inventor： Brian Reynolds ,  Senthilkumar Dhanagopalan ,  Ritwik Ganguly

IPC: H04L29/06

CPC classification number: H04L63/205 ,  G05B19/0421 ,  G05B19/4185 ,  G05B2219/23317 ,  G05B2219/25232 ,  G05B2219/31156 ,  H04L63/061 ,  H04L63/164 ,  Y02P90/18

Abstract: A method includes establishing, using a connection policy at a first device, a security association with a second device of an industrial process control and automation system. The method also includes, once the security association is established, activating a process data policy at the first device. The security association is established during first and second types of negotiations. The process data policy is activated during the second type of negotiation without the first type of negotiation. The second type of negotiation is faster than the first type of negotiation. The connection policy defines a communication channel between the devices using a non-process communication port of the first device. The process data policy defines a communication channel between the devices for real-time industrial process data. The first type of negotiation could include an IKE main mode negotiation, and the second type of negotiation could include an IKE quick mode negotiation.

Abstract translation: 一种方法包括在第一设备处使用连接策略建立与工业过程控制和自动化系统的第二设备的安全关联。 该方法还包括，一旦建立了安全关联，则激活第一设备处的过程数据策略。 安全协会是在第一和第二类谈判期间建立的。 过程数据策略在第二类协商期间被激活，而没有第一类协商。 第二种谈判速度比第一类谈判要快。 连接策略使用第一设备的非进程通信端口来定义设备之间的通信信道。 过程数据策略定义了用于实时工业过程数据的设备之间的通信通道。 第一种类型的协商可以包括IKE主模式协商，第二种类型的协商可以包括IKE快速模式协商。

公开(公告)号：US09507336B2

公开(公告)日：2016-11-29

申请号：US13748863

申请日：2013-01-24

Applicant: Honeywell International, Inc.

Inventor： Vibhor Tandon ,  Ritwik Ganguly ,  Falgun Bhayani

IPC: G06F19/00 ,  G05B19/042

CPC classification number: G05B19/0428 ,  G05B2219/24001 ,  G05B2219/25428

Abstract: A method includes identifying a plurality of elements in a process control system that uses a process value from a field device. The method also includes identifying an aggregate control connection status of the field device by (i) determining whether one or more of the elements can use a manual value in place of the process value, (ii) determining whether one or more other elements in the plurality can use a user configured value, and (iii) evaluating a logic expression based on results of the determining in (i) and (ii). The method further includes determining whether the field device is available to be taken offline based on the aggregate control connection status. In addition, the method includes generating a notification based on the determination of whether the field device is available to be taken offline.

Abstract translation: 一种方法包括识别使用来自现场设备的过程值的过程控制系统中的多个元素。 该方法还包括通过以下步骤来识别现场设备的聚合控制连接状态：（i）确定一个或多个元件是否可以使用手动值代替过程值，（ii）确定是否存在一个或多个其他元素 多个可以使用用户配置的值，以及（iii）基于（i）和（ii）中的确定结果来评估逻辑表达式。 该方法还包括基于聚合控制连接状态确定现场设备是否可用于脱机。 此外，该方法包括基于现场设备是否可以脱机的确定来生成通知。

公开(公告)号：US20140207255A1

公开(公告)日：2014-07-24

申请号：US13748863

申请日：2013-01-24

Applicant: HONEYWELL INTERNATIONAL, INC.

Inventor： Vibhor Tandon ,  Ritwik Ganguly ,  Falgun Bhayani

IPC: G05B11/32

CPC classification number: G05B19/0428 ,  G05B2219/24001 ,  G05B2219/25428

Abstract: A method includes identifying a plurality of elements in a process control system that uses a process value from a field device. The method also includes identifying an aggregate control connection status of the field device by (i) determining whether one or more of the elements can use a manual value in place of the process value, (ii) determining whether one or more other elements in the plurality can use a user configured value, and (iii) evaluating a logic expression based on results of the determining in (i) and (ii). The method further includes determining whether the field device is available to be taken offline based on the aggregate control connection status. In addition, the method includes generating a notification based on the determination of whether the field device is available to be taken offline.

Abstract translation: 一种方法包括识别使用来自现场设备的过程值的过程控制系统中的多个元素。 该方法还包括通过以下步骤来识别现场设备的聚合控制连接状态：（i）确定一个或多个元件是否可以使用手动值代替过程值，（ii）确定是否存在一个或多个其他元素 多个可以使用用户配置的值，以及（iii）基于（i）和（ii）中的确定结果来评估逻辑表达式。 该方法还包括基于聚合控制连接状态确定现场设备是否可用于脱机。 此外，该方法包括基于现场设备是否可以脱机的确定来生成通知。