Abstract: A network device and a method for operating a network device for an automation network are provided. The network device is set up with the help of a real-time application for providing a function of the network device. The real-time application has at least one predefined, updatable parameter. The network device has a storage device for storing update data for the updatable parameter in an update storage area and storing application data for the real-time application in an application storage area. The network device is set up such that, after update data has been written into the update storage area at a predefined update time, a first memory address referring to the application storage area switches to a second memory address referring to the update storage area in which the update data is stored. The switch takes place deterministically within a predefined update timeslot during runtime of the real-time application.

Abstract: The embodiments relate to a method and a test system for testing integrity of property data of a device using a testing device within a network, the devices and their respective property data within the network, such as all the measurement or control device distributed inside an industrial automation system, being taken into account in order to simplify testing of a large number of devices. The various property data are tested for an identity and are labelled, and calculations, which are carried out by the testing device for testing purposes, are initiated on the basis of the labelling. By taking other devices in the system into account, security requirements may be fulfilled during testing and the computational effort for the testing device may also be reduced.

Abstract: With the help of a key management protocol, the transmitted key information is authenticated by at least one certificate signed by the terminals, and at least one fingerprint of the public keys or certificate, which were used for authenticating the key information, is added to the useful part of an SIP message. The identity information present in the header of an SIP message is additionally copied into a region of the header or the useful part, and a signature is produced by way of the fingerprint, the datum information presented in the header of an SIP message, the copied identity information, and optionally the certificate reference information, and is inserted into a further region of the header of the SIP message. The additional signature that is produced and inserted can remain uninfluenced during a transmission across several networks of different network operators.

Abstract: Method and system for providing device-specific operator data for an automation device in an automation installation, which automation device authenticates itself to an authentication server in the automation installation via at least one authentication credential, wherein if up-to-date device-specific operator data from the installation operator of the automation installation are available for the automation device, then the up-to-date device-specific operator data are tied to the authentication credential of the authentication device.

Abstract: A lifting assembly for a lift truck with a lifting mast having at least one mast frame and a load part, as well as a lift drive having at least one lifting chain that lifts the mast frame, is attached to the mast frame at a connecting point and is guided across a deflection point. The lifting assembly includes at least one tensioning component that is arranged on the mast frame between the connecting point and deflection point of the lifting chain.

Abstract: Adapting access rules for a data interchange between a first network and a second network by the second network is provided based on a service-specific integrity information item of the first network, wherein the first network processes data for carrying out a service and the service defines multiple components. A respective integrity status is transmitted for each of the components by each respective component via a communication link within the first network to a management unit of the first network. The service-specific integrity information item is computed based on each respective integrity status by the management unit. The service-specific integrity information item is transmitted by a network access point of the first network to a receiver in the second network for adapting the access rules. Access by the receiver to each respective integrity status is prevented.

Abstract: A key generation apparatus for generating a key using a physical unclonable function includes a memory device configured to store a plurality of auxiliary data records, each auxiliary data record of the plurality of auxiliary data records having auxiliary data and supplementary information items, a selection device configured to select an auxiliary data record based on the supplementary information items, and a generation device configured to generate the key based on the auxiliary data of the selected auxiliary data record and using the physical unclonable function.

Abstract: The invention relates to a method and a test system for testing integrity of property data of a device using a testing device within a network, the devices and their respective property data within the network, such as all the measurement or control device distributed inside an industrial automation system, being taken into account in order to simplify testing of a large number of devices. The various property data are tested for an identity and are labelled, and calculations, which are carried out by the testing device for testing purposes, are initiated on the basis of the labelling. By taking other devices in the system into account, security requirements can be fulfilled during testing and the computational effort for the testing device can also be reduced.

Abstract: A method, a first device, and a switching center are described. A first device is authenticated by a switching center inside a network taking into account the use of additional (e.g., virtual) network interfaces. A device uses certificates to transfer additional MAC addresses for authentication. As a result, a device having a plurality of MAC addresses gains access to a network from a plurality of MAC addresses in a one-off authentication process.

Abstract: The invention relates to a method for configuring electronic devices, particularly terminals, wherein during configuration at least parts of first configuration data on a chip card are fed to an electronic device, wherein the configuration data are stored on the chip card as second configuration data such that the stored data are the result of an obfuscation following at least one first algorithm. Furthermore, at least parts of the first algorithm can be derived by the electronic device. The stored second configuration data are subjected to a de-obfuscation by the device such that, having knowledge of the first algorithm, they can be reconstructed as first configuration data and the configuration of the terminal can be based thereon. The invention further relates to an arrangement having means for carrying out the method.

