公开(公告)号：US11109231B2

公开(公告)日：2021-08-31

申请号：US15075577

申请日：2016-03-21

Applicant: ABB Technology AG

Inventor： Matus Harvan ,  Roman Schlegel ,  Sebastian Obermeier ,  Thomas Locher

IPC: G06F21/62 ,  H04W12/08 ,  G06F21/74 ,  G06F21/35 ,  G06F21/57 ,  G06F21/31 ,  G06Q10/00 ,  H04W84/12

Abstract: The present invention provides an approach for granting access and respectively denying access to an instruction set of a device. The technical teaching provides the advantage that unauthorized access can be effectively prevented. Hence, maintenance work can be performed by specialized staff and security sensitive parts of the instruction sets are secured.

公开(公告)号：US20160149944A1

公开(公告)日：2016-05-26

申请号：US14945692

申请日：2015-11-19

Applicant: ABB Technology AG

Inventor： Sebastian Obermeier ,  Roman Schlegel ,  Michael Wahler

IPC: H04L29/06 ,  G06F17/30 ,  G06F9/54

CPC classification number: H04L63/1425 ,  G05B2219/23317 ,  G06F9/542 ,  G06F17/30345 ,  G06F21/554 ,  H04L41/145 ,  H04L63/1416

Abstract: A method and system for automatic signalling an alert when a possible intrusion occurs in an industrial automation and control system, based on security events which occur in the industrial automation and control system or are externally fed into the system. The method includes the steps of: (a) determining a correlation of a first and second security event and storing the correlation in an event database, wherein the correlation includes a probability that the first security event is followed by the second security event within a normalised time period, (b) identifying a candidate event as the first security event, based on event information of the candidate event, upon occurrence of the candidate event, (c) classifying the candidate event as anomalous when the probability exceeds a predetermined threshold and no second security event follows the candidate event within the normalised time period, and (d) signalling the alert indicating the candidate event.

Abstract translation: 基于工业自动化和控制系统中发生的安全事件或外部馈入系统的工业自动化和控制系统中发生可能的入侵时，自动发出警报的方法和系统。 该方法包括以下步骤：（a）确定第一和第二安全事件的相关性并将相关性存储在事件数据库中，其中所述相关性包括第一安全事件遵循归一化后的第二安全事件的概率 （b）当候选事件发生时，基于候选事件的事件信息来识别作为第一安全事件的候选事件，（c）当概率超过预定阈值且将候选事件分类为异常时，将候选事件分类为第 第二安全事件遵循归一化时间段内的候选事件，并且（d）发信号通知表示候选事件的警报。

公开(公告)号：US20160283702A1

公开(公告)日：2016-09-29

申请号：US15075577

申请日：2016-03-21

Applicant: ABB Technology AG

Inventor： Matus Harvan ,  Roman Schlegel ,  Sebastian Obermeier ,  Thomas Locher

IPC: G06F21/31 ,  G06Q10/00

CPC classification number: G06F21/31 ,  G06F21/35 ,  G06F21/575 ,  G06F21/6209 ,  G06F21/74 ,  G06F2221/2141 ,  G06F2221/2147 ,  G06F2221/2151 ,  G06Q10/20 ,  H04W12/08 ,  H04W84/12

Abstract: The present invention provides an approach for granting access and respectively denying access to an instruction set of a device. The technical teaching provides the advantage that unauthorized access can be effectively prevented. Hence, maintenance work can be performed by specialized staff and security sensitive parts of the instruction sets are secured.

Abstract translation: 本发明提供一种用于授予访问并分别拒绝对设备的指令集的访问的方法。 技术教学提供了有效防止未授权访问的优点。 因此，维护工作可以由专业人员执行，安全敏感部分的指令集得到保证。