Abstract: A security device includes one or more processors and a memory that includes instructions, that when executed by the processors, cause the processors to perform operations. The operations include monitoring data traffic between industrial automation devices in an industrial system and one or more devices in an external network, determining that a first industrial automation device does not include native security features for receiving secure data from the devices in the external network or transmitting secure data to the devices in the external network, and implementing one or more security techniques in response to determining that the first industrial automation device does not include the native security features.

Abstract: Embodiments of this present disclosure include an industrial automation system, including an operational technology (OT) industrial automation device. The OT industrial automation device may perform an operation for the industrial automation system. Further, the OT industrial automation device may receive data comprising instructions related to the operation. Embodiments also include a monitoring device to receive the data; identify the OT industrial automation device based on the data; retrieve one or more rules for providing communications to the OT industrial automation device in response to identifying the OT industrial automation device; and selectively forward the data to the OT industrial automation device based on the one or more rules.

Abstract: A system includes a first computing node of a cluster of computing nodes that are part of a container orchestration system, a control system for controlling one or more operations of an operation technology (OT) component, and a second node of the cluster of computing nodes. The control system is communicatively coupled to the first computing node and the OT component. The second computing node may transmit a pod to the first computing node. The pod may cause the first computing node to perform operations that include deploying a container as a digital representation of the OT component, testing a security update on the digital representation, determining that the security update is ready for implementation in the OT component, and transmitting an indication that the security update is available for implementation to the OT component after determining that the security update is ready for implementation.

Abstract: Secure data transmission between an input device and both industrial controllers in a high-availability system utilizes a secure connection established between the primary industrial controller and the input device. Data required to establish the secure connection is stored on the primary controller as part of the connection data corresponding to the secure connection. The input device transmits data to the primary controller over the secure connection according to the desired level of security. The primary controller transmits the connection data defining the secure connection to the secondary controller. If a failure occurs in the primary controller, the secondary controller establishes a connection to the input device using the connection data for the secure connection, such that the secondary controller may assume responsibility for the controller end of the secure connection. The primary controller transmits the input signals to the secondary controller via the dedicated connection between controllers.

Abstract: Techniques to facilitate feature licensing of an industrial controller employed in an industrial automation environment are disclosed. In one implementation, a first private key unique to an industrial controller and a security certificate is stored in a hardware root of trust within the controller. The security certificate is signed by a certificate authority for authenticating the controller. After being authenticated, the industrial controller receives a device information package provided by the certificate authority. The device information package is encrypted with a first public key paired with the first private key and signed using a second private key assigned to the certificate authority. The controller validates the device information package using a second public key paired with the second private key and decrypts the package using the first private key. One or more functions of the industrial controller are enabled based on a license included in the device information package.

Abstract: Secure data transmission between an input device and both industrial controllers in a high-availability system utilizes a secure connection established between the primary industrial controller and the input device. Data required to establish the secure connection is stored on the primary controller as part of the connection data corresponding to the secure connection. The input device transmits data to the primary controller over the secure connection according to the desired level of security. The primary controller transmits the connection data defining the secure connection to the secondary controller. If a failure occurs in the primary controller, the secondary controller establishes a connection to the input device using the connection data for the secure connection, such that the secondary controller may assume responsibility for the controller end of the secure connection. The primary controller transmits the input signals to the secondary controller via the dedicated connection between controllers.

Abstract: A device may include a communication component that may communicatively couple to a first network. The device may also include a processor that may transmit a first signal via the communication component to a network address translation (NAT) system, the first signal including a first request to discover a server device. The NAT system may communicatively couple to the first network and a second network, such that the first network is inaccessible to the second network. The processor may then receive location data associated with the server device and transmit a second signal addressed to the server device based on the location data. The second signal is transmitted to the NAT system, such that the second signal may include a second request for a security policy from the server device. The processor may then receive the security policy via the NAT system and adjust one or more communication operations based on the security policy.

Abstract: An industrial security policy configuration system generates and implements security policies for industrial automation systems based on design data for the industrial systems generated by device manufacturers, system integrators, original equipment manufacturers, or the owners of the industrial assets during the design of the industrial systems. the collected design data to a security rule set defining device-level communication privileges. The system translates the collected design data to a security rule set defining device-level communication privileges, which are then translated to a comprehensive set of security policies customized to the requirements of the industrial systems represented by the design data. By leveraging the rich set of available design data to identify or infer security requirements and generate suitable security configurations, the system can mitigate the need to manually configure security policies based on human judgments regarding normal and abnormal network traffic.

Abstract: A device may include a communication component that may communicatively couple to a first network. The device may also include a processor that may transmit a first signal via the communication component to a network address translation (NAT) system, the first signal including a first request to discover a server device. The NAT system may communicatively couple to the first network and a second network, such that the first network is inaccessible to the second network. The processor may then receive location data associated with the server device and transmit a second signal addressed to the server device based on the location data. The second signal is transmitted to the NAT system, such that the second signal may include a second request for a security policy from the server device. The processor may then receive the security policy via the NAT system and adjust one or more communication operations based on the security policy.

