Vibration condition monitoring system and methods
US-9244042-B2 · Jan 26, 2016 · US
Publishing data across a data diode for secured process control communications
US11240201B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11240201-B2 |
| Application number | US-201916682649-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 13, 2019 |
| Priority date | Oct 24, 2016 |
| Publication date | Feb 1, 2022 |
| Grant date | Feb 1, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
To secure communications from a process plant across a unidirectional data diode to a remote system, a sending device at the plant end publishes data across the diode to a receiving device at the remote end. The publication of various data is respectively in accordance with context information (e.g., identification of data sources, respective expected rate of data generation/arrival, etc.) that is descriptive of data sources of the plant and that is recurrently provided by the sending device across the diode. A recurrence interval may be based on a tolerance for lost data or another characteristic of an application, service, or consumer of data at the remote system. The publishing may leverage an industrial communication protocol (e.g., HART-IP) and/or a suitable general-purpose communication protocol (e.g., JSON).
First claim
Opening claim text (preview).
What is claimed: 1. A method for securely transporting communications from a process plant, the method comprising: at a field gateway interconnecting a process plant network and a data diode configured to prevent two-way communications between the field gateway and an edge gateway: selecting, by the field gateway, a set of process plant data generated by one or more devices of the process plant while the process plant operates to control an industrial process; obtaining, by the field gateway via the process plant network, the selected set of process plant data in a first format from the one or more devices; providing, by the field gateway to the edge gateway across the data diode, information indicative of an identity of the selected process plant data, the information indicative of the identity of the selected process plant data mapped from a configuration that corresponds to the selected process plant data and that is stored in the process plant; converting, by the field gateway, the obtained, selected set of process data into a second format; and publishing, by the field gateway to the edge gateway across the data diode, the obtained, selected set of process plant data in the second format to the edge gateway in accordance with the information indicative of the identity of the selected process plant data including using a label different than a label utilized by the configuration corresponding to the selected process plant data. 2. The method of claim 1 , wherein the selected set of process plant data is a first set of process plant data, and the method further comprises not transmitting, by the field gateway, a second set of process plant data generated by the one or more devices of the process plant across the data diode to the edge gateway. 3. The method of claim 1 , wherein obtaining, by the field gateway, the selected set of process plant data in the first format from the one or more devices comprises receiving, by the field gateway, a data stream including the selected set of process plant data and streamed by the one or more devices to the field gateway via the process plant network. 4. The method of claim 3 , wherein the process plant network is a data network other than a process control communication network via which the one or more devices communicate, using an industrial communication protocol, data to control the process within the process plant. 5. The method of claim 3 , further comprising subscribing, by the field gateway, to the selected set of process plant data generated by the one or more devices; and wherein obtaining, by the field gateway, the selected set of process plant data comprises obtaining, by the field gateway, a publication of the selected set of process plant data. 6. The method of claim 1 , wherein obtaining, by the field gateway, the selected set of process plant data comprises obtaining, by the field gateway, process plant data generated by and/or corresponding to at least one of: a process parameter, a process variable, a function block, a module, an event, historized data, a piece of equipment, a display view, a device, or one or more other components of the process plant. 7. The method of claim 1 , wherein providing the information indicative of the identity of the selected process plant data comprises providing a context of the selected process plant data, the context of the process plant data including the information indicative of the identity of the selected process plant data and information indicative of the one or more devices that generated the selected process plant data. 8. The method of claim 1 , wherein converting the obtained, selected set of process data into a second format comprises converting the obtained, selected set of process data into an IP format or another type of packet format. 9. The method of claim 1 , wherein publishing the obtained, selected process plant data across the data diode comprises publishing the obtained, selected process plant data across a fiber optic link. 10. The method of claim 1 , wherein publishing the obtained, selected process plant data across the data diode comprises publishing the obtained, selected process plant data across the data diode via a session established between the field gateway and the edge gateway. 11. The method of claim 1 , wherein publishing the obtained, selected process plant data across the data diode comprises publishing at least one of: run-time process data, continuous process data, batch process data, historized data, event data, alarms data, analytics data, diagnostic data, user interface data, performance data, or another type of data corresponding to the one or more devices of the process plant operating to control the industrial process. 12. A system for securely transporting communications from a process plant, the system comprising: a field gateway communicatively coupled to a network of the process plant and to a data diode configured to prevent two-way communications between the field gateway and an edge gateway, the field gateway including one or more processors and one or more non-transitory memories, the one or more non-transitory memories storing computer-executable instructions thereon that, when executed by the one or more processors, cause the field gateway to: select a set of process plant data generated by one or more devices of the process plant while the process plant operates to control an industrial process; obtain the selected set of process plant data in a first format from the one or more devices; provide, to the edge gateway across the data diode, information indicative of an identity of the selected process plant data, the information indicative of the identity of the selected process plant data mapped from a configuration corresponding to the selected process plant data stored in the process plant; convert the obtained, selected set of process data into a second format; and publish, to the edge gateway across the data diode, the obtained, selected set of process plant data in the second format to the edge gateway in accordance with the information indicative of the identity of the selected process plant data including using a label different than a label utilized by the configuration corresponding to the selected process plant data. 13. The system of claim 12 , wherein the selected set of process plant data is a first set of process plant data, and the computer-executable instructions, when executed by the one or more processors, cause the field gateway further to not transmit a second set of process plant data generated by the one or more devices of the process plant across the data diode to the edge gateway. 14. The system of claim 12 , wherein the selected set of process plant data obtained in the first format from the one or more devices is included in a data stream streamed by the one or more devices to the field gateway via the process plant network. 15. The system of claim 14 , wherein the process plant network is a data network other than a process control communication network via which the one or more devices communicate, utilizing an industrial communication protocol, data to control the process within the process plant. 16. The system of claim 14 , wherein the selected set of process plant data obtained in the first format is a publication of the selected set of process plant data generated by the one or more devices, and the field gateway is a subscriber to the publication. 17. The system of claim 12 , wherein the selected set of process plant data includes at least one of: a process parameter, a process variable, a f
Assignees
Inventors
Classifications
involving control of end-device applications over a network · CPC title
Multiple levels of security · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
- H04L63/0209Primary
Architectural arrangements, e.g. perimeter networks or demilitarized zones · CPC title
LAN interconnection over a backbone network, e.g. Internet, Frame Relay · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11240201B2 cover?
- To secure communications from a process plant across a unidirectional data diode to a remote system, a sending device at the plant end publishes data across the diode to a receiving device at the remote end. The publication of various data is respectively in accordance with context information (e.g., identification of data sources, respective expected rate of data generation/arrival, etc.) that…
- Who is the assignee on this patent?
- Fisher Rosemount Systems Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0209. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 01 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).