Systems and methods for monitoring traffic on industrial control and building automation system networks

Jenkins, Chris

Advanced Search OptionsAdvanced Search queries use a traditional Term Search. For more info, see our FAQ.

All Fields:

Patent Title:

Abstract:

Assignee:

Inventor(s):

Patent Number:

Patent Classification (CPC):

All Classifications
A - human necessities
A01 - agriculture
A21 - baking
A22 - butchering
A23 - foods or foodstuffs
A24 - tobacco
A41 - wearing apparel
A42 - headwear
A43 - footwear
A44 - haberdashery
A45 - hand or travelling articles
A46 - brushware
A47 - furniture
A61 - medical or veterinary science
A62 - life-saving
A63 - sports
A99 - subject matter not otherwise provided for in this section
B - performing operations
B01 - physical or chemical processes or apparatus in general
B02 - crushing, pulverising, or disintegrating
B03 - separation of solid materials using liquids or using pneumatic tables or jigs
B04 - centrifugal apparatus or machines for carrying-out physical or chemical processes
B05 - spraying or atomising in general
B06 - generating or transmitting mechanical vibrations in general
B07 - separating solids from solids
B08 - cleaning
B09 - disposal of solid waste
B21 - mechanical metal-working without essentially removing material
B22 - casting
B23 - machine tools
B24 - grinding
B25 - hand tools
B26 - hand cutting tools
B27 - working or preserving wood or similar material
B28 - working cement, clay, or stone
B29 - working of plastics
B30 - presses
B31 - making articles of paper, cardboard or material worked in a manner analogous to paper
B32 - layered products
B33 - additive manufacturing technology
B41 - printing
B42 - bookbinding
B43 - writing or drawing implements
B44 - decorative arts
B60 - vehicles in general
B61 - railways
B62 - land vehicles for travelling otherwise than on rails
B63 - ships or other waterborne vessels
B64 - aircraft
B65 - conveying
B66 - hoisting
B67 - opening, closing {or cleaning} bottles, jars or similar containers
B68 - saddlery
B81 - microstructural technology
B82 - nanotechnology
B99 - subject matter not otherwise provided for in this section
C - chemistry
C01 - inorganic chemistry
C02 - treatment of water, waste water, sewage, or sludge
C03 - glass
C04 - cements
C05 - fertilisers
C06 - explosives
C07 - organic chemistry
C08 - organic macromolecular compounds
C09 - dyes
C10 - petroleum, gas or coke industries
C11 - animal or vegetable oils, fats, fatty substances or waxes
C12 - biochemistry
C13 - sugar industry
C14 - skins
C21 - metallurgy of iron
C22 - metallurgy
C23 - coating metallic material
C25 - electrolytic or electrophoretic processes
C30 - crystal growth
C40 - combinatorial technology
C99 - subject matter not otherwise provided for in this section
D - textiles
D01 - natural or man-made threads or fibres
D02 - yarns
D03 - weaving
D04 - braiding
D05 - sewing
D06 - treatment of textiles or the like
D07 - ropes
D10 - indexing scheme associated with sublasses of section d, relating to textiles
D21 - paper-making
D99 - subject matter not otherwise provided for in this section
E - fixed constructions
E01 - construction of roads, railways, or bridges
E02 - hydraulic engineering
E03 - water supply
E04 - building
E05 - locks
E06 - doors, windows, shutters, or roller blinds in general
E21 - earth drilling
E99 - subject matter not otherwise provided for in this section
F - mechanical engineering
F01 - machines or engines in general
F02 - combustion engines
F03 - machines or engines for liquids
F04 - positive - displacement machines for liquids
F05 - indexing schemes relating to engines or pumps in various subclasses of classes f01-f04
F15 - fluid-pressure actuators
F16 - engineering elements and units
F17 - storing or distributing gases or liquids
F21 - lighting
F22 - steam generation
F23 - combustion apparatus
F24 - heating
F25 - refrigeration or cooling
F26 - drying
F27 - furnaces
F28 - heat exchange in general
F41 - weapons
F42 - ammunition
F99 - subject matter not otherwise provided for in this section
G - physics
G01 - measuring
G02 - optics
G03 - photography
G04 - horology
G05 - controlling
G06 - computing
G07 - checking-devices
G08 - signalling
G09 - education
G10 - musical instruments
G11 - information storage
G12 - instrument details
G16 - information and communication technology [ict] specially adapted for specific application fields
G21 - nuclear physics
G99 - subject matter not otherwise provided for in this section
H - electricity
H01 - basic electric elements
H02 - generation
H03 - basic electronic circuitry
H04 - electric communication technique
H05 - electric techniques not otherwise provided for
H99 - subject matter not otherwise provided for in this section
Y - new / cross sectional technologies
Y02 - technologies or applications for mitigation or adaptation against climate change
Y04 - information or communication technologies having an impact on other technology areas
Y10 - technical subjects covered by former uspc

