Patents by Inventor Anna Palmin
Anna Palmin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20260161765Abstract: The configuration of the Registration Authority (RA) needs to be supplemented with a configurable new check rule. The check rules are taken into consideration when validating the certificate requests. When a certificate request is validated, the Registration Authority RA determines, based on the new check rule assigned to this installation component, at which location it may search for this new check rule in the directory/inventory and how it may form it, possibly from multiple parts (for example, the serial number and the MLFB). The described problem is solved by giving the Registration Authority RA the capability of handling various new check rules when validating the certificate requests in a heterogeneous industrial installation.Type: ApplicationFiled: October 27, 2022Publication date: June 11, 2026Inventor: Anna Palmin
-
Patent number: 12549383Abstract: A system for verifying components of an industrial monitoring system includes a first module which is configured to establish a trust relationship with a component of the industrial monitoring system and request a component certificate from the component. The component certificate contains relevant information relating to the component. A second module is configured to check, in interaction with the component, the component certificate on the basis of relevant data stored in a trusted database, and to generate a notification on the basis of the result of the checking process.Type: GrantFiled: July 28, 2021Date of Patent: February 10, 2026Assignee: Siemens AktiengesellschaftInventors: Anna Palmin, Xin Xie
-
Patent number: 12506614Abstract: A client-server architecture for a control system of a technical installation, wherein the client-server architecture includes at least one first device formed as a client and at least one second device that formed as a server assigned to the client, where the client is configured to establish contact with the server, and is configured to execute a code received from the server, communication from the client to the control system exists via the server which is configured to detect whether the code, which the client executes, corresponds to the code that the client received from the server, and where the server, in the event of the code not corresponding, is further configured to interrupt the execution of the code by the client and lock the client out of communication with the control system.Type: GrantFiled: August 5, 2020Date of Patent: December 23, 2025Assignee: Siemens AktiengesellschaftInventors: Benjamin Lutz, Anna Palmin
-
Patent number: 12256025Abstract: A control system for a technical installation, in particular a manufacturing facility or process plant, includes at least one first operator station server and one second operator station server and is configured to initiate the issuance and revocation of certificates for components of the technical installation as part of certificate management, and is configured to publish revocation of a previously issued certificate within the control system as a certificate revocation list, where the control system is configured to store the certificate revocation list on the first operator station server and/or on the second operator station server, where the control system is configured to synchronize the first operator station server and the second operator station server with one another such that a certificate revocation list with identical content is stored on both operator station servers.Type: GrantFiled: January 12, 2021Date of Patent: March 18, 2025Assignee: Siemens AktiengesellschaftInventors: Benjamin Lutz, Anna Palmin
-
Patent number: 12158936Abstract: A control system for a technical installation, in particular a process or manufacturing installation, includes at least one component upon which a certificate service is computer implemented, wherein the certificate service is configured to check a certificate store that is assigned to the component or a further component to determine whether two or more certificates, which only differ from one another in terms of their validity period, are stored in the certificate store, and in the event of the check identifying two or more certificates of this type, to initiate revocation and removal from the certificate store of the certificate or certificates with the validity period that ends the earliest, such that only the certificate with the validity period that ends the latest remains stored in the certificate store.Type: GrantFiled: October 27, 2022Date of Patent: December 3, 2024Assignee: SIEMENS AKTIENGESELLSCHAFTInventor: Anna Palmin
-
Patent number: 12111649Abstract: A method for handling security alarms by a control system of a technical installation includes a) receiving diagnostic messages that have been generated by technical objects (7) of a technical installation; b) analyzing the diagnostic messages such that diagnostic messages relevant to the security of an operation of the technical installation are identified by means of comparative data records, where a machine learning network is used to analyze the diagnostic messages to assess the security relevance of the diagnostic messages, where the network is previously trained using special inputs from operators of the technical installation that have assessed past diagnostic messages with regard to their security relevance; c) if necessary, adapting the previously identified diagnostic messages to requirements of a computer-implemented security module of the technical installation and d) transmitting the previously identified and optionally adapted diagnostic messages to the computer-implemented security module of thType: GrantFiled: March 16, 2020Date of Patent: October 8, 2024Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Benjamin Lutz, Anna Palmin
-
