Description:TECHNICAL FIELD
[0001] Embodiments of the present disclosure relate to processing and transmitting messages from a main system to plurality of sub-systems, and more specifically, to intercepting classified messages, authenticating the intercepted classified message and transmitting the authenticated message to plurality of sub-systems for performing operations at the plurality of sub-systems.

BACKGROUND
[0002] Typically, control systems such as electricity distribution, production of chemicals/petroleum etc. are classified as highly critical systems. Control systems typically comprises a main system that is situated in a remote location and issue commands that need to be executed by a plurality of sub-systems that are coupled to the main system, and at least one of the plurality of sub-systems execute the commands issued by the main system. Generally, control systems are used for performing a variety of critical or super-critical operations. For example, industrial processes using control systems for performing operations include manufacturing process control, power generation, fabrication, etc. . Other examples where control systems are used for performing various operations include control of infrastructure such as electricity, water supply and wastewater processing etc. Usually, control systems perform critical operations in a network of systems containing the main system and the plurality of sub-systems that are connected together, and any security related issues, for example caused by a malware, on the main system, which is used to issue commands to the plurality of sub-systems may result in a a serious threat to the plurality of sub-systems and result in serious damage to the network of systems to the extent of completely shutting down a critically operational system.
[0003]
[0004] Typically, cyber security breaches and attacks have also become commonplace with respect to control systems. A number of cyber security breaches/attacks such as brute force or man-in the middle attacks at the main systems have been targeted, where operators have been impersonated and critical information transmitted to the sub-systems have been compromised, causing operational downtime and heavy economic losses. Often due to cyber -security breaches/attacks critical infrastructure like electricity, water supply etc., experience downtime and may result in affecting end consumer at large. Accordingly, there is a need to ensure building a fail-safe network of systems containing a main system in constant communication with the plurality of sub-system performing critical operations.

SUMMARY
[0005] Embodiments of the present disclosure relate to a method for processing and transmitting messages from a main system to a plurality of subsystems ensuring an almost fail-safe mechanism for performing operations between the main system and the plurality of sub-systems coupled to the main system. In an embodiment, the method includes intercepting messages transmitted from a main system to at least one of a plurality to sub-systems in a network of system. A further embodiment includes processing the message intercepted at the interceptor to classify the intercepted message into at least one category belonging to either a classified message or a normal message. In an embodiment, on determining the intercepted message belonging to a classified category, categorizing the message as a classified message and moving and storing the intercepted message in a buffer, wherein the buffer is located within the interceptor. In an embodiment the interceptor may be located anywhere between the main system and the plurality of systems in the network of system. A further embodiment includes authenticating the classified message stored in the buffer by a user. A further embodiment includes changing a status of the classified message to an authenticated message after authentication by the user. A further embodiment includes transmitting the authenticated message to at least one of a plurality of sub-systems for performing an operation at the plurality of sub-systems. In an embodiment, on negative determination of the intercepted message belonging to a classified category, classifying the message into a normal messages category and transmitting the normal message without any delay. Other embodiments are also disclosed.
[0006]
BRIEF DESCRIPTION OF THE DRAWINGS
[0007] The detailed description is described with reference to the accompanying figures. Features, aspects, and advantages of the subject matter of the present disclosure will be better understood with regard to the following description and the accompanying drawings. The figures are intended to be illustrative, not limiting, and are generally described in context of the embodiments, and it should be understood that it is not intended to limit the scope of the disclosure to these particular embodiments. In the figures, the same numbers may be used throughout the drawings to reference features and components. In order that the present disclosure may be readily understood and put into practical effect, reference will now be made to exemplary embodiments as illustrated with reference to the accompanying figures. The figures together with detailed description below, are incorporated in and form part of the specification, and serve to further illustrate the embodiments and explain various principles and advantages.
[0008] Figure 1 is an exemplary illustration of the system 100 in accordance with embodiments of the present disclosure.
[0009] Figure 2 is an exemplary method 200 for processing and transmitting messages from a main system to a plurality of sub-systems in accordance with embodiments of the present disclosure.
[0010] Figure 3 is an exemplary method 300 for classifying messages transmitted from the main system to the plurality of sub-systems in accordance with embodiments of the present disclosure.
[0011] Figure 4 is an exemplary method 400 for authenticating classified messages and processing the classified messages post authentication in accordance with embodiments of the present disclosure.
[0012] Throughout the drawings, identical reference numbers designate similar, but not necessarily identical elements. The figures as disclosed herein are not necessarily to scale, and the size of some parts may be exaggerated to more clearly illustrate the example shown. Moreover, the drawings are meant to only be provided as examples and/or implementations consistent with the description, and the description may not be limited to the examples and/or implementations provided in the drawings.

