View All Documents & Correspondence
A Method And A System To Enable Communication Between A Plurality Of Guarded Networks
Abstract: A method (10) to enable communication between a plurality of guarded networks is disclosed. The method includes receiving, by a first data adapter module, data from a first plurality of devices. The method also includes processing, by the first data adapter module, the data received by a first predefined set of identifiers to obtain processed data. The method further includes transferring, by a first transceiver module, structured data to a message oriented middleware. The method also includes receiving, by a second transceiver module, the structured data from the message oriented middleware. The method further includes destructuring, by a second data adapter module, the structured data to obtain destructured data. The method also includes processing, by the second data adapter module, the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices to a second plurality of devices. FIG. 1
Notices, Deadlines & Correspondence
Patent Information
Applicants
UTTHUNGA TECHNOLOGIES PRIVATE LIMITED
Inventors
1. PRAVEEN KUMAR SINGH
2. VIJAY KADKOL
3. VINAY B R
4. CHATRAPATHI G V
5. MAHESHWARI B
6. SMITHA R MANGALORE
Specification
Description:FIELD OF INVENTION
[0001] Embodiments of the present disclosure relate to a field of programme-control systems and more particularly to a method and a system to enable communication between a plurality of guarded networks.
BACKGROUND
[0002] Integration of information technology (IT) systems and operational technology (OT) systems may enable communication between the IT systems and the OT systems without any hurdles. The IT systems includes analytical components such as Human Machine Interface (HMI), Supervisory Control and Data Acquisition (SCADA), asset management Software, and historian software. Purpose of the IT systems is to collect data from various sources, such as sensors and other devices, and analyze the data to provide insights which may help to improve industrial processes, optimize operations, and increase efficiency. The HMI is responsible for providing operators with a visual representation of the process being monitored and allowing the operators to control the same.
[0003] The SCADA is a control system architecture which combines hardware and various techniques to monitor and control industrial processes. The SCADA is used in industries such as oil and gas, water treatment, and manufacturing. The SCADA is responsible for collecting data from remote devices and transferring the data back to a central location for processing and analysis. The asset management software is used to manage and track assets such as equipment, tools, and materials. The asset management software helps to improve maintenance planning, reduce downtime, and increase productivity. Also, the historian software is responsible for collecting and storing historical data for analysis and reporting. The historian software is used to identify trends, troubleshoot issues, and improve operations over time.
[0004] Even though the IT system may have internet connectivity and cloud connectivity, the IT system does not have any field devices. In detail, the IT system may not have physical devices which are used in industrial processes, such as pumps, valves, or motors. While the IT systems focus on managing and analyzing the data, the OT systems may be focusing on managing and controlling physical processes. Demilitarized zone (DMZ) gateways may be implemented between the IT systems and the OT systems to protect the IT systems from unauthorized access through the OT systems and vice versa. Performance of the DMZ gateways may get hampered due to scaling up of the IT systems, and the OT systems, thereby rendering the DMZ gateways inefficient.
[0005] A particular type field devices which may be communicating through a field protocol may not be able to communicate with another types of field devices which may be communicating through a different field protocol, thereby limiting flow of information between the field devices. Further, configuration of the IT systems and the OT systems which are located in a remote location may be a time consuming and complex process. Configuration of each modules associated with the IT systems and the OT systems may be performed independently, thereby making the configuration a difficult task. Moreover, chances of data loss by a communication link failure is another point of concern.
[0006] Hence, there is a need for an improved method and a system to enable communication between a plurality of guarded networks to address the aforementioned issue(s).
BRIEF DESCRIPTION
[0007] In accordance with an embodiment of the present disclosure, a method to enable communication between a plurality of guarded networks is provided. The method includes receiving, by a first data adapter module, data from a first plurality of devices interconnected by a first guarded network. The first plurality of devices are adapted to communicate through a communication protocol associated with the first guarded network. The method also includes processing, by the first data adapter module, the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network to obtain processed data. The method further includes transferring, by a first transceiver module, structured data to a message oriented middleware by structuring the processed data by the first data adapter module. The method also includes receiving, by a second transceiver module, the structured data transferred from the message oriented middleware. The method further includes destructuring, by a second data adapter module, the structured data received to obtain destructured data. The first data adapter module, the first transceiver module, the message oriented middleware, the second transceiver module and the second data adapter module are configured to communicate through an intermediate protocol. The method also includes processing, by the second data adapter module, the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices to a second plurality of devices interconnected by a second guarded network. The second plurality of devices are adapted to communicate through the communication protocol associated with the second guarded network.
[0008] In accordance with another embodiment of the present disclosure, a system to enable communication between a plurality of guarded networks is provided. The system includes a first data adapter module configured to receive data from a first plurality of devices interconnected by a first guarded network. The first plurality of devices are adapted to communicate through a communication protocol associated with the first guarded network. The first data adapter module is also configured to process the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network to obtain processed data. The system also includes a first transceiver module operatively coupled to the first data adapter module. The first transceiver module is configured to transfer structured data to a message oriented middleware by structuring the processed data by the first data adapter module. The first transceiver module and the first data adapter module are configured to operate on a first processing subsystem. The system also includes a second transceiver module operatively coupled to the first transceiver module. The second transceiver module is configured to receive the structured data from the message oriented middleware. The system also includes a second data adapter module operatively coupled to the second transceiver module. The second data adapter module is configured to destructure the structured data received to obtain destructured data. The second data adapter module is further configured to process the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices to a second plurality of devices interconnected by a second guarded network. The second plurality of devices are configured to communicate through the communication protocol associated with a second guarded network, thereby enabling communication between a plurality of guarded networks. The second transceiver module and the second data adapter module are configured to operate on a second processing subsystem. The first data adapter module, the first transceiver module, the message oriented middleware, the second transceiver module and the second data adapter module are configured to communicate through an intermediate protocol.
[0009] To further clarify the advantages and features of the present disclosure, a more particular description of the disclosure will follow by reference to specific embodiments thereof, which are illustrated in the appended figures. It is to be appreciated that these figures depict only typical embodiments of the disclosure and are therefore not to be considered limiting in scope. The disclosure will be described and explained with additional specificity and detail with the appended figures.
BRIEF DESCRIPTION OF THE DRAWINGS
[0010] The disclosure will be described and explained with additional specificity and detail with the accompanying figures in which:
[0011] FIG. 1 is a flow chart representing the steps involved in a method to enable communication between a plurality of guarded networks in accordance with an embodiment of the present disclosure;
[0012] FIG. 2 is a block diagram representation of a system to enable communication between a plurality of guarded networks in accordance with an embodiment of the present disclosure;
[0013] FIG. 3 is a block diagram representation of one embodiment of the system of FIG. 2, in accordance with an embodiment of the present disclosure;
[0014] FIG. 4 is a schematic representation of an exemplary embodiment of the system of FIG. 1, in accordance with an embodiment of the present disclosure; and
[0015] FIG. 5 is a block diagram of a computer or a server in accordance with an embodiment of the present disclosure.
