In order to facilitate creation of a controller program and a UI program in which variables match each other, this program development support unit is provided with: a calculation unit and a program development support program which implement a sequence program editing unit, a UI editing unit, and a copy function unit; a display unit; and an operation input unit. The copy function unit detects selection, through the input operation unit, of an element of the sequence program and movement to an editing screen in a user interface program, and causes elements in the user interface program that correspond to elements in the sequence program to be reflected on the editing screen of the user interface program. The copy function unit detects the type of the sequence program being edited, and, depending on the type of sequence program, determines the type of elements of the user interface program.

A controller includes a feature quantity generation unit that generates, from data associated with a control target, a feature quantity appropriate for detecting an abnormality in the control target, a machine learning unit that performs machine learning using the feature quantity, an abnormality detection unit that detects the abnormality based on an abnormality detection parameter determined from a learning result of the machine learning, and the feature quantity, an instruction unit that instructs the abnormality detection unit to detect the abnormality, and a data compression unit that compresses data about the feature quantity and provides the compressed data to the machine learning unit and the abnormality detection unit. The instruction unit transmits a request for detecting the abnormality to the abnormality detection unit. The abnormality detection unit detects the abnormality without returning a response to the request.

A secure control system includes a network of multiplexers that control end/field devices of an infrastructure system, such as an electric power grid. The multiplexers have a default secure lockdown state that prevents remote access to data on the multiplexers and prevents modification of software or firmware of the multiplexer. One or more of the multiplexers include a physical authentication device that confirms the physical proximity of a trusted individual when remote access is requested. A user accesses the network and one of the multiplexers remotely by way of login credentials. The trusted individual confirms the identity of the remote user and operates the physical authentication device connected with and in proximity to that multiplexer, thereby confirming that the remote user can be trusted to access data and reconfigure the multiplexers. The multiplexer connected with the physical authentication device generates a token that is passed to each of the multiplexers that the remote user needs access to. The token may specify a time period, after which, the multiplexers will reenter secure lockdown mode.

A secure control system includes a network of multiplexers that control end/field devices of an infrastructure system, such as an electric power grid. The multiplexers have a default secure lockdown state that prevents remote access to data on the multiplexers and prevents modification of software or firmware of the multiplexer. One or more of the multiplexers include a physical authentication device that confirms the physical proximity of a trusted individual when remote access is requested. A user accesses the network and one of the multiplexers remotely by way of login credentials. The trusted individual confirms the identity of the remote user and operates the physical authentication device connected with and in proximity to that multiplexer, thereby confirming that the remote user can be trusted to access data and reconfigure the multiplexers. The multiplexer connected with the physical authentication device generates a token that is passed to each of the multiplexers that the remote user needs access to. The token may specify a time period, after which, the multiplexers will reenter secure lockdown mode.

There is provided a method including: during a training period, collecting a plurality of scan cycle times of a programmable logic controller (PLC) program executing on a PLC; calculating one or more baseline parameters based on the plurality of scan cycle times; determining a baseline PLC program signature based on the one or more baseline statistical parameters; and storing the baseline PLC program signature.

An inter-variable dependency analyzing unit analyzes a relation between an argument and a return value between instructions of a plurality of instructions included in a sequence control program, which is a control program written in a language for sequence control. A PLC instruction sorting/division unit at least either changes an instruction execution order of the plurality of instructions or divides the sequence control program in units of instructions, based on the relation between the argument and the return value between the instructions analyzed by the inter-variable dependency analyzing unit.

An inter-variable dependency analyzing unit analyzes a relation between an argument and a return value between instructions of a plurality of instructions included in a sequence control program, which is a control program written in a language for sequence control. A PLC instruction sorting/division unit at least either changes an instruction execution order of the plurality of instructions or divides the sequence control program in units of instructions, based on the relation between the argument and the return value between the instructions analyzed by the inter-variable dependency analyzing unit.

A system for configuration and control of a device includes a device processor includes at least two processing cores. Device firmware executes on a first processing core and a device-based engineering server executes on a second processing core. A web server running on the device-based engineering server includes a webApp providing web-based functionality for configuration and control of the device. The webApp is downloaded from the web server to the user's browser. A hypervisor manages communication between the device firmware and the device-based engineering server. A communication path established in the hypervisor for communicating a configuration or control instruction to the device firmware. The configuration or control instruction is initiated by a user via a web browser. The users web browser may run on a computer workstation that does not otherwise meet processing requirements of an engineering system for the device.

Each of a plurality of control devices includes: an upper communication part which transmits/receives first data to/from other control devices via a first network; and a lower communication part which transmits/receives second data to/from one or more equipment via a second network. The upper communication part has a first timer time-synchronized with each other among the plurality of control devices. The lower communication part determines, based on the time of the first timer, a timing to start processing for transmitting the second data to the one or more equipment.

Each of a plurality of control devices includes: an upper communication part which transmits/receives first data to/from other control devices via a first network; and a lower communication part which transmits/receives second data to/from one or more equipment via a second network. The upper communication part has a first timer time-synchronized with each other among the plurality of control devices. The lower communication part determines, based on the time of the first timer, a timing to start processing for transmitting the second data to the one or more equipment.