Systems and methods for control system security

Rieger, Craig G.; Springer, Edward E.; McCarty, Michael V.; McJunkin, Timothy R.

Advanced Search OptionsAdvanced Search queries use a traditional Term Search. For more info, see our FAQ.

All Fields:

Patent Title:

Abstract:

Assignee:

Inventor(s):

Patent Number:

Patent Classification (CPC):

All Classifications
A - human necessities
A01 - agriculture
A21 - baking
A22 - butchering
A23 - foods or foodstuffs
A24 - tobacco
A41 - wearing apparel
A42 - headwear
A43 - footwear
A44 - haberdashery
A45 - hand or travelling articles
A46 - brushware
A47 - furniture
A61 - medical or veterinary science
A62 - life-saving
A63 - sports
A99 - subject matter not otherwise provided for in this section
B - performing operations
B01 - physical or chemical processes or apparatus in general
B02 - crushing, pulverising, or disintegrating
B03 - separation of solid materials using liquids or using pneumatic tables or jigs
B04 - centrifugal apparatus or machines for carrying-out physical or chemical processes
B05 - spraying or atomising in general
B06 - generating or transmitting mechanical vibrations in general
B07 - separating solids from solids
B08 - cleaning
B09 - disposal of solid waste
B21 - mechanical metal-working without essentially removing material
B22 - casting
B23 - machine tools
B24 - grinding
B25 - hand tools
B26 - hand cutting tools
B27 - working or preserving wood or similar material
B28 - working cement, clay, or stone
B29 - working of plastics
B30 - presses
B31 - making articles of paper, cardboard or material worked in a manner analogous to paper
B32 - layered products
B33 - additive manufacturing technology
B41 - printing
B42 - bookbinding
B43 - writing or drawing implements
B44 - decorative arts
B60 - vehicles in general
B61 - railways
B62 - land vehicles for travelling otherwise than on rails
B63 - ships or other waterborne vessels
B64 - aircraft
B65 - conveying
B66 - hoisting
B67 - opening, closing {or cleaning} bottles, jars or similar containers
B68 - saddlery
B81 - microstructural technology
B82 - nanotechnology
B99 - subject matter not otherwise provided for in this section
C - chemistry
C01 - inorganic chemistry
C02 - treatment of water, waste water, sewage, or sludge
C03 - glass
C04 - cements
C05 - fertilisers
C06 - explosives
C07 - organic chemistry
C08 - organic macromolecular compounds
C09 - dyes
C10 - petroleum, gas or coke industries
C11 - animal or vegetable oils, fats, fatty substances or waxes
C12 - biochemistry
C13 - sugar industry
C14 - skins
C21 - metallurgy of iron
C22 - metallurgy
C23 - coating metallic material
C25 - electrolytic or electrophoretic processes
C30 - crystal growth
C40 - combinatorial technology
C99 - subject matter not otherwise provided for in this section
D - textiles
D01 - natural or man-made threads or fibres
D02 - yarns
D03 - weaving
D04 - braiding
D05 - sewing
D06 - treatment of textiles or the like
D07 - ropes
D10 - indexing scheme associated with sublasses of section d, relating to textiles
D21 - paper-making
D99 - subject matter not otherwise provided for in this section
E - fixed constructions
E01 - construction of roads, railways, or bridges
E02 - hydraulic engineering
E03 - water supply
E04 - building
E05 - locks
E06 - doors, windows, shutters, or roller blinds in general
E21 - earth drilling
E99 - subject matter not otherwise provided for in this section
F - mechanical engineering
F01 - machines or engines in general
F02 - combustion engines
F03 - machines or engines for liquids
F04 - positive - displacement machines for liquids
F05 - indexing schemes relating to engines or pumps in various subclasses of classes f01-f04
F15 - fluid-pressure actuators
F16 - engineering elements and units
F17 - storing or distributing gases or liquids
F21 - lighting
F22 - steam generation
F23 - combustion apparatus
F24 - heating
F25 - refrigeration or cooling
F26 - drying
F27 - furnaces
F28 - heat exchange in general
F41 - weapons
F42 - ammunition
F99 - subject matter not otherwise provided for in this section
G - physics
G01 - measuring
G02 - optics
G03 - photography
G04 - horology
G05 - controlling
G06 - computing
G07 - checking-devices
G08 - signalling
G09 - education
G10 - musical instruments
G11 - information storage
G12 - instrument details
G16 - information and communication technology [ict] specially adapted for specific application fields
G21 - nuclear physics
G99 - subject matter not otherwise provided for in this section
H - electricity
H01 - basic electric elements
H02 - generation
H03 - basic electronic circuitry
H04 - electric communication technique
H05 - electric techniques not otherwise provided for
H99 - subject matter not otherwise provided for in this section
Y - new / cross sectional technologies
Y02 - technologies or applications for mitigation or adaptation against climate change
Y04 - information or communication technologies having an impact on other technology areas
Y10 - technical subjects covered by former uspc

