Advancements in technology have enabled factory applications to become partially or completely automated. For example, applications that once required workers to put themselves proximate to heavy machinery and other various hazardous conditions can now be completed at a safe distance from such hazards. Further, imperfections associated with human action have been minimized through employment of highly precise machines. Many of these factory devices supply data related to manufacturing to databases that are accessible by system/process/project managers on a factory floor. For instance, sensors can detect a number of times a particular machine has completed an operation within a set amount of time. Further, sensors can deliver data to a processing unit relating to system alarms. Thus, a factory automation system can review collected data and automatically and/or semi-automatically schedule maintenance of a device, replacement of a device, and other various procedures that relate to automating a process.
Often in industrial automation environments, disparate systems and/or devices are provided by different vendors, thereby creating patchwork industrial systems that include systems/devices provided by the disparate vendors. Such patchwork industrial systems are partially or fully automated by control systems that are provided by a software vendor specializing in industrial automation. Further, industrial environments that include systems/devices provided by differing vendors typically employ security systems that facilitate ensuring that an industrial system/process is not compromised (e.g., the security systems can include alarms that are triggered upon certain pre-defined events). When one or more of the systems/devices within the industrial environment fail and/or require maintenance, a vendor who provided the device(s) frequently must perform the required maintenance on the devices, as such vendors may be in sole possession of knowledge, skill, and/or equipment necessary to repair/maintain the systems/devices.
Conventional industrial automation security systems provide unlimited access to industrial systems/devices to vendors that produce or sell such systems/devices to an end customer. In other words, security systems are disabled, thereby providing access to one or more vendors that are undertaking repair and/or maintenance relating to industrial systems/devices within the industrial automation environment. Such unlimited access can lead to undesirable results if the vendors are malicious and/or mistakes are made. For example, maintenance may be required on a particular device within an industrial automation environment, and a vendor providing such device can be invited on-site (or even off-site) to provide requisite repair/maintenance. Often, however, several identical devices exist within the industrial automation environment, thus causing confusion as to which device actually requires maintenance and/or repair. If an incorrect device is repaired, manufacturing can suffer as the un-repaired device remains faulty, or an un-maintained device will eventually fail, thereby creating another cost of repair and/or replacement. In another example, a malicious vendor with full access to an industrial automation environment can cause damage to systems/devices that are produced by a competitor, and/or obtain confidential information stored within such devices (e.g., recipes).
Other conventional industrial automation security systems have attempted to mitigate the aforementioned problems associated with granting unlimited access to individual vendors by providing time limits to access tickets. These tickets include an expiration time, and such expiration time is compared at an automation device with a current time. This approach is associated with substantial security issues. In particular, the automation devices must retain connectivity to a control authority to enable such time-restricted access. This is because Kerberos tickets utilize time provided by a central authority to undertake the aforementioned comparison. Furthermore, the Kerberos tickets are not encrypted or protected thereby enabling a hacker or other malicious entity to obtain unlimited access to an industrial automation system/device. For example, an authenticating authority can provide a time-limited access ticket (e.g., a Kerberos ticket) to a user upon authenticating user identity. These access tickets, however, do not sufficiently limit actions that can be undertaken by one or more of the vendors, as it is often required that timeframes of access be extensive. Moreover, the access ticket is not encrypted, thereby enabling a malicious entity to obtain such ticket and alter the ticket to obtain extended access and/or unauthorized access. For one particular example, it is extremely problematic if an access ticket expires when an access authority is disconnected from an industrial system/device that relies on access tickets provided by such access authority. In particular, if a user receives a ticket and it expires, the user will be unable to access an end device (e.g., a secured end device) or be able to renew the access ticket. Accordingly, time-limited access tickets often provide a user with an extensive access timeframe to ensure that the user will be able to obtain access to a system that often operates disconnected from the ticket issuing authority. Thus, these tickets are subject to fraud, theft, impersonation, and the like and can subject an industrial automation environment to security breaches.
In view of at least the above, there exists a need in the art for a system and/or methodology that effectively restricts access to automation systems and/or devices.