DETAILED DESCRIPTION
[0013] The following describes technical solutions in exemplary embodiments of the subject matter of the present disclosure with reference to the accompanying drawings. In this application as disclosed herein, "at least one" means one or more, and "a plurality of" means two or more. The term "and/or" describes an association relationship for describing associated objects and represents that three relationships may exist. For example, A and/or B may represent the following cases: Only A exists, both A and B exist, and only B exists, where A and B may be singular or plural. The character "/" usually indicates an "or" relationship between the associated objects. "At least one item (piece) of the following" or a similar expression thereof means any combination of the items, including any combination of singular items (piece) or plural items (pieces). For example, at least one item (piece) of a, b, or c may represent a, b, c, a and b, a and c, b and c, or a, b, and c, where a, b, and c each may be singular or plural.
[0014] It should be noted that in this application articles “a”, “an” and “the” are used to refer to one or to more than one (i.e., to at least one) of the grammatical object of the article. The terms “comprise” and “comprising” are used in the inclusive, open sense, meaning that additional elements may be included. It is not intended to be construed as “consists of only”. Throughout this specification defined above, unless the context requires otherwise the word “comprise”, and variations such as “comprises” and “comprising”, will be understood to imply the inclusion of a stated element or step or group of elements or steps but not the exclusion of any other element or step or group of elements or steps. The term “including” is used to mean “including but not limited to”. “Including” and “including but not limited to” are used interchangeably. In the structural formulae given herein and throughout the present disclosure, the following terms have been indicated meaning, unless specifically stated otherwise.
[0015] Unless otherwise defined, all terms used in the disclosure, including technical and scientific terms, have meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. By means of further guidance, term definitions are included for better understanding of the present disclosure. The term ‘about’ as used herein when referring to a measurable value such as a parameter, an amount, a temporal duration, and the like, is meant to encompass variations of ±10% or less, preferably ±5% or less, more preferably ±1% or less and still more preferably ±0.1% or less of and from the specified value, insofar such variations are appropriate to perform the present disclosure. It is to be understood that the value to which the modifier ‘about’ refers is itself also specifically, and preferably disclosed.
[0016] It should be noted that in this application, the term such as "example" or "for example" or “exemplary” is used to represent giving an example, an illustration, or descriptions. Any embodiment or design scheme described as an "example" or "for example" in this application should not be explained as being more preferable or having more advantages than another embodiment or design scheme. Exactly, use of the word such as "example" or "for example" is intended to present a related concept in only a specific manner.
[0017] It should be understood that in the embodiments of the present subject matter that "B corresponding to A" indicates that B is associated with A, and B can be determined based on A. However, it should be further understood that determining B based on A does not mean that B is determined based on only A. B may alternatively be determined based on A and/or other information.
[0018] In the embodiments of this application, "a plurality of" means two or more than two. Descriptions such as "first", "second" in the embodiments of this application are merely used for indicating and distinguishing between described objects, do not show a sequence, do not indicate a specific limitation on a quantity of devices in the embodiments of this application, and do not constitute any limitation on the embodiments of this application. In the present disclosure the word heat and temperature are synonymously used.
[0019] Exemplary embodiments of the present disclosure relate to a method and system for processing and transmitting messages from a main system to a plurality of subsystems to ensure an almost fail-safe mechanism for performing operations at the plurality of sub-systems. In an exemplary case, the method includes a main system transmitting a message to at least one of a plurality of sub-systems coupled to the main system forming a network of systems. In an exemplary case the message transmitted from the main system is intercepted and checked. In an exemplary case the intercepted message is processed by a message processor at the interceptor to classify the intercepted message into at least one category belonging to either a classified message or a normal message. In an exemplary case, on determining the intercepted message belonging to a belonging to a normal message category, transmitting the normal message to the plurality of sub-systems without any delay. In an exemplary case, on determining the intercepted message belonging to a classified category, labelling the message as a classified message. In an exemplary case the classified message is moving and storing in a buffer, wherein the buffer may be a temporary buffer, and the buffer located within the interceptor. In an exemplary case, the classified message may be authenticated by an authentication processor, wherein the authentication is performed by a user. In an exemplary case, on authenticating the classified message, the authentication processor changes a status of the classified message to an authenticated message. In an exemplary case, the authenticated message is transmitted to at least one of a plurality of sub-systems for performing an operation at the at least one of the plurality of sub-systems receiving the authenticated message. In an exemplary case, the interceptor may be located anywhere between the main system and the plurality of systems in the network of system.
