Industrial controllers historically have operated in tightly-controlled factory networks were a plurality of controllers and associated modules communicate. These lower level control elements often are in communication with higher level computing systems or servers that aggregate data from the controllers and help to manage day-to-day activities of an enterprise. In recent years however, control systems have increasingly become adapted for Ethernet communications which have opened these systems up to global networks such as the Internet. While it is advantageous for control systems to communicate across such global networks, other problems have ensued such as how to protect sensitive control systems and related intellectual property stored thereon from corruption or worse—cyber attack. Until now, various methods have been employed to authenticate network parties that need to communicate to control systems over public networks. These methods have often placed the burden on the control system to not only authenticate a respective party but to also be responsible for determining which parties should be allowed access to which portion of the control system.
Controllers provide an embedded approach where resources are limited for activities such as determining and authorizing who or what should access the controller. Generally, the controller or control systems in general need what limited processing and storage capabilities they have to be employed for automated manufacturing operations. Prior attempts at granting access to the valuable intellectual property contained within a controller (or control component) was to employ an external server to check whether or not a particular device or software component was licensed for such access. Protocols may have been employed that were specific to one party, company, or product for gaining subsequent controller access (e.g., passwords) yet not using more secure schemes in the process.