More Options ...

Title: Systems and methods for control system security

Abstract

A component security device may be disposed at an interface between a component and a cyber-physical system. The disclosed component security device may be physically and/or electrically coupled between the component and infrastructure of the cyber-physical system, such as a backplane, bus, and/or the like. The component security device may be configured to monitor the component, and selectively isolate the component from the cyber-physical system. Since the component security device is interposed at the interface of the component, the component security device may be capable of isolating the component regardless of whether the component has been compromised (e.g., regardless of whether the component is capable of complying with system commands).

Inventors:: Rieger, Craig G.; Springer, Edward E.; McCarty, Michael V.; McJunkin, Timothy R.

Issue Date:: 2023-02-14

Research Org.:: Idaho National Laboratory (INL), Idaho Falls, ID (United States)

Sponsoring Org.:: USDOE

OSTI Identifier:: 1987121

Patent Number(s):: 11579592

Application Number:: 16/990,972

Assignee:: Battelle Energy Alliance, LLC (Idaho Falls, ID)

DOE Contract Number:: AC07-05ID14517

Resource Type:: Patent

Resource Relation:: Patent File Date: 08/11/2020

Country of Publication:: United States

Language:: English

Citation Formats


                    Rieger, Craig G., Springer, Edward E., McCarty, Michael V., and McJunkin, Timothy R. Systems and methods for control system security.  United States: N. p., 2023. 
        Web.

Copy to clipboard


                    Rieger, Craig G., Springer, Edward E., McCarty, Michael V., & McJunkin, Timothy R. Systems and methods for control system security.  United States.

Copy to clipboard


                    Rieger, Craig G., Springer, Edward E., McCarty, Michael V., and McJunkin, Timothy R. Tue .  
        "Systems and methods for control system security".  United States.  https://www.osti.gov/servlets/purl/1987121.

Copy to clipboard


                    
@article{osti_1987121,

  title        = {Systems and methods for control system security},

  author       = {Rieger, Craig G. and Springer, Edward E. and McCarty, Michael V. and McJunkin, Timothy R.},

  abstractNote = {A component security device may be disposed at an interface between a component and a cyber-physical system. The disclosed component security device may be physically and/or electrically coupled between the component and infrastructure of the cyber-physical system, such as a backplane, bus, and/or the like. The component security device may be configured to monitor the component, and selectively isolate the component from the cyber-physical system. Since the component security device is interposed at the interface of the component, the component security device may be capable of isolating the component regardless of whether the component has been compromised (e.g., regardless of whether the component is capable of complying with system commands).},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2023},

  month        = {2}

}

Copy to clipboard

Patent:

Save / Share:

Export Metadata

Save to My Library

Works referenced in this record:

Method for Monitoring Security in and Automation Network, and Automation Network
patent-application, August 2015

Palmin, Anna
14/622005; 20150229660
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20150229660

Data center architecture that supports attack detection and mitigation
patent, October 2017

Jain, Navendu; Miao, Rui
US Patent Document 9,800,592
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9800592

Industrial Control System Emulator for Malware Analysis
patent-application, June 2017

Chowdhury, Dewan Nadim
US Patent Application 15/451404; 20170177865
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20170177865