[0016] Further, those skilled in the art will appreciate that elements in the figures are illustrated for simplicity and may not have necessarily been drawn to scale. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the figures by conventional symbols, and the figures may show only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the figures with details that will be readily apparent to those skilled in the art having the benefit of the description herein.
DETAILED DESCRIPTION
[0017] For the purpose of promoting an understanding of the principles of the disclosure, reference will now be made to the embodiment illustrated in the figures and specific language will be used to describe them. It will nevertheless be understood that no limitation of the scope of the disclosure is thereby intended. Such alterations and further modifications in the illustrated system, and such further applications of the principles of the disclosure as would normally occur to those skilled in the art are to be construed as being within the scope of the present disclosure.
[0018] The terms "comprises", "comprising", or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a process or method that comprises a list of steps does not include only those steps but may include other steps not expressly listed or inherent to such a process or method. Similarly, one or more devices or sub-systems or elements or structures or components preceded by "comprises... a" does not, without more constraints, preclude the existence of other devices, sub-systems, elements, structures, components, additional devices, additional sub-systems, additional elements, additional structures, or additional components. Appearances of the phrase "in an embodiment", "in another embodiment" and similar language throughout this specification may, but not necessarily do, all refer to the same embodiment.
[0019] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by those skilled in the art to which this disclosure belongs. The system, methods, and examples provided herein are only illustrative and not intended to be limiting.
[0020] In the following specification and the claims, reference will be made to a number of terms, which shall be defined to have the following meanings. The singular forms “a”, “an”, and “the” include plural references unless the context clearly dictates otherwise.
[0021] Embodiments of the present disclosure relate to a method and a system to enable communication between a plurality of guarded networks. The method includes receiving, by a first data adapter module, data from a first plurality of devices interconnected by a first guarded network. The first plurality of devices are adapted to communicate through a communication protocol associated with the first guarded network. The method also includes processing, by the first data adapter module, the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network to obtain processed data. The method further includes transferring, by a first transceiver module, structured data to a message oriented middleware by structuring the processed data by the first data adapter module. The method also includes receiving, by a second transceiver module, the structured data transferred from the message oriented middleware. The method further includes destructuring, by a second data adapter module, the structured data received to obtain destructured data. The first data adapter module, the first transceiver module, the message oriented middleware, the second transceiver module and the second data adapter module are configured to communicate through an intermediate protocol. The method also includes processing, by the second data adapter module, the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices to a second plurality of devices interconnected by a second guarded network. The second plurality of devices are adapted to communicate through the communication protocol associated with the second guarded network.
[0022] FIG. 1 is a flow chart representing the steps involved in a method (10) to enable communication between a plurality of guarded networks in accordance with an embodiment of the present disclosure. As used herein, the plurality of guarded networks may be defined as any network which is not connected to any other external network. The method (10) includes receiving data from a first plurality of devices interconnected by a first guarded network in step 20. In one embodiment, receiving data from a first plurality of devices interconnected by a first guarded network includes receiving data from a first plurality of devices interconnected by a first guarded network by a first data adapter module. In one embodiment, the first plurality of devices may include, at least one of a sensor, a gauge, and a programmable logic controller.
[0023] Further, in some embodiments, the data may include, but not limited to, a temperature reading, a thermal image, a plant related data, a light measurement and the like. The first plurality of devices are adapted to communicate through a communication protocol associated with the first guarded network. In an exemplary embodiment, the communication protocol associated with the first guarded network may include at least one of ethernet, internet protocol, S7, highway addressable remote transducer (HART), distributed network protocol 3 (DNP3), enron modbus, internet protocol, MT connect, building automation and control network (BACNet), international electro technical commission 61850 (IEC 61850), international electro technical commission 6104 (IEC 6104), device language message specification, modbus plus, profinet and the like.
[0024] The method (10) also includes processing the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network to obtain processed data in step 30. In one embodiment, processing the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network to obtain processed data includes processing the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network to obtain processed data by the first data adapter module.
[0025] Further, in one embodiment, the first predefined set of identifiers may use at least one of regular expressions, document object models, predefined data libraries, simple application programming interface for extensive markup language to process the data. For example, consider a scenario in which a temperature sensor may be operating in the first guarded network. The communication protocol being used by the temperature sensor may restrict the temperature sensor from communicating with another guarded network. The first data adapter module may process the data provided by the temperature sensor upon reception of the same to extract information present in the data.
[0026] The method (10) further includes transferring structured data to a message oriented middleware by structuring the processed data by the first data adapter module in step 40. In one embodiment, transferring structured data to a message oriented middleware by structuring the processed data by the first data adapter module includes transferring structured data to a message oriented middleware by structuring the processed data by the first data adapter module by a first transceiver module. In an exemplary embodiment, the message oriented middleware may include, at least one of a message queue telemetry transport (MQTT) broker, and an advanced message queuing protocol (AMQP) broker. In continuation with the ongoing example, the first data adapter may structure the extracted information in such a way that the structured data may be compatible with at least one of a target application and a target device. The first data adapter module may also validate the structured data to ensure completeness and accuracy of the extracted information. The first transceiver module may transfer the structured data to the message oriented middleware there onwards.
[0027] The method (10) also includes receiving the structured data transferred from the message oriented middleware in step 50. In one embodiment, receiving the structured data transferred from the message oriented middleware includes receiving the structured data transferred from the message oriented middleware by a second transceiver module. In one embodiment, the first transceiver module, the second transceiver module and the message oriented middleware may be configured to communicate through a common communication protocol. In some embodiments, the first transceiver module, the second transceiver module and the message oriented middleware may be configured to communicate through different communication protocols.
[0028] The method (10) also includes destructuring the structured data received to obtain destructured data in step 60. In one embodiment, destructuring the structured data received to obtain destructured data includes destructuring the structured data received to obtain destructured data by a second data adapter module. In one embodiment, destructuring the structured data may include destructuring the structured data by serializing the structured data. As used herein, serializing is a process of converting the structured data into a format which can be transmitted and reconstructed at a later instance. In one embodiment, the serialization may be performed by techniques including binary serialization, java script object notation serialization, extensible markup language serialization, protocol buffers and the like. The first data adapter module, the first transceiver module, the message oriented middleware, the second transceiver module and the second data adapter module are configured to communicate through an intermediate protocol. In one embodiment, the intermediate protocol may be OPC UA pub-sub communication format.
