Intelligent cyberphysical intrusion detection and prevention systems and methods for industrial control systems
US-9405900-B2 · Aug 2, 2016 · US
Interface with secure intermediary platform to generate data compatible with an external system in an oil and gas asset supply chain
US10397245B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10397245-B2 |
| Application number | US-201515518923-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 24, 2015 |
| Priority date | Oct 14, 2014 |
| Publication date | Aug 27, 2019 |
| Grant date | Aug 27, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present disclosure generally relates to an interface system and method of interfacing to generate data compatible with an external system in an oil and gas asset supply chain, and in particular to an interface and interface method for generating secure and verifiable data to prevent tampering, injection of unwanted data resulting from an unauthorized access along a supply chain. An interface generates and transforms data in an oil and gas supply chain for compatibility with external systems. Collected data is captured by an industrial control system sensor or data collector, and transferred to a secure intermediary hardware platform to interface with a software component. The collected data is then modified using a business rules engine to create enhanced data and events created from the enhanced data.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of generating data in an oil and gas supply chain for compatibility with external systems, comprising: receiving data associated with the oil and gas assets, the data collected from at least one of an industrial control system, a first set of sensors and data collectors located along the oil and gas supply chain, wherein at least part of the data is received from at least one of a secure/trusted sensor and a secure/trusted industrial control system (ICS) which are connected with the first set of sensors and data collectors and which securely collect and verify the data from the first set of sensors and data collectors and digitally secure the verified data, wherein the at least one of a secure/trusted sensor and a secure/trusted ICS is protected from at least one of tampering, injection of unwanted data and unauthorized access; storing the received data in a secure intermediary platform comprising at least one software component and being protected from at least one of tampering, injection of unwanted data and unauthorized access; and adding attributes to the stored data using a business rules engine to create enhanced data, wherein the additional attributes of the enhanced data include at least one secure attribute allowing detection of modification or corruption of the enhanced data and authentication of the enhanced data. 2. The method according to claim 1 , wherein at least part of the enhanced data created using a business rules engine are transformed into events. 3. The method according to claim 2 , wherein the enhanced data or the events-based on the enhanced data are signed or encrypted with at least one of hardware or software security module(s). 4. The method according to claim 1 , further comprising checking the collected and verified data to confirm the accuracy of information in the collected data prior to being transferred to the secure intermediary hardware platform. 5. A system for generating data in an oil and gas supply chain for compatibility with external systems, comprising: at least one of an industrial control system, a first set of sensors and data collectors located along the oil and gas supply chain, for receiving data associated with the oil and gas assets, collected from the at least one of an industrial control system, a first set of sensors and data collectors; at least one of a secure/trusted sensor and a secure/trusted industrial control system (ICS), wherein the at least one of a secure/trusted sensor and a secure/trusted ICS is protected from at least one of tampering, injection of unwanted data and unauthorized access and wherein at least part of the data is received from the at least one of a secure/trusted sensor and a secure/trusted ICS which are connected with the first set of sensors and data collectors and which securely collect and verify the data from the first set of sensors and data collectors and digitally secure the verified data; a secure intermediary hardware platform storing the received data to interface with at least one software component and being protected from at least one of tampering, injection of unwanted data and unauthorized access; and a business rules engine adding attributes to the stored data to create enhanced data, wherein the additional attributes of the enhanced data include at least one secure attribute allowing detection of modification or corruption of the enhanced data and authentication of the enhanced data. 6. The system according to claim 5 wherein the enhanced data created using a business rules engines are transformed into events. 7. The system according to claim 6 wherein the enhanced data or the events-based on the enhanced data are signed or encrypted with at least one of hardware or software security module(s). 8. The system according to claim 5 , wherein the collected and verified data are further checked to confirm the accuracy of information in the collected data prior to being transferred to the secure intermediary system. 9. A non-transitory computer readable medium storing a program to generate data in an oil and gas supply chain for compatibility with external systems, the program when executed by a processor, comprising: receiving data associated with the oil and gas assets, the data collected from at least one of an industrial control system, a first set of sensors and data collectors, located along the oil and gas supply chain, wherein at least part of the data is received from at least one of a secure/trusted sensor and a secure/trusted industrial control system (ICS) which are connected with the first set of sensors and data collectors and which securely collect and verify the data from the first set of sensors and data collectors and digitally secure the verified data, wherein the at least one of a secure/trusted sensor and a secure/trusted ICS is protected from at least one of tampering, injection of unwanted data and unauthorized access; storing the received data in a secure intermediary hardware platform to interface with at least one software component, wherein the secure intermediary hardware platform is protected from at least one of tampering, injection of unwanted data and unauthorized access; and adding attributes to the stored data using a business rules engine to create enhanced data, wherein the additional attributes of the enhanced data include at least one secure attribute allowing detection of modification or corruption of the enhanced data and authentication of the enhanced data. 10. The non-transitory computer readable medium according to claim 9 wherein the enhanced data created using a business rules engine are transformed into events. 11. The non-transitory computer readable medium according to claim 10 wherein the enhanced data or the events-based on the enhanced data are signed or encrypted with at least one of hardware or software security module(s). 12. The non-transitory computer readable medium according to claim 9 , wherein the collected and verified data is further checked to confirm the accuracy of information in the collected data prior to being transferred to the secure intermediary system.
Assignees
Inventors
Classifications
Event detection, e.g. attack signature detection · CPC title
- H04L63/123Primary
received data contents, e.g. message integrity · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Proxies · CPC title
Proxy, i.e. using intermediary entity to perform cryptographic operations · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10397245B2 cover?
- The present disclosure generally relates to an interface system and method of interfacing to generate data compatible with an external system in an oil and gas asset supply chain, and in particular to an interface and interface method for generating secure and verifiable data to prevent tampering, injection of unwanted data resulting from an unauthorized access along a supply chain. An interfac…
- Who is the assignee on this patent?
- Sicpa Holding Sa
- What technology area does this patent fall under?
- Primary CPC classification H04L63/123. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 27 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).