Today most industrial plants include network communication between various entities in the plant for providing distributed control. The communication is normally carried out by means of a network such as a fieldbus network or an industrial Ethernet network. The fieldbus or industrial Ethernet network links controllable devices in the plant, such as motors, switches, valves etc, and data collecting devices, such as sensors, to programmable logic controllers (PLCs) which in turn are connected to a human machine interface (HMI) where an operator can monitor and control the plant.
It is common that the PLCs are arranged in a local area network at the industrial plant. The local area network may in turn be connected to a wide area network, such as the Internet. If so, the local area network is normally protected from outside attacks by a firewall. With this arrangement, in a situation where the owner of the plant has e.g. outsourced the supervision of the PLC to the manufacturer of the controller, an outside technician who seeks to connect to a PLC on the local network has the options to establish a link either directly to the PLC (e.g. by means of a RS-485 serial connection), via the local network, or via the Internet.
If a connection to the PLC is to be provided via the Internet, a communication link needs to be established through the firewall. This may be done by connecting the PLC to a gateway arranged in the local area network. The gateway connects to a server on the Internet from within the local area network thereby establishing a tunnel through the firewall. Likewise, a client that resides on another local area network, establishes a connection through a possible other firewall to the server, wherein a connection is established from the client to the gateway via the Internet. In order to increase the security an encrypted channel may be established between the gateway and client such that they communicate via a structure similar to a virtual private network (VPN).
EP 1 682 952 discloses a method for maintaining field devices used for process automation technology by means of a maintenance computer (client) which is delivered by a device manufacturer, arranged in a company network of the field device manufacturer and is connected to at least one of the field devices by means of the company network, a public network and a customer network. The public network is provided with a directory server in which a customer unit (gateway) and the maintenance computer are registered and which, upon the customer request, assigns a session identification number, selects the network address of a relay server connected to the public network and transmits the address to the customer unit and the maintenance computer. The relay server and the session identification number enable to set a point-to-point connection for data exchange about the field devices between the customer unit and the maintenance computer in such a way that the pair-to-pair connection makes it possible to communicate by means of a firewall computer which protects the customer network and the company network with respect to the public network.
One problem in the prior art is that while the VPN-like structure disclosed above enables direct communication between the client and the gateway, such a structure provides little flexibility in respect of alternative configurations in case of e.g. a deteriorating communication link. Additionally, such a setup provides few options in respect of controlling the level of security in the system, i.e. a coordinated management of the security at the gateway, the client, and the server becomes cumbersome.