Transmission duration report and transmission target time allocation for controller area network synchronization
US-10855490-B2 · Dec 1, 2020 · US
Method for processing telegrams in an automation network, automation network, and subscribers
US12069033B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12069033-B2 |
| Application number | US-202217686366-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 3, 2022 |
| Priority date | Sep 19, 2019 |
| Publication date | Aug 20, 2024 |
| Grant date | Aug 20, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for processing telegrams in an automation network provides a master subscriber to at least partially encrypt and output telegrams, respectively, to another subscriber. The other subscriber comprises an input port, a receiving logic connected to the input port, a decryption unit connected to the receiving logic, and a processing unit connected to the decryption unit and the receiving logic. The receiving logic is configured, when a telegram at least partially encrypted by the master subscriber is present at the input port, to forward an encrypted portion of the telegram to the decryption unit. The decryption unit is configured to decrypt the encrypted portion of the telegram with a key, and to forward the encrypted portion to the processing unit for processing. If an unencrypted telegram is present at the input port, the receiving logic is configured to forward the unencrypted telegram to the processing unit for processing.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method for processing telegrams in an automation network comprising a plurality of network subscribers, wherein: at least one of the network subscribers is configured as a primary subscriber and at least one of the network subscribers is configured as a secondary subscriber, wherein the primary subscriber is configured to output telegrams to the at least one secondary subscriber, and wherein the primary subscriber is configured to at least partially encrypt the telegrams; wherein the at least one secondary subscriber comprises an input port, a receiving logic connected to the input port, a decryption unit connected to the receiving logic and a processing unit configured to process telegrams in passing and connected to the encryption unit and the receiving logic; wherein the receiving logic is configured, in the event that a telegram at least partially encrypted by the primary subscriber is present at the input port of the at least one secondary subscriber, to forward the at least partially encrypted telegram to the encryption unit, wherein the decryption unit is configured to decrypt an encrypted portion of the at least partially encrypted telegram on the fly with a key and to forward it to the processing unit, and wherein the processing unit is configured to process the decrypted portion of the at least partially encrypted telegram on the fly; and wherein the receiving logic is configured, in the event that a telegram unencrypted by the primary subscriber is present at the input port of the at least one secondary subscriber, to forward the unencrypted telegram to the processing unit, wherein the processing unit is configured to process the unencrypted telegram on the fly. 2. The method according to claim 1 , wherein: the at least one secondary subscriber comprises an output port and an encryption unit connected to the processing unit and the output port, wherein the at least one secondary subscriber is connected to the subsequent secondary subscriber via the output port via a data line network, and wherein the processing unit is configured to forward the decrypted part of the at least partially encrypted telegram to the decryption unit; and wherein the encryption unit is configured to decrypt the encrypted portion of the at least partially encrypted telegram with the key on the fly and to forward it to the output port. 3. The method according to claim 2 , wherein: the receiving logic is configured to generate a first version and a second version of an at least partially encrypted telegram by duplicating the at least partially encrypted telegram, wherein the receiving logic is configured to forward the first version to the decryption unit and the second version to the processing unit, and wherein the processing unit is configured to process an unencrypted portion of the second version on the fly and to forward it to the output port; wherein the processing unit is configured to stop the forwarding of the second version to the output port at the location of the encrypted portion of the second version, provided that the encrypted portion of the telegram section comprises a write operation for the processing unit; wherein the processing unit is configured to carry out the write access for the portion of the first version decrypted by the decryption unit and forwarded to the processing and thus to process said portion of the first version on the fly and subsequently forward it to the encryption unit for encryption, wherein the encryption unit is configured to encrypt the decrypted portion of the first version on the fly and to forward it to the output port; and wherein, provided that the encrypted portion of the second version comprised a telegram section with a write access for the processing unit, the processed portion of the unencrypted portion of the second version is linked to the encrypted portion of the first version prior to output via the output port. 4. The method according to claim 2 , wherein: the receiving logic is configured to generate a first version and a second version of an at least partially encrypted telegram by duplicating the at least partially encrypted telegram, wherein the receiving logic is configured to forward the first version to the decryption unit and the second version to the processing unit, and wherein the processing unit is configured to process an unencrypted portion of the second version on the fly and to forward it to the output port; wherein the processing unit is configured, provided that the encrypted portion of the second version comprises a read access for the processing unit, to forward the encryption portion of the second version to the output port and to carry out the read access for the portion of the first version decrypted by the decryption unit and forwarded to the processing unit and thus to process said portion of the first version on the fly; and wherein, provided that the encrypted portion of the second version comprised a telegram section with a read access for the processing unit, the processed part of the unencrypted portion of the second version is linked to the encrypted portion of the second version prior to output via the output port. 5. The method according to claim 2 , wherein: the receiving logic is configured to generate a first version and a second version of an at least partially encrypted telegram by duplicating of the at least partially encrypted telegram, wherein the receiving logic is configured to forward the first version to the decryption unit and the second version to the processing unit, and wherein the processing unit is configured to forward an unencrypted portion of the second version on the fly and to forward it to the output port; wherein, in the event that an encrypted portion of the second version does not comprise a write access for the processing unit nor a read access for the processing unit, the processing unit is configured to forward the encrypted portion of the second version to the output port; and wherein, provided that the encrypted portion of the second version did not comprise a telegram section with a write access for the processing unit and no telegram section with a read access for the processing unit, the processed portion of the unencrypted portion of the second version is linked to the encryption portion of the second version prior to output via the output port. 6. The method according to claim 1 , wherein: the telegrams are configured as Ethernet telegrams and each comprises an Ethernet header section and an Ethernet data section; and wherein, in a first encryption method, the primary subscriber is configured to encrypt the Ethernet data section of an Ethernet telegram with a key and to indicated the encryption of the Ethernet data section by a first telegram identifier in the Ethernet header section, wherein the receiving logic of the at least one secondary subscriber is configured to evaluate the first telegram identifier in the Ethernet header section. 7. The method according to claim 1 , wherein: the telegrams are configured as Ethernet telegrams and each comprises an Ethernet header section and an Ethernet data section, and wherein the Ethernet data section comprises a further header section and datagrams; wherein, in a second encryption method, the primary subscriber is configured to encrypt at least a datagram with a key and to indicate the encryption of the at least one datagram by a second telegram identifier in the further header section, wherein the receiving logic of the at least one secondary subscriber is configured to evaluate the second telegram identifier in the further header section. 8. The method according to claim 1 , wherein: the telegrams are configured as Ethe
Assignees
Inventors
Classifications
Bus for use in automation systems · CPC title
Details regarding a bus master · CPC title
Bus networks · CPC title
Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3 · CPC title
- H04L63/0428Primary
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12069033B2 cover?
- A method for processing telegrams in an automation network provides a master subscriber to at least partially encrypt and output telegrams, respectively, to another subscriber. The other subscriber comprises an input port, a receiving logic connected to the input port, a decryption unit connected to the receiving logic, and a processing unit connected to the decryption unit and the receiving lo…
- Who is the assignee on this patent?
- Beckhoff Automation Gmbh
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0428. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 20 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).