Publication number: 20240323001Abstract: A control system for a technical installation, particularly a process or manufacturing facility, includes a computer-implemented registration service that is configured to receive a certificate request from a component of the technical installation that comprises information regarding the identity of the installation component, configured to extract from a first memory information about which certificates of the installation component have already been assigned, can be assigned or are to be assigned, using the information regarding the identity of the installation component and the information about certificates that can be assigned or are to be assigned, configured to determine what the certificate request type is and which registration authority or certification authority of the technical installation is responsible for the certificate request, and is configured to transfer the certificate request of the installation component with information about the type of certificate request to the responsible registrType: ApplicationFiled: June 28, 2022Publication date: September 26, 2024Inventors: Anna PALMIN, Marwin MADSEN
-
Patent number: 11934507Abstract: A method for project-oriented authentication of a device in a control system for a technical installation as part of an engineering project, wherein the control system includes at least one local registration service, at least one software inventory and a certification center, where information by the at least one local registration service with respect to what communication protocols and/or applications are supported by the device and/or are active is ascertained during authentication of the device within the control system, a project-oriented device certificate is requested from the first hierarchy of the certification center by the local registration service, and the project-oriented device certificate is deposited in an inventory element, associated with the engineering project, of the software inventory of the control system, the device certificates being issuable by the first hierarchy of the certification center have a unique project identifier.Type: GrantFiled: March 7, 2019Date of Patent: March 19, 2024Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Benjamin Lutz, Anna Palmin
-
Publication number: 20240012404Abstract: A system for verifying components of an industrial monitoring system includes a first module which is configured to establish a trust relationship with a component of the industrial monitoring system and request a component certificate from the component. The component certificate contains relevant information relating to the component. A second module is configured to check, in interaction with the component, the component certificate on the basis of relevant data stored in a trusted database, and to generate a notification on the basis of the result of the checking process.Type: ApplicationFiled: July 28, 2021Publication date: January 11, 2024Applicant: Siemens AktiengesellschaftInventors: ANNA PALMIN, XIN XIE
-
Publication number: 20230291725Abstract: A method for issuing a certificate with a specific certificate profile to a plant component of an industrial plant by a certification authority of the industrial plant, wherein an automated check is performed to determine whether the specific certificate profile can be used by the plant component, and whether the specific certificate profile in the industrial plant is assignable to the plant component before a certificate application made by the plant component is transmitted to the certification authority, where the certificate application is transmitted to the certification authority which, in the event of a successful check of the certificate application, issues the requested certificate with the specific certificate profile for the plant component if both checks are successful.Type: ApplicationFiled: March 8, 2023Publication date: September 14, 2023Inventor: Anna PALMIN
-
Publication number: 20230275767Abstract: A control system for a technical plant, in particular a manufacturing or processing plant, wherein the control system is configured to initiate the issuance and revocation of certificates for components of the technical plant as part of certificate management, where the control system includes a computer-implemented revocation service which is configured to initiate the revocation of certificates in an event-controlled and automated manner.Type: ApplicationFiled: January 13, 2021Publication date: August 31, 2023Inventors: Benjamin LUTZ, Anna PALMIN
-
Publication number: 20230267188Abstract: A control system for a technical installation, in particular a process or manufacturing installation, includes at least one component upon which a certificate service is computer implemented, wherein the certificate service is configured to check a certificate store that is assigned to the component or a further component to determine whether two or more certificates, which only differ from one another in terms of their validity period, are stored in the certificate store, and in the event of the check identifying two or more certificates of this type, to initiate revocation and removal from the certificate store of the certificate or certificates with the validity period that ends the earliest, such that only the certificate with the validity period that ends the latest remains stored in the certificate store.Type: ApplicationFiled: October 27, 2022Publication date: August 24, 2023Inventor: Anna PALMIN
-
Patent number: 11677741Abstract: System and method for secure time synchronization in an industrial facility, wherein a synchronization request of a facility component is transmitted to a registration service of a certificate management of the facility and the synchronization request is examined by the registration service, where the synchronization request includes a signature of the requesting facility component, and where depending on an outcome of the examination, a synchronization response is then transmitted to the requesting facility component a system time of the facility component is matched to a system time of the registration service based on the synchronization response.Type: GrantFiled: November 10, 2020Date of Patent: June 13, 2023Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Jochen Balduf, Anna Palmin