[0029] The method (10) further includes processing the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices to a second plurality of devices interconnected by a second guarded network in step 70. In one embodiment, processing the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices to a second plurality of devices interconnected by a second guarded network includes processing the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices to a second plurality of devices interconnected by a second guarded network by the second data adapter module. The second plurality of devices are adapted to communicate through the communication protocol associated with the second network.
[0030] Further, in an exemplary embodiment, the communication protocol associated with the second guarded network may include at least one of ethernet, internet protocol, S7, highway addressable remote transducer (HART), distributed network protocol 3 (DNP3), enron modbus, internet protocol, MT connect, building automation and control network (BACNet), international electro technical commission 61850 (IEC 61850), international electro technical commission 6104 (IEC 6104), device language message specification, modbus plus, profinet and the like. In one embodiment, the second predefined set of identifiers may use at least one of the regular expressions, the document object models, the predefined data libraries, simple application programming interface for extensive markup language to process the destructured data.
[0031] Furthermore, in one embodiment, the second plurality of devices may include, but not limited to, the programmable logic controller, a pressure gauge, and the like. In continuation with the ongoing example, the second transceiver module may receive the structured data from the message oriented middleware and the second data adapter module may further transform the structured data to make the structured data compatible with the programmable logic controller operating in the second guarded network. In short, the first data adapter module, the first transceiver module, the message oriented middleware, the second transceiver module and the second data adapter module enable communication between the first plurality of devices operating in the first guarded network and the second plurality of devices operating in the second network. The same may not be possible otherwise since extent of communication of the first plurality of devices and the second plurality of devices are restricted within the first guarded network and the second guarded network respectively by the communication protocols associated with the first guarded network and the second guarded network.
[0032] Additionally, in one embodiment, the method (10) may include providing the structured data to a first sever upon receiving the structured data from the message oriented middleware may include providing the structured data to a first sever upon receiving the structured data from the message oriented middleware by a third transceiver module. In such an embodiment, the third transceiver module may be operatively coupled to a third guarded network and may be configured to operate on a third processing subsystem. In some embodiments, the third guarded network may be a subset of an informational technology network. In such an embodiment, the first guarded network and the second guarded network may be the subset of an operational technology network. In some embodiments, the third transceiver module may be configured to communicate with the message oriented middleware through the intermediate protocol.
[0033] Also, in a specific embodiment, the first guarded network, the second guarded network and the third guarded network may be configured to support duplex communication between each other through the message oriented middleware. In one embodiment, combination of the first data adapter module, the first transceiver module, the message oriented middleware, the third transceiver module may be capable of constituting a demilitarized zone (DMZ) gateway between the first guarded network and the third guarded network. As used herein, the DMZ gateway may be defined as a network security feature which creates a separate, secure zone between a private internal network and a network. The DMZ gateway may be used to protect the internal network of an organization from external threats such as hackers, viruses, and other malicious traffic.
[0034] Further, in continuation with the ongoing example, the third transceiver module may receive the structured data from the message oriented middleware and provide the same to a third server to improve the accessibility of the data provided by the temperature sensor. In one embodiment, the first guarded network, the second guarded network, and the third guarded network may be a private or public local area network (LAN) or wide area network (WAN), such as the Internet. In another embodiment, the first guarded network, the second guarded network, and the third guarded network may include both wired and wireless communications according to one or more standards and/or via one or more transport mediums.
[0035] Furthermore, in one example, the first guarded network, the second guarded network, and the third guarded network include wireless communications according to one of the 802.11 or Bluetooth specification sets, long range radio signals (LoRa) or another standard or proprietary wireless communication protocol. In yet another embodiment, the first guarded network, the second guarded network, and the third guarded network may also include communications over a terrestrial cellular network, including, a GSM (global system for mobile communications), CDMA (code division multiple access), and/or EDGE (enhanced data for global evolution) network. In one embodiment, the first guarded network and the second guarded network may include one or more terrestrial and/or satellite networks interconnected to communicatively connect a user device to web server engine and a web crawler.
[0036] Moreover, in one embodiment, the first processing subsystem, the second processing subsystem, the third processing subsystem and the message oriented middleware may be hosted on a first server, a second server, a third server and a fourth server respectively. In such an embodiment, the first server, the second server, the third server and the fourth server may be a cloud-based server. In another embodiment, the first server, the second server, the third server and the fourth server may be a local server. As used herein, the first server, the second server, the third server and the fourth server may be considered as a platform which supports arithmetic and logical operations performed by a plurality of modules associated with the first processing subsystem, the second processing subsystem, the third processing subsystem and the message oriented middleware respectively. In some embodiments, the first transceiver module may be associated with an integrated database to store the data being handled by the first transceiver module. In such an embodiment, the integrated database may be a structured query language (SQL) database, non-SQL database, columnar database and the like.
[0037] Additionally, in one embodiment, the method (10) may include storing the data received by the first transceiver module in the integrated database upon losing a communication link with the message oriented middleware may include storing the data received by the first transceiver module in the integrated database upon losing a communication link with the message oriented middleware by a data routing module. In such an embodiment, forwarding the data stored in the integrated database to the message oriented middleware based on one or more configurational rules upon establishing the communication link with the message oriented middleware may include forwarding the data stored in the integrated database to the message oriented middleware based on one or more configurational rules upon reestablishing the communication link with the message oriented middleware by the data routing module.
[0038] Further, in one embodiment, the one or more configurational rules may include, but not limited to, forwarding the data stored to the message oriented middleware along with real time data, forwarding the data stored to the message oriented middleware sequentially with respective time stamp. In continuation with the ongoing example, consider a scenario in which the communication link between the first transceiver module and the message oriented middleware may fail due to a natural disaster. In such a scenario, the data routing module may store the data received by the first transceiver module from the temperature sensor in the integrated database with time stamps.
[0039] Furthermore, once the communication link is reestablished, any of the following three scenarios may happen. The data routing module may forward the data stored in the integrated database along with a real time data that is being forwarded to the integrated database by the first transceiver module. Alternatively, the data routing module may forward the data stored in the integrated database to the message oriented middleware by prioritizing the data stored in the integrated database over the real time data being transmitted by the first transceiver module to the message oriented middle ware. The data routing module may also discard the data stored in the integrated database based on an input provided by the user.