[0020] In exemplary case, the intercepted message may be categorized as a classified message by determining if a header associated with the message and/or a content associated the message. In an exemplary case, at least one of a pre-defined set of keywords and/or a pre-defined pattern and/or pre-defined rules and/or logical functions and/or a combination thereof may be used to categorize the message as a classified message. In an exemplary case, on determination of the intercepted message belonging to the classified message, flagging/labelling the intercepted message as a classified message, and routing the classified message to the buffer for further processing. In an exemplary case, the messages labelled as classified category message, may directly impact a system setting and/or a protocol setting and/or a relay setting and/or a sensor setting and/or a network setting and/or a communication setting and/or an input/output setting and/or application-level setting at the at least one plurality of sub-systems, resulting in a serious threat and/or damage to the network of systems.
[0021] In an exemplary case, may messages identified and categorized as classified message, is authenticated and subsequently transmitted from a main system to a plurality of sub-systems. In an exemplary case, the main system and the plurality of sub-systems, forming a network system, may typically control industrial processes including manufacturing, process control, power generation, fabrication, and refining of petroleum and/or control chemical processes. In an exemplary case, one or more messages are transmitted from a main system to a plurality of sub-systems. In an exemplary case, the messages being transmitted from the main system to the plurality of sub-systems may be categorized as a normal message and/or a classified message. In an embodiment, classified messages may be critical information to be processed by the sub-systems. In an exemplary case, the classified messages may result in loss of equipment, disrupt operations, result in loss/damage to humans/animals, lead to loss of revenue and severe economic loss etc. In an exemplary case, messages categorized as normal messages includes messages that are not critical to the system and in all likelihood result in little or no major damage to the network systems. In an exemplary case, the main system and the plurality of sub-systems may be located at separate geographical locations for ease of operations and/or other reasons, for example security reasons. In an exemplary case, the main system may require authentication for messages categorized as classified messages and may further require a user to access and authenticate the classified message before being transmitted to the plurality of sub-systems.
[0022] In an exemplary case a method for processing and transmitting messages between a main system and a plurality of sub-systems is explained herewith. In an exemplary case, the system, a network system, may have a main system and a plurality of sub-systems. In an exemplary case, the main system may initiate message (hereinafter also referred to as content or information or data) transmission to least one of the plurality of sub-systems. In an exemplary case, the messages transmitted from the main system routed via an interceptor that screens the messages transmitted from the main system to the at least one plurality of sub-systems . In an exemplary case, the messages are intercepted at the interceptor, and are analyzed and categorized either as classified messages or normal messages. In an exemplary case, messages categorized as normal messages are transmitted to the plurality of sub-systems without any delay for processing after being received at the plurality of sub-systems. In an exemplary case, messages that are categorized as classified messages routed to a buffer and stored in the buffer. In an exemplary case, messages stored in the buffer need to be authenticated by a user before being transmitted to the plurality of sub-systems for performing any operations at the at least one of plurality of sub-systems. In an exemplary case, on storage of the classified message in the buffer, an alert may be provided to a user to authenticate the classified message for further transmission to the at least one plurality of sub-systems for performing an operation on the at least one plurality of sub-systems..
[0023] Reference is now made Figure 1 which is an exemplary illustration of system 100 consisting of a network system having main system 110, interceptor 120 and plurality of sub-systems 140. One or more communication links exist between main system 110 and plurality of sub-systems 140. Interceptor unit 120 is provided as a bridge between main system 110 and the plurality of sub-systems 140.
[0024] Main system 110 may be located at a different location from that of the plurality of sub-systems 140, where main system 110 may be provided with supervisory control to establish control over the plurality of sub-systems. In an exemplary case, plurality of sub-systems 140 may be actuators, microcontrollers, motors, computing devices, control devices, sensors or a combination thereof that may be controlled by main system 110. It should be obvious to a person of ordinary skill in the art that the above listed systems forming the plurality of sub-systems is only an exemplary list and a number of other devices and systems may be added to the list of the plurality of sub-systems and all such fall within the scope of the present disclosure.
[0025] Main system 110, interceptor 120 and plurality of sub-systems 140 may be coupled by communication links. Communication links between main system 110, inceptor 120 and the plurality of sub-systems 140 may be a wired link, a wireless link or a combination thereof. In an exemplary case, the communication link may be secured or unsecured. In an exemplary case, one or more network enabling devices such as routers, modems etc., may be employed as part of the communication link to ensure connectivity between the main system and the plurality of sub-systems.
[0026] All communication may be initiated from main system 110 to plurality of sub-systems 140 via messages 115. . Interceptor 120 may be located at a sub-network or a sub-communication link that exists between main system 120 and plurality of sub-systems 140. One or more components of interceptor 120 may be implemented in hardware and/or software and/or firmware and/or a combination thereof.
[0027] Messages 115 being transmitted from main system 110 to plurality of sub-systems 140 in the network system may be intercepted by interceptor 120. Message 115 intercepted at interceptor 120 may be routed to message processor 122. Message processor 122 processes messages 115, and categorizes the message 115 to belong to either classified message 125 or normal message 127. In an exemplary case, classified messages are know to directly impact a system setting and/or a protocol setting and/or a relay setting and/or a sensor setting and/or a network setting and/or a communication setting and/or an input/output setting and/or application level setting and/or a combination thereof. In an exemplary case, classified messages 125 when processed by the at least one plurality of sub-systems may result high impact at the at least one plurality of sub-systems, thereby causing a threat to the entire network system as a whole. In an exemplary case, if classified message 125 modified and/or compromised may cause equipment loss, operational disruption, loss/damage to humans/animals, lead to loss of revenue, cause severe economic loss etc. In an exemplary case, normal messages 127 may be non-consequential in nature, which do not affect the overall network system and/or cause any critical changes to the plurality of sub-system.s.
