Patents by Inventor Hubert Kirrmann
Hubert Kirrmann has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10148411Abstract: The present disclosure provides a secure one-step IEEE 1588 clock using either a symmetric or asymmetric protection scheme. Clocks of mission-critical or highly-available devices in industrial automation systems connected to a communication network are synchronized by sending, by a master clock, a synchronization message, e.g., a single message of the one-step-clock type according to IEEE 1588, including a time stamp, and by receiving and evaluating, by a slave clock, the synchronization message. A synchronization component or module of the master clock prepares, or composes, prior to a projected send time, a synchronization message including a time stamp of the projected send time, and secures the synchronization message in advance of the projected send time. Securing the synchronization message occurs by suitable cryptographic means allowing for authentication of the time stamp at a receiving slave clock. At the projected send time, the secured synchronization message is transmitted.Type: GrantFiled: May 25, 2016Date of Patent: December 4, 2018Assignee: ABB Research LtdInventors: Hubert Kirrmann, Jean-Charles Tournier
-
Patent number: 9876683Abstract: A network management agent, device or module determine the network topology of a communication network based on at least one neighbor network or end device identity and corresponding network link communication delay collected from, determined by, and stored in a Management Information Base of, at least one first network device of the communication network. Neighbor identities and communication delays are determined according to the IEEE 1588 standard.Type: GrantFiled: December 19, 2014Date of Patent: January 23, 2018Assignee: ABB Research Ltd.Inventor: Hubert Kirrmann
-
Patent number: 9484738Abstract: A method and system are provided for operation of substations in which protection, control and measurement devices (e.g., Intelligent Electronic Devices (IEDs)) exchange operational data over a data network, for example, according to IEC standard 61850. During maintenance, commissioning and fault situations, when one or several IEDs are inoperable, the data that these IEDs would have produced is substituted to ensure availability of the substation. To this effect, a dedicated substitute device is permanently installed that can take the role of any IED, and that is automatically configured out of a standard configuration description (SCD) file that describes the SA system.Type: GrantFiled: April 26, 2010Date of Patent: November 1, 2016Assignee: ABB Research Ltd.Inventors: Hubert Kirrmann, Michael Obrist
-
Publication number: 20160269167Abstract: The present disclosure provides a secure one-step IEEE 1588 clock using either a symmetric or asymmetric protection scheme. Clocks of mission-critical or highly-available devices in industrial automation systems connected to a communication network are synchronized by sending, by a master clock, a synchronization message, e.g., a single message of the one-step-clock type according to IEEE 1588, including a time stamp, and by receiving and evaluating, by a slave clock, the synchronization message. A synchronization component or module of the master clock prepares, or composes, prior to a projected send time, a synchronization message including a time stamp of the projected send time, and secures the synchronization message in advance of the projected send time. Securing the synchronization message occurs by suitable cryptographic means allowing for authentication of the time stamp at a receiving slave clock. At the projected send time, the secured synchronization message is transmitted.Type: ApplicationFiled: May 25, 2016Publication date: September 15, 2016Inventors: Hubert Kirrmann, Jean-Charles Tournier
-
Patent number: 9363273Abstract: The present disclosure provides a secure one-step IEEE 1588 clock using either a symmetric or asymmetric protection scheme. Clocks of mission-critical or highly-available devices in industrial automation systems connected to a communication network are synchronized by sending, by a master clock, a synchronization message, e.g., a single message of the one-step-clock type according to IEEE 1588, including a time stamp, and by receiving and evaluating, by a slave clock, the synchronization message. A synchronization component or module of the master clock prepares, or composes, prior to a projected send time, a synchronization message including a time stamp of the projected send time, and secures the synchronization message in advance of the projected send time. Securing the synchronization message occurs by suitable cryptographic means allowing for authentication of the time stamp at a receiving slave clock. At the projected send time, the secured synchronization message is transmitted.Type: GrantFiled: December 30, 2011Date of Patent: June 7, 2016Assignee: ABB Research Ltd.Inventors: Hubert Kirrmann, Jean-Charles Tournier
