-
公开(公告)号:WO2018005479A1
公开(公告)日:2018-01-04
申请号:PCT/US2017/039486
申请日:2017-06-27
Applicant: GENERAL ELECTRIC COMPANY
Abstract: According to some embodiments, an overall chain-of-trust may be established for an industrial control system. Secure hardware may be provided, including a hardware security module coupled to or integrated with a processor of the industrial control system to provide a hardware root-of-trust. Similarly, secure firmware associated with a secure boot mechanism such that the processor executes a trusted operating system, wherein the secure boot mechanism includes one or more of a measured boot, a trusted boot, and a protected boot. Objects may be accessed via secure data storage, and data may be exchanged via secure communications in accordance with information stored in the hardware security model.
Abstract translation: 根据一些实施例,可以为工业控制系统建立总体信任链。 可以提供安全硬件,包括耦合到工业控制系统的处理器或与工业控制系统的处理器集成以提供硬件信任根的硬件安全模块。 类似地,与安全引导机制相关联的安全固件使得处理器执行可信操作系统,其中安全引导机制包括测量引导,可信引导和受保护引导中的一个或多个。 可以通过安全数据存储访问对象,并且可以根据存储在硬件安全模型中的信息通过安全通信交换数据。
-
公开(公告)号:WO2018005479A8
公开(公告)日:2018-01-04
申请号:PCT/US2017/039486
申请日:2017-06-27
Applicant: GENERAL ELECTRIC COMPANY
Inventor: SMITH, William, David , AHMED, Safayet Nizam, Uddin , CZECHOWSKI, Joseph, III. , SAFFORD, David
Abstract: According to some embodiments, an overall chain-of-trust may be established for an industrial control system. Secure hardware may be provided, including a hardware security module coupled to or integrated with a processor of the industrial control system to provide a hardware root-of-trust. Similarly, secure firmware associated with a secure boot mechanism such that the processor executes a trusted operating system, wherein the secure boot mechanism includes one or more of a measured boot, a trusted boot, and a protected boot. Objects may be accessed via secure data storage, and data may be exchanged via secure communications in accordance with information stored in the hardware security model.
-
Search Results
2
records
(took 0.025 seconds)
