skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Recommended Practice for Patch Management of Control Systems

Abstract

A key component in protecting a nation’s critical infrastructure and key resources is the security of control systems. The term industrial control system refers to supervisory control and data acquisition, process control, distributed control, and any other systems that control, monitor, and manage the nation’s critical infrastructure. Critical Infrastructure and Key Resources (CIKR) consists of electric power generators, transmission systems, transportation systems, dam and water systems, communication systems, chemical and petroleum systems, and other critical systems that cannot tolerate sudden interruptions in service. Simply stated, a control system gathers information and then performs a function based on its established parameters and the information it receives. The patch management of industrial control systems software used in CIKR is inconsistent at best and nonexistent at worst. Patches are important to resolve security vulnerabilities and functional issues. This report recommends patch management practices for consideration and deployment by industrial control systems owners.

Authors:
; ;
Publication Date:
Research Org.:
Idaho National Laboratory (INL)
Sponsoring Org.:
USDOE
OSTI Identifier:
944885
Report Number(s):
INL/EXT-08-14740
TRN: US200902%%1143
DOE Contract Number:
DE-AC07-99ID-13727
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
42 ENGINEERING; COMMUNICATIONS; CONTROL SYSTEMS; DATA ACQUISITION; ELECTRIC POWER; FUNCTIONALS; MANAGEMENT; PETROLEUM; PROCESS CONTROL; SECURITY; TRANSPORTATION SYSTEMS; WATER; control system; patch management; recommended practice

Citation Formats

Steven Tom, Dale Christiansen, and Dan Berrett. Recommended Practice for Patch Management of Control Systems. United States: N. p., 2008. Web. doi:10.2172/944885.
Copy to clipboard
Steven Tom, Dale Christiansen, & Dan Berrett. Recommended Practice for Patch Management of Control Systems. United States. doi:10.2172/944885.
Copy to clipboard
Steven Tom, Dale Christiansen, and Dan Berrett. Mon . "Recommended Practice for Patch Management of Control Systems". United States. doi:10.2172/944885. https://www.osti.gov/servlets/purl/944885.
Copy to clipboard
@article{osti_944885,
title = {Recommended Practice for Patch Management of Control Systems},
author = {Steven Tom and Dale Christiansen and Dan Berrett},
abstractNote = {A key component in protecting a nation’s critical infrastructure and key resources is the security of control systems. The term industrial control system refers to supervisory control and data acquisition, process control, distributed control, and any other systems that control, monitor, and manage the nation’s critical infrastructure. Critical Infrastructure and Key Resources (CIKR) consists of electric power generators, transmission systems, transportation systems, dam and water systems, communication systems, chemical and petroleum systems, and other critical systems that cannot tolerate sudden