1. Patent Search
  2. Details

Secure Gateway

20170288938 · 2017-10-05

    Inventors

    Cpc classification

    International classification

    Abstract

    Gateway device (100), adapted to couple a first network with a second network, comprising: a first network interface device (102) coupled by a first interface to a first network and having a second interface; a second network interface device (104) coupled by a first interface with the second network and having a second interface; a network coupling device (103) adapted to transmit in a first status no data from the second interface of the second network interface device (104) to the second interface of the first network interface device (102) on the physical layer and adapted to transmit in a second status data from the second interface of the first network interface device (102) to the second interface of the second network interface device (104); wherein said network coupling device (103) includes a switching device (126, 128) coupled to a conductor (130, 134) coupling the second interface of the first network interface device (102) and second network interface device (104); wherein the switching device (126, 128) is connected such to the conductor (130, 134) that the conductor can not transmit data in a first state of the switching device and that the conductor can transmit data in a second state of the switching device and wherein said switching device (126, 128) is controlled by a manual switch (127) operated by a user.

    Claims

    1. Gateway device, adapted to couple a first network with a second network, comprising: a first network interface device coupled by a first interface to a first network and having a second interface; a second network interface device coupled by a first interface with the second network and having a second interface; a network coupling device adapted to transmit in a first status no data from the second interface of the second network interface device to the second interface of the first network interface device on the physical layer and adapted to transmit in a second status data from the second interface of the first network interface device to the second interface of the second network interface device; wherein said network coupling device includes a switching device coupled to a conductor coupling the second interface of the first network interface device and second network interface device; wherein the switching device is connected such to the conductor that the conductor can not transmit data in a first state of the switching device and that the conductor can transmit data in a second state of the switching device; and wherein said switching device is controlled by a manual switch operated by a user.

    2. Gateway device according to claim 1, wherein the layer 1 of the OSI reference model of the network coupling device is configured to transmit in the first status no data from the second network interface device to the first network interface device.

    3. Gateway device according to claim 1, wherein the second interface of the first network interface device is adapted that it can only receive data but cannot transmit data.

    4. Gateway device according to claims 1, wherein the network coupling device comprises a first conductor via which commands and/or data are transmitted from the second network interface device to the first network interface device, wherein in the first conductor a switching device is arranged, causing in its open state the first status of the networks coupling device, in which no data from the second network interface device can be transmitted to the network interface device, and which causes in its closed state the second status of the first networks coupling device, in which data from the second network interface device can be transmitted to the first network interface device.

    5. Gateway device according to claim 1, wherein the switching device comprises at least one of: a pull up device coupling the conductor to a positive supply voltage; a pull down device coupling the conductor to ground; a pull down device coupling the conductor to a negative supply voltage; a pull up device coupling the conductor to ground.

    6. Gateway device according to claim 1, wherein the networks coupling device is a serial interface, a serial bus or a serial data transmission device.

    7. Gateway device according to claim 1, wherein to the first interface of the network interface device a plurality of network members may be connected, wherein the first interface of the first network interface device supports at least one of the following protocols: PROFIBUS; PROFINET; Ethernet; Industrial Ethernet CAN; EtherCAT.

    8. Gateway device according to claim 1, wherein to the first interface of the second network interface device at least one network may be connected, wherein the first interface of the second network interface device supports at least one of the following protocols: LAN; WLAN a mobile radio protocol; a WLAN protocol.

    9. Gateway device according to claim 1, wherein the network interface device comprises a field bus processor.

    10. Gateway device according to claim 1, wherein the gateway device is configured to convert a protocol of a first interface of the first interface device in a protocol of the first interface of the first interface of the second interface device.

    11. Manufacturing apparatus, comprising the gateway device according to claims 1, wherein to the first interface of the first network interface device at least one manufacturing device is connected.

    12. Manufacturing apparatus according to claim 11, wherein the first interface of the second network interface device is connected with the internet.

    Description

    BRIEF DESCRIPTION OF THE FIGURES OF THE DRAWINGS

    [0026] The invention is now explained in further detail by an exemplary and non-limiting embodiment under reference to the enclosed figures, wherein

    [0027] FIG. 1 is a schematic representation of the gateway device according to the present invention; and

    [0028] FIG. 2 is an exemplary embodiment of a serial interface embodying a network coupling device.