-
Publication number: 20150333966Abstract: A network management agent, device or module determine the network topology of a communication network based on at least one neighbor network or end device identity and corresponding network link communication delay collected from, determined by, and stored in a Management Information Base of, at least one first network device of the communication network. Neighbor identities and communication delays are determined according to the IEEE 1588 standard.Type: ApplicationFiled: December 19, 2014Publication date: November 19, 2015Applicant: ABB RESEARCH LTDInventor: Hubert KIRRMANN
-
Patent number: 9106595Abstract: Exemplary embodiments are directed to a communication network interconnecting a plurality of synchronized nodes, where regular frames including time-critical data are transmitted periodically or cyclically, and sporadic frames are transmitted non-periodically or occasionally. For example, each node can transmit a regular frame at the beginning of a transmission period common to, and synchronized among, all nodes. Another node then receives regular frames from its first neighboring node, and forwards the frames within the same transmission period and with the shortest delay, to a second neighboring node. Furthermore, each node actively delays transmission of any sporadic frame, whether originating from an application hosted by the node itself or whether received from a neighboring node, until forwarding of all received regular frames is completed.Type: GrantFiled: January 15, 2013Date of Patent: August 11, 2015Assignee: ABB RESEARCH LTDInventors: Hubert Kirrmann, Jean-Charles Tournier
-
Publication number: 20150156072Abstract: A network management agent, device or module determine the network topology of a communication network based on at least one neighbor network or end device identity and corresponding network link communication delay collected from, determined by, and stored in a Management Information Base of, at least one first network device of the communication network. Neighbor identities and communication delays are determined according to the IEEE 1588 standard.Type: ApplicationFiled: December 19, 2014Publication date: June 4, 2015Applicant: ABB Technology LTDInventor: Hubert KIRRMANN
-
Publication number: 20150121084Abstract: A method and system are provided for securing messages within a communication network of an industrial process control system, such as a substation automation system. A multi-block message to be transmitted via a communication network is secured by a block-based authentication, encryption and/or integrity information. Only residue of the previous block in the form of block-based information is needed to generate the block based information of the next block. Therefore, the previous block can already be transmitted while block-based information of the next block is generated. The method and system of the present disclosure enable on-the-fly authentication of the multi-block message and authentication at an increased rate.Type: ApplicationFiled: December 30, 2014Publication date: April 30, 2015Applicant: ABB RESEARCH LTDInventors: Hubert KIRRMANN, Cagri ÖNAL
-
Patent number: 9001675Abstract: Exemplary embodiments increase reliability of communication over a non-deterministic communication channel, in electric power systems. A communication channel is monitored based on regular network traffic, by evaluating messages or data packets carrying real-time operational data as a payload. A permanent determination of a channel quality, including appropriate alarming in case the channel quality is found insufficient, is based on an evaluation, at a receiving node, of data packets continually transmitted by a sending node. These continually or repeatedly transmitted data packets can include identical payloads reflecting current states rather than state changes as operational data.Type: GrantFiled: July 13, 2011Date of Patent: April 7, 2015Assignee: ABB Technology AGInventors: Wolfgang Wimmer, Hubert Kirrmann, Hermann Spiess, Stefan Ramseier, Allen Notter, Martin Israel
-
Patent number: 8582426Abstract: The present disclosure relates to highly available communication networks, e.g., for industrial or utility applications such as substation automation. The devices are connected to two redundant lines through two independent transceivers and bus controllers, i.e. the physical layer and the link layer of the corresponding protocol stack is duplicated. For seamless operation, a sender sends frames simultaneously over both lines and a receiver accepts whichever frame of a pair comes first and ignores the late frame. An exemplary method is disclosed for discarding duplicate frames at the link layer without considering the higher protocol layers, based on a counter inserted in the frame and an algorithm for rejection, with a corresponding means to detect which frames operate according to the redundancy protocol.Type: GrantFiled: May 16, 2007Date of Patent: November 12, 2013Assignee: ABB Research Ltd.Inventors: Hubert Kirrmann, Dacfey Dzung
