Field of the Invention
Priority is claimed on Japanese Patent Application No. 2014-230695, filed Nov. 13, 2014, the content of which is incorporated herein by reference.
Embodiments of the present invention generally relate to the field of input-output apparatuses used in process control systems.
Related Art
The related-art process control systems are constructed which control various state amounts (for example, pressure, temperature, flow rate, etc.) in industrial processes in plants, factories, and the like, achieving sophisticated automatic operations. Such process control systems are configured such that on-site devices (a measurement instrument, an operation instrument) that are generally called field devices are connected to a controller through an I/O module. The controller controls the operation instrument (for example, an actuator) in response to measured results of the measurement instrument (for example, a sensor) to control the above-described various state amounts.
Here, the number of field devices provided in a plant, etc., generally increases or decreases in accordance with the size of the plant, etc. Large scale plants, etc., may employ up to thousands, even tens of thousands, of such devices. It is therefore important to be able to efficiently, and, in a short time, set not only the field devices, but also input-output apparatuses used in the process control systems to reduce time and costs required for launching and maintenance of the process control systems. To and from the above-described input-output apparatuses, signals from the field devices or signals to the field devices are input/output. Besides the above-described controllers and I/O modules, the field devices may include network repeaters, remote I/O devices, wireless gateways, and the like.
JP 2013-161199A discloses a system in which a maintenance port is provided in an input-output apparatus used in a process control system, and a setting device which is a device for conducting maintenance can be connected to the maintenance port for the system to be able to perform various types of maintenance even during system operation. JP 2013-161199A discloses the various types of maintenance conducted through the maintenance port, including acquisition of device states, changes to device parameters, firmware updates, etc.
Now, with the system disclosed in JP 2013-161199 A, a setting device may be connected to the maintenance port provided in the input-output apparatus to conduct maintenance even during the system operation to increase efficiency of the maintenance. However, when such a maintenance port is provided, a malicious third party may connect a setting apparatus to the input-output apparatus, and change the content of setting the device or cause malware to be introduced into the process control system, possibly leading to a reduced level of security.
Here, the following measures are possible which prevent the reduced level of security in the process control system in which the input-output apparatus having the maintenance port is used:
(1) housing the input-output apparatus in a cabinet to lock the housed input-output apparatus;
(2) setting a password for the maintenance port of the input-output apparatus; and
(3) instituting a permission system for access to the maintenance port of the input-output apparatus by a higher-level apparatus.
The measures in (1) that physically house a plurality of input-output apparatuses in the cabinet may almost certainly prevent unauthorized access to the maintenance port of the plurality of input-output apparatuses. However, to house all of the input-output apparatuses provided in the plant, etc., in the cabinets may require several hundred or more of the cabinets, greatly increasing costs. Further, tasks like searching for an appropriate key for a specific cabinet to perform reliable locking may require quite cumbersome tasks.
The measures in (2) set passwords by software for the maintenance ports of the input-output apparatuses. However, the number of maintenance ports for which setting of the passwords is required is greater than or equal to the number of cabinets used in the measures in (1), causing measures in (2) to require even more cumbersome tasks than the measures in (1). Using a common password could alleviate the burden of the tasks, but security could be substantially reduced if the password is compromised.
The measures in (3) that are disclosed in JP 2013-161199 A are predicated on having a higher-level apparatus (operation monitoring apparatus) located at a level which is higher than that of the controller. Therefore, when the higher-level apparatus is not in operation or when communications with the higher-level apparatus cannot be conducted, the input-output apparatus maintenance ports cannot be accessed.
Here, at the time of launching or maintenance of the process control system, it is desirable to have an easy access to the maintenance port of the input-output apparatus to efficiently set the input-output apparatus used in the process control system. On the other hand, from the viewpoint of ensuring security during process control system operation, it is desirable to strictly limit access to the maintenance port of the input-output apparatus.