[0040] Moreover, in one embodiment, the method (10) may include exporting configuration table from a first transceiver module and import the configuration table exported into a second transceiver module may include exporting configuration table from a first transceiver module and import the configuration table exported into a second transceiver module by the configuration module. In such an embodiment, mapping the first transceiver module and the second transceiver module as a publisher and a subscriber upon importing the configuration table to enable the communication between the first transceiver module and the second transceiver module may include mapping the first transceiver module and the second transceiver module as a publisher and a subscriber upon importing the configuration table to enable the communication between the first transceiver module and the second transceiver module by the configuration module.
[0041] Additionally, in continuation with the ongoing example, the configuration module may export the configuration table of the first transceiver module and import the same into the second transceiver module to make the first transceiver module and the second transceiver module communicatively compatible to each other. The configuration module may designate the first transceiver module and the second transceiver module as sink by creating a suitable mapping rule. The configuration rule may also set various parameters such as rate of transmission, number of retransmissions to enable the transmission of the data between the first transceiver module and the second transceiver module.
[0042] Also, in some embodiments, the method (10) may include securing the data by at least one of a security techniques comprising signing, hashing, encrypting, and issuing security certificate may include securing the data by at least one of a security techniques comprising signing, hashing, encrypting, and issuing security certificate by a security module. As used herein, the signing may be defined as the process of using digital signatures to authenticate an identity of a sender and to ensure that the data may not be tampered with. As used herein, the hashing may be defined as, a process of applying a mathematical technique to the data to create a string of characters that may be unique representation of the data. As used herein, the encrypting may be defined as converting the data into a set of unreadable characters by the mathematical technique. As used herein, by issuing the security certificate the security module may authenticate at least one of the sender and a receiver taking part in a communication. In continuation with the ongoing example, communication between the first plurality of devices and the first data adapter module may be encrypted by the security module to ensure data security.
[0043] Further, in one embodiment, the method (10) may include a remote module configured to enable configuration of at least one of the first transceiver module, the second transceiver module, and the third transceiver module through an application programming interface (API). In continuation with the ongoing example, the remote module may enable a user X to remotely configure at least one of the first adapter module, the first transceiver module, the second transceiver module, and the second data adapter module. The remote module may enable the user X to establish a connection with the application programming interface (API) by means of a credential. The user X may include, but not limited to, a network operator. The credential may include an API token, an API key and the like. The remote module may then allow the user X to configure the at least one of the first adapter module, the first transceiver module, the second transceiver module, and the second data adapter module from a remote location.
[0044] FIG. 2 is a block diagram representation of a system (100) to enable communication between a plurality of guarded networks in accordance with an embodiment of the present disclosure. The system (100) includes a first data adapter module (110) configured to receive data from a first plurality of devices (120) interconnected by a first guarded network (130). In one embodiment, the data may include at least one of an alert, a real-time process data, an alarm, historical data, an event and a value.
[0045] The first plurality of devices (120) are adapted to communicate through a communication protocol associated with the first guarded network (130). As used herein, the plurality of guarded networks may be defined as any network which is not connected to any other external network. In one embodiment, the first plurality of devices (120) may include, at least one of a sensor, a gauge, and a programmable logic controller.
[0046] Further, in some embodiments, the data may include, but not limited to, a temperature reading, a thermal image, a plant related data, a light measurement and the like. In an exemplary embodiment, the communication protocol associated with the first guarded network (130) may include at least one of ethernet, internet protocol, S7, highway addressable remote transducer (HART), distributed network protocol 3 (DNP3), enron modbus, internet protocol, MT connect, building automation and control network (BACNet), international electro technical commission 61850 (IEC 61850), international electro technical commission 6104 (IEC 6104), device language message specification, modbus plus, profinet and the like.
[0047] Furthermore, the first data adapter module (110) is also configured to process the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network (130) to obtain processed data. In one embodiment, the first predefined set of identifiers may use at least one of regular expressions, document object models, predefined data libraries, simple application programming interface for extensive markup language to process the data.
[0048] Additionally, the system (100) also includes a first transceiver module (140) operatively coupled to the first data adapter module (110). The first transceiver module (140) is configured to transfer structured data to a message oriented middleware (150) by structuring the processed data by the first data adapter module (110). In an exemplary embodiment, the message oriented middleware (150) may include, at least one of a message queue telemetry transport (MQTT) broker, and an advanced message queuing protocol (AMQP) broker. The first transceiver module (140) and the first data adapter module (110) are configured to operate on a first processing subsystem (160).
[0049] Moreover, the system (100) also includes a second transceiver module (170) operatively coupled to the first transceiver module (140). The second transceiver module (170) is configured to receive the structured data from the message oriented middleware (150). In one embodiment, the first transceiver module (140), the second transceiver module (170) and the message oriented middleware (150) may be configured to communicate through a common communication protocol.
[0050] Additionally, the system (100) also includes a second data adapter module (180) operatively coupled to the second transceiver module (170). The second data adapter module (180) is configured to destructure the structured data received to obtain destructured data. In one embodiment, destructuring the structured data may include destructuring the structured data by serializing the structured data. As used herein, serializing is a process of converting the structured data into a format which can be transmitted and reconstructed at a later instance. In one embodiment, the serialization may be performed by techniques including binary serialization, java script object notation serialization, extensible markup language serialization, protocol buffers and the like.
[0051] Further, the second data adapter module (180) is also configured to process the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices (120) to a second plurality of devices (190) interconnected by a second guarded network (200). The second plurality of devices (190) are adapted to communicate through the communication protocol associated with the second guarded network (200), thereby enabling communication between a plurality of guarded networks. The second transceiver module (170) and the second data adapter module (180) are configured to operate on a second processing subsystem (210). In an exemplary embodiment, the communication protocol associated with the second guarded network (200) may include at least one of ethernet, internet protocol, S7, highway addressable remote transducer (HART), distributed network protocol 3 (DNP3), enron modbus, internet protocol, MT connect, building automation and control network (BACNet), international electro technical commission 61850 (IEC 61850), international electro technical commission 6104 (IEC 6104), device language message specification, modbus plus, profinet and the like.
[0052] Furthermore, in one embodiment, the second predefined set of identifiers may use at least one of the regular expressions, the document object models, the predefined data libraries, simple application programming interface for extensive markup language to process the destructured data. In one embodiment, the second plurality of devices (190) may include, but not limited to, the programmable logic controller, a pressure gauge, and the like. In one embodiment, the first processing subsystem (160), the second processing subsystem (210) and the message oriented middleware (150) may be hosted on a first server (220), a second server (230) and a fourth server (360) respectively. and the message oriented middleware (150) may be hosted on a second server (230). The first data adapter module (110), the first transceiver module (140), the message oriented middleware (150), the second transceiver module (170) and the second data adapter module (180) are configured to communicate through an intermediate protocol. In one embodiment, the intermediate protocol may be OPC UA pub-sub communication format.