    DETAILED DESCRIPTION OF THE INVENTION

    [0029] A preferred embodiment of the invention is now described in detail. Referring to the drawings, like numbers indicate like parts throughout the views. Unless otherwise specifically indicated in the disclosure that follows, the drawings are not necessarily drawn to scale. As used in the description herein and throughout the claims, the following terms take the meanings explicitly associated herein, unless the context clearly dictates otherwise: the meaning of “a,” “an,” and “the” includes plural reference, the meaning of “in” includes “in” and “on.” Also, as used herein, “global computer network” includes the Internet.

    [0030] FIG. 1 shows a gateway device 100 located at a transition from a production site 116 to an environment 118 with a wide area network. The gateway device 100 comprises a first interface device 102, a second interface device 104 and a network coupling device 103.

    [0031] The first network interface device 102 comprises a first interface comprising a plurality of connections for network members located in the production environment 116. The first network device may comprise an interface for a PROFIBUS 106, an interface for a PROFINET 108, an interface for a Ethernet 110, an interface for an industrial Ethernet 110, and interface for a CAN bus 112 and/or an interface for an EtherCAT 114. It is to be understood that the first interface is configured such that an arbitrary field bus, an arbitrary network and particularly field buses under future developments, networks and the future development or the same may be connected to the first interface. The production environment may comprise a plurality of production devices connected to the first interface of the first network interface apparatus 102. The production device may be a data control station, a data base for a production apparatus, a machine, a sensor or the like. The second network interface device may comprise to an arbitrary wide area network, company network or the like. The wide area network may be the internet.

    [0032] To the wide area network a so-called cloud storage may be connected in which data from the production environments 116 are stored. The second network interface device 104 may comprise an interface for a LAN 120, a WLAN 122, a mobile radio network 124 or an arbitrary other wide area network.

    [0033] The first network interface device 102 and the second network interface 104 are coupled by a networks coupling device 103. The Gateway device 100 is arranged to convert the protocol of an arbitrary interface at the first interface device 102 in an arbitrary protocol of a second interface device 104 and optionally vice versa. In the networks coupling device 100 common protocols may be used.

    [0034] The networks coupling device is arranged such that it allows in the first status only a data transmission from the first network interface device 102 to the second network interface device 104. The circuit of the networks coupling device is arranged such that in layer 1 merely data from the first network interface device 102 to the second network interface device 104 can be transmitted. In one embodiment the network coupling device 103 may be a serial bus, a serial network node and/or a serial interface. The circuit of the network coupling device 103 may be arranged such that the second network interface device 104 cannot transmit any commands for sending of data to the first network interface device 102. Further, the circuit of the network coupling device 103 can be arranged such that the second network interface device 104 cannot transmit any data bits to the first network interface device 102, if the network coupling device 103 is in its first status.

    [0035] As is shown in FIG. 1 the network coupling device 103 may comprise a switching device 126 located in a conductor transmitting commands from the second network interface device 104 to the first network interface device 102. Alternatively or additionally, in the switching device 126 a conductor may be arranged transmitting data from the second network interface device 104 to the first network interface device 102. As long as the switching device 126 is open the network coupling device 103 is in its open status. No commands and no data can be transmitted from the second network interface device 104 to the first network interface device 102. FIG. 1 shows the first status during normal operation (production).

    [0036] The switching device 126 may comprise a semiconductor switch, such as a transistor, MOS transistor, CMOS transistor, bipolar transistor or the like. The switching device 126 may comprise an optical coupler for coupling into the conductor. The switching device and semiconductor switch, respectively is controlled by the manual and/or mechanical switch 127. The manual and/or mechanical switch 127 can only be operated by a user that has physical access to the gateway device 100. The manual an/or mechanical switch 127 may be secured by a lock.

    [0037] The manual and/or mechanical switch 127 may be connected by at least one wire directly with the switching device 126. Preferably, the manual and/or mechanical switch 127 and the switching device 126 may be located in the same housing. The housing may be the housing of the network coupling device 103 and/or the secure gateway 100.