Abstract: With the help of a key management protocol, the transmitted key information is authenticated by at least one certificate signed by the terminals, and at least one fingerprint of the public keys or certificate, which were used for authenticating the key information, is added to the useful part of an SIP message. The identity information present in the header of an SIP message is additionally copied into a region of the header or the useful part, and a signature is produced by way of the fingerprint, the datum information presented in the header of an SIP message, the copied identity information, and optionally the certificate reference information, and is inserted into a further region of the header of the SIP message. The additional signature that is produced and inserted can remain uninfluenced during a transmission across several networks of different network operators.

Abstract: Method and system for providing device-specific operator data for an automation device in an automation installation, which automation device authenticates itself to an authentication server in the automation installation via at least one authentication credential, wherein if up-to-date device-specific operator data from the installation operator of the automation installation are available for the automation device, then the up-to-date device-specific operator data are tied to the authentication credential of the authentication device.

Abstract: With the help of a key management protocol, the transmitted key information is authenticated by at least one certificate signed by the terminals, and at least one fingerprint of the public keys or certificate, which were used for authenticating the key information, is added to the useful part of an SIP message. The identity information present in the header of an SIP message is additionally copied into a region of the header or the useful part, and a signature is produced by way of the fingerprint, the datum information presented in the header of an SIP message, the copied identity information, and optionally the certificate reference information, and is inserted into a further region of the header of the SIP message. The additional signature that is produced and inserted can remain uninfluenced during a transmission across several networks of different network operators.

Abstract: A network device and a method for operating a network device for an automation network are provided. The network device is set up with the help of a real-time application for providing a function of the network device. The real-time application has at least one predefined, updatable parameter. The network device has a storage device for storing update data for the updatable parameter in an update storage area and storing application data for the real-time application in an application storage area. The network device is set up such that, after update data has been written into the update storage area at a predefined update time, a first memory address referring to the application storage area switches to a second memory address referring to the update storage area in which the update data is stored. The switch takes place deterministically within a predefined update timeslot during runtime of the real-time application.

Abstract: The invention relates to a method for exchanging data between a mobile telephone and a fixed line telephone. According to the invention, a mobile telephone equipped with Near Field Communication (NFC) technology and a fixed line telephone that is also equipped with NFC technology are initially placed in a reception range, subsequently the mobile telephone and the fixed line telephone are coupled by means of the NFC technology, and then data is transmitted between the mobile telephone and the fixed line telephone by means of the NFC technology. Said coupling occurs when the mobile telephone and the fixed line telephone are authenticated, and two different NFC technologies are used for the authentication of the mobile telephone and the fixed line telephone, and the subsequent transmission of data.

Abstract: With the help of a key management protocol, the transmitted key information (si) is authenticated by at least one certificate signed by the terminals (A, B), and at least one fingerprint (fp) of the public keys or certificate, which were used for authenticating the key information (si), is added to the useful part of an SIP message (INVITE). The identity information (idi) present in the header (SIPH) of an SIP message is additionally copied into a region of the header (SIPH) or the useful part (B), and a signature (S) is produced by way of the fingerprint (fp), the datum information (di) presented in the header (SIPH) of an SIP message, the copied identity information (idi?), and optionally the certificate reference information (hz), and is inserted into a further region of the header (SIPH) of the SIP message (INVITE).

Abstract: The invention relates to a method for configuring electronic devices, particularly terminals, wherein during configuration at least parts of first configuration data on a chip card are fed to an electronic device, wherein the configuration data are stored on the chip card as second configuration data such that the stored data are the result of an obfuscation following at least one first algorithm. Furthermore, at least parts of the first algorithm can be derived by the electronic device. The stored second configuration data are subjected to a de-obfuscation by the device such that, having knowledge of the first algorithm, they can be reconstructed as first configuration data and the configuration of the terminal can be based thereon. The invention further relates to an arrangement having means for carrying out the method.

Abstract: The invention relates to a method for exchanging data between a mobile telephone and a fixed line telephone. According to the invention, a mobile telephone equipped with Near Field Communication (NFC) technology and a fixed line telephone that is also equipped with NFC technology are initially placed in a reception range, subsequently the mobile telephone and the fixed line telephone are coupled by means of the NFC technology, and then data is transmitted between the mobile telephone and the fixed line telephone by means of the NFC technology. Said coupling occurs when the mobile telephone and the fixed line telephone are authenticated, and two different NFC technologies are used for the authentication of the mobile telephone and the fixed line telephone, and the subsequent transmission of data.

Abstract: A disc brake, in particular for a commercial vehicle, includes a caliper which surrounds a brake disc, against which brake pads can be pressed on both sides during braking. A holding bracket is fastened to the caliper and bears against pad retaining springs acting on outer edges of the brake pads. The holding bracket bridges a mounting opening of the caliper transversely with respect to the rotational direction of the brake disc and is preferably fastened by way of one end to the caliper in a positively locking manner and held by way of its other end by a fastening element such that the fastening element is connected captively to the holding bracket and corresponds with a securing part of the caliper in the sense of a holding device.