Patents by Inventor Harald Herberth

Harald Herberth has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12126611
    Abstract: A technical plant, a system for issuing publicly trusted certificates for plant components of the technical plant, an engineering or control system for the technical plant, and a method for issuing publicly trusted certificates for plant components of the technical plant, wherein a) a certification module of a plant component, which is intended to receive a publicly trusted certificate, queries a component identifier; b) the certification module transmits the component identifier together with a certificate request for a publicly trusted certificate to a registration authority; c) the registration authority checks, based on the component identifier, whether the component belonging to the component identifier is assigned to an authorized person or an authorized company; d) if so, the registration authority requests a publicly trusted certificate for the component; and e) the requested publicly trusted certificate is issued and transmitted to the certification module.
    Type: Grant
    Filed: March 27, 2020
    Date of Patent: October 22, 2024
    Assignee: SIEMENS AKTIENGESELLSCHAFT
    Inventors: Roland Eckl, Harald Herberth
  • Publication number: 20220239641
    Abstract: A technical plant, a system for issuing publicly trusted certificates for plant components of the technical plant, an engineering or control system for the technical plant, and a method for issuing publicly trusted certificates for plant components of the technical plant, wherein a) a certification module of a plant component, which is intended to receive a publicly trusted certificate, queries a component identifier; b) the certification module transmits the component identifier together with a certificate request for a publicly trusted certificate to a registration authority; c) the registration authority checks, based on the component identifier, whether the component belonging to the component identifier is assigned to an authorized person or an authorized company; d) if so, the registration authority requests a publicly trusted certificate for the component; and e) the requested publicly trusted certificate is issued and transmitted to the certification module.
    Type: Application
    Filed: March 27, 2020
    Publication date: July 28, 2022
    Inventors: Roland Eckl, Harald HERBERTH
  • Patent number: 10681112
    Abstract: The invention relates to a method functions within an industrial automation system. In a method for providing functions within an industrial automation system, the functions are made available by a web application of at least one control unit and provided on the client side during execution of a control program via a Single-Page Application (SPA) as a web client at a client-side user interface. The functions are provided by a standardized data model of the web application which represents the at least one control unit and data that can be made available by the control unit. The standardized data model is accessed via a generic data interface of the web application.
    Type: Grant
    Filed: August 1, 2018
    Date of Patent: June 9, 2020
    Assignee: SIEMENS AKTIENGESELLSCHAFT
    Inventors: Roland Eckl, Harald Herberth
  • Patent number: 10462117
    Abstract: A method and a system for authenticating a surrounding Web application by a Web application that is to be embedded, wherein it becomes possible for the Web application that is to be embedded to identify the surrounding Web application and for the surrounding Web application to authenticate itself, where a high security standard is provided through storage and evaluation of the necessary key material in the respective. Web server because the key material itself is not transmitted, but only authentication messages for the local use of the key material are instead transmitted.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: October 29, 2019
    Assignee: Siemens Aktiengesellschaft
    Inventors: Roland Eckl, Harald Herberth
  • Patent number: 10212038
    Abstract: A method in which a check is performed to determine whether a request originates from a requesting communication device from an IPv6 subnetwork or comprises a destination resource identifier allocated to a Web server component with an IPv6 address or a device name to provide access to device configuration data of an IPv4-based automation device within an industrial automation system in cases of a request for a Web document with device configuration data, wherein if the check result is positive, the Web document is provided with a reference to the device configuration data which includes an Ipv6 address printout or a device name, where in the case of a request for the Web document which originates from a requesting communication device from an IPv4 subnetwork and/or comprises a destination resource identifier with an IPv4 address, the reference to the device configuration data comprises an IPv4 address printout.
    Type: Grant
    Filed: August 29, 2016
    Date of Patent: February 19, 2019
    Assignee: Siemens Aktiengesellschaft
    Inventors: Harald Albrecht, Harald Herberth
  • Publication number: 20190044997
    Abstract: The invention relates to a method functions within an industrial automation system. In a method for providing functions within an industrial automation system, the functions are made available by a web application of at least one control unit and provided on the client side during execution of a control program via a Single-Page Application (SPA) as a web client at a client-side user interface. The functions are provided by a standardized data model of the web application which represents the at least one control unit and data that can be made available by the control unit. The standardized data model is accessed via a generic data interface of the web application.
    Type: Application
    Filed: August 1, 2018
    Publication date: February 7, 2019
    Applicant: SIEMENS AKTIENGESELLSCHAFT
    Inventors: Roland Eckl, HARALD HERBERTH
  • Patent number: 10078314
    Abstract: Method of providing functions within an industrial automation system and an industrial automation system thereof. Functions of the automation system are made available by web applications that are combined by the client during control program execution to form interlinked web applications. The functions are provided on a user interface of the client. The web applications are provided by a standard application programming interface that comprises a cross-component application programming interface for initializing and unloading application components and a component-specific application programming interface for event handling and providing component functions. Component instances are linked by an application programming interface for stipulating interactions between application components.
