Patents by Inventor Harald Herberth
Harald Herberth has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12126611Abstract: A technical plant, a system for issuing publicly trusted certificates for plant components of the technical plant, an engineering or control system for the technical plant, and a method for issuing publicly trusted certificates for plant components of the technical plant, wherein a) a certification module of a plant component, which is intended to receive a publicly trusted certificate, queries a component identifier; b) the certification module transmits the component identifier together with a certificate request for a publicly trusted certificate to a registration authority; c) the registration authority checks, based on the component identifier, whether the component belonging to the component identifier is assigned to an authorized person or an authorized company; d) if so, the registration authority requests a publicly trusted certificate for the component; and e) the requested publicly trusted certificate is issued and transmitted to the certification module.Type: GrantFiled: March 27, 2020Date of Patent: October 22, 2024Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Roland Eckl, Harald Herberth
-
Publication number: 20220239641Abstract: A technical plant, a system for issuing publicly trusted certificates for plant components of the technical plant, an engineering or control system for the technical plant, and a method for issuing publicly trusted certificates for plant components of the technical plant, wherein a) a certification module of a plant component, which is intended to receive a publicly trusted certificate, queries a component identifier; b) the certification module transmits the component identifier together with a certificate request for a publicly trusted certificate to a registration authority; c) the registration authority checks, based on the component identifier, whether the component belonging to the component identifier is assigned to an authorized person or an authorized company; d) if so, the registration authority requests a publicly trusted certificate for the component; and e) the requested publicly trusted certificate is issued and transmitted to the certification module.Type: ApplicationFiled: March 27, 2020Publication date: July 28, 2022Inventors: Roland Eckl, Harald HERBERTH
-
Patent number: 10681112Abstract: The invention relates to a method functions within an industrial automation system. In a method for providing functions within an industrial automation system, the functions are made available by a web application of at least one control unit and provided on the client side during execution of a control program via a Single-Page Application (SPA) as a web client at a client-side user interface. The functions are provided by a standardized data model of the web application which represents the at least one control unit and data that can be made available by the control unit. The standardized data model is accessed via a generic data interface of the web application.Type: GrantFiled: August 1, 2018Date of Patent: June 9, 2020Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Roland Eckl, Harald Herberth
-
Patent number: 10462117Abstract: A method and a system for authenticating a surrounding Web application by a Web application that is to be embedded, wherein it becomes possible for the Web application that is to be embedded to identify the surrounding Web application and for the surrounding Web application to authenticate itself, where a high security standard is provided through storage and evaluation of the necessary key material in the respective. Web server because the key material itself is not transmitted, but only authentication messages for the local use of the key material are instead transmitted.Type: GrantFiled: September 28, 2016Date of Patent: October 29, 2019Assignee: Siemens AktiengesellschaftInventors: Roland Eckl, Harald Herberth
-
Patent number: 10212038Abstract: A method in which a check is performed to determine whether a request originates from a requesting communication device from an IPv6 subnetwork or comprises a destination resource identifier allocated to a Web server component with an IPv6 address or a device name to provide access to device configuration data of an IPv4-based automation device within an industrial automation system in cases of a request for a Web document with device configuration data, wherein if the check result is positive, the Web document is provided with a reference to the device configuration data which includes an Ipv6 address printout or a device name, where in the case of a request for the Web document which originates from a requesting communication device from an IPv4 subnetwork and/or comprises a destination resource identifier with an IPv4 address, the reference to the device configuration data comprises an IPv4 address printout.Type: GrantFiled: August 29, 2016Date of Patent: February 19, 2019Assignee: Siemens AktiengesellschaftInventors: Harald Albrecht, Harald Herberth
-
Publication number: 20190044997Abstract: The invention relates to a method functions within an industrial automation system. In a method for providing functions within an industrial automation system, the functions are made available by a web application of at least one control unit and provided on the client side during execution of a control program via a Single-Page Application (SPA) as a web client at a client-side user interface. The functions are provided by a standardized data model of the web application which represents the at least one control unit and data that can be made available by the control unit. The standardized data model is accessed via a generic data interface of the web application.Type: ApplicationFiled: August 1, 2018Publication date: February 7, 2019Applicant: SIEMENS AKTIENGESELLSCHAFTInventors: Roland Eckl, HARALD HERBERTH
-
Patent number: 10078314Abstract: Method of providing functions within an industrial automation system and an industrial automation system thereof. Functions of the automation system are made available by web applications that are combined by the client during control program execution to form interlinked web applications. The functions are provided on a user interface of the client. The web applications are provided by a standard application programming interface that comprises a cross-component application programming interface for initializing and unloading application components and a component-specific application programming interface for event handling and providing component functions. Component instances are linked by an application programming interface for stipulating interactions between application components.Type: GrantFiled: January 29, 2015Date of Patent: September 18, 2018Assignee: Siemens AktiengesellschaftInventors: Roland Eckl, Andreas Henrich, Harald Herberth