[0028] Message processor 122 receives message 125 and analyses message 125. Message processor 122 is configured to categorize message 125 as classified messages 125 and normal message 127. Classified messages 125 would be stored in buffer 130, wherein classified messages 125 stored in buffer 130 require to be authenticated before being transmitted to plurality of sub-systems 140 for performing any operation at plurality of sub-systems 140. message processor 122 analyzes a header and a content of each of messages 125. Message 125 received at message processor 122 are analyzed for pre-defined criteria including a pre-defined set of keywords and/or a pre-defined pattern and/or pre-defined rules and/or logical functions and/or whether the messages are required to be decrypted using a pre-defined decryption methods or a combination of all the above.
[0029] If message processor 122 detects presence of the pre-defined criteria, then message processor 122 categorizes the message as classified message 125 and routes classified message 125 to buffer 130 for further processing. In an exemplary case, messages identified as classified messages 125 are not transmitted to the plurality of sub-systems without a user authentication or a user authorized by-pass. In an exemplary case, the pre-defined criteria may be stored in a repository. In an exemplary case the repository may be continuously updated by either by providing a manual entry and/or using a learning algorithm. In an exemplary case, the repository may include structure data and/or unstructured data and/or a combination thereof.
[0030] On receipt of classified message 125 in buffer 130 authentication processor 124 alerts user 135 to authenticate classified message 125 received at buffer 130. Classified message 125 may be stored for a pre-defined time in buffer 130, wherein alerts may be provided to user 135 at continuous intervals, and after the pre-defined time, classified message 125 may be deleted from buffer 130. All transaction executed at buffer 130, which include authentication, by-passing, deletion etc., may be recorded in a log file that may be stored in buffer 130. Authentication of classified message 125 is performed at authentication processor 124. An alert is provided to user 135 by means of an indicator, wherein indicator may be least one of an audio signal and/or a visual signal and/or a text message and/or a combination thereof. It should be obvious to a person of ordinary skill in the art that various other indicator may be provided to the user and all such form of indicators fall within the scope of the present disclosure. User 135 on receiving indicator from authenticator processor 124 allows user 135 to authenticate classified message 125 stored in buffer 130. In an exemplary case, authentication includes a manual authentication performed by electrical means and/or an optical means by an analog connection and/or an external connection. On authentication of classified message 125 in buffer, status of the message is changed to authenticated message, and authenticated message 132 is then transmitted to the plurality of sub-systems 140.
[0031] In an exemplary case, classified message 125 may be authenticated within a specific period of time which may be defined by user or system administrator. In an exemplary case, if authentication is not performed within a specified period of time, user 135 is alerted at regular intervals to perform authentication of classified message 125 stored in buffer 130. In an exemplary case, if user 135 does not authenticate within the pre-defined time, classified message 125 stored in buffer 130 is discarded and the discarded message and/or details of the discarded message are stored/logged in buffer in a log file, which may be use for further reference.
[0032] In an exemplary case, the log file stores information of messages 115 intercepted by interceptor 120, categorizing messages 115 as classified message 125 ort normal message 127, time of authentication, time of discarding, time of sending indicator and time of transmission of authenticated message. It should be obvious to a person of ordinary skill in the art that various other parameters may also be recorded in the log file and all such parameters that may be recorded fall within the scope of the present disclosure. On receiving authenticated message 132 at plurality of sub-systems 140, at least one of the plurality of sub-systems may execute authenticated message 132 thereby preventing any harm or danger to be cause to the network system 100.
[0033] Reference is now made to Figure 2, which is an exemplary method 200 for processing and transmitting messages from a main system to a plurality of sub-systems in a network system, where . messages 115 may be transmitted from main system 110 to plurality of sub-systems 140 in accordance with embodiments of the present disclosure. At step 210, message 115 is transmitted from main system 110 to plurality of sub-systems 140. At step 220, message 115 may be intercepted during the transmission process from main system 110 to plurality of sub-system 140 at interceptor 120. At step 230, message 115 is categorized either into classified message 135 or normal message 127 by message processor 122 0. Message 115 are categorized by analysing the header and the content of messages 115to check for pre-defined criteria such as for a pre-defined set of keywords and/or a pre-defined pattern and/or pre-defined rules and/or logical functions and/or using a pre-defined decryption methods or a combination of all the above. If message processor 122 detects the pre-defined criteria in any message 115 being transmitted from main system 110 to plurality of sub-systems 140, then message 115 is categorized as classified message 125 and stored in buffer 130, else message 115 is categorized as normal message 127.