More Options ...

Title: Systems and methods for monitoring traffic on industrial control and building automation system networks

Abstract

Technologies relating to monitoring communications traffic to detect potential attacks on industrial control system networks and building automation system networks are described herein. In an embodiment, a monitoring device receives a plurality of communications from a control network. The monitoring device transmits the communications to a computing device. Based on the communications, the computing device generates a listing of devices that communicated by way of the control network over a period of time, and computes a volume of traffic between each pair of devices in the listing of devices. The computing device then outputs a graphical user interface (GUI) by way of display, the GUI comprising data indicative of the computed volumes of traffic, which may be indicative of a potential attack on the control network.

Inventors:: Jenkins, Chris

Issue Date:: Tue Oct 27 00:00:00 EDT 2020

Research Org.:: Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

Sponsoring Org.:: USDOE National Nuclear Security Administration (NNSA)

OSTI Identifier:: 1771570

Patent Number(s):: 10819721

Application Number:: 15/899,893

Assignee:: National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)

Patent Classifications (CPCs):: H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION

Show more

H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
H04L41/16 - {Network management using artificial intelligence}
H04L41/22 - {using GUI [Graphical User Interface]}
H04L43/045 - {for graphical visualization of monitoring data
H04L43/0817 - {functioning
H04L63/0236 - {Filtering by address, protocol, port number or service, e.g. IP-address or URL}
H04L63/1425 - {Traffic logging, e.g. anomaly detection}

Show less

DOE Contract Number:: NA0003525

Resource Type:: Patent

Resource Relation:: Patent File Date: 02/20/2018

Country of Publication:: United States

Language:: English

Citation Formats


                    Jenkins, Chris. Systems and methods for monitoring traffic on industrial control and building automation system networks.  United States: N. p., 2020. 
        Web.

Copy to clipboard


                    Jenkins, Chris. Systems and methods for monitoring traffic on industrial control and building automation system networks.  United States.

Copy to clipboard


                    Jenkins, Chris. Tue .  
        "Systems and methods for monitoring traffic on industrial control and building automation system networks".  United States.  https://www.osti.gov/servlets/purl/1771570.

Copy to clipboard


                    
@article{osti_1771570,

  title        = {Systems and methods for monitoring traffic on industrial control and building automation system networks},

  author       = {Jenkins, Chris},

  abstractNote = {Technologies relating to monitoring communications traffic to detect potential attacks on industrial control system networks and building automation system networks are described herein. In an embodiment, a monitoring device receives a plurality of communications from a control network. The monitoring device transmits the communications to a computing device. Based on the communications, the computing device generates a listing of devices that communicated by way of the control network over a period of time, and computes a volume of traffic between each pair of devices in the listing of devices. The computing device then outputs a graphical user interface (GUI) by way of display, the GUI comprising data indicative of the computed volumes of traffic, which may be indicative of a potential attack on the control network.},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {Tue Oct 27 00:00:00 EDT 2020},

  month        = {Tue Oct 27 00:00:00 EDT 2020}

}

Copy to clipboard

Patent:

