Abstract: A method for connecting a field device to a first cloud based service platform includes reading-out a first ticket from the field device using the first service device, wherein the first ticket includes at least one piece of information identifying the field device. The first ticket is transmitted to a second cloud based service platform from the first service device. The method also includes mutual associating and verifying of the first ticket and a second ticket produced at the manufacturer and stored in the second service platform. In the case of successful verifying, the connecting information for the first cloud based service platform is transmitted from the second cloud based service platform to the first service device. A communication connection between the first service device and the first cloud based service platform is established based on the connecting information transmitted from the second service platform.

Abstract: A method for transmitting security settings between a first automation engineering field device and a second automation engineering field device includes: identifying and authenticating an operator by means of a service unit; assigning an authorization group based on the identifying and authenticating of the operator; in the case, in which the operator is assigned the administrator authorization group: encrypting at least one security setting, which is present in cleartext, by the first field device; exporting the encrypted security setting; importing the encrypted security setting into the second field device; decrypting the encrypted security setting; loading the decrypted security setting into the data memory of the second field device and operating the second field device with the loaded security setting of the first field device.

Abstract: A system for managing data of an automation field device in a secure manner includes a decentralized distributed ledger-type database, or blockchain, comprising a plurality of subscriber nodes, comprising validation-capable subscriber nodes and an automation field device with an electronic unit. The electronic unit is designed to run a distributed ledger software stack. The field device generates data, comprising measurement values and/or calibration certificates requiring verification, and the field device operates as a light node of the decentralized database after running the distributed ledger software stack and is designed to transmit the data to the decentralized database via the communication network and write said data in encrypted form into the decentralized database.

Abstract: A method for validating a field device is disclosed. The field device includes a plurality of hardware and software modules and is provided with a first cryptographic signature on the manufacturer side. The first cryptographic signature identifies the device manufacturer or the original delivery state of the field device. The origin and integrity of the field device is validated on the customer side using the first cryptographic signature. Once the field device is adapted to a defined machinery, the field device is provided with a second cryptographic signature on the customer side. The second cryptographic signature identifies the adaptations of the field device made on the customer side as a machinery-specific desired state of the field device. At least one validation of the field device is carried out on the customer side using the second cryptographic signature during the period of installation of the field device in the defined machinery.

Abstract: A method for checking the authenticity of electronic modules is disclosed. Each electronic module is assigned a key pair confirming the identity of the electronic module, wherein each key pair consists of a public key and a private key, and wherein the public keys of the key pairs are stored in a list. The list is assigned to the field device, and: when an electronic module is exchanged or added, the field device checks: whether the exchanged or added electronic module has a key pair, and whether the public key of the exchanged or added electronic module is listed in the list of public keys, and whether the electronic module is in possession of the correct private key. Interaction of the changed electronic module with the field device concerning the functionality of the field device is permitted if the check is concluded with a positive result.

Abstract: The present disclosure relates to a method for tamper-proof operation of a field device in automation engineering, comprising: creating an order ticket via or using an order management system, wherein the order ticket contains data authorizing a defined service technician to perform a defined work order on a defined field device, transmitting the order ticket to the defined field device, logging-in of the defined service technician to the defined field device by means of the order ticket or by additional input of authentication data, checking the order ticket or the authentication data by means of the field device, if the check is positive, authorization is given to perform the defined work order, performing of the defined work order by the defined service technician on the defined field device, and automatic creation of a confirmation ticket relating to the defined work order or its performance on the defined field device.