[0034] . At step 240, classified message 125 may be stored in buffer 130 and normal message 127 is transmitted to to plurality of sub-systems 140. Messages 115 that are categorized as normal messages 127 are transmitted to plurality of sub-systems 140 without any requirement of authentication or delays. At step 250, classified messages 125 may be authenticated by providing an alert by means of an indicator to user 135, where the indicator includes using at least one of an audio signal and/or a visual signal and/or a text message and/or a combination thereof. User 135 on receipt oof the indicator authenticates classified message 125 by electrical means and/or an optical means by an analog connection and/or an external connection. On completion of authentication a status associated with the message changes from classified message 135 to authenticated message 132. At step 260, authenticated message 132 is transmitted to at least one of the plurality of sub-systems 140.
[0035] In an exemplary case, by performing method 200, which is a mechanism to identify messages 115 that may cause potential harm or cause downtime of the plurality of sub-systems or the network system as a whole, messages 115 with any malicious intent or embedded malware may be flagged and stopped from transmission from main system 110 to plurality of sub-systems 140.,
[0036] Reference is now made to Figure 3, which is an exemplary method 300 for categorizing messages as classified message or normal messages. At step 310, on receiving message 115 at message processor 122 in interceptor 120, a header and/or a content associated with message 115 is scanned and analysed to check whether message 115 satisfies a set of pre-defined conditions/criteria. In an exemplary case, the header or the content associated with message 115 is checked for the pre-defined criteria which includes a pre-defined set of keywords and/or a pre-defined pattern and/or pre-defined rules and/or logical functions.. In an exemplary case, a specific decryption method be used to decode or decrypt message 115 and based on whether the header or the content associated with message 115 have the decoding method specified, message 115 may also be categorized as a classified message. Classified message 125 may be then routed to buffer 130 and stored in buffer 130, after which an alert is provided to user 135 for authentication of classified message 125 stored in buffer 130.
[0037] Reference is now made to Figure 4, which is an exemplary method 400 for authenticating messages and further processing of authenticated messages. At step 410, user 135 is alerted by means of an indicator to provide an authentication to message 125 stored in buffer 130. In an exemplary case, a timer is initiated to receive authentication from user 135 for message 125 stored in buffer 130, and authentication of message 125 needs to be performed within the specified time period. In an exemplary case, the indicator includes at least one of an audio signal and/or a visual signal and/or a text message and/or a combination thereof. At step 425, user 135 authenticates the message 125 by a manual authentication performed by electrical means and/or an optical means by an analog connection and/or an external connection. On authentication of message, at step 435 status of message is changed from classified message 125 to authenticated message 132, authenticated message 132 is transmitted to the plurality of sub-systems.
[0038] Once classified messages 125 are stored in buffer, a pre-defined time period is et of the authentication process. At step 420, if message 125 stored in buffer 130 is not authenticated within a specified the time period, user 135 is alerted periodically by means described previously. At step 430, if no authentication is performed on message 125 stored in buffer 130 within the stipulated time period, message 125 stored in buffer 130 is discarded. In an exemplary case, user 135 may allocate a certain time-period wherein all messages 115 transmitted from main system 110 to plurality of sub-systems 140 are default authorized and/or pass through directly to at least one plurality of sub-systems without any authorization being required. In an exemplary case, if the user is transmitting a relay in a batch, a time period may be set by the user to by-pass authorization during a certain time to pass the commands without any authorization.
[0039] At step 460, a log file stores all information related to received message 115, categorized messages i.e., classified messages 125 and normal messages 127, authenticated messages 132, authentication time, authenticating person, discarded messages with a time stamp and action performed. It should be obvious to a person skilled in the art that the above list is only exemplary in nature and various other parameters may be added to the log file, and all such variations and additional information recorded in the log file fall within the scope of the present disclosure. Log file may be stored in buffer 130 as a repository of structured data and/or unstructured data and/or a combination thereof. . It should also be obvious to a person of ordinary skill in the art that various other modifications may be performed to the system and method as disclosed herein and all such variation that include a network system with a main system interacting with a plurality of sub-systems to perform critical operation, wherein messages from the main system to the plurality of sub-systems are analysed, categorised and authenticating certain class of categorized messages falls within the scope of the present disclosure.
[0040] Although the present disclosure has been described with reference to several preferred embodiments, it should be understood that the present disclosure is not limited to the preferred embodiments disclosed here. Embodiments of the present disclosure are intended to cover various modifications and equivalent arrangements within the spirit and scope of the appended claims. Although the foregoing disclosure has been described in some detail for purposes of clarity of understanding, it will be apparent that certain changes and modifications may be practised within the scope of the appended claims. Examples of the present disclosure have been described in language specific to structural features and/or methods. It should be noted that there are many alternative ways of implementing both the process and apparatus of the present invention. Accordingly, embodiments of the present disclosure are to be considered illustrative and not restrictive, and the invention is not to be limited to the details given herein but may be modified within the scope and equivalents of the appended claims. It should be understood that the appended claims are not necessarily limited to the specific features or methods described. Rather, the specific features and methods are disclosed and explained as examples of the present disclosure. , C , Claims:We Claim:

