PROTECTED RESETTING OF AN IOT DEVICE

Abstract

A method reconfigures an IoT device which is connectable to a cloud backend. The method includes: storing an access code that is input locally in the cloud backend and storing the access code or check information formed on the basis thereof on the IoT device. The method further includes reconfiguring the IoT device, requesting the access code from the cloud backend, inputting the requested access code on a local configuration interface of the IoT device or on an input device connected to the local configuration interface of the IoT device, and comparing the input access code against the access code stored on the IoT device, or the check information formed on the basis thereof. The IoT device is enabled for reconfiguration upon a positive comparison of the input access code against the access code stored, or the check information formed on the basis thereof.

Claims

1-12 (canceled)

13. . A method for reconfiguring an Internet of things (IoT) device, wherein the IoT device is able to be connected to a cloud backend via a network, which comprises the following steps of: storing an access code, to be input locally, in the cloud backend; storing the access code or check information formed based on the access code on the IoT device; querying the access code from the cloud backend; inputting the access code queried on a local configuration interface of the IoT device or on an input device connected to the local configuration interface of the IoT device; comparing an input access code with the access code stored on the IoT device or the check information formed based on the access code; and authorizing the IoT device to be reconfigured in an event of a positive comparison of the input access code with the access code stored on the IoT device or the check information formed based on the access code.

14. The method according to claim 13, which further comprises generating the access code by the IoT device or by the cloud backend.

15. The method according to claim 13, which further comprises: forming a first random value by the IoT device; forming a second random value by the cloud backend; and forming the access code based on the first random value and the second random value.

16. The method according to claim 13, wherein the querying of the access code from the cloud backend involves the following substeps: transmitting a request to the cloud backend; and providing the access code.

17. The method according to claim 16, wherein the access code is provided by way of displaying the access code, a text file containing the access code or a graphical element depicting the access code.

18. The method according to claim 16, wherein the access code is provided only on a condition that the IoT device has not logged onto the cloud backend via the network for a predetermined period of time.

19. The method according to claim 13, wherein the querying of the access code from the cloud backend involves the further substeps of: authenticating a querying user; and/or recording and storing the querying user.

20. . The method according to claim 13, wherein the access code queried from the cloud backend is input on the input device that is connected to the local configuration interface of the IoT device by way of a local area network cable.

21. The method according to claim 13, wherein, in the event of the positive comparison of the input access code with the access code stored on the IoT device or the check information formed based on the access code, providing: a local access password for a local reconfiguration of the IoT device; or all device settings of the IoT device are reset to factory settings.

22. The method according to claim 13, wherein the access code is able to be used only a limited number of times.

23. The method according to claim 13, which further comprises reversing a reconfiguration if the IoT device has not reconnected to the cloud backend within a predetermined period of time following the reconfiguration.

24. The method according to claim 13, which further comprises monitoring a transformer with the IoT device.

25. The method according to claim 13, wherein the access code is able to be used only once.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0037] The invention is explained below by way of example and schematically with reference to two drawings, in which

[0038] FIG. 1 shows an arrangement of IoT device, cloud backend and user according to the prior art, and

[0039] FIG. 2 shows a flowchart of a method for reconfiguring an IoT device according to one embodiment of the invention.

DETAILED DESCRIPTION OF THE DRAWINGS

[0040] FIG. 1 shows an application scenario as to how an IoT device 10 may conventionally be reconfigured in a protected manner. A “Sensformer® IoT device”, for short: Sensformer®, from Siemens, is adopted as IoT device 10, for example. The Sensformer® 10 is tasked with monitoring a transformer 11 connected thereto. The Sensformer® 10 uses its own sensor 121 and sensors 122, 123 of the transformer 11 to record monitoring/operating data of the transformer 11 (for example temperature and fill level of the cooling fluid) and the ambient temperature. This information is transmitted to a cloud backend 20 via a mobile radio interface 41 (for example UMTS, LTE, 5G, LoRa, NB-IoT or SigFox) and the Internet 43. It is thereby possible for example to identify if the transformer 11 requires maintenance (predictive maintenance). Firmware is installed on the Sens former® 10 in order to record and possibly preprocess the sensor data and in order to establish a data transmission connection to the cloud backend 20. Said connection may be achieved using TCP/IP, TLS and HTTP, MQTT, OPC UA or CoAP.

[0041] A second connection is also set up in order to manage the Sensformer IoT device 10, that is to say in order to remotely change configuration settings or in order to install a firmware update. A service engineer 30 to this end connects to the configuration interface of the cloud service using an input device 31 and a Web browser and inputs the configuration changes, which are then transmitted to the Sensformer® IoT device 10. The connection between the input device 31, for example a laptop, and the Internet 43 is identified in FIG. 1 by the reference sign 42.

