公开(公告)号：US11977622B2

公开(公告)日：2024-05-07

申请号：US17094013

申请日：2020-11-10

Applicant: Analog Devices, Inc.

Inventor： Timothy Clish ,  Samuel Galpin ,  James G. Calvin ,  Albert Rooyakkers

IPC: G06F21/44 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32 ,  H04L9/40 ,  H04L67/12

CPC classification number: G06F21/445 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3263 ,  H04L9/3273 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/164 ,  G06F2212/175 ,  H04L67/12

Abstract: A set of redundant industrial control system communications/control modules includes at least a first communications/control module and a second communications/control module. The first and second communications/control modules are configured to perform an authentication sequence including: transmitting a request datagram from the first communications/control module to the second communications/control module, the request datagram including a first nonce, a first device authentication key certificate, and a first identity attribute certificate; transmitting a response datagram from the second communications/control module to the first communications/control module, the response datagram including a second nonce, a first signature associated with the first and second nonces, a second device authentication key certificate, and a second identity attribute certificate; and transmitting an authentication datagram from the first communications/control module to the second communications/control module when the response datagram is valid, the authentication datagram including a second signature associated with the first and second nonces.

公开(公告)号：US12212577B2

公开(公告)日：2025-01-28

申请号：US18337190

申请日：2023-06-19

Applicant: Analog Devices, Inc.

Inventor： Samuel Galpin ,  Timothy Clish ,  James G. Calvin ,  Albert Rooyakkers

IPC: H04L9/40 ,  G05B19/042 ,  G09C1/00 ,  H04L9/32

Abstract: Operator actions and/or other commands or requests are secured via an authentication path from an action originator to a communications/control module or any other industrial element/controller. In implementations, an industrial control system includes an action authenticator configured to sign an action request generated by the action originator. The destination communications/control module or any other industrial element/controller is configured to receive the signed action request, verify the authenticity of the signed action request, and perform a requested action when the authenticity of the signed action request is verified.

公开(公告)号：US12164621B2

公开(公告)日：2024-12-10

申请号：US17899201

申请日：2022-08-30

Applicant: Analog Devices, Inc.

Inventor： Albert Rooyakkers ,  James G. Calvin ,  Samuel Galpin ,  Timothy Clish

IPC: G06F21/44 ,  G06F21/62 ,  H04L9/08 ,  H04L9/32

Abstract: A secure industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the secure industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the secure industrial control system are provisioned with the security credentials for providing security at multiple (e.g., all) levels of the system.

公开(公告)号：US12032675B2

公开(公告)日：2024-07-09

申请号：US17836464

申请日：2022-06-09

Applicant: Analog Devices, Inc.

Inventor： Albert Rooyakkers ,  James G. Calvin ,  Samuel Galpin ,  Timothy Clish

IPC: G06F21/44 ,  G06F21/62 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/44 ,  G06F21/6218 ,  H04L9/083 ,  H04L9/3263 ,  G06F2212/175

Abstract: A zero trust industrial control system is disclosed herein. The industrial control system includes a plurality of industrial elements (e.g., modules, cables) which are provisioned during manufacture with their own unique security credentials. A key management entity of the zero trust industrial control system monitors and manages the security credentials of the industrial elements starting from the time they are manufactured up to and during their implementation within the industrial control system for promoting security of the industrial control system. An authentication process, based upon the security credentials, for authenticating the industrial elements being implemented in the industrial control system is performed for promoting security of the industrial control system. In one or more implementations, all industrial elements of the zero trust industrial control system are provisioned with the security credentials for providing security at multiple (e.g., all) levels of the system.