Automatic System Control Failover
patent-application, June 2003

Gilbert, Gary L.; Quick, Cathleen
US Patent Application 09/998019; 20030105987
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20030105987

On-machine backplane mounted modular power and data distribution system
patent, October 2009

Brandt, David D.; Wielebski, Wayne H.; Gollhardt, Neil
US Patent Document 7,602,617
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7602617

Self-monitoring and updating of firmware over a network
patent, May 2008

Kataria, Mukesh; Gafken, Andrew H.; Stevens, William A.
US Patent Document 7,376,870
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7376870

System and methodology providing automation security analysis and network intrusion protection in an industrial environment
patent, August 2016

Brandt, David D.; Hall, Kenwood H.; Anderson, Mark B.
US Patent Document 9,412,073
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9412073

Network Access Apparatus Having a Control Module and a Network Access Module
patent-application, February 2015

Sanchez, Mauricio; Chiu, Jechun; Clark, Charles F.
US Patent Application 14/372575; 20150058985
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20150058985

Systems, Devices, Agents and Methods for Monitoring and Automatic Reboot and Restoration of Computers, Local, Area Network, Wireless Access Points, Modems and Other Hardware
patent-application, January 2009

McIntosh, P. Stuckey; James, David LAmar; Tan, Li-Quan
US Patent Application 12/214313; 20090013210
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20090013210

System and methodology providing automation security analysis and network intrusion protection in an industrial environment
patent, April 2015

Brandt, David D.; Hall, Kenwood H.; Anderson, Mark
US Patent Document 9,009,084
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9009084

Vehicle Middleware
patent-application, June 2013

Ricci, Christopher P.; Swartz, Douglas W.
US Patent Application 13/679476; 20130145482
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20130145482

PLC backplane analyzer for field forensics and intrusion detection
patent, May 2015

Mulder, John; Schwartz, Moses Daniel; Berg, Michael
US Patent Document 9,032,522
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9032522

Methods and systems for an interposer board
patent, September 2014

Cepulis, Darren J.; Reza, Masud M.; Stearns, Michael
US Patent Document 8,832,348
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8832348

Group Management in Reconfigurable Machine-to-Machine Systems
patent-application, September 2019

Yang, Shao-Wen; Zhao, Meiyuan
US Patent Application 16/306558; 20190296967
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20190296967

Plug and play motor control system
patent, July 2017

Xu, Dayin; Brandt, David D.; Jensen, David L.
US Patent Document 9,696,704
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9696704

Similar Records in DOE Patents and OSTI.GOV collections:

Systems and methods for control system security

Patent Rieger, Craig G.; McJunkin, Timothy R.; Manic, Milos; ...

A resilient security agent determines a cyber and/or physical health of a control system by, inter alia, communicating cyber-physical key data through cyber-physical control paths of the system, and determining error introduced by the communication. The resilient security agent may be further configured to verify the integrity of acquired cyber-physical state information. The cyber health of the control system may be evaluated by comparing the acquired cyber state information to one or more cyber state profiles. The physical health of the control system may be evaluated by comparing the acquired physical state information to one or more physical state profiles.
Full Text Available
Intrinsic use control for system and use controlled component security

Patent Hart, Mark Miles

An Initialization Unit (IU) initiates an initial secure connection with an Intrinsic Use Control (IUC) Chip based on very large random numbers (VLRNs). The IUC Chip in turn initiates a secondary secure connection between it and one or more Use Controlled Components (UCCs). Polling by the IU allows confirmation of an ongoing secure connection, and also allows the IUC Chip to confirm the secondary secure connection to the UCCs. Removal or improper polling response from one of the UCCs results in a response from the IUC Chip that may include notification of tampering, or temporary or permanent discontinued operation ofmore » « less
Full Text Available
Intrinsic use control for system and use controlled component security