[0053] FIG. 3 is a block diagram representation of one embodiment of the system (100) of FIG. 2, in accordance with an embodiment of the present disclosure. The system (100) of FIG. 2 includes the first data adapter module (110), the first transceiver module (140), the second transceiver module (170), and the second data adapter module (180). In one embodiment, the system (100) of FIG. 2 may include a remote module (240) configured to enable configuration of at least one of the first transceiver module (140), the second transceiver module (170), and a third transceiver module (250) through an application programming interface (API).
[0054] Further, in continuation with the ongoing example, a remote module (240) may enable a user X to remotely configure at least one of the first data adapter module (110), the first transceiver module (140), the second transceiver module (170), and the second data adapter module (180). The remote module (240) may enable the user X to establish a connection with the API by means of a credential. The credential may include an API token, an API key and the like. The remote module (240) may then allow the user X to configure the at least one of the first data adapter module (110), the first transceiver module (140), the second transceiver module (170), and the second data adapter module (180).
[0055] Furthermore, in one embodiment, providing the structured data to a first sever upon receiving the structured data from the message oriented middleware (150) may include providing the structured data to a first sever upon receiving the structured data from the message oriented middleware (150) by the third transceiver module (250). In such an embodiment, the third transceiver module (250) may be operatively coupled to a third guarded network (260) and may be configured to operate on a third processing subsystem (270). In some embodiments, the third guarded network (260) may be a subset of an informational technology network. In such an embodiment, the first guarded network (130) and the second guarded network (200) may be the subset of an operational technology network. In one embodiment, the third transceiver module is configured to communicate with the message oriented middleware through the intermediate protocol.
[0056] Moreover, in a specific embodiment, the first guarded network (130), the second guarded network (200) and the third guarded network (260) may be configured to support duplex communication between each other through the message oriented middleware (150). In one embodiment, combination of the first data adapter module (110), the first transceiver module (140), the message oriented middleware (150), the third transceiver module (250) may be capable of constituting a demilitarized zone (DMZ) gateway between the first guarded network (130) and the third guarded network (260). As used herein, the DMZ gateway may be defined as a network security feature which creates a separate, secure zone between a private internal network and a network. The DMZ gateway may be used to protect an organization’s internal network from external threats such as hackers, viruses, and other malicious traffic.
[0057] Additionally, in one embodiment, the first guarded network (130), the second guarded network (200), and the third guarded network (260) may be a private or public local area network (LAN) or wide area network (WAN), such as the Internet. In another embodiment, the first guarded network (130), the second guarded network (200), and the third guarded network (260) may include both wired and wireless communications according to one or more standards and/or via one or more transport mediums. In one example, the first guarded network (130), the second guarded network (200), and the third guarded network (260) include wireless communications according to one of the 802.11 or Bluetooth specification sets, long range radio signals (LoRa) or another standard or proprietary wireless communication protocol. In yet another embodiment, the first guarded network (130), the second guarded network (200), and the third guarded network (260) may also include communications over a terrestrial cellular network, including, a GSM (global system for mobile communications), CDMA (code division multiple access), and/or EDGE (enhanced data for global evolution) network. In one embodiment, the first guarded network (130) and the second guarded network (200) may include one or more terrestrial and/or satellite networks interconnected to communicatively connect a user device to web server engine and a web crawler.
[0058] Also, in one embodiment, the third processing subsystem (270) may be hosted on a third server (370). In such an embodiment, the first server (220), the second server (230), the third server (370) and the fourth server (360) may be a cloud-based server. In another embodiment, the first server (220), the second server (230), the third server (370) and the fourth server (360) may be a local server. As used herein, the first server (220), the second server (230), the third server (370) and the fourth server (360) may be considered as a platform which supports arithmetic and logical operations performed by a plurality of modules associated with the first processing subsystem (160), the second processing subsystem (210), the third processing subsystem (270) and the message oriented middleware (150) respectively. In some embodiments, the first transceiver module (140) may be associated with an integrated database (280) to store the data being handled by the first transceiver module (140). In such an embodiment, the integrated database (280) may be a structured query language (SQL) database, non-SQL database, columnar database and the like.
[0059] Further, in one embodiment, the system (100) may include storing the data received by the first transceiver module (140) in the integrated database (280) upon losing a communication link with the message oriented middleware (150) may include storing the data received by the first transceiver module (140) in the integrated database (280) upon losing a communication link with the message oriented middleware (150) by a data routing module (290). In such an embodiment, forwarding the data stored in the integrated database (280) to the message oriented middleware (150) based on one or more configurational rules upon establishing the communication link with the message oriented middleware (150) may include forwarding the data stored in the integrated database (280) to the message oriented middleware (150) based on one or more configurational rules upon reestablishing the communication link with the message oriented middleware (150) by the data routing module (290). In one embodiment, the one or more configurational rules may include, but not limited to, forwarding the data stored to the message oriented middleware (150) along with real time data, forwarding the data stored to the message oriented middleware (150) sequentially with respective time stamp.
[0060] Furthermore, in one embodiment, the system (100) may include exporting configuration table from a first transceiver module (140) and import the configuration table exported into a second transceiver module (170) may include exporting configuration table from a first transceiver module (140) and import the configuration table exported into a second transceiver module (170) by the configuration module (300). In such an embodiment, mapping the first transceiver module (140) and the second transceiver module (170) as a publisher and a subscriber upon importing the configuration table to enable the communication between the first transceiver module (140) and the second transceiver module (170) may include mapping the first transceiver module (140) and the second transceiver module as a publisher and a subscriber upon importing the configuration table to enable the communication between the first transceiver module (140) and the second transceiver module (170) by the configuration module (300).
[0061] Moreover, in some embodiments, the system (100) may include securing the data by at least one of a security techniques comprising signing, hashing, encrypting, and issuing security certificate may include securing the data by at least one of a security techniques comprising signing, hashing, encrypting, and issuing security certificate by a security module (310). As used herein, the signing may be defined as the process of using digital signatures to authenticate an identity of a sender and to ensure that the data may not be tampered with. As used herein, the hashing may be defined as, a process of applying a mathematical technique to the data to create a string of characters that may be unique representation of the data. As used herein, the encrypting may be defined as converting the data into a set of unreadable characters by the mathematical technique. As used herein, by issuing the security certificate the security module (310) may authenticate at least one of the sender and a receiver taking part in a communication.
[0062] In one embodiment, the system (100) may include a remote module (240) may be configured to enable configuration of at least one of the first transceiver module (140), the second transceiver module (170), and the third transceiver module (250) through an application programming interface (API).