-
Publication number: 20170093838Abstract: A method and a system for authenticating a surrounding Web application by a Web application that is to be embedded, wherein it becomes possible for the Web application that is to be embedded to identify the surrounding Web application and for the surrounding Web application to authenticate itself, where a high security standard is provided through storage and evaluation of the necessary key material in the respective. Web server because the key material itself is not transmitted, but only authentication messages for the local use of the key material are instead transmitted.Type: ApplicationFiled: September 28, 2016Publication date: March 30, 2017Inventors: Roland ECKL, Harald HERBERTH
-
Publication number: 20170063624Abstract: A method in which a check is performed to determine whether a request originates from a requesting communication device from an IPv6 subnetwork or comprises a destination resource identifier allocated to a Web server component with an IPv6 address or a device name to provide access to device configuration data of an IPv4-based automation device within an industrial automation system in cases of a request for a Web document with device configuration data, wherein if the check result is positive, the Web document is provided with a reference to the device configuration data which includes an Ipv6 address printout or a device name, where in the case of a request for the Web document which originates from a requesting communication device from an IPv4 subnetwork and/or comprises a destination resource identifier with an IPv4 address, the reference to the device configuration data comprises an IPv4 address printout.Type: ApplicationFiled: August 29, 2016Publication date: March 2, 2017Inventors: Harald ALBRECHT, Harald Herberth
-
Publication number: 20150212504Abstract: Method of providing functions within an industrial automation system and an industrial automation system thereof. Functions of the automation system are made available by web applications that are combined by the client during control program execution to form interlinked web applications. The functions are provided on a user interface of the client. The web applications are provided by a standard application programming interface that comprises a cross-component application programming interface for initializing and unloading application components and a component-specific application programming interface for event handling and providing component functions. Component instances are linked by an application programming interface for stipulating interactions between application components.Type: ApplicationFiled: January 29, 2015Publication date: July 30, 2015Inventors: Roland ECKL, Andreas HENRICH, Harald HERBERTH
-
Patent number: 8959645Abstract: A distributed operation is performed using at least one first and second computer-based object, wherein control information is used to influence or determine a property, a function of the first and/or second computer-based objects. The control information includes details of a parameter identifier, a value associated with the parameter identifier, a range of validity and a remote access attribute. The control information is provided in a retrievable manner, according to the included range of validity, in a memory organized according to ranges of validity and is associated with the first computer-based object. During a function or service call for performing the distributed operation, which is sent from the first computer-based object to the second, the control information is transmitted to the second computer-based object, provided in a retrievable manner in the memory organized according to the ranges of validity and associated with the second computer-based object.Type: GrantFiled: September 2, 2009Date of Patent: February 17, 2015Assignee: Siemens AktiengesellschaftInventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
-
Patent number: 8701202Abstract: An access authorization for a computer-based object in an automation system comprising a plurality of network nodes is granted using a control file which is structured in line with a scheme for a markup language for granting access authorizations and which maps a hierarchic tree structure. In this case, access authorizations are mapped in an object model which has a hierarchic tree structure. A relevant subtree from the object model is ascertained for a selected network node, at which services are provided using computer-based objects, or when access to a computer-based object is requested, by an access guideline service. The control file is produced from the ascertained relevant subtree. The control file produced is made available for the selected network node or for access to the computer-based object.Type: GrantFiled: September 11, 2009Date of Patent: April 15, 2014Assignee: Siemens AktiengesellschaftInventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
-
Publication number: 20120117380Abstract: An identifier is determined for a control program, and the identifier is encrypted based on a private digital key associated with a control and monitoring unit of the automation system to grant authorization to access a computer-based object in an automation system. A first service of the automation system is provided based on the computer-based object, and a second service of the automation system is provided based on the control program. The encrypted identifier is decrypted when being transmitted to an authentication service and is verified by the authentication service. If the verification process has been successful, the authentication service transmits a temporarily valid token to the second service. When the control program requests access to the computer-based object, the token is transmitted to the first service for checking purposes. The control program is granted access to the computer-based object if the result of the checking process is positive.Type: ApplicationFiled: September 2, 2009Publication date: May 10, 2012Applicant: Siemens AktiengesellschaftInventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
-