1. A method for processing and transmitting messages, the messages being transmitted from a main system 110 to a plurality of sub-systems 140, the method comprising:
- intercepting messages 115 being transmitted from a main system 110 to at least one of a plurality to sub-systems 140;
- processing the message 115 intercepted at the interceptor 120;
- categorizing the message 115 into at least one of:
- a classified message 125 and a normal message 127;
- authenticating the classified message 125 stored in a buffer 130, wherein authentication of the classified message is performed by a user 135;
- changing a message status of the classified message 125 to an authenticated message 132; and
- transmitting the authenticated message 132 to at least one of a plurality of sub-systems 140.

2. The method as claimed in claim 1, wherein a message processor 122 is configured to process the message 115 intercepted, wherein processing the message 115 comprises:
- analysing the messages 115 by scanning each of the messages 115 being transmitted from the main system 110 to the plurality of sub-systems 140;
- routing the classified messages 125 to the buffer 130 for authentication; and
- transmitting the normal message 127 from the main system to at least one of the plurality of sub-system without any authentication and/or user intervention.

3. The method as claimed in claim 2, wherein processing the messages by a message processor 122 comprises:
- determining if a header associated with the message 115 and/or a content associated the message 155 comprise at least one of a pre-defined criteria, wherein the pre-defined criteria comprises: at least one of
- a pre-defined set of keywords and/or a pre-defined pattern and/or pre-defined rules and/or logical functions and/or defined set of decryption method and/or a combination thereof, and categorising the message as the classified message 125; and
- on determination of the message 115 belonging to the classified message 125, flagging the classified message 125, and routing the classified message 125 to the buffer 130 for authentication.