[0063] FIG. 4 is a schematic representation of an exemplary embodiment (300) of the system (100) of FIG. 2 in accordance with an embodiment of the present disclosure. Consider a scenario in which a fire sensor (310) and a building management unit (320) may be located in a production facility. The fire sensor (310) may be connected to a first guarded network (130) and the building management unit (320) may be connected to a second guarded network (200). Direct communication between the first guarded network (130) and the second guarded network (200) may not be possible due to difference in the communication protocol associated with the first guarded network (130) and the second guarded network (200). In order to address this concern, a first data adapter module (110) may receive the data from the fire sensor (310) and process the data to extract the information present in the data. The data from the fire sensor may be an alert provided by the fire sensor.
[0064] Further, the security module (310) may secure the data by issuing security certificate to prevent tampering of the data. The first data adapter module (110) may structure the information to make the information compatible with the second guarded network (200) and the structured data may be transferred to the message oriented middleware (150) by the first transceiver module (140). The second transceiver module (170) may receive the structured data from the message oriented middleware (150) and may pass the structured data to the second data adapter module (180). The second data adapter module (180) may extract the original information from the structured data by destructing and processing the structured data and the extracted information may be provided to the building management unit (320) to take informed decisions.
[0065] Furthermore, the third transceiver module (250) may receive the structured data from the message oriented middleware (150) and upload the same to the third server (370). The first data adapter module (110), the first transceiver module (140), the message oriented middleware (150), the second transceiver module (170) and the second data adapter module (180) are configured to communicate through the intermediate protocol. The third transceiver module may also communicate with the message oriented middleware (150) via the intermediate protocol.
[0066] Consider a scenario in which the communication link between the first transceiver module (140) and the message oriented middleware (150) may have failed due to power outage. The data routing module (290) may store the data received by the first transceiver module (140) in the integrated database (280) in such a scenario. The data routing module (290) may forward the data stored in the integrated database (280) to the message oriented middleware (150) upon reestablishing the communication link between the first transceiver module (140) and the message oriented middleware (150).
[0067] Moreover, at any point of time, the configuration module (300) may copy the configuration table associated with the first transceiver module (140) to a fourth transceiver module associated with a fourth guarded network to make the first transceiver module (140) and the fourth transceiver module compatible for communicating each other. The remote module (240) may enable an operator to configure the first transceiver module (140) from the remote location.
[0068] FIG. 5 is a block diagram of a computer or a first server (220) in accordance with an embodiment of the present disclosure. The first server (220) includes processor(s) (330), and memory (340) operatively coupled to the bus (350). The processor(s) (330), as used herein, includes any type of computational circuit, such as, but not limited to, a microprocessor, a microcontroller, a complex instruction set computing microprocessor, a reduced instruction set computing microprocessor, a very long instruction word microprocessor, an explicitly parallel instruction computing microprocessor, a digital signal processor, or any other type of processing circuit, or a combination thereof.
[0069] The memory (340) includes several subsystems stored in the form of an executable program which instructs the processor to perform the method steps illustrated in FIG. 2. The memory (340) is substantially similar to the system (100) of FIG. 2. The memory (340) has the following subsystems: The first processing subsystem (160) including the first data adapter module (110), the first transceiver module (140), the second processing subsystem (210) including the second data adapter module (180), the second transceiver module (170), the third processing subsystem (270) including the third transceiver module (250). Each of the first processing subsystem (160), the second processing subsystem (210) and the third processing subsystem (270) includes the data routing module (290), the configuration module (300), the security module (310) and the remote module (240). The plurality of modules of the first processing subsystem (160), the second processing subsystem (210) and the third processing subsystem (270) performs the functions as stated in FIG. 2. The bus (350) as used herein refers to the internal memory channels or computer network that is used to connect computer components and transfer data between them. The bus (350) includes a serial bus or a parallel bus, wherein the serial bus transmit data in bit-serial format and the parallel bus transmit data across multiple wires. The bus (350) as used herein, may include but not limited to, a system bus, an internal bus, an external bus, an expansion bus, a frontside bus, a backside bus, and the like.
[0070] The system (100) includes a first data adapter module (110) configured to receive data from a first plurality of devices (120) interconnected by a first guarded network (130), wherein the first plurality of devices (120) are adapted to communicate through a communication protocol associated with the first guarded network (130). The first data adapter module (110) is also configured to process the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network (130) to obtain processed data. The system (100) also includes a first transceiver module (140) operatively coupled to the first data adapter module (110). The first transceiver module (140) is configured to transfer structured data to a message oriented middleware (150) by structuring the processed data by the first data adapter module (110).
[0071] Further, the first transceiver module (140) and the first data adapter module (110) are configured to operate on a first processing subsystem (160). The system (100) also includes a second transceiver module (170) operatively coupled to the first transceiver module (140). The second transceiver module (170) is configured to receive the structured data from the message oriented middleware (150). The system (100) also includes a second data adapter module (180) operatively coupled to the second transceiver module (170). The second data adapter module (180) is configured to destructure the structured data received to obtain destructured data. The second data adapter module (180) is further configured to process the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices (120) to a second plurality of devices (190) interconnected by a second guarded network (200).
[0072] Furthermore, the second plurality of devices (190) are configured to communicate through the communication protocol associated with a second guarded network (200), thereby enabling communication between a plurality of guarded networks. The second transceiver module (170) and the second data adapter module (180) are configured to operate on a second processing subsystem (210). The first data adapter module (110), the first transceiver module (140), the message oriented middleware (150), the second transceiver module (170) and the second data adapter module (180) are configured to communicate through an intermediate protocol.
[0073] The system (100) also includes providing the structured data to a sever upon receiving the structured data from the message oriented middleware (150) includes providing the structured data to a sever upon receiving the structured data from the message oriented middleware (150) by a third transceiver module (250). The third transceiver module (250) is operatively coupled to a third guarded network (260) and is configured to operate on a third processing subsystem (270).
[0074] Moreover, the system (100) also includes storing the data received by the first transceiver module (140) in an integrated database (280) upon losing a communication link with the message oriented middleware (150) includes storing the data received by the first transceiver module (140) in an integrated database (280) upon losing a communication link with the message oriented middleware (150) by a data routing module (290). The system (100) also includes forwarding the data stored in the integrated database (280) to the message oriented middleware (150) based on one or more configurational rules upon reestablishing the communication link with the message oriented middleware (150) includes forwarding the data stored in the integrated database (280) to the message oriented middleware (150) based on one or more configurational rules upon reestablishing the communication link with the message oriented middleware (150) by the data routing module (290).