Publication number: 20110314080Abstract: A distributed operation in an automation system is performed using at least one first and second computer-based object. The control information is used to influence or determine a property, a function of the first and/or second computer-based objects. The control information includes details of a parameter identifier, a value associated with the parameter identifier, a range of validity and a remote access attribute. The control information is provided in a retrievable manner, according to the included range of validity, in a memory unit organized according to ranges of validity and is associated with the first computer-based object. During a function or service call for performing the distributed operation, which is sent from the first computer-based object to the second, the control information is transmitted to the second computer-based object, provided in a retrievable manner in a memory unit organized according to the ranges of validity and associated with the second computer-based object.Type: ApplicationFiled: September 2, 2009Publication date: December 22, 2011Applicant: Siemens AktiengesellschaftInventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
-
Patent number: 7904400Abstract: A help system, an automation device with such a help system and a method for providing help data are disclosed. The help system includes a first offline help facility which is installed as part of an application on a data processing device, the first help facility providing a user with help data based upon context data defined by the user, the help data being stored in the first help facility and thus on the data processing device. A second online help facility is provided which is accessed by the data processing device via the internet such that the context data defined by the user in relation to the first help facility is automatically adopted in the second help facility as context data, the second help facility providing the user with additional help data based on this context data, the help data being stored in the second help facility.Type: GrantFiled: October 31, 2003Date of Patent: March 8, 2011Assignee: Siemens AktiengesellschaftInventors: Jürgen Büssert, Jan Fischer, Rainer Heller, Harald Herberth, Ronald Lange, Stefan List, Franz-Josef Menzl, Klaus Meusser, Michael Schlemper, Michael Schlereth, Bodo Stölzle, Peter Wiedenberg
-
Publication number: 20110004664Abstract: A device and a method for distributing and forwarding requests to a plurality of web servers in an industrial automation arrangement. The device is configured to receive requests addressed to a well-known port, and the web servers are addressable by at least one local address and by means of one port number. The device is also configured to evaluate the destination URLs of the requests, where each of the requests have the same host header of the request and the server addressing components of the destination URLs are possibly identical, a path component of the URL in each case defines one of the web servers, and the device is configured to forward the request to one of the web servers defined by the path information.Type: ApplicationFiled: July 2, 2010Publication date: January 6, 2011Applicant: Siemens AGInventors: Harald Herberth, Frank Volkmann
-
Patent number: 7757297Abstract: The invention relates to a system and a method for the storage and/or retrieval of confidential information for at least one user, by means of which a secret, in particular a project password, can be securely retrieved again. System for the storage and/or retrieval of confidential information for at least one user, particularly within the area of creating a project, with first means for encryption of the confidential information using a public key of an asymmetric method through a key service and for storage of the encrypted information in a generally accessible memory and at least one input device for entry of the private key associated with the public key through the key service for the retrieval of the information, whereby the system includes a selection device for the selection of at least one key service by the at least one user.Type: GrantFiled: April 13, 2006Date of Patent: July 13, 2010Assignee: Siemens AktiengesellschaftInventors: Harald Herberth, Ronald Lange
-
Publication number: 20100071029Abstract: An access authorization for a computer-based object in an automation system comprising a plurality of network nodes is granted using a control file which is structured in line with a scheme for a markup language for granting access authorizations and which maps a hierarchic tree structure. In this case, access authorizations are mapped in an object model which has a hierarchic tree structure. A relevant subtree from the object model is ascertained for a selected network node, at which services are provided using computer-based objects, or when access to a computer-based object is requested, by an access guideline service. The control file is produced from the ascertained relevant subtree. The control file produced is made available for the selected network node or for access to the computer-based object.Type: ApplicationFiled: September 11, 2009Publication date: March 18, 2010Applicant: SIEMENS AKTIENGESELLSCHAFTInventors: Harald Herberth, Ulrich Kröger, Allan Sobihard
-
Patent number: 7664769Abstract: An automation system includes at least one automation object, with a directory for storing object names of the at least one automation object. An object name is assigned a directory entry which includes first information data as a reference to the automation object; second information data as a description of technological functionality; and third information data as a description of interfaces of the automation object. This results in immediate and permanent access to currently created (partial) solutions, so that parallel and/or distributed working on automation objects is possible.Type: GrantFiled: March 9, 2000Date of Patent: February 16, 2010Assignee: Siemens AktiengesellschaftInventors: Norbert Becker, Georg Biehler, Matthias Diezel, Albrecht Donner, Dieter Eckardt, Harald Herberth, Manfred Krämer, Dirk Langkafel, Ralf Leins, Ronald Lange, Walter Möller-Nehring, Jürgen Schmoll, Karsten Schneider, Ulrich Welz, Helmut Windl
-
Patent number: 7596575Abstract: An automation system with at least one automation object having a first component for generating a system functionality, a second component for generating a base functionality, and a third component for managing at least one module. Each module has a first module component for generating a system functionality, a second module component for generating a base functionality and a third module component for generating a technological functionality.Type: GrantFiled: September 10, 2001Date of Patent: September 29, 2009Assignee: Siemens AktiengesellschaftInventors: Norbert Becker, Georg Biehler, Matthias Diezel, Albrecht Donner, Dieter Eckardt, Harald Herberth, Manfred Kraemer, Dirk Langkafel, Ralf Leins, Ronald Lange, Walter Moeller-Nehring, Juergen Schmoll, Karsten Schneider, Ulrich Welz, Helmut Windl