Remote services offer a plurality of possible applications in the lifecycle of the technical installation (e.g. of an industrial production installation, a power station, a freight transport and distribution system or buildings technology in a large building). This includes for example remote update services, remote conditioning monitoring, remote maintenance and last but not least remote support for fault clearance.
To enable these services to be provided a communication link via a public network (e.g. the Internet) into the installation is needed, usually into a non-public internal network of the installation. Particular security requirements are imposed on the internal networks in such installations. From the IT standpoint these are verifiability, transparency and IT security, from the standpoint of the operational sequence this is the operational security of the installation.
The connection from outside via the public network into the internal non-public network of the installation is therefore frequently made through what is referred to as a “tunnel connection”. A tunnel connection in this case is to be understood as a communication link between a device remote from the installation via a public and thus non-secure network such as the Internet for example to a device within the installation, for which an identification and authentication of the communication partners is undertaken and for which through data encryption the confidentiality of the data (i.e. there is no access to the data to third parties) as well as the integrity of the data (i.e. no modification of the data by third parties is possible) is guaranteed. Such a tunnel connection is possible via the Internet for example by a VPN (Virtual Private Network) connection, which uses an Internet security protocol such as IPsec (Internet Protocol Security) for example. In this case, although the IT security is sufficient, verifiability and transparency of the connection is not provided or only provided to a certain extent.
If a number of different remote services are performed for an installation, these are realized by correspondingly numerous and mostly different secure tunnel connections into the installation. These numerous connections entail a high administration outlay for the operator of the installation, in order to guarantee a minimum amount of security, especially in relation to transparency and verifiability. For this reason installation operators wish to have the fewest possible connections of this type and are thus skeptical about new remote services.