-
Patent number: 8582424Abstract: Exemplary embodiments are directed to a network coupling device connected over a respective first and second port in a communication network with a ring topology operating with full duplex links. When sending information, the coupling device inserts two duplicate frames in the ring, one over each of its ports. The frames containing information that identifies these two frames as a pair of duplicates of the same frame. Each similar device in the ring includes a Switching Element that receives a frame from one port and forwards the frame to the other port without modification. The Switching Element discards a frame that was originally sent by that same node, discards a frame that it already forwarded in that direction, and/or discards a frame that it cannot recognize as being a member of a pair.Type: GrantFiled: January 20, 2011Date of Patent: November 12, 2013Assignee: ABB Research LtdInventor: Hubert Kirrmann
-
Patent number: 8265908Abstract: Protection, measurement and control IEDs in a substation compute if switches they control may be operated safely, according to interlocking rules or physical principles as well as the dynamic topology of the substation. The IEDs have access to the substation electrical topology, to real-time information generated by other IEDs, and to the rules for interlocking. A standardized Substation Configuration Description (SCD) of the substation for which a Substation Automation system is intended, and a standardized description of the implemented device functions or capabilities of an individual IED are utilized. The substation topology is available from SCD file, real time information about the position of switches and line voltage/current can be obtained via an appropriate protocol, and the interlocking rules are available in script form. These features apply both to simulated and real devices, and increase system testing possibilities by supporting an efficient configuration of a simulation.Type: GrantFiled: April 23, 2010Date of Patent: September 11, 2012Assignee: ABB Research LtdInventors: Hubert Kirrmann, Michael Obrist, Wolfgang Wimmer
-
Publication number: 20120163521Abstract: The present disclosure provides a secure one-step IEEE 1588 clock using either a symmetric or asymmetric protection scheme. Clocks of mission-critical or highly-available devices in industrial automation systems connected to a communication network are synchronized by sending, by a master clock, a synchronization message, e.g., a single message of the one-step-clock type according to IEEE 1588, including a time stamp, and by receiving and evaluating, by a slave clock, the synchronization message. A synchronization component or module of the master clock prepares, or composes, prior to a projected send time, a synchronization message including a time stamp of the projected send time, and secures the synchronization message in advance of the projected send time. Securing the synchronization message occurs by suitable cryptographic means allowing for authentication of the time stamp at a receiving slave clock. At the projected send time, the secured synchronization message is transmitted.Type: ApplicationFiled: December 30, 2011Publication date: June 28, 2012Applicant: ABB RESEARCH LTDInventors: Hubert KIRRMANN, Jean-Charles TOURNIER
-
Publication number: 20110286350Abstract: Exemplary embodiments increase reliability of communication over a non-deterministic communication channel, in electric power systems. A communication channel is monitored based on regular network traffic, by evaluating messages or data packets carrying real-time operational data as a payload. A permanent determination of a channel quality, including appropriate alarming in case the channel quality is found insufficient, is based on an evaluation, at a receiving node, of data packets continually transmitted by a sending node. These continually or repeatedly transmitted data packets can include identical payloads reflecting current states rather than state changes as operational data.Type: ApplicationFiled: July 13, 2011Publication date: November 24, 2011Applicant: ABB Technology AGInventors: Wolfgang WIMMER, Hubert KIRRMANN, Hermann SPIESS, Stefan RAMSEIER, Allen NOTTER, Martin ISRAEL
-
