In process control engineering, usually a plurality of field devices are used for determining individual process parameters and for monitoring the course of steps in a process. The control of the field devices and the actors is done using a central data capture-/control-unit, i.e. a control system. An example of a central data capture-/control-unit is the unit offered by the firm Endress+Hauser under the label ‘Tank Side Monitor’. The control system is connected with the individual field devices and actors over a data bus. All data necessary for the process control, or process monitoring, as the case may be, are exchanged between the control system and the individual field devices/actors over the data bus. A data bus used often for industrial applications operates, for example, using the HART-Standard. Profibus PA and Fieldbus Foundation FF are, however, also used as field busses.
Besides the pure transmission of measurements, field devices also permit the transfer of various kinds of information stored in the field device, such as e.g. parameter information (null point, ranges of measured values, etc.), measurement curves, and measurement data and diagnosis information.
Before initially being placed in operation, a field device must usually be configured and parametered. The operating- and observation-programs required for the configuring and parametering mostly run on computer units (PC's, laptops), which are connected over a serial COM-interface, usually a serial RS-232 interface, with an adapter connected to the field bus/data bus. Commercially available operating- and observation-programs are offered, for example, by the assignee under the label CommuWin. Another operating- and observation-program is offered by the firm Endress+Hauser Wetzer under the label ReadWin.
Disadvantageous in the case of the above-mentioned operating- and observation-programs is that they can only be used in the immediate vicinity of the data bus/field bus. In order to be able to have access to the field device, or the data capture-/control-unit, from any arbitrarily remote location, it is known to use special application programs, which access over the Internet through an Internet interface and create the connection to the field bus, or the data bus, over appropriate gateways. Such a solution is relatively expensive and, consequently, not well suited for broad application.
A very advantageous solution which has become known proposes to access the operating- and observation-program through a serial interface. In this case, the operating- and observation program does not ‘see’ whether the connection is occurring over an RS-232 interface or over the WAN, LAN (e.g. Internet). In a first embodiment, the connection between the operating- and observation-program and the Internet interface is realized over a first COM interface, a null-modem cable, and a second COM interface. Alternatively, the connection between the operating- and observation-program and the Internet interface can occur over a virtual, serial interface. This embodiment requires, it is true, a higher programming expense than the first-mentioned, hardware solution. It's advantage, however, is that it is even usable in the case of e.g. a laptop not having two physically present, serial interfaces.
Access to a field device over the Internet entails, however, the danger that unauthorized persons (hackers) can vandalize the field device, or the control system, as the case may be, as soon as they have cracked the password protection. One solution, which does not effectively reduce or completely eliminate this danger of the accessing of the field device, or the process plant, as the case may be, for vandalism understandably cannot be discussed by the operator of a field device, or the process plant.
An object of the invention is to provide a method that blocks with high probability unauthorized accessing of a field device, or a data capture-/control-unit, in the field.