-
Patent number: 11558203Abstract: An operator station server of a technical installation upon which a certification service is implemented, wherein the certification service is configured to receive configuration information, which depends on a role of the operator station server in the technical installation, from at least one of (i) an engineering station server and (ii) a registration service of the technical installation, where the configuration information comprises information identifying which certificates of the certification service of the operator station server must be requested from a certification authority of the technical installation.Type: GrantFiled: July 26, 2019Date of Patent: January 17, 2023Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Benjamin Lutz, Anna Palmin
-
Patent number: 11543803Abstract: A process control system includes an engineering system for a project configuration of hardware and software components of a process control system, an operator system having a runtime component for operator control and monitoring of a technical process, and an archive system for archiving project configuration inputs of the engineering system and for archiving operator inputs in the operator system, via which a project engineer and/or an operator may be provided with the relationships between engineering-relevant actions or events and runtime-relevant actions or events.Type: GrantFiled: May 6, 2019Date of Patent: January 3, 2023Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Benjamin Lutz, Anna Palmin
-
Publication number: 20220417237Abstract: System and method for secure time synchronization in an industrial facility, wherein a synchronization request of a facility component is transmitted to a registration service of a certificate management of the facility and the synchronization request is examined by the registration service, where the synchronization request includes a signature of the requesting facility component, and where depending on an outcome of the examination, a synchronization response is then transmitted to the requesting facility component a system time of the facility component is matched to a system time of the registration service based on the synchronization response.Type: ApplicationFiled: November 10, 2020Publication date: December 29, 2022Inventors: Jochen BALDUF, Anna PALMIN
-
Patent number: 11454944Abstract: A method for initially allocating and/or renewing certificates for devices and/or applications in a control system for a technical installation on the basis of certificates, wherein the devices and/or applications, within a framework of the initial allocation and/or renewal of the certificates, use a certificate management protocol to post a certificate request at at least one certification authority of the technical installation, where the devices and/or applications, in addition to the certificate management protocol, implement a certification service that generates a stateless alarm message and provides this generated stateless alarm message in the control system, when a certificate request previously posted by the device and/or the application is unanswered by the certification authority after expiration of a previously determined period of time.Type: GrantFiled: April 22, 2019Date of Patent: September 27, 2022Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Benjamin Lutz, Anna Palmin
-
Publication number: 20220294636Abstract: A client-server architecture for a control system of a technical installation, wherein the client-server architecture includes at least one first device formed as a client and at least one second device that formed as a server assigned to the client, where the client is configured to establish contact with the server, and is configured to execute a code received from the server, communication from the client to the control system exists via the server which is configured to detect whether the code, which the client executes, corresponds to the code that the client received from the server, and where the server, in the event of the code not corresponding, is further configured to interrupt the execution of the code by the client and lock the client out of communication with the control system.Type: ApplicationFiled: August 5, 2020Publication date: September 15, 2022Inventors: Benjamin LUTZ, Anna PALMIN
-
Patent number: 11444934Abstract: An automation system includes at least one automation unit, multiple automation servers and a central management unit interconnected via a communication network, wherein the automation servers communicate with the automation unit using a pre validated certificate of the automation unit, where in order to validate the certificate, the automation servers check a chain of trust of the respective certificate and, by accessing a black list, the validity thereof, where communication of the respective chain of trust only occurs when corresponding chains of trust are revoked from all other automation servers beforehand, corresponding certificates are entered into the black list or the certificate is otherwise invalid.Type: GrantFiled: December 8, 2020Date of Patent: September 13, 2022Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Benjamin Lutz, Anna Palmin
-
Patent number: 11442436Abstract: A method and technical module in a technical installation, which includes at least one technical function and which is configured for integration into a higher-level control level of the technical installation, wherein functional rights relating to the at least one technical function are stored in the technical module.Type: GrantFiled: November 22, 2019Date of Patent: September 13, 2022Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Benjamin Lutz, Anna Palmin