Patents by Inventor Thomas W. Edgar
Thomas W. Edgar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11949762Abstract: Apparatuses and methods for tapping serial communications and transforming the serial data into a format appropriate for routable networks are significant for purposes of security and troubleshooting, especially in critical infrastructure networks. Communication taps should be completely passive such that any failure would not interrupt the serial communications. Furthermore, automatic determination of unspecified serial protocol frames allow general implementation across various networks, or across devices within a single network, without the need to customize for each implementation.Type: GrantFiled: May 13, 2021Date of Patent: April 2, 2024Assignee: Battelle Memorial InstituteInventors: Thomas W. Edgar, Sean J. Zabriskie, Eric Y. Choi
-
Patent number: 11843634Abstract: Methods are described for protecting a cyber-physical system against a potential attacker of the system. The methods include a method of generating a plurality of examples for a training data set and training a system model using the training data set to generate a decoy configured to generate a synthetic output that mimics historical outputs generated by the system for a given historical system context. Also described is a method including receiving a system context of a cyber-physical system; receiving an inquiry into the system by a potential attacker; applying a system model to the system context and the inquiry; obtaining from the system model a synthetic output that mimics how a component of the system would respond to the inquiry given the system context; and providing the synthetic output to the potential attacker.Type: GrantFiled: March 2, 2022Date of Patent: December 12, 2023Assignee: Battelle Memorial InstituteInventors: Thomas W. Edgar, Draguna L Vrabie, William J. Hofer, Kathleen E. Nowak
-
Patent number: 11805104Abstract: Computing system operational methods and apparatus are described. According to one aspect, a computing system operational method includes accessing user information regarding a user logging onto a computing device of the computing system, processing the user information to determine if the user information is authentic, as a result of the processing determining that the user information is authentic, first enabling the computing device to execute an application segment, and as a result of the processing determining that the user information is authentic, second enabling the application segment to communicate data externally of the computing device via one of a plurality of network segments of the computing system.Type: GrantFiled: December 14, 2018Date of Patent: October 31, 2023Assignee: Battelle Memorial InstituteInventors: Thomas W. Edgar, Thomas E. Carroll, Garret E. Seppala
-
Publication number: 20220191246Abstract: Methods are described for protecting a cyber-physical system against a potential attacker of the system. The methods include a method of generating a plurality of examples for a training data set and training a system model using the training data set to generate a decoy configured to generate a synthetic output that mimics historical outputs generated by the system for a given historical system context. Also described is a method including receiving a system context of a cyber-physical system; receiving an inquiry into the system by a potential attacker; applying a system model to the system context and the inquiry; obtaining from the system model a synthetic output that mimics how a component of the system would respond to the inquiry given the system context; and providing the synthetic output to the potential attacker.Type: ApplicationFiled: March 2, 2022Publication date: June 16, 2022Applicant: BATTELLE MEMORIAL INSTITUTEInventors: Thomas W. Edgar, Draguna L. Vrabie, William J. Hofer, Kathleen E. Nowak
-
Publication number: 20220150226Abstract: Computing system operational methods and apparatus are described. According to one aspect, a computing system operational method includes accessing user information regarding a user logging onto a computing device of the computing system, processing the user information to determine if the user information is authentic, as a result of the processing determining that the user information is authentic, first enabling the computing device to execute an application segment, and as a result of the processing determining that the user information is authentic, second enabling the application segment to communicate data externally of the computing device via one of a plurality of network segments of the computing system.Type: ApplicationFiled: January 26, 2022Publication date: May 12, 2022Applicant: Battelle Memorial InstituteInventors: Thomas W. Edgar, Thomas E. Carroll, Garret E. Seppala
-
Patent number: 11297103Abstract: A system is described for protecting a cyber-physical system against a potential attacker of the cyber-physical system. The system includes at least one processor configured to: collect historical information about the cyber-physical system, and train, based on the historical information, a machine-learned model to predict future conditions of at least a portion of the cyber-physical system. Responsive to detecting an input signal to the cyber-physical system, the system is configured to output an alert to the cyber-physical system indicative of a potential attacker, and respond to the input signal by simulating, based on the future conditions predicted by the machine-learned model, functionality and communications of the at least a portion of the cyber-physical system.Type: GrantFiled: April 19, 2019Date of Patent: April 5, 2022Assignee: Battelle Memorial InstituteInventors: Thomas W. Edgar, Draguna L. Vrabie, William J. Hofer, Kathleen E. Nowak
-
Publication number: 20210281663Abstract: Apparatuses and methods for tapping serial communications and transforming the serial data into a format appropriate for routable networks are significant for purposes of security and troubleshooting, especially in critical infrastructure networks. Communication taps should be completely passive such that any failure would not interrupt the serial communications. Furthermore, automatic determination of unspecified serial protocol frames allow general implementation across various networks, or across devices within a single network, without the need to customize for each implementation.Type: ApplicationFiled: May 13, 2021Publication date: September 9, 2021Applicant: Battelle Memorial InstituteInventors: Thomas W. Edgar, Sean J. Zabriskie, Eric Y. Choi
-
Patent number: 11012538Abstract: Apparatuses and methods for tapping serial communications and transforming the serial data into a format appropriate for routable networks are significant for purposes of security and troubleshooting, especially in critical infrastructure networks. Communication taps should be completely passive such that any failure would not interrupt the serial communications. Furthermore, automatic determination of unspecified serial protocol frames allow general implementation across various networks, or across devices within a single network, without the need to customize for each implementation.Type: GrantFiled: September 26, 2013Date of Patent: May 18, 2021Assignee: Battelle Memorial InstituteInventors: Thomas W. Edgar, Sean J. Zabriskie, Eric Y. Choi
