Secure wireless data prefetching and delivery is provided. A first demand is received from a first requesting device, requesting a first data file from the central agent, the first requesting device storing first cache data including a key and a first portion of the first data file. A second demand is received from a second requesting device, requesting a second data file from the central agent, the second requesting device storing second cache data including the key and a second portion of the second data file. A function is generated configured to allow the first requesting device to generate the first data file from the first portion and to allow the second requesting device to generate the second data file from the second portion. The function is broadcast to the first and second devices, responsive to the first and second demands.

A method of automating cypher configuration for a plurality of industrial devices within an industrial system is provided. The method includes receiving system parameters for the industrial system and receiving from a data source device parameters for respective individual industrial devices of the plurality of industrial devices. The method further includes selecting, generating and/or updating an optimal cypher configuration for the respective individual industrial devices based on or using the system parameters for the industrial system and the device parameters for the respective individual devices. The method further includes providing the optimal cypher configuration to the respective individual industrial devices for configuration of the respective individual industrial devices' cypher configuration.

A first component of an industrial automation system includes an electrically erasable programmable read-only memory (EEPROM) storing data identifying the first component. The data identifying the first component is read from the EEPROM by a second component to which the first component is communicatively coupled to authenticate the first component. The first component lacks a processor and a microcontroller, and does not run firmware.

Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.

Unauthorized installation of software is prevented even at a production site at which software cannot be installed through a communication line. The memory card stores: additional software including a software ID; a recording medium ID; and encrypted information generated by encrypting the software ID, using the recording medium ID as a key. The controller performs the steps of: obtaining the encrypted information from the memory card; obtaining the recording medium ID from the memory card; obtaining the software ID by decrypting the encrypted information, using the recording medium ID as a key; obtaining the software ID from the additional software, comparing the decrypted software ID and the software ID obtained from the additional software; and storing the additional software in the storage when the comparison is successful.

A method may include receiving, via a secure deployment management (SDM) system, a notification indicative of a change in configuration data associated with an industrial device from a secure deployment management (SDM) node associated with the industrial device. The notification is received via a secure communication channel established by the SDM system with the SDM node and one or more security protocols. The method also includes retrieving, via the SDM system, the configuration data associated with the industrial device from a data source in response to receiving the notification and sending, via the SDM system, the configuration data to the SDM node via the secure communication channel. The industrial device may receive the configuration data from the SDM node without performing one or more security operations on the configuration data.

A method may include receiving, via a secure deployment management (SDM) system, data associated with one or more operations of an industrial device from a secure deployment management (SDM) node associated with the industrial device. The data is received via a secure communication channel established by the SDM system with the SDM node and security protocols. The method also includes sending the data to a computerized maintenance management system (CMMS) container component may perform tasks in conjunction with a computerized maintenance management system (CMMS) process, such that the CMMS container component may communicate with the CMMS process via a first firewall through which the SDM system is incapable of communicating. The SDM system may enable the data associated with the operations to communicate with the SDM node through a second firewall between the SDM system and the SDM node, the second firewall being different from the first firewall.

A method may include receiving, via a secure deployment management (SDM) system, data associated with operations of an industrial device from a SDM node associated with the industrial device. The data is received via a secure communication channel established by the SDM system with the SDM node and security protocols. The SDM node is communicatively coupled with a machine learning system for sending and receiving data. The machine learning system may generate an updated machine learning model based on the data and a machine learning model representative of expected outputs associated with the operations of the industrial device and generate updated configuration data based on the updated machine learning model. The method may then include receiving the updated configuration data from the SDM node via the secure communication channel and sending the updated configuration data to the industrial device without performing security operations on the updated configuration data.

A method for operating a specific field device from a first group and a second group of field devices, wherein the first group exchanges data in an IP-based network, and the second group communicates at least via a non-IP-based connection, the method includes the following: transmitting multicast messages having an item of connection information via at least one portion of the field devices of the first group; integrating the operator device into the IP-based network; initiating a connection establishment with a field device of the second group; receiving the transmitted multicast messages by the operator unit so that the connection information is made available to the operator unit; generating a list of all field devices of the first group and the second group; selecting the specific field device using generated list; initiating a specific connection establishment with the specific selected field device; and operating of the specific selected field device with the mobile operator unit.

Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.