[0075] Additionally, the one or more configurational rules includes forwarding the data stored to the message oriented middleware (150) along with real time data, forwarding the data stored to the message oriented middleware (150) sequentially with respective time stamp. The system (100) also includes exporting configuration table from a first transceiver module (140) and import the configuration table exported into a second transceiver module (170) includes exporting configuration table from a first transceiver module (140) and import the configuration table exported into a second transceiver module (170) by a configuration module (300). The system (100) further includes mapping the first transceiver module (140) and the second transceiver module (170) as a publisher and a subscriber upon importing the configuration table to enable the communication between the first transceiver module (140) and the second transceiver module (170) includes mapping the first transceiver module (140) and the second transceiver module (170) as a publisher and a subscriber upon importing the configuration table to enable the communication between the first transceiver module (140) and the second transceiver module (170) by the configuration module (300).
[0076] Also, the system (100) also includes securing the data by at least one of a security techniques including signing, hashing, encrypting, and issuing security certificate includes securing the data by at least one of a security techniques including signing, hashing, encrypting, and issuing security certificate by a security module (310). The system (100) further includes a remote module (240) configured to enable configuration of at least one of the first transceiver module (140), the second transceiver module (170), and the third transceiver module (250) through an application programming interface.
[0077] Computer memory elements may include any suitable memory device(s) for storing data and executable program, such as read only memory, random access memory, erasable programmable read only memory, electrically erasable programmable read only memory, hard drive, removable media drive for handling memory cards and the like. Embodiments of the present subject matter may be implemented in conjunction with program modules, including functions, procedures, data structures, and application programs, for performing tasks, or defining abstract data types or low-level hardware contexts. Executable program stored on any of the above-mentioned storage media may be executable by the processor(s) (330).
[0078] Various embodiments of the method and the system to enable communication between a plurality of guarded networks described above enable various advantages. Combination of the first data adapter module, the first transceiver module, the message oriented middleware, the second transceiver module, and the second data adapter module is capable of performing as a protocol converter between the first guarded network and the second guarded network, thereby enabling seamless communication between the first guarded network and the second guarded network. Combination of the first data adapter, the first transceiver module, the message oriented middleware, and the third transceiver module is capable of operating as a DMZ gateway between the information technology network and the operational technology network, thereby preventing unauthorized access from the information technology network side to the operational technology network side and vice versa. The system is capable of exchanging real time process data, alarm and alerts, and historical data while acting as the DMZ gateway as well as the protocol converter.
[0079] Further, provision of the security module is capable of ensuring data security by techniques such as encrypting, hashing, signing, and issuing the security certificate. Provision of the configuration module enables exporting the configuration table from the first transceiver module and importing the same into the second transceiver module to make the first transceiver module and the second transceiver module communicatively compatible, thereby reducing time and effort required for the configuration. Provision of the data routing module prevents data loss by backing up the data to the integrated database when the communication link fails, thereby ensuring data reliability. Provision of the remote module enables configuration of the plurality of modules from the remote location, thereby making the configuration process simple.
[0080] Furthermore, the system is capable of working as the DMZ gateway as well as the protocol converter without compromising speed and accuracy of the dataflow even because of the scaling up of the information technology network and the operational technology network. Also, the system is capable of running on various platforms, such as different operating systems, different devices, thereby ensuring flexibility of the system.
[0081] It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the disclosure and are not intended to be restrictive thereof. While specific language has been used to describe the disclosure, any limitations arising on account of the same are not intended.
[0082] The figures and the foregoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, the order of processes described herein may be changed and are not limited to the manner described herein. Moreover, the actions of any flow diagram need not be implemented in the order shown; nor do all the acts need to be necessarily performed. Also, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is by no means limited by these specific examples.
, C , C , Claims:1. A method (10) to enable communication between a plurality of guarded networks comprising:
receiving, by a first data adapter module, data from a first plurality of devices interconnected by a first guarded network, wherein the first plurality of devices are adapted to communicate through a communication protocol associated with the first guarded network; (20)
processing, by the first data adapter module, the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network to obtain processed data; (30)
transferring, by a first transceiver module, structured data to a message oriented middleware by structuring the processed data by the first data adapter module; (40)
receiving, by a second transceiver module, the structured data transferred from the message oriented middleware; (50)
destructuring, by a second data adapter module, the structured data received to obtain destructured data, wherein the first data adapter module, the first transceiver module, the message oriented middleware, the second transceiver module and the second data adapter module are configured to communicate through an intermediate protocol ;(60) and
processing, by the second data adapter module, the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices to a second plurality of devices interconnected by a second guarded network, wherein the second plurality of devices are adapted to communicate through the communication protocol associated with the second guarded network. (70)
2. The method (10) as claimed in claim 1, comprising providing the structured data to a first sever upon receiving the structured data from the message oriented middleware comprises providing the structured data to a first sever upon receiving the structured data from the message oriented middleware by a third transceiver module, wherein the third transceiver module is operatively coupled to a third guarded network and is configured to operate on a third processing subsystem, wherein the third transceiver module is configured to communicate with the message oriented middleware through the intermediate protocol..
3. The method (10) as claimed in claim 2, wherein the third guarded network is a subset of an information technology network, wherein the first guarded network and the second guarded network are the subset of an operational technology network.
4. The method (10) as claimed in claim 2, wherein the third guarded network, the first guarded network, and the second guarded network are configured to support duplex communication between each other through the message oriented middleware.
5. The method (10) as claimed in claim 1, comprising:
storing the data received by the first transceiver module in an integrated database upon losing a communication link with the message oriented middleware comprises storing the data received by the first transceiver module in an integrated database upon losing a communication link with the message oriented middleware by a data routing module;
forwarding the data stored in the integrated database to the message oriented middleware based on one or more configurational rules upon reestablishing the communication link with the message oriented middleware comprises forwarding the data stored in the integrated database to the message oriented middleware based on one or more configurational rules upon reestablishing the communication link with the message oriented middleware by the data routing module,
wherein the one or more configurational rules comprises forwarding the data stored to the message oriented middleware along with real time data, forwarding the data stored to the message oriented middleware sequentially with respective time stamp.
6. The method (10) as claimed in claim 1, comprising:
exporting configuration table from a first transceiver module and import the configuration table exported into a second transceiver module comprises exporting configuration table from a first transceiver module and import the configuration table exported into a second transceiver module by a configuration module; and
mapping the first transceiver module and the second transceiver module as a publisher and a subscriber upon importing the configuration table to enable the communication between the first transceiver module and the second transceiver module comprises mapping the first transceiver module and the second transceiver module as a publisher and a subscriber upon importing the configuration table to enable the communication between the first transceiver module and the second transceiver module by the configuration module.
