An industrial control system firewall module
US-2021099424-A1 · Apr 1, 2021 · US
Wireless adaptor and wireless gateway having built-in firewalls for secure access to instruments
US11265293B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11265293-B2 |
| Application number | US-201916591167-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 2, 2019 |
| Priority date | Oct 26, 2018 |
| Publication date | Mar 1, 2022 |
| Grant date | Mar 1, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An apparatus and method is disclosed for the secure access to field instruments. An interface device that includes a built-in firewall, is communicatively coupled between the device manager of an industrial automation process control system and a network of field instruments. The interface device includes at least one processor configured to execute instructions that provides a firewall for the one or more field instruments by blocking one or more user selected commands from being sent to the field instruments from the device manager.
First claim
Opening claim text (preview).
What is claimed is: 1. An apparatus, comprising: a wireless adaptor comprising at least one interface configured to be coupled to one or more wired field devices; the wireless adaptor also comprising at least one wireless radio configured to communicate over a wireless network and to receive commands for the one or more wired field devices over the wireless network; the wireless adaptor further comprising at least one processor configured to: receive user information identifying one or more rules for a firewall, wherein the one or more rules relates to the commands for the one or more wired field devices; and execute instructions to provide the firewall for the one or more wired field devices by blocking one or more of the commands from being sent to the one or more wired field devices. 2. The apparatus of claim 1 , wherein: the at least one interface is configured to be coupled to one or more wired Highway Addressable Remote Transducer (HART) field devices; and the at least one wireless radio is configured to use a WirelessHART wireless network protocol. 3. The apparatus of claim 1 , wherein the one or more rules identify that one of: all universal and common practice write commands are blocked; certain universal and common practice write commands are blocked; and certain vendor-specific commands are blocked. 4. A method, comprising: coupling at least one interface of a wireless adaptor to one or more wired field devices; using at least one wireless radio of the wireless adaptor to communicate over a wireless network and to receive commands for the one or more wired field devices over the wireless network; and using at least one processor of the wireless adaptor to: receive user information identifying one or more rules for a firewall, wherein the one or more rules relates to the commands for the one or more wired field devices; and execute instructions for providing the firewall for the one or more wired field devices by blocking one or more of the commands from being sent to the one or more wired field devices. 5. The method of claim 4 , wherein: the at least one interface is coupled to one or more wired Highway Addressable Remote Transducer (HART) field devices; and the at least one wireless radio uses a WirelessHART wireless network protocol. 6. The method of claim 4 , wherein the one or more rules identify that one of: all universal and common practice write commands are blocked; certain universal and common practice write commands are blocked; and certain vendor-specific commands are blocked. 7. A non-transitory computer readable medium containing instruction that, when executed by at least one processing device, cause the at least one processing device to perform operations, the operations comprising: couple at least one interface of a wireless adaptor to one or more wired field devices; using at least one wireless radio of the wireless adaptor to communicate over a wireless network and to receive commands for the one or more wired field devices over the wireless network; and using at least one processor of the wireless adaptor to: receive user information identifying one or more rules for a firewall, wherein the one or more rules relates to the commands for the one or more wired field devices; and execute instructions for providing the firewall for the one or more wired field devices by blocking one or more of the commands from being sent to the one or more wired field devices. 8. An apparatus, comprising: a wireless gateway comprising at least one interface configured to be coupled to one or more networks; the wireless gateway also comprising at least one wireless radio configured to communicate over a wireless network and to transmit commands for one or more wireless field devices over the wireless network; the wireless gateway further comprising at least one processor configured to: receive user information identifying one or more rules for a firewall, wherein the one or more rules relates to the commands for the one or more wireless field devices; and execute instructions that provides the firewall for the one or more wireless field devices by blocking one or more of the commands from being sent to the one or more wireless field devices. 9. The apparatus of claim 8 , wherein the at least one wireless radio is configured to use a Wireless Highway Addressable Remote Transducer (WirelessHART) wireless network protocol. 10. The apparatus of claim 8 , wherein the one or more rules identify that one of: all universal and common practice write commands are blocked; certain universal and common practice write commands are blocked; and certain vendor-specific commands are blocked. 11. A method, comprising: coupling at least one interface of a wireless gateway to one or more networks; using at least one wireless radio of the wireless gateway to communicate over a wireless network and to transmit commands for one or more wireless field devices over the wireless network; and using at least one processor of the wireless gateway to: receive user information identifying one or more rules for a firewall, wherein the one or more rules relates to the commands for the one or more wireless field devices; and execute instructions for providing the firewall for the one or more wireless field devices by blocking one or more of the commands from being sent to the one or more wireless field devices. 12. The method of claim 11 , wherein the at least one wireless radio uses a Wireless Highway Addressable Remote Transducer (WirelessHART) wireless network protocol. 13. The method of claim 11 , wherein the one or more rules identify that one of: all universal and common practice write commands are blocked; certain universal and common practice write commands are blocked; and certain vendor-specific commands are blocked. 14. A non-transitory computer readable medium containing instruction that, when executed by at least one processing device, cause the at least one processing device to perform operations, the operations comprising: couple at least one interface of a wireless gateway to one or more networks; using at least one wireless radio of the wireless gateway to communicate over a wireless network and to transmit commands for one or more wireless field devices over the wireless network; and using at least one processor of the wireless gateway to: receive user information identifying one or more rules for a firewall, wherein the one or more rules relates to the commands for the one or more wireless field devices; and execute instructions for providing the firewall for the one or more wireless field devices by blocking one or more of the commands from being sent to the one or more wireless field devices. 15. The apparatus of claim 1 , wherein the wireless adaptor includes at least one I/O unit configured to be coupled to a handheld programming device, the wireless adaptor executing instructions to provide the firewall for the one or more wired field devices by blocking one or more of the commands from being sent to the one or more wired field devices from the handheld programming device.
Assignees
Inventors
Classifications
Gateway arrangements · CPC title
Data link layer protocols · CPC title
Services for machine-to-machine communication [M2M] or machine type communication [MTC] · CPC title
specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks · CPC title
- H04W12/088Primary
using filters or firewalls · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11265293B2 cover?
- An apparatus and method is disclosed for the secure access to field instruments. An interface device that includes a built-in firewall, is communicatively coupled between the device manager of an industrial automation process control system and a network of field instruments. The interface device includes at least one processor configured to execute instructions that provides a firewall for the…
- Who is the assignee on this patent?
- Honeywell Int Inc
- What technology area does this patent fall under?
- Primary CPC classification H04W12/088. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 01 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).