    Type: Grant
    Filed: January 29, 2015
    Date of Patent: September 18, 2018
    Assignee: Siemens Aktiengesellschaft
    Inventors: Roland Eckl, Andreas Henrich, Harald Herberth
  • Publication number: 20170093838
    Abstract: A method and a system for authenticating a surrounding Web application by a Web application that is to be embedded, wherein it becomes possible for the Web application that is to be embedded to identify the surrounding Web application and for the surrounding Web application to authenticate itself, where a high security standard is provided through storage and evaluation of the necessary key material in the respective. Web server because the key material itself is not transmitted, but only authentication messages for the local use of the key material are instead transmitted.
    Type: Application
    Filed: September 28, 2016
    Publication date: March 30, 2017
    Inventors: Roland ECKL, Harald HERBERTH
  • Publication number: 20170063624
    Abstract: A method in which a check is performed to determine whether a request originates from a requesting communication device from an IPv6 subnetwork or comprises a destination resource identifier allocated to a Web server component with an IPv6 address or a device name to provide access to device configuration data of an IPv4-based automation device within an industrial automation system in cases of a request for a Web document with device configuration data, wherein if the check result is positive, the Web document is provided with a reference to the device configuration data which includes an Ipv6 address printout or a device name, where in the case of a request for the Web document which originates from a requesting communication device from an IPv4 subnetwork and/or comprises a destination resource identifier with an IPv4 address, the reference to the device configuration data comprises an IPv4 address printout.
    Type: Application
    Filed: August 29, 2016
    Publication date: March 2, 2017
    Inventors: Harald ALBRECHT, Harald Herberth
  • Publication number: 20150212504
    Abstract: Method of providing functions within an industrial automation system and an industrial automation system thereof. Functions of the automation system are made available by web applications that are combined by the client during control program execution to form interlinked web applications. The functions are provided on a user interface of the client. The web applications are provided by a standard application programming interface that comprises a cross-component application programming interface for initializing and unloading application components and a component-specific application programming interface for event handling and providing component functions. Component instances are linked by an application programming interface for stipulating interactions between application components.
    Type: Application
    Filed: January 29, 2015
    Publication date: July 30, 2015
    Inventors: Roland ECKL, Andreas HENRICH, Harald HERBERTH
  • Patent number: 8959645
    Abstract: A distributed operation is performed using at least one first and second computer-based object, wherein control information is used to influence or determine a property, a function of the first and/or second computer-based objects. The control information includes details of a parameter identifier, a value associated with the parameter identifier, a range of validity and a remote access attribute. The control information is provided in a retrievable manner, according to the included range of validity, in a memory organized according to ranges of validity and is associated with the first computer-based object. During a function or service call for performing the distributed operation, which is sent from the first computer-based object to the second, the control information is transmitted to the second computer-based object, provided in a retrievable manner in the memory organized according to the ranges of validity and associated with the second computer-based object.
    Type: Grant
    Filed: September 2, 2009
    Date of Patent: February 17, 2015
    Assignee: Siemens Aktiengesellschaft
    Inventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
  • Patent number: 8701202
    Abstract: An access authorization for a computer-based object in an automation system comprising a plurality of network nodes is granted using a control file which is structured in line with a scheme for a markup language for granting access authorizations and which maps a hierarchic tree structure. In this case, access authorizations are mapped in an object model which has a hierarchic tree structure. A relevant subtree from the object model is ascertained for a selected network node, at which services are provided using computer-based objects, or when access to a computer-based object is requested, by an access guideline service. The control file is produced from the ascertained relevant subtree. The control file produced is made available for the selected network node or for access to the computer-based object.
    Type: Grant
    Filed: September 11, 2009
    Date of Patent: April 15, 2014
    Assignee: Siemens Aktiengesellschaft
    Inventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
  • Publication number: 20120117380
    Abstract: An identifier is determined for a control program, and the identifier is encrypted based on a private digital key associated with a control and monitoring unit of the automation system to grant authorization to access a computer-based object in an automation system. A first service of the automation system is provided based on the computer-based object, and a second service of the automation system is provided based on the control program. The encrypted identifier is decrypted when being transmitted to an authentication service and is verified by the authentication service. If the verification process has been successful, the authentication service transmits a temporarily valid token to the second service. When the control program requests access to the computer-based object, the token is transmitted to the first service for checking purposes. The control program is granted access to the computer-based object if the result of the checking process is positive.
    Type: Application
    Filed: September 2, 2009
    Publication date: May 10, 2012
    Applicant: Siemens Aktiengesellschaft
    Inventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
  • Publication number: 20110314080
    Abstract: A distributed operation in an automation system is performed using at least one first and second computer-based object. The control information is used to influence or determine a property, a function of the first and/or second computer-based objects. The control information includes details of a parameter identifier, a value associated with the parameter identifier, a range of validity and a remote access attribute. The control information is provided in a retrievable manner, according to the included range of validity, in a memory unit organized according to ranges of validity and is associated with the first computer-based object. During a function or service call for performing the distributed operation, which is sent from the first computer-based object to the second, the control information is transmitted to the second computer-based object, provided in a retrievable manner in a memory unit organized according to the ranges of validity and associated with the second computer-based object.