Save / Share:

Export Metadata

Save to My Library

Works referenced in this record:

Powerline communication network analyzer
patent, June 2016

Moreno, Francisco Javier; Rajkotia, Purva; Tang, Phuoc
US Patent Document 9,379,888
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9379888

System and methodology providing automation security analysis and network intrusion protection in an industrial environment
patent, August 2016

Brandt, David D.; Hall, Kenwood H.; Anderson, Mark B.
US Patent Document 9,412,073
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9412073

Device Visibility and Scanning Including Network Segments
patent-application, September 2019

Yang, Siying
US Patent Application 15/936180; 20190297113
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20190297113

Automation discovery to identify malicious activity
patent, October 2015

Ward, Joseph; Hobson, Andrew
US Patent Document 9,166,994
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9166994

Real-time network monitoring and security
patent, January 2013

Bennett, Mark Arwyn; Piggott, Alexander Colin; Garfield, David
US Patent Document 8,364,833
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8364833

Method of classifying data and transmitting data in a PLC network and apparatus therefor
patent, November 2012

Choi, Jun-hae; Kim, In Hwan; Chang, Seung-gi
US Patent Document 8,320,243
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8320243

Segmentation Management Including Visualization, Configuration, Simulation, or a Combination Thereof
patent-application, January 2020

Fainberg, Iiya; Maor, Yafit; Olswang, Amir
US Patent Application 16/144051; 20200007396
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20200007396

Apparatus and Method for Security of Industrial Control Networks
patent-application, January 2016

Crawford, Kenneth Wayne
US Patent Application 14/663003; 20160028693
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20160028693

Systems and methods for log and snort synchronized threat detection
patent, October 2019

Wang, Dagen; Rickey, Ian
US Patent Document 10,462,170
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10462170

Dynamic Policy Provisioning Within Network Security Devices
patent-application, December 2009

Narayanaswamy, Krishna
US Patent Application 12/468905; 20090328219
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20090328219

Industrial Network Security Translator
patent-application, May 2017

Taylor, Jonathon
US Patent Application 14/932774; 20170126745
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20170126745

Identifying Diagnosis-Relevant Health Information
patent-application, May 2018

Bitran, Hadas; White, Ryen William; Yekutiel, Shabar
US Patent Application 15/359243; 20180144101
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20180144101

Network Monitoring Apparatus, Network Monitoring Method, and Network Monitoring Program
patent-application, August 2010

Mori, Hideo; Chikira, Kazuaki
US Patent Application 12/677935; 20100218250
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20100218250

Similar Records in DOE Patents and OSTI.GOV collections:

Process control monitoring systems, industrial plants, and process control monitoring methods

Patent Skorpik, James R [Kennewick, WA]; Gosselin, Stephen R [Richland, WA]; Harris, Joe C [Kennewick, WA]

A system comprises a valve; a plurality of RFID sensor assemblies coupled to the valve to monitor a plurality of parameters associated with the valve; a control tag configured to wirelessly communicate with the respective tags that are coupled to the valve, the control tag being further configured to communicate with an RF reader; and an RF reader configured to selectively communicate with the control tag, the reader including an RF receiver. Other systems and methods are also provided.
Full Text Available
High-speed and high-fidelity system and method for collecting network traffic

Patent Weigle, Eric H [Los Alamos, NM]

A system is provided for the high-speed and high-fidelity collection of network traffic. The system can collect traffic at gigabit-per-second (Gbps) speeds, scale to terabit-per-second (Tbps) speeds, and support additional functions such as real-time network intrusion detection. The present system uses a dedicated operating system for traffic collection to maximize efficiency, scalability, and performance. A scalable infrastructure and apparatus for the present system is provided by splitting the work performed on one host onto multiple hosts. The present system simultaneously addresses the issues of scalability, performance, cost, and adaptability with respect to network monitoring, collection, and other network tasks. Inmore » « less
Full Text Available
Systems and methods for fast detection of elephant flows in network traffic

