The invention relates generally to controlling industrial processes.
Computers, including the personal computer, have improved the efficiency of a wide variety of tasks and functions in industrial settings. For example, in the process control environment, computers acquire data and execute control algorithms to run equipment and to verify and adjust product quality in real time. Such techniques help avoid major equipment shutdowns and wasted materials. The continued reliance on such computer systems depends, in part, on the ability of these systems to adequately protect and keep secure proprietary information, data, and code while performing these tasks and functions. Otherwise, the algorithms are susceptible to being stolen or corrupted, either intentionally or unintentionally. Avoiding this requires, among other things, that the software being executed and the data being gathered are not altered or accessed in any unauthorized manner.
In the process control environment, algorithms and acquired data are stored in general-purpose computer-readable storage media, such as floppy disks, hard disks, optical disks, and magnetic tape. These media are accessible by supervisory control and data acquisition (SCADA) systems that execute the control algorithms, acquire and store data, and manipulate the system being controlled. However, information stored on such media may not be secure. Situations may arise in which unauthorized modifications of software or acquired data are made. Such unauthorized alterations would be difficult to detect and may result, for example, in erroneous process control and/or imprecise or out-of-range acquired data. Lack of adequate protection also may result in unauthorized use of the software, which may cause damage to the process equipment or materials and/or may result in proprietary information being revealed to unauthorized parties.
Control information may be provided to, and acquired data taken from, industrial processes over networks attached to computers. This may add to system complexity by requiring an extension of network infrastructure to each SCADA point (node) and that network communication hardware be provided at each SCADA point.