    Type: Application
    Filed: September 2, 2009
    Publication date: December 22, 2011
    Applicant: Siemens Aktiengesellschaft
    Inventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
  • Patent number: 7904400
    Abstract: A help system, an automation device with such a help system and a method for providing help data are disclosed. The help system includes a first offline help facility which is installed as part of an application on a data processing device, the first help facility providing a user with help data based upon context data defined by the user, the help data being stored in the first help facility and thus on the data processing device. A second online help facility is provided which is accessed by the data processing device via the internet such that the context data defined by the user in relation to the first help facility is automatically adopted in the second help facility as context data, the second help facility providing the user with additional help data based on this context data, the help data being stored in the second help facility.
    Type: Grant
    Filed: October 31, 2003
    Date of Patent: March 8, 2011
    Assignee: Siemens Aktiengesellschaft
    Inventors: Jürgen Büssert, Jan Fischer, Rainer Heller, Harald Herberth, Ronald Lange, Stefan List, Franz-Josef Menzl, Klaus Meusser, Michael Schlemper, Michael Schlereth, Bodo Stölzle, Peter Wiedenberg
  • Publication number: 20110004664
    Abstract: A device and a method for distributing and forwarding requests to a plurality of web servers in an industrial automation arrangement. The device is configured to receive requests addressed to a well-known port, and the web servers are addressable by at least one local address and by means of one port number. The device is also configured to evaluate the destination URLs of the requests, where each of the requests have the same host header of the request and the server addressing components of the destination URLs are possibly identical, a path component of the URL in each case defines one of the web servers, and the device is configured to forward the request to one of the web servers defined by the path information.
    Type: Application
    Filed: July 2, 2010
    Publication date: January 6, 2011
    Applicant: Siemens AG
    Inventors: Harald Herberth, Frank Volkmann
  • Patent number: 7757297
    Abstract: The invention relates to a system and a method for the storage and/or retrieval of confidential information for at least one user, by means of which a secret, in particular a project password, can be securely retrieved again. System for the storage and/or retrieval of confidential information for at least one user, particularly within the area of creating a project, with first means for encryption of the confidential information using a public key of an asymmetric method through a key service and for storage of the encrypted information in a generally accessible memory and at least one input device for entry of the private key associated with the public key through the key service for the retrieval of the information, whereby the system includes a selection device for the selection of at least one key service by the at least one user.
    Type: Grant
    Filed: April 13, 2006
    Date of Patent: July 13, 2010
    Assignee: Siemens Aktiengesellschaft
    Inventors: Harald Herberth, Ronald Lange
  • Publication number: 20100071029
    Abstract: An access authorization for a computer-based object in an automation system comprising a plurality of network nodes is granted using a control file which is structured in line with a scheme for a markup language for granting access authorizations and which maps a hierarchic tree structure. In this case, access authorizations are mapped in an object model which has a hierarchic tree structure. A relevant subtree from the object model is ascertained for a selected network node, at which services are provided using computer-based objects, or when access to a computer-based object is requested, by an access guideline service. The control file is produced from the ascertained relevant subtree. The control file produced is made available for the selected network node or for access to the computer-based object.
    Type: Application
    Filed: September 11, 2009
    Publication date: March 18, 2010
    Applicant: SIEMENS AKTIENGESELLSCHAFT
    Inventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
  • Patent number: 7664769
    Abstract: An automation system includes at least one automation object, with a directory for storing object names of the at least one automation object. An object name is assigned a directory entry which includes first information data as a reference to the automation object; second information data as a description of technological functionality; and third information data as a description of interfaces of the automation object. This results in immediate and permanent access to currently created (partial) solutions, so that parallel and/or distributed working on automation objects is possible.
    Type: Grant
    Filed: March 9, 2000
    Date of Patent: February 16, 2010
    Assignee: Siemens Aktiengesellschaft
    Inventors: Norbert Becker, Georg Biehler, Matthias Diezel, Albrecht Donner, Dieter Eckardt, Harald Herberth, Manfred Krämer, Dirk Langkafel, Ralf Leins, Ronald Lange, Walter Möller-Nehring, Jürgen Schmoll, Karsten Schneider, Ulrich Welz, Helmut Windl
  • Patent number: 7596575
    Abstract: An automation system with at least one automation object having a first component for generating a system functionality, a second component for generating a base functionality, and a third component for managing at least one module. Each module has a first module component for generating a system functionality, a second module component for generating a base functionality and a third module component for generating a technological functionality.
    Type: Grant
    Filed: September 10, 2001
    Date of Patent: September 29, 2009
    Assignee: Siemens Aktiengesellschaft
    Inventors: Norbert Becker, Georg Biehler, Matthias Diezel, Albrecht Donner, Dieter Eckardt, Harald Herberth, Manfred Kraemer, Dirk Langkafel, Ralf Leins, Ronald Lange, Walter Moeller-Nehring, Juergen Schmoll, Karsten Schneider, Ulrich Welz, Helmut Windl