Patent Gudibanda, Aditya; Ros-Giralt, Jordi

In a system for efficiently detecting large/elephant flows in a network, the rate at which the received packets are sampled is adjusted according to a top flow detection likelihood computed for a cache of flows identified in the arriving network traffic. After observing packets sampled from the network, Dirichlet-Categorical inference is employed to calculate a posterior distribution that captures uncertainty about the sizes of each flow, yielding a top flow detection likelihood. The posterior distribution is used to find the most likely subset of elephant flows. The technique rapidly converges to the optimal sampling rate at a speed O(1/n), wheremore » « less
Full Text Available
Policy-based secure communication with automatic key management for industrial control and automation systems

Patent Chernoguzov, Alexander; Markham, Thomas R.; Haridas, Harshal S.

A method includes generating at least one access vector associated with a specified device in an industrial process control and automation system. The specified device has one of multiple device roles. The at least one access vector is generated based on one or more communication policies defining communications between one or more pairs of devices roles in the industrial process control and automation system, where each pair of device roles includes the device role of the specified device. The method also includes providing the at least one access vector to at least one of the specified device and one ormore » « less
Full Text Available
Radio frequency security system, method for a building facility or the like, and apparatus and methods for remotely monitoring the status of fire extinguishers

Patent Runyon, Larry [Richland, WA]; Gunter, Wayne M [Richland, WA]; Gilbert, Ronald W [Gilroy, CA]

A system for remotely monitoring the status of one or more fire extinguishers includes means for sensing at least one parameter of each of the fire extinguishers; means for selectively transmitting the sensed parameters along with information identifying the fire extinguishers from which the parameters were sensed; and means for receiving the sensed parameters and identifying information for the fire extinguisher or extinguishers at a common location. Other systems and methods for remotely monitoring the status of multiple fire extinguishers are also provided.
Full Text Available

Similar Records

Title: Systems and methods for monitoring traffic on industrial control and building automation system networks

Abstract

Citation Formats

Powerline communication network analyzer patent, June 2016

System and methodology providing automation security analysis and network intrusion protection in an industrial environment patent, August 2016

Device Visibility and Scanning Including Network Segments patent-application, September 2019

Automation discovery to identify malicious activity patent, October 2015

Real-time network monitoring and security patent, January 2013

Method of classifying data and transmitting data in a PLC network and apparatus therefor patent, November 2012

Segmentation Management Including Visualization, Configuration, Simulation, or a Combination Thereof patent-application, January 2020

Apparatus and Method for Security of Industrial Control Networks patent-application, January 2016

Systems and methods for log and snort synchronized threat detection patent, October 2019

Dynamic Policy Provisioning Within Network Security Devices patent-application, December 2009

Industrial Network Security Translator patent-application, May 2017

Identifying Diagnosis-Relevant Health Information patent-application, May 2018

Network Monitoring Apparatus, Network Monitoring Method, and Network Monitoring Program patent-application, August 2010

Powerline communication network analyzer
patent, June 2016

System and methodology providing automation security analysis and network intrusion protection in an industrial environment
patent, August 2016

Device Visibility and Scanning Including Network Segments
patent-application, September 2019

Automation discovery to identify malicious activity
patent, October 2015

Real-time network monitoring and security
patent, January 2013

Method of classifying data and transmitting data in a PLC network and apparatus therefor
patent, November 2012

Segmentation Management Including Visualization, Configuration, Simulation, or a Combination Thereof
patent-application, January 2020

Apparatus and Method for Security of Industrial Control Networks
patent-application, January 2016

Systems and methods for log and snort synchronized threat detection
patent, October 2019

Dynamic Policy Provisioning Within Network Security Devices
patent-application, December 2009

Industrial Network Security Translator
patent-application, May 2017

Identifying Diagnosis-Relevant Health Information
patent-application, May 2018

Network Monitoring Apparatus, Network Monitoring Method, and Network Monitoring Program
patent-application, August 2010