-
Patent number: 10833954Abstract: A network analysis tool receives network flow information and uses deep learning—machine learning that models high-level abstractions in the network flow information—to identify dependencies between network assets. Based on the identified dependencies, the network analysis tool can discover functional relationships between network assets. For example, a network analysis tool receives network flow information, identifies dependencies between multiple network assets based on evaluation of the network flow information, and outputs results of the identification of the dependencies. When evaluating the network flow information, the network analysis tool can pre-process the network flow information to produce input vectors, use deep learning to extract patterns in the input vectors, and then determine dependencies based on the extracted patterns. The network analysis tool can repeat this process so as to update an assessment of the dependencies between network assets on a near real-time basis.Type: GrantFiled: November 19, 2014Date of Patent: November 10, 2020Assignee: Battelle Memorial InstituteInventors: Thomas E. Carroll, Satish Chikkagoudar, Thomas W. Edgar, Kiri J. Oler, Kristine M. Arthur, Daniel M. Johnson, Lars J. Kangas
-
Publication number: 20200195616Abstract: Computing system operational methods and apparatus are described. According to one aspect, a computing system operational method includes accessing user information regarding a user logging onto a computing device of the computing system, processing the user information to determine if the user information is authentic, as a result of the processing determining that the user information is authentic, first enabling the computing device to execute an application segment, and as a result of the processing determining that the user information is authentic, second enabling the application segment to communicate data externally of the computing device via one of a plurality of network segments of the computing system.Type: ApplicationFiled: December 14, 2018Publication date: June 18, 2020Applicant: Battelle Memorial InstituteInventors: Thomas W. Edgar, Thomas E. Carroll, Garret E. Seppala
-
Publication number: 20200076850Abstract: A system is described for protecting a cyber-physical system against a potential attacker of the cyber-physical system. The system includes at least one processor configured to: collect historical information about the cyber-physical system, and train, based on the historical information, a machine-learned model to predict future conditions of at least a portion of the cyber-physical system. Responsive to detecting an input signal to the cyber-physical system, the system is configured to output an alert to the cyber-physical system indicative of a potential attacker, and respond to the input signal by simulating, based on the future conditions predicted by the machine-learned model, functionality and communications of the at least a portion of the cyber-physical system.Type: ApplicationFiled: April 19, 2019Publication date: March 5, 2020Inventors: Thomas W. Edgar, Draguna L. Vrabie, William J. Hofer, Kathleen E. Nowak
-
Publication number: 20160142266Abstract: A network analysis tool receives network flow information and uses deep learning—machine learning that models high-level abstractions in the network flow information—to identify dependencies between network assets. Based on the identified dependencies, the network analysis tool can discover functional relationships between network assets. For example, a network analysis tool receives network flow information, identifies dependencies between multiple network assets based on evaluation of the network flow information, and outputs results of the identification of the dependencies. When evaluating the network flow information, the network analysis tool can pre-process the network flow information to produce input vectors, use deep learning to extract patterns in the input vectors, and then determine dependencies based on the extracted patterns. The network analysis tool can repeat this process so as to update an assessment of the dependencies between network assets on a near real-time basis.Type: ApplicationFiled: November 19, 2014Publication date: May 19, 2016Applicant: BATTELLE MEMORIAL INSTITUTEInventors: Thomas E. Carroll, Satish Chikkagoudar, Thomas W. Edgar, Kiri J. Oler, Kristine M. Arthur, Daniel M. Johnson, Lars J. Kangas
-
Publication number: 20140036911Abstract: Apparatuses and methods for tapping serial communications and transforming the serial data into a format appropriate for routable networks are significant for purposes of security and troubleshooting, especially in critical infrastructure networks. Communication taps should be completely passive such that any failure would not interrupt the serial communications. Furthermore, automatic determination of unspecified serial protocol frames allow general implementation across various networks, or across devices within a single network, without the need to customize for each implementation.Type: ApplicationFiled: September 26, 2013Publication date: February 6, 2014Applicant: Battelle Memorial InstituteInventors: Thomas W. Edgar, Sean J. Zabriskie, Eric Y. Choi
-
Publication number: 20120069846Abstract: Apparatuses and methods for tapping serial communications and transforming the serial data into a format appropriate for routable networks are significant for purposes of security and troubleshooting, especially in critical infrastructure networks. Communication taps should be completely passive such that any failure would not interrupt the serial communications. Furthermore, automatic determination of unspecified serial protocol frames allow general implementation across various networks, or across devices within a single network, without the need to customize for each implementation.Type: ApplicationFiled: September 17, 2010Publication date: March 22, 2012Applicant: BATTELLE MEMORIAL INSTITUTEInventors: Thomas W. Edgar, Sean J. Zabriskie, Eric Y. Choi
-
Publication number: 20100265039Abstract: A system and a method for securing control systems for critical infrastructure, complex networks and/or industrial processing facilities. Aspects of the invention can include a proximity-based user identification device that generates a computer-readable identification of operators who are in proximity to a control device in the control system and an imaging device that captures a visual likeness of operators in proximity to the control device. A network sensor can read operation data from the control system. An overlay network can interconnect the proximity-based identification device, the imaging device, and the network sensor, and can interface to the control system without modifying the control system. Processing hardware can execute processor-implemented instructions to generate a correlation between at least a portion of the operation data and the control system, the computer-readable identification, and the visual likeness.Type: ApplicationFiled: April 17, 2009Publication date: October 21, 2010Applicant: BATTELLE MEMORIAL INSTITUTEInventors: Samuel L. Clements, Thomas W. Edgar, Mark D. Hadley