    [0038] In another embodiment, the manual and/or mechanical switch 127 may be the switching device in the conductor transmitting commands and/od data.

    [0039] Reference is made to FIG. 2 showing an exemplary embodiment of the network coupling device 103, particularly a serial bus. The function and structure of a serial bus is known to the person skilled in the art. Consequently, only these elements of a serial bus are depicted necessary for understanding of the invention.

    [0040] The network coupling device 103 transmits data from the first network interface device 102 to the second network device 104 over a second data conductor 132.

    [0041] In the following the network coupling device 103 is described in a case, in which data is transmitted from the second network interface device 104 to the first network interface device 102. Data is transmitted from the second network interface device 104 to the first network interface device 102. Over the second conductor 132 data is transmitted from the first network interface device 102 to the second network interface device 104. If the second network interface device 104 shall transmit data to the first network interface 102, the second network interface device 104 indicates by a command on the third conductor 134 that data are to be transmitted from the second network interface device 104 to the first interface device 102. If the first network interface device 102 shall transmit data to the second network interface device 104 an indication is sent as a command on the fourth conductor 136.

    [0042] In the embodiment of the network coupling device 103 shown in FIG. 2 data may be transmitted from the first network interface device 102 to the second network interface device 104, since the second conductor for transmitting data and the fourth conductor 136 for transmission of commands are connected from the first network interface device 102 without interruption to the second network interface device 104.

    [0043] In the first conductor 130 an optional second switching device 128 is arranged. In this third conductor 134 a second switching device 126 is arranged. In the status shown in FIG. 2 the first switching device 126 and the second switching device 128 are opened. Accordingly, the second network interface device 104 cannot transmit commands to the first network interface device 102. FIG. 2 shows the first status during normal operation (production).

    [0044] The switching device 126 may comprise a semiconductor switch, such as a transistor, MOS transistor, CMOS transistor, bipolar transistor or the like. The switching device 126, 128 may comprise an optical coupler for coupling into the conductor. The switching devices 126, 128 and semiconductor switches, respectively are controlled by the manual and/or mechanical switch 127. The mechanical switch 127 can only be operated by a user that has physical access to the gateway device 100. The mechanical switch 127 may be secured by a lock.

    [0045] The manual and/or mechanical switch 127 may be connected by at least one wire directly with the switching devices 126, 128. Preferably, the manual and/or mechanical switch 127 and the switching devices 126, 128 may be located in the same housing. The housing may be the housing of the network coupling device 103 and/or the secure gateway 100.

    [0046] As soon as the first switching device 126 and the second switching device 128 are closed by operating the manual (mechanical) switch 127, the second network interface device 104 can transmit data and commands to the first network interface device 102. This status is termed the second status. The second status may be desired by a setup operation, in which parts of the manufacturing environment 116, for example single machines, coupled with the first network coupling device are to be administered and/or configured.

    [0047] The first switching device 126 and the second switching device 128 may be configured as a mechanical switch or an electromechanical switch, such as a relay. For reasons of security a mechanical switch is preferred, since it can only be operated by persons having physical access to the gateway device. The switch may be secured by a lock.

    [0048] The invention has been described with reference to a serial transmission in more detail. It is to be understood that the principles shown in the description of the figures may also be applied to a parallel interface. The switching device 126 may be arranged in such embodiment in a command conductor of the parallel interface.

    [0049] The present invention provides an improved gateway device ensuring that data can be transmitted only unidirectional from the manufacturing environment 116 into an comparably open network environment. The data may be transmitted from the production environment 116 to a cloud storage, for example. The data in the cloud storage may be retrieved from other programs for administering. The invention ensures that no abusive commands can be transmitted to elements of the production environment 116, whereby the production environment may be distorted. Thereby, a protection of manufacturing environment 116 against third party attacks may be insured.

    [0050] The above described embodiments, while including the preferred embodiment and the best mode of the invention known to the inventor at the time of filing, are given as illustrative examples only. It will be readily appreciated that many deviations may be made from the specific embodiments disclosed in this specification without departing from the spirit and scope of the invention. Accordingly, the scope of the invention is to be determined by the claims below rather than being limited to the specifically described embodiments above.