4. The method as claimed in claim 1, wherein an authentication processor 124 alerts a user to authenticate the classified message 125.

5. The method as claimed in claim 3, wherein on authentication of the classified message 125, a status of the message set as of the classified message 125 is changed to an authenticated message 132 status, wherein the content of the classified message 125 and the authenticated message 132 is the same.

6. The method as claimed in claim 2 or 4, wherein the message processor 122 and/or the authentication processor 124 is at least one of a software component and/or a hardware component and/or a firmware and/or a combination thereof.

7. The method as claimed in claim 1, wherein the classified message 125 directly impacts a system setting and/or a protocol setting and/or a relay setting and/or a sensor setting and/or a network setting and/or a communication setting and/or an input/output setting and/or application-level setting and/or a combination thereof.

8. The method as claimed in claim 3, wherein a pre-defined set of keywords and/or a pre-defined pattern and/or pre-defined rules and/or logical functions and/or defined set of decryption method and/or a combination thereof are stored in a repository 130.

9. The method as claimed in claim 8, wherein the repository 130 is either one of a structured dataset and/or an unstructured dataset and/or a combination thereof.

10. The method as claimed in claim 9, wherein the repository 130 is updated continuously by at least one of a manual entry and/or a learning algorithm.

11. The method as claimed in claim 4, the method comprising:
- providing an indicator to the user 135 as an alert to authenticate the classified message 125 stored in the buffer 130, wherein the indicator comprises at least one of an audio signal and/or a visual signal and/or a text message and/or a combination thereof.

12. The method as claimed in claim 11, wherein authentication by the user 135 comprises a manual authentication performed by electrical means and/or an optical means by an analog connection and/or an external connection.

13. The method as claimed in claim 11, wherein after a pre-defined time if the user does not authenticate the classified message 125 in the buffer, the method comprises:
- alerting the user 135 at periodic intervals to authenticate the classified message 125 stored in the buffer 130 for a pre-defined time interval; and
- if the user 135 does not authenticate the classified message 125 stored in the buffer 130 within the pre-defined time interval, discarding the classified message 127 from the buffer 130.

14. The method as claimed in claim 1, the method comprising:
- storing a log file for the messages 115 with status and time, the classified message 125 with status and time, and/or the normal message 127 with status and time, discarded message with status and time, alerts provided to the user with time for authenticating the classified message 125, and any other associated status along with a timestamp relevant to the messages.

15. The method as claimed in claim 1, wherein the user 135 allocates a time-period wherein all messages transmitted from the main system to the plurality of sub-systems are default authorized and/or pass through directly to the at least one plurality of sub-systems without any authorization.

16. A system comprising at least a main system, an interceptor and a plurality of subsystems configured to perform the method as claimed in any of the claims 1- 15.