Search

EP-4741956-A1 - METHOD FOR CONFIGURING A SYSTEM CONFIGURATION OF AN INDUSTRIAL CONTROL SYSTEM OF AN INDUSTRIAL PLANT

EP4741956A1EP 4741956 A1EP4741956 A1EP 4741956A1EP-4741956-A1

Abstract

The disclosure relates to a computer-implemented method (100) for configuring an industrial control system, ICS, system configuration (15) of an industrial control system, ICS, (10) of an industrial plant, the method (100) comprising: - obtaining trigger data indicative of a request and/or a requirement to configure the ICS system configuration (15); - obtaining configuration data indicative of instructions for configuring the ICS system configuration (15), the configuration data being obtained based on the trigger data; - obtaining approval data indicative of an approval of the configuration data by at least one approved user (1) of the ICS (10); and - configuring the ICS system configuration (15) based on the configuration data and the approval data.

Inventors

  • Gruener, Sten
  • TROSTEN, Anders

Assignees

  • ABB SCHWEIZ AG

Dates

Publication Date
20260513
Application Date
20241111

Claims (15)

  1. A computer-implemented method (100) for configuring an industrial control system, ICS, system configuration (15) of an industrial control system, ICS, (10) of an industrial plant, the method (100) comprising: - obtaining trigger data indicative of a request and/or a requirement to configure the ICS system configuration (15); - obtaining configuration data indicative of instructions for configuring the ICS system configuration (15), the configuration data being obtained based on the trigger data; - obtaining approval data indicative of an approval of the configuration data by at least one approved user (1) of the ICS (10); and - configuring the ICS system configuration (15) based on the configuration data and the approval data.
  2. The method (100) of claim 1, wherein the configuration data comprises a playbook instance (6), which comprises the instructions for configuring the ICS system configuration (15) as actions on an information technology, IT, level and an operation technology, OT, level of the ICS (10).
  3. The method (100) of claim 2, wherein a playbook template (4) for the playbook instance (6) is selected from a playbook template repository (3) based on the trigger data, wherein the playbook template repository (3) comprises multiple predefined playbook templates (4).
  4. The method (100) of claim 3, wherein the playbook template (4) is selected using a generative artificial intelligence, GAI, model, the GAI model in particular using a retrieval augmented generation, RAG, technique.
  5. The method (100) of claim 3 or 4, wherein the playbook instance (6) is based on the selected playbook template (4), which is loaded with playbook parameters (5) for the ICS system configuration (15) and the actions for configuring the ICS system configuration (15) are parametrized based on the playbook parameters (5).
  6. The method (100) of claim 5, wherein the playbook parameters (5) are determined using a generative artificial intelligence, GAI, model, the GAI model in particular using a retrieval augmented generation, RAG, technique.
  7. The method (100) of any one of claims 2 to 6, wherein a playbook template (4) for the playbook instance (6) is generated using a generative artificial intelligence, GAI, model, based on the trigger data, the GAI model in particular using a retrieval augmented generation, RAG, technique.
  8. The method (100) of any one of claims 2 to 7, wherein the method (100) further comprises checking the playbook instance (6) before configuring the ICS system configuration (15), the checking including one or more of: a syntax check of the playbook instance (6), applying a predefined rule set of one or more checks to the playbook instance (6), and a combability check of the compatibility of the playbook instance (6) with one or more constraints and/or one or more states of the ICS system configuration (15).
  9. The method (100) of any one of the previous claims, wherein the ICS system configuration (15) is configured across a distributed control system (11), DCS, of the ICS (10) and one or more of: at least one field device (12), at least one edge device (13), and at least one cloud server (14) of the ICS (10).
  10. The method (100) of any one of the previous claims, wherein the approval data is obtained after checking approval requirements of the configuration data and/or the ICS system configuration (15) against an approval permission of the at least one approved user (1).
  11. The method (100) of any one of the previous claims, wherein the configuration data is indicative of declarative instructions for configuring the system configuration (15) of the ICS (10).
  12. The method (100) of any one of the previous claims, wherein the instructions of the configuration data are transformed into computer-executable code by a generative artificial intelligence, GAI, model.
  13. The method (100) of any one of the previous claims, wherein the method further comprises logging the ICS system configuration (15) before configuring the ICS system configuration (15) based on the configuration data and the approval data.
  14. One or more computer program products comprising instructions which, when executed by one or more data processing apparatuses, cause the one or more data processing apparatuses to carry out the method (100) of any one of the previous claims.
  15. A data processing system configured to carry out the method (100) of any one of claims 1 to 13.

