1. Field of the Invention
This invention relates to a system for controlling access to one or several automation equipments connected to a first communication network, from a client station connected to a second communication network. The invention also relates to a process for controlling access to one or several automation equipments.
2. Background of the Invention
The term “automation equipment” denotes, but is not limited to, any equipment for controlling, checking and/or monitoring any or all of an automation application particularly belonging to the field of industrial process automation, building automation, tertiary automation or monitoring/control automation for electrical distribution networks. Therefore, this term includes for instance a programmable logic controller (PLC) and a numerical control (NC), and also any unit or module that can be connected to a local or global communication network. Thus, this definition can include an industry specific module or remote inputs/outputs module, an operator dialogue terminal, a supervision station, a building technical management system (GTB), a variable speed controller, etc. In the field of electrical distribution, automation equipment also refers to a monitoring/control station, a measurement control unit, a protection and control relay, a circuit breaker/smart contactor, etc.
Distributed architectures are now quite routine in automation and therefore it is very frequent for different automation equipments to be connected together through a first communication network to form an installation, sometimes called an automation cell. For example, such a network could be based on Ethernet, and it could comply with the TCP/IP standard or the UDP/IP standard, but it could also be based on LANs such as MODBUS, FIP, CANOpen, CAN, LON, Uni-telway, etc.
Automation equipment more and more frequently integrates a WEB server so that it is easy to exchange data relating to them with any type of remote WEB client such as a navigator installed on a client station connected to the same first network or to a second communication network, particularly an Intranet, Extranet or Internet type global network. These functions are described in particular in documents WO9913418, U.S. Pat. Nos. 6,061,603 and 5,805,442. Data related to the automation equipment are then formatted and sent by the WEB server, for example in the form of HTML or XML pages, or are presented by specific applets.
This openness to communication standards enables easy access from any point of a global network to a resource connected to this network or to an interconnected LAN. However, automation equipment normally executes a program to control, monitor and/or check all or some of an industrial process automation, building automation or electrical distribution instrumentation/control application, in real time. Security, availability, confidentiality and reliability are therefore essential criteria for smooth operation of the application. Therefore, it is important to be able to have safe protection of automation equipment connected to a communication network to prevent illicit or unauthorized accesses from an external network.
Several serious risks could occur, such as the introduction of different forms of viruses, deliberate or accidental saturation of the local network hindering communication between equipment, illegal reading/or modification of programs, data and parameters on which operation of the application depends, etc.
“Firewall” computer systems already exist to prevent these risks, and protect equipment connected to a first network by filtering the frames sent from a second external network. These systems mainly use computer security criteria based particularly on IP addresses of the sender and the receiver, on port numbers used on the server side and the client side, on login procedures and passwords and on information encryption, etc. Typically, these firewall type or proxy type systems make computer applications connected to Internet secure by doing a Pass/Nopass type filtering, in other words they simply prevent or allow a TCP/IP network service such as the Web HTTP protocol to pass.