7. The method (10) as claimed in claim 1, comprising securing the data by at least one of a security techniques comprising signing, hashing, encrypting, and issuing security certificate comprises securing the data by at least one of a security techniques comprising signing, hashing, encrypting, and issuing security certificate by a security module.
8. A system (100) to enable communication between a plurality of guarded networks comprising:
a first data adapter module (110) configured to:
receive data from a first plurality of devices (120) interconnected by a first guarded network (130), wherein the first plurality of devices (120) are adapted to communicate through a communication protocol associated with the first guarded network (130);
process the data received by a first predefined set of identifiers corresponding to the communication protocol associated with the first guarded network (130) to obtain processed data;
a first transceiver module (140) operatively coupled to the first data adapter module (110), wherein the first transceiver module (140) is configured to transfer structured data to a message oriented middleware (150) by structuring the processed data by the first data adapter module (110), wherein the first transceiver module (140) and the first data adapter module (110) are configured to operate on a first processing subsystem (160);
a second transceiver module (170) operatively coupled to the first transceiver module (140), wherein the second transceiver module (170) is configured to receive the structured data from the message oriented middleware (150);
a second data adapter module (180) operatively coupled to the second transceiver module (170), wherein the second data adapter module (180) is configured to:
destructure the structured data received to obtain destructured data; and
process the destructured data by a second predefined set of identifiers to feed the data received from the first plurality of devices (120) to a second plurality of devices (190) interconnected by a second guarded network (200),
wherein the second plurality of devices (190) are configured to communicate through the communication protocol associated with the second guarded network (200), thereby enabling communication between a plurality of guarded networks,
wherein the second transceiver module (170) and the second data adapter (180) module are configured to operate on a second processing subsystem (210),
wherein the first data adapter module (110), the first transceiver module (140), the message oriented middleware (150), the second transceiver module (170) and the second data adapter module (180) are configured to communicate through an intermediate protocol.
9. The system (100) as claimed in claim 8, wherein the first plurality of devices (120) and the second plurality of devices (190) comprises at least one of a sensor, gauge, and a programmable logic controller.
10. The system (100) as claimed in claim 8, wherein the intermediate protocol comprises an OPC UA pub-sub communication format.
11. The system (100) as claimed in claim 8, comprising a remote module (240) configured to enable configuration of at least one of the first transceiver module (140), the second transceiver module (170), and the third transceiver module (250) through an application programming interface.
12. The system (100) as claimed in claim 8, wherein the data comprises at least one of an alert, a real-time process data, an alarm, historical data, an event and a value.
Dated this 21st day of July 2023
Signature
Jinsu Abraham
Patent Agent (IN/PA-3267)
Agent for the Applicant
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 202341049388-STATEMENT OF UNDERTAKING (FORM 3) [21-07-2023(online)].pdf | 2023-07-21 |
| 2 | 202341049388-REQUEST FOR EARLY PUBLICATION(FORM-9) [21-07-2023(online)].pdf | 2023-07-21 |
| 3 | 202341049388-PROOF OF RIGHT [21-07-2023(online)].pdf | 2023-07-21 |
| 4 | 202341049388-POWER OF AUTHORITY [21-07-2023(online)].pdf | 2023-07-21 |
| 5 | 202341049388-MSME CERTIFICATE [21-07-2023(online)].pdf | 2023-07-21 |
| 6 | 202341049388-FORM28 [21-07-2023(online)].pdf | 2023-07-21 |
| 7 | 202341049388-FORM-9 [21-07-2023(online)].pdf | 2023-07-21 |
| 8 | 202341049388-FORM FOR SMALL ENTITY(FORM-28) [21-07-2023(online)].pdf | 2023-07-21 |
| 9 | 202341049388-FORM FOR SMALL ENTITY [21-07-2023(online)].pdf | 2023-07-21 |
| 10 | 202341049388-FORM 18A [21-07-2023(online)].pdf | 2023-07-21 |
| 11 | 202341049388-FORM 1 [21-07-2023(online)].pdf | 2023-07-21 |
| 12 | 202341049388-EVIDENCE FOR REGISTRATION UNDER SSI(FORM-28) [21-07-2023(online)].pdf | 2023-07-21 |
| 13 | 202341049388-EVIDENCE FOR REGISTRATION UNDER SSI [21-07-2023(online)].pdf | 2023-07-21 |
| 14 | 202341049388-DRAWINGS [21-07-2023(online)].pdf | 2023-07-21 |
| 15 | 202341049388-DECLARATION OF INVENTORSHIP (FORM 5) [21-07-2023(online)].pdf | 2023-07-21 |
| 16 | 202341049388-COMPLETE SPECIFICATION [21-07-2023(online)].pdf | 2023-07-21 |
| 17 | 202341049388-FORM-26 [24-08-2023(online)].pdf | 2023-08-24 |
| 18 | 202341049388-IntimationUnderRule24C(4).pdf | 2024-05-03 |
| 19 | 202341049388-Response to office action [21-05-2024(online)].pdf | 2024-05-21 |
| 20 | 202341049388-Annexure [21-05-2024(online)].pdf | 2024-05-21 |
| 21 | 202341049388-FER.pdf | 2024-07-03 |
| 22 | 202341049388-FORM 3 [11-07-2024(online)].pdf | 2024-07-11 |
| 23 | 202341049388-OTHERS [26-09-2024(online)].pdf | 2024-09-26 |
| 24 | 202341049388-FORM-5 [26-09-2024(online)].pdf | 2024-09-26 |
| 25 | 202341049388-FER_SER_REPLY [26-09-2024(online)].pdf | 2024-09-26 |
| 26 | 202341049388-US(14)-HearingNotice-(HearingDate-11-03-2025).pdf | 2025-02-18 |
| 27 | 202341049388-FORM-26 [07-03-2025(online)].pdf | 2025-03-07 |
| 28 | 202341049388-Correspondence to notify the Controller [07-03-2025(online)].pdf | 2025-03-07 |
| 29 | 202341049388-US(14)-ExtendedHearingNotice-(HearingDate-19-03-2025)-1500.pdf | 2025-03-10 |
| 30 | 202341049388-Correspondence to notify the Controller [12-03-2025(online)].pdf | 2025-03-12 |
| 31 | 202341049388-Written submissions and relevant documents [01-04-2025(online)].pdf | 2025-04-01 |
| 32 | 202341049388-FORM-8 [03-04-2025(online)].pdf | 2025-04-03 |
| 33 | 202341049388-PatentCertificate22-05-2025.pdf | 2025-05-22 |
| 34 | 202341049388-IntimationOfGrant22-05-2025.pdf | 2025-05-22 |
Search Strategy
| 1 | 202341049388SearchHistoryE_03-07-2024.pdf |