Patent Hart, Mark Miles

An Initialization Unit (IU) initiates an initial secure connection with an Intrinsic Use Control (IUC) Chip based on very large random numbers (VLRNs). The IUC Chip in turn initiates a secondary secure connection between it and one or more Use Controlled Components (UCCs). Polling by the IU allows confirmation of an ongoing secure connection, and also allows the IUC Chip to confirm the secondary secure connection to the UCCs. Removal or improper polling response from one of the UCCs results in a response from the IUC Chip that may include notification of tampering, or temporary or permanent discontinued operation ofmore » « less
Full Text Available
Intrinsic use control for system and use controlled component security

Patent Hart, Mark Miles

An Initialization Unit (IU) initiates an initial secure connection with an Intrinsic Use Control (IUC) Chip based on very large random numbers (VLRNs). The IUC Chip in turn initiates a secondary secure connection between it and one or more Use Controlled Components (UCCs). Polling by the IU allows confirmation of an ongoing secure connection, and also allows the IUC Chip to confirm the secondary secure connection to the UCCs. Removal or improper polling response from one of the UCCs results in a response from the IUC Chip that may include notification of tampering, or temporary or permanent discontinued operation ofmore » « less
Full Text Available
Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture

Patent Muller, George; Perkins, Casey J.; Lancaster, Mary J.; ...

Computer-implemented security evaluation methods, security evaluation systems, and articles of manufacture are described. According to one aspect, a computer-implemented security evaluation method includes accessing information regarding a physical architecture and a cyber architecture of a facility, building a model of the facility comprising a plurality of physical areas of the physical architecture, a plurality of cyber areas of the cyber architecture, and a plurality of pathways between the physical areas and the cyber areas, identifying a target within the facility, executing the model a plurality of times to simulate a plurality of attacks against the target by an adversary traversingmore » « less
Full Text Available

Similar Records

Title: Systems and methods for control system security

Abstract

Citation Formats

Method for Monitoring Security in and Automation Network, and Automation Network patent-application, August 2015

Data center architecture that supports attack detection and mitigation patent, October 2017

Industrial Control System Emulator for Malware Analysis patent-application, June 2017

Automatic System Control Failover patent-application, June 2003

On-machine backplane mounted modular power and data distribution system patent, October 2009

Self-monitoring and updating of firmware over a network patent, May 2008

System and methodology providing automation security analysis and network intrusion protection in an industrial environment patent, August 2016

Network Access Apparatus Having a Control Module and a Network Access Module patent-application, February 2015

Systems, Devices, Agents and Methods for Monitoring and Automatic Reboot and Restoration of Computers, Local, Area Network, Wireless Access Points, Modems and Other Hardware patent-application, January 2009

System and methodology providing automation security analysis and network intrusion protection in an industrial environment patent, April 2015

Vehicle Middleware patent-application, June 2013

PLC backplane analyzer for field forensics and intrusion detection patent, May 2015

Methods and systems for an interposer board patent, September 2014

Group Management in Reconfigurable Machine-to-Machine Systems patent-application, September 2019

Plug and play motor control system patent, July 2017

Method for Monitoring Security in and Automation Network, and Automation Network
patent-application, August 2015

Data center architecture that supports attack detection and mitigation
patent, October 2017

Industrial Control System Emulator for Malware Analysis
patent-application, June 2017

Automatic System Control Failover
patent-application, June 2003

On-machine backplane mounted modular power and data distribution system
patent, October 2009

Self-monitoring and updating of firmware over a network
patent, May 2008

System and methodology providing automation security analysis and network intrusion protection in an industrial environment
patent, August 2016

Network Access Apparatus Having a Control Module and a Network Access Module
patent-application, February 2015

Systems, Devices, Agents and Methods for Monitoring and Automatic Reboot and Restoration of Computers, Local, Area Network, Wireless Access Points, Modems and Other Hardware
patent-application, January 2009

System and methodology providing automation security analysis and network intrusion protection in an industrial environment
patent, April 2015

Vehicle Middleware
patent-application, June 2013

PLC backplane analyzer for field forensics and intrusion detection
patent, May 2015

Methods and systems for an interposer board
patent, September 2014

Group Management in Reconfigurable Machine-to-Machine Systems
patent-application, September 2019

Plug and play motor control system
patent, July 2017