The subject matter disclosed herein relates generally to a system and method for providing secure distribution of embedded firmware to modules in an industrial control system and more specifically, for utilizing a proprietary encryption certificate to distribute embedded firmware via a removable medium, such as a Secure Digital (SD) memory card.
An industrial control system typically includes at least one industrial controller configured to execute a control program and multiple modules distributed about the controlled machine or process. Industrial controllers are specialized computer systems used for the control of industrial processes or machinery, for example, in a factory environment. Generally, an industrial controller executes a stored control program that reads inputs from a variety of sensors associated with the controlled process and machine and, sensing the conditions of the process or machine and based on those inputs and a stored control program, calculates a set of outputs used to control actuators controlling the process or machine.
Industrial controllers differ from conventional computers in a number of ways. Physically, they are constructed to be substantially more robust against shock and damage and to better resist extreme environmental conditions than conventional computers. The processors and operating systems are optimized for real-time control and are programmed with languages designed to permit rapid development of control programs tailored to a constantly varying set of machine control or process control applications.
Generally, the industrial control systems have a highly modular architecture, for example, that allows different numbers and types of input and output modules to be used to connect the industrial controller to the process or machinery to be controlled. This modularity is facilitated through the use of special “control networks” suitable for highly reliable and available real-time communication. Such control networks (for example, ControlNet, EtherNet/IP) differ from standard communication networks (e.g. Ethernet) by guaranteeing maximum communication delays, by pre-scheduling the communication capacity of the network, and/or providing redundant communication capabilities for high-availability.
As part of their enhanced modularity, industrial control systems may employ modules that are configurable to perform different functions. A module may include, for example, sockets or slots configured to receive additional hardware such as an option card. Different option cards may be configured to execute different functions yet may be plugged into the same socket or slot. Optionally, a module may include all of the hardware components to perform several different functions. However, the hardware components may require a specific firmware and/or configuration in order to enable the hardware and the respective functions. Even if a module is not configurable, it likely includes a processor executing firmware to perform its intended function.
The increased reliance on firmware in the modules in an industrial control system presents certain challenges. On occasion, it may be necessary to provide new firmware to the module. For example, the firmware may receive an upgrade to improve performance and/or correct a problem in the module. Alternately, a customer may alter the configuration of their control system and desire a different set of functions in the module be enabled. However, as is known in the art, many utilities exist to copy software files. Consequently, it is not desirable to simply transmit a new firmware file to a client for installation in the module. A client may, for example, purchase an upgrade for a single module and install the new software in multiple modules. Similarly, the potential exists for the software file to be loaded onto a computer or server, publicly accessible, for example, via the Internet. The firmware would then be available to all users of the module without purchase of an upgrade.
Thus, it would be desirable to provide an improved method for secure distribution of embedded firmware.