Abstract: A secure method for establishing communications to provision modules in an industrial control system generates a certificate signing request to obtain a signed security certificate. A mobile device is located proximate to the module with the certificate signing request, and the mobile device has previously established itself as a secure communication interface on the network. The mobile device establishes a first connection between the module and the mobile device via a short-range protocol and a s second connection between the mobile device and a signing server via a network. The mobile device retrieves the certificate signing request via the first connection and transmits the certificate signing request to the signing server via the second connection. Because the mobile device has previously established itself as a secure interface, the transmission of the certificate signing request to the signing server may be made via a secure connection.

Abstract: An industrial security policy configuration system generates and implements security policies for industrial automation systems based on design data for the industrial systems generated by device manufacturers, system integrators, original equipment manufacturers, or the owners of the industrial assets during the design of the industrial systems. the collected design data to a security rule set defining device-level communication privileges. The system translates the collected design data to a security rule set defining device-level communication privileges, which are then translated to a comprehensive set of security policies customized to the requirements of the industrial systems represented by the design data. By leveraging the rich set of available design data to identify or infer security requirements and generate suitable security configurations, the system can mitigate the need to manually configure security policies based on human judgments regarding normal and abnormal network traffic.

Abstract: A secure method for establishing communications to provision modules in an industrial control system generates a certificate signing request to obtain a signed security certificate. A mobile device is located proximate to the module with the certificate signing request, and the mobile device has previously established itself as a secure communication interface on the network. The mobile device establishes a first connection between the module and the mobile device via a short-range protocol and a s second connection between the mobile device and a signing server via a network. The mobile device retrieves the certificate signing request via the first connection and transmits the certificate signing request to the signing server via the second connection. Because the mobile device has previously established itself as a secure interface, the transmission of the certificate signing request to the signing server may be made via a secure connection.

Abstract: A model-based industrial security policy configuration system implements a plant-wide industrial asset security policy in accordance with security policy definitions provided by a user. The configuration system models the collection of industrial assets for which diverse security policies are to be implemented. An interface allows the user to define security policies for a plant environment at a high-level by grouping the industrial assets into security zones, and defining any additional communication permissions in terms of asset-to-asset, asset-to-zone, or zone-to-zone conduits. Based on the model and these policy definitions, the system generates asset-level security setting instructions configured to set appropriate security settings on one or more of the industrial assets, and deploys these instructions to the appropriate assets in order to implement the defined security policy.

Abstract: An industrial precompile and encrypt system facilitates secure distribution of a digital industrial asset to a target device in an industrial automation environment while permitting common, expected user workflows such as interfacing with the asset; replacing failed target devices; verifying and validating the asset and its usage; securely troubleshooting the asset, editing the asset, or replacing the asset in a running system.

Abstract: A method for installing embedded firmware is provided. The method includes generating one or more firmware file instances and generating one or more digital certificate instances that are separate instances from the firmware file instances. The method includes associating the one or more digital certificate instances with the one or more firmware file instances to facilitate updating signature-unaware modules with signature-aware firmware or to facilitate updating signature-aware modules with signature-unaware firmware.

Abstract: A model-based industrial security policy configuration system implements a plant-wide industrial asset security policy in accordance with security policy definitions provided by a user. The configuration system models the collection of industrial assets for which diverse security policies are to be implemented. An interface allows the user to define security policies for a plant environment at a high-level by grouping the industrial assets into security zones, and defining any additional communication permissions in terms of asset-to-asset, asset-to-zone, or zone-to-zone conduits. Based on the model and these policy definitions, the system generates asset-level security setting instructions configured to set appropriate security settings on one or more of the industrial assets, and deploys these instructions to the appropriate assets in order to implement the defined security policy.

Abstract: A method for installing embedded firmware is provided. The method includes generating one or more firmware file instances and generating one or more digital certificate instances that are separate instances from the firmware file instances. The method includes associating the one or more digital certificate instances with the one or more firmware file instances to facilitate updating signature-unaware modules with signature-aware firmware or to facilitate updating signature-aware modules with signature-unaware firmware.

Abstract: A method for installing embedded firmware is provided. The method includes generating one or more firmware file instances and generating one or more digital certificate instances that are separate instances from the firmware file instances. The method includes associating the one or more digital certificate instances with the one or more firmware file instances to facilitate updating signature-unaware modules with signature-aware firmware or to facilitate updating signature-aware modules with signature-unaware firmware.

Abstract: A method for installing embedded firmware is provided. The method includes generating one or more firmware file instances and generating one or more digital certificate instances that are separate instances from the firmware file instances. The method includes associating the one or more digital certificate instances with the one or more firmware file instances to facilitate updating signature-unaware modules with signature-aware firmware or to facilitate updating signature-aware modules with signature-unaware firmware.

Abstract: A method for installing embedded firmware is provided. The method includes generating one or more firmware file instances and generating one or more digital certificate instances that are separate instances from the firmware file instances. The method includes associating the one or more digital certificate instances with the one or more firmware file instances to facilitate updating signature-unaware modules with signature-aware firmware or to facilitate updating signature-aware modules with signature-unaware firmware.