Provided is a method for automatically registering a user on a field device for the purpose of administering the field device, including a) providing user information on the basis of an identity of the user and an identity of the field device by a security device; b) transmitting the provided user information to a mobile device of the user; c) generating field-device-specific registration information on the basis of the transmitted user information by the mobile device; and d) registering the user on the field device by the generated registration information. This method has the particular advantage that a highly secure infrastructure can be used for administering access information for administering the field devices without problems arising during the registration process

An industrial device is configured to implement a lightweight file authentication sequence that rapidly verifies the integrity of mobile code supplied to the industrial device. The industrial device generates a file authentication code (FAC), which is stored on the industrial device and only made accessible to users via a local connection to the industrial device. The device-specific file FAC is installed on the program development application used to develop or edit the mobile code to be executed on the industrial device. The development application provides the mobile code to the industrial device together with a hash-based message authentication code (HMAC) generated using a retrieved copy of the FAC. The industrial device only permits execution of the mobile code if the HMAC included with the mobile code matches a locally created HMAC generated by the industrial device based on the mobile code and the device's local copy of the FAC.

Operator actions and/or other commands or requests are secured via an authentication path from an action originator to a communications/control module or any other industrial element/controller. In implementations, an industrial control system includes an action authenticator configured to sign an action request generated by the action originator. The destination communications/control module or any other industrial element/controller is configured to receive the signed action request, verify the authenticity of the signed action request, and perform a requested action when the authenticity of the signed action request is verified.

Methods, systems, and computer-readable media for industrial control software execution management. For example, there is provided a method for enabling a software module included in a plurality of software modules of an application package installed on a computing device configured to control a turbomachine of an industrial plant. The method can include receiving, by a processor of the computing device, a request for executing the software module. The method can include generating and sending an activation request to a remote server. The method can include generating, by the remote server, an activation code if a verification protocol is successfully completed. The method can include forwarding the activation code to the computing device. The method can include activating the software module when the activation code is received by the processor.

Operator actions and/or other commands or requests are secured via an authentication path from an action originator to a communications/control module or any other industrial element/controller. In implementations, an industrial control system includes an action authenticator configured to sign an action request generated by the action originator. The destination communications/control module or any other industrial element/controller is configured to receive the signed action request, verify the authenticity of the signed action request, and perform a requested action when the authenticity of the signed action request is verified.

A method for accessing functions of an embedded device, for example a controller programmable from memory, wherein function blocks of the embedded device are assigned to at least two hierarchically superimposed levels, an access to a function block of the embedded device occurs from outside of the embedded device by a data interface, and for access an authentication must occur for the level to which the respective function block is assigned, and again for each individual level above the level to which the function block is assigned, to permit execution of a function of the function block, wherein the functions of the function blocks permit access to a firmware of the embedded device.

A method for providing an access key for a field device of automation technology, wherein the access key controls accessing of the field device, includes: producing an individual key; storing the individual key in a database together with an identification feature of the field device; storing the individual key in the field device which is to be unlocked based on an input access key; ascertaining at least the identification feature of the field device for which the access key is to be provided; and forming/producing/generating the access key, such that it includes at least one hash value, wherein the hash value is formed at least from the individual key read-out from the database with the assistance of the ascertained identification feature.

Operator actions and/or other commands or requests are secured via an authentication path from an action originator to a communications/control module or any other industrial element/controller. In implementations, an industrial control system includes an action authenticator configured to sign an action request generated by the action originator. The destination communications/control module or any other industrial element/controller is configured to receive the signed action request, verify the authenticity of the signed action request, and perform a requested action when the authenticity of the signed action request is verified.

A method for operating a packaged terminal air conditioner includes scrolling through a sequence of characters on a display of the user interface in response to an input at a user interface of the packaged terminal air conditioner. The user interface is locked when the sequence of characters scrolls on the display of the user interface. The display of the user interface includes a pair of segment displays. Each segment display of the pair of segment displays includes no less than seven segments. The sequence of characters includes the letters L, O, and C.

A method for secure communication between a field device and an end device is disclosed. The method includes: storing an individual access code in the end device, transmitting an access code of the end device to the field device, connecting the field device to an authentication server via a server communication link, using the field device to transmit the access code or an access code derived from the access code to the authentication server, storing authentication data on the authentication server, checking the authenticity of the access code on the authentication server using the authentication data, transmitting the resulting authentication result from the authentication server via the server communication link to the field device, and, depending on the authentication result transmitted to the field device, making resources of the field device available to the end device.