System and method of architectural security and resilience for microgrid systems
US-2017063918-A1 · Mar 2, 2017 · US
Legacy device securitization using bump-in-the-wire security devices within a microgrid system
US10218675B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10218675-B2 |
| Application number | US-201514696822-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 27, 2015 |
| Priority date | Apr 28, 2014 |
| Publication date | Feb 26, 2019 |
| Grant date | Feb 26, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Devices, methods, systems, and computer-readable media for legacy device securitization within a microgrid system are described herein. One or more embodiments include a system having a microgrid network with at least one remote network connection to a non-local network device and the network having at least one local legacy device in communication with the non-local network device and a bump-in-the-wire (BITW) security device between the local legacy device and the at least one remote connection.
First claim
Opening claim text (preview).
What is claimed: 1. A system for legacy device securitization within a microgrid, comprising: a microgrid network having at least one remote network connection to a non-local network device and the microgrid network having at least one local legacy device in communication with the non-local network device, wherein the at least one local legacy device cannot perform cryptographic operations; a first bump-in-the-wire (BITW) security device between the at least one local legacy device and the at least one remote connection, wherein the first bump-in-the-wire (BITW) security device performs asymmetric and symmetric operations on data passed between the at least one local legacy device and the non-local network device, wherein the first bump-in-the-wire (BITW) security device includes a first user interface to allow a user to access privileges to be given to the first bump-in-the-wire (BITW) security device, instructions to be sent to the first bump-in-the-wire (BITW) security device, and data available on the first bump-in-the-wire (BITW) security device to restrict access to the microgrid network, wherein the privileges to be given to the first bump-in-the-wire (BITW) security device include installing software and firmware on one or more devices of the microgrid network, wherein access attempts, successful logins, messages, or a combination thereof are logged into the microgrid network to enable auditing and forensic analysis, and wherein one or more authentication technologies are compared and selected for the microgrid network based on real time requirements of the microgrid network; and a second bump-in-the-wire (BITW) security device between the non-local network device and the at least one remote connection, wherein the second bump-in-the-wire (BITW) security device performs asymmetric and symmetric operations on data passed between the non-local network device and the at least one remote connection, wherein the first and second bump-in-the-wire (BITW) security devices are positioned within the microgrid network to secure the at least one local legacy device, and wherein the bump-in-the-wire (BITW) security devices communicate with each other to cross check security settings and verify access requests on a secured network that is separate from the network accessed by the remote network connection, wherein the second bump-in-the-wire (BITW) security device includes a second user interface to allow the user to access privileges to be given to the second bump-in-the-wire (BITW) security device, instructions to be sent to the second bump-in-the-wire (BITW) security device, and data available on the second bump-in-the-wire (BITW) security device to restrict access to the microgrid network, and wherein the privileges to be given to the second bump-in-the-wire (BITW) security device include installing the software and the firmware on the one or more devices of the microgrid network. 2. The system of claim 1 , wherein the microgrid network includes a gateway device that provides the at least one remote connection. 3. The system of claim 2 , wherein the microgrid network includes a firewall established between the gateway device and the BITW security device. 4. The system of claim 3 , wherein the microgrid network further includes a local area network between the BITW security device and the local legacy device. 5. The system of claim 4 , wherein the BITW security devices communicate with each other on the secured network that is separate from the local area network. 6. The system of claim 1 , wherein the level of security on the secured network is more restrictive than at least one of the local area network and the network accessed by the remote network connection. 7. A system for legacy device securitization used with a microgrid, comprising, a first microgrid local network having at least two local devices, wherein at least one of the at least two local devices is a legacy device that cannot perform cryptographic operations, and at least one remote network connection to a non-local network control device, a first bump-in-the-wire (BITW) security device between one of the at least one local legacy devices and the at least one remote connection to the non-local network control device, wherein the first bump-in-the-wire (BITW) security device performs asymmetric and symmetric operations on data passed between the at least one local legacy device and the non-local network control device, wherein the first bump-in-the-wire (BITW) security device includes a first user interface to allow a user to access privileges to be given to the first bump-in-the-wire (BITW) security device, instructions to be sent to the first bump-in-the-wire (BITW) security device, and data available on the first bump-in-the-wire (BITW) security device to restrict access to the first microgrid local network, wherein the privileges to be given to the first bump-in-the-wire (BITW) security device include installing software and firmware on one or more devices of the first microgrid local network, wherein access attempts, successful logins, messages, or a combination thereof are logged into the first microgrid local network to enable auditing and forensic analysis, and wherein one or more authentication technologies are compared and selected for the first microgrid local network based on real time requirements of the first microgrid local network, and a second bump-in-the-wire (BITW) security device between the non-local network control device and the at least one remote network connection to the non-local network control device, wherein the second bump-in-the-wire (BITW) security device performs asymmetric and symmetric operations on data passed between the non-local network control device and the at least one remote connection, wherein the second bump-in-the-wire (BITW) security device includes a second user interface to allow the user to access privileges to be given to the second bump-in-the-wire (BITW) security device, instructions to be sent to the second bump-in-the-wire (BITW) security device, and data available on the second bump-in-the-wire (BITW) security device to restrict access to the first microgrid local network, and wherein the privileges to be given to the second bump-in-the-wire (BITW) security device include installing the software and the firmware on the one or more devices of the first microgrid local network, wherein the first and second bump-in-the-wire (BITW) security devices are positioned within the first microgrid local network to secure the at least one local legacy device, and wherein the bump-in-the-wire (BITW) security devices communicate with each other to cross check security settings and verify access requests on a secured network that is separate from the network accessed by the remote network connection. 8. The system of claim 7 , wherein the system further includes, a second microgrid local network having at least two local devices and at least one remote network connection to the first microgrid network, and a bump-in-the-wire (BITW) security device between at least one of the local devices and the at least one remote connection of the second microgrid local network. 9. The system of claim 8 , wherein the BITW security devices of the first and second microgrid local networks communicate with each other on the secured network that is separate from the first and second local microgrid networks. 10. The system of claim 9 , wherein the BITW security devices communicate with each other on a secured network that is separate from the network accessed by the remote network connection. 11. The system of claim 10 , wherein the communications on the secured network are used to grant access to a particular local device by another loca
Assignees
Inventors
Classifications
Circuit arrangements for mains or distribution networks not specified as AC or DC; Circuit arrangements for mains or distribution networks combining AC and DC sections or sub-networks (arrangements using intermediate DC-AC-DC conversion H02J1/002; arrangements using high-voltage DC [HVDC] links H02J3/36) · CPC title
Cross-Sectional Technologies · mapped topic
- H04L63/0209Primary
Architectural arrangements, e.g. perimeter networks or demilitarized zones · CPC title
by local area network [LAN], network structure · CPC title
Filtering policies (mail message filtering H04L51/212) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10218675B2 cover?
- Devices, methods, systems, and computer-readable media for legacy device securitization within a microgrid system are described herein. One or more embodiments include a system having a microgrid network with at least one remote network connection to a non-local network device and the network having at least one local legacy device in communication with the non-local network device and a bump-i…
- Who is the assignee on this patent?
- Honeywell Int Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0209. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 26 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).