In industrial communications, a correct function is of highest importance. This applies, in particular, in safety-critical control systems (e.g., railroad automation, energy network automation, production automation, process automation).
“Power fingerprinting” for detecting manipulated devices is known, for example, from WO 2012/061663. Here, the power consumption of a device is analyzed and compared with a reference power consumption profile in order to detect a malfunction or a manipulation through malware.
Self-monitoring of a gateway is known from patent application DE 10 2011 007 387. A check is carried out here to determine whether a corresponding incoming data packet has been received for an outgoing data packet. It may thereby be provided that a gateway does not itself generate data packets in the event of a malfunction.
An encryption component with self-monitoring is known from patent application DE 10 2011 078 309. This provides a switching signal if a VPN tunnel has been correctly set up.
A safety computing platform is known, in which a safety monitor circuit CIC61508 monitors a main processor and the software execution on the main processor. It may, in particular, carry out tests against fixed test patterns and compare results of two independent executions. (see http://www.infineon.com/dgd1/Safety-Computing-Platform-XC2300-CIC61508-Product-Brief.pdf?folderId=db3a304317a748360117f45a9c863e84&fileId-db3a3043353fdc16013543303497315d.) Features are also described in: http://www.infineon.com/cms/de/product/microcontrollers/companion-ic-family/cic61508-signature-watchdog/channel.html?channel=db3a30432dbf3762012dc800293d362b.
Multi-channel processors are known from the safety environment. In the processors, a calculation is performed in hardware with multiple redundancies. Coded processing is furthermore known in which the same calculation is performed on hardware with differently coded data.
The calculation of the cross-correlation between two signals is a known method for signal processing. It is used, e.g., in receivers in order to decode a signal (see, e.g., http://www.iitrc.ac.in/outreach/web/CIRCIS/PG/AVN/SP/Digital%20signal%20processing. pdf slide 44ff., http://pollux.dhcp.uia.mx/manuales/Filtros/UIA_correlation.pdf, http://dsp-book.narod.ru/DSPCSP/14.pdf).
Fault signaling contacts are furthermore known. These contacts indicate the failure of a device by a change of status (e.g., open/closed), for example, in the event of loss of the voltage supply or in the event of internal faults. This contact is wired separately from the communication lines (e.g., Ethernet or the like) and enables a status determination even if the device may no longer respond to inquiries via the communication line.
Protection against random and also systematic faults is provided through suitable safety measures. However, protection against deliberate attacks (e.g., IT security) is also required to an increasing extent. The aim, however, is to provide that established safety mechanisms are not influenced by security measures.