Publication number: 20110116508Abstract: Exemplary embodiments are directed to a network coupling device connected over a respective first and second port in a communication network with a ring topology operating with full duplex links. When sending information, the coupling device inserts two duplicate frames in the ring, one over each of its ports. The frames containing information that identifies these two frames as a pair of duplicates of the same frame. Each similar device in the ring includes a Switching Element that receives a frame from one port and forwards the frame to the other port without modification. The Switching Element discards a frame that was originally sent by that same node, discards a frame that it already forwarded in that direction, and/or discards a frame that it cannot recognize as being a member of a pair.Type: ApplicationFiled: January 20, 2011Publication date: May 19, 2011Applicant: ABB Research LTDInventor: Hubert KIRRMANN
-
Publication number: 20110029687Abstract: Exemplary embodiments are directed to deterministic data transmission of real-time operational data in Highly available, Seamlessly Redundant (HSR) ring-type communication networks with at least a master node, a source node, and a destination node. Each node can include first and second communication ports connected to a respective first and second neighbouring node of the communication network, to receive a frame via the first communication port, and to forward the received frame via the second communication port. The master node sends a first and a second redundant frame or empty data packet to its first and second neighbouring node, respectively. Upon reception of the two redundant frames, the source node inserts process data into a predetermined and dedicated field of each frame. Each one of the two loaded redundant frames is instantaneously and individually forwarded to the first and the second neighbouring node of the source node, respectively.Type: ApplicationFiled: July 29, 2010Publication date: February 3, 2011Applicant: ABB Research LtdInventors: Hubert KIRRMANN, Jean-Charles Tournier
-
Publication number: 20100256832Abstract: The present disclosure provides a method and system for operation of substations in which protection, control and measurement devices (e.g., Intelligent Electronic Devices (IEDs)) exchange operational data over a data network, for example, according to IEC standard 61850. During maintenance, commissioning and fault situations, when one or several IEDs are inoperable, the data that these IEDs would have produced is substituted to ensure availability of the substation. To this effect, a dedicated substitute device is permanently installed that can take the role of any IED, and that is automatically configured out of a standard configuration description (SCD) file that describes the SA system.Type: ApplicationFiled: April 26, 2010Publication date: October 7, 2010Applicant: ABB Research LtdInventors: Hubert KIRRMANN, Michael Obrist
-
Publication number: 20100204948Abstract: Protection, measurement and control IEDs in a substation compute if switches they control may be operated safely, according to interlocking rules or physical principles as well as the dynamic topology of the substation. The IEDs have access to the substation electrical topology, to real-time information generated by other IEDs, and to the rules for interlocking. A standardized Substation Configuration Description (SCD) of the substation for which a Substation Automation system is intended, and a standardized description of the implemented device functions or capabilities of an individual IED are utilized. The substation topology is available from SCD file, real time information about the position of switches and line voltage/current can be obtained via an appropriate protocol, and the interlocking rules are available in script form. These features apply both to simulated and real devices, and increase system testing possibilities by supporting an efficient configuration of a simulation.Type: ApplicationFiled: April 23, 2010Publication date: August 12, 2010Applicant: ABB Research Ltd.Inventors: Hubert KIRRMANN, Michael Obrist, Wolfgang Wimmer
-
Publication number: 20090141783Abstract: A communication device is provided with a power-limiting module connected to the power supply and configured to limit energy supplied to the transmitter portion such that a defined maximum data transmission rate is not exceeded. The power-limiting module comprises an energy storage device, supplying energy to the transmitter portion, and a limiter limiting recharging of the energy storage device by the power supply. The energy storage device and the limiter are selected such that a defined maximum energy is suppliable to the transmitter portion, limiting the transmitter portion to transmit data at the maximum data transmission rate. Limiting the energy supplied to the transmitter portion ensures that the communication device does not transmit over the network more than a given, limited amount of information per time unit, thus, the quantity of data transmitted by the communication device is limited.Type: ApplicationFiled: January 16, 2009Publication date: June 4, 2009Applicant: ABB Research Ltd.Inventor: Hubert KIRRMANN