Description

TECHNICAL FIELD The present invention relates to a computer-implemented method for configuring a system configuration of an industrial control system of an industrial plant, one or more computer program products, and a data processing system. BACKGROUND Industrial Control Systems, ICS, include a combination of hardware and software for a wide range of applications of industrial plants. These applications include but are not limited to mining extraction, transportation and processing, chemical manufacturing plants, water and wastewater treatment, electric power generation plants, and pharmaceutical processing facilities. ICS are engineered to oversee and manage industrial equipment and processes for the specific application. ICS typically comprise a Distributed Control System, DCS, which is typically formed by a software executed on one or more computers or, in other words, a computerized system that automates the existing industrial equipment in the industrial plant, which may typically be used in continuous and/or batch processing. Further, ICS typically include several devices such as but not limited to field devices or industrial equipment (e.g., a sensor-actor-machine, machine controllers, etc.), edge devices (e.g., based on Unified Architecture, UA), and cloud servers. These different devices together with the DCS typically form the ICS used to oversee and manage the industrial plant. Generally, the ICS may include software and hardware throughout some or all levels of the automation pyramid, including Information Technology, IT, and Operation Technology, OT, level. Configuration of the ICS, including the DCS and the systems or devices around it, e.g., industrial edges and field devices, is currently done through manual interactions and on an individual basis for each system or device, which is not only time-consuming but also error prone. Besides efficiency improvements with respect to process-related DCS configurations like generating a control application, defining function blocks, managing alarms etc., there is also a need for the automation of the system configuration of the ICS itself, like exposing signals from the DCS to upper layers of the automation pyramid, asset management tasks, setting up proper access rights for users within the system or updating the software versions within components of the DCS. One driver for such an extended configuration needs is the advent of NAMUR Open Architecture, NOA, defining dedicated read and write channels from and into the DCS, which needs to be engineered effectively in addition to the existing control application (which is written in, e.g., in some languages defined in IEC 61131-3). SUMMARY The above problem or need is at least partially solved or alleviated by the subject matters of the independent claims of the present disclosure, wherein further examples are incorporated in the dependent claims. According to an aspect of the present disclosure, there is provided a computer-implemented method for configuring an industrial control system, ICS, system configuration of an industrial control system, ICS, of an industrial plant, the method comprising: obtaining trigger data indicative of a request and/or requirement to configure the ICS system configuration;obtaining configuration data indicative of instructions for configuring the ICS system configuration, the configuration data being obtained based on the trigger data;obtaining approval data indicative of an approval of the configuration data by at least one approved user of the ICS; andconfiguring the ICS system configuration based on the configuration data and the approval data. Accordingly, the method may first be triggered by obtaining trigger data. The trigger data may for example be obtained when there is a request to configure the system configuration of the ICS or, in other words, the ICS system configuration. Such a request may be from a user of the ICS, e.g., using hardware input means of the ICS, such as a computer mouse, keyboard, or similar for providing a user input indicative of the request to configure the ICS system configuration. In this regard, configuring the ICS system configuration may have several meanings such as but not limited to writing, deleting and overwriting data. In particular, the ICS system configuration may be updated, re-configured, newly configured and so on by configuring it. For example, the user may be an administrator or generally a user having the right to grant certain access rights to other users. In this case, such user may want to change or set up access rights for other users of the ICS, which is why they need to configure or reconfigure the system configuration of the ICS. Specifically, they may need to add new users with their data and access rights to the ICS system configuration, which may in particular include writing new data on several levels or into systems or devices of the system configuration of the ICS. Alternatively, or additionally, for example