Enhanced smart process control switch port lockdown

• Main Authors: Neil J Peterson, Paul Greuniesen, Alexandre Da Silva Peixoto
• Format: Patent
• Language: English
• Published: 13.07.2022
• Subjects: CONTROL OR REGULATING SYSTEMS IN GENERAL; CONTROLLING; ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS ORELEMENTS; PHYSICS; REGULATING; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

A smart process control switch can implement a locking routine to lockdown its communication ports and address table exclusively for use by devices having known physical addresses. The switch implements an address mapping routine to identify "known pairs" of physical and network addresses for each device communicating via a port of the switch. It then can prevent new, potentially hostile, devices from communicating with other devices in the network. Even if a new hostile device is able to spoof a known physical address in an attempt to bypass locked ports, the switch can detect the hostile device by checking the network address of the hostile device against the expected network address for the "known pair". The switch may also limit traffic at each of the ports. If the switch detects that one of the ports is connected to a second switch, it analyses a handshake with the second switch to determine whether or not the second switch is lockable. If the second switch is lockable, the switch may forward messages. If not, the switch authenticates the source physical addresses included in messages received from the second switch. The switch may be used in automated or industrial control networks.