[0042] In rare cases, for example in the event of a technical malfunction or in the event of incorrect operation, the case may however occur whereby the installed configuration is not functional. For instance, an incorrect URL of the cloud service, an incorrect certificate of the cloud service, an incorrect device certificate, an incorrect APN name (access point name, a network name for mobile radio access) of the mobile radio configuration or the like may for example lead to the Sensformer® IoT device 10 no longer being able to connect to the cloud backend 20. The configuration is then no longer able to be corrected via the cloud backend 20.

[0043] For such cases, provision is therefore made for another local configuration interface (LCI) 13, which may be implemented for example as an RS232, USB, SPI or I2C interface. The service engineer 31 is able to connect to the local configuration interface 13 of the Sensformer® IoT device 10 via a local wired connection. This connection is generally protected by a password or access code known only to the service engineer 30. If he has forgotten it, it is no longer possible to access the IoT device 10 and the IoT device 10 for example has to be sent in for reconfiguration.

[0044] The invention then proposes, in such a case, that an access code generated beforehand by the cloud backend and stored on the IoT device has to be input in order to regain access to the configuration settings. In this case, the current configuration settings may automatically be fully or partially reset to default values (for example password reset, factory reset).

[0045] FIG. 2 shows a flowchart of a method for reconfiguring an IoT device 10 according to one embodiment of the invention. This is only an exemplary sequence for which there are a number of alternatives and variants that have obviously already been disclosed to a person skilled in the art in the general description of the invention or that are obvious to him in any case through his expert knowledge.

[0046] The reconfiguration method may be divided into two phases: firstly into the phase of generating and storing an access code (phase 100); then into the phase of the actual reconfiguration of the IoT device 10 by way of the local configuration interface 13 (phase 200). If the IoT device 10 has been successfully reconfigured, it is again able to communicate regularly with the cloud backend 20 (phase 300) and for example transmit its sensor data to the cloud backend 20.

[0047] In the example of FIG. 2, the first phase 100 comprises the following steps: transmitting a connection signal from the IoT device 10 to the cloud backend 20 (step 101); transmitting a confirmation of receipt of the connection signal from the cloud backend 20 back to the IoT device 10 (step 102). In response thereto, the cloud backend 20 generates an access code to be input locally and stores same in the cloud backend 20 (step 103). The generated access code or check information formed based thereon is then sent from the cloud backend 20 to the IoT device 10 (step 104). This is then stored on the IoT device 10 in the next step 105 (step 105). This is followed by confirmation that the access code or the check information has been stored on the IoT device 10 (step 106) and a signal that the connection between the IoT device 10 and the cloud backend 20 has been interrupted (step 107). Finally, the cloud backend 20 confirms this to the IoT device 10 (step 108).

[0048] If there is then an unplanned and unwanted interruption to the connection between the IoT device 10 and the cloud backend 20 and the need arises to reconfigure the IoT device 10, phase 200 comes into force, with the following steps: transmitting a request with respect to the access code from a user 30 to the cloud backend 20 (step 201); the cloud backend 20 answering the user 30 by sending the stored access code (step 202); inputting the received access code on the IoT device 10, for example by way of a laptop connected to the local configuration interface of the IoT device 10 by a LAN connection (step 203). Next, on the IoT device 10, the input access code is compared with the previously stored access code or the associated check information (step 204). If both access codes match or if the check information matches the input access codes, a factory reset takes place in the example illustrated in FIG. 2 (step 205). This makes it possible inter alia for the user 30 to change the configuration settings (step 206). This is communicated to the user 30 (step 207). In the next step, the user 30 reconfigures the IoT device in accordance with his preferences and wishes (step 208). The new configuration settings are stored on the IoT device 10 (step 209) and a confirmation is finally sent to the user 30 (step 210).

[0049] The IoT device 10 is then able to be used again to access the cloud backend 20, and so the third phase 300, the regular access of the IoT device 10 to the cloud backend 20, comes into force. This is symbolized in FIG. 2 by transmission of a connection signal from the IoT device 10 to the cloud backend 20 (step 301) and the transmission of a confirmation of receipt from the cloud backend 20 to the IoT device 10 (step 302).

[0050] The method illustrated in FIG. 2 thus shows, by way of example, how an IoT device is able to be reconfigured in a protected manner, without the IoT device itself having to communicate with the cloud backend for this purpose (during the reconfiguration).

LIST OF REFERENCE SIGNS

[0051] 10 IoT device, for example a Sensformer®

[0052] 11 Transformer

[0053] 121 Sensor

[0054] 122 Sensor

[0055] 123 Sensor

[0056] 13 Local configuration interface

[0057] 20 Cloud backend

[0058] 30 User, service engineer

[0059] 31 Input device

[0060] 41 Connection between IoT device and Internet

[0061] 42 Connection between input device and Internet

[0062] 43 Internet connection

[0063] 100 Generation and storage of an access code

[0064] 101 . . . 108 Steps

[0065] 200 Reconfiguration of the IoT device via its local configuration interface

[0066] 201 . . . 210 Steps

[0067] 300 Regular access of the IoT device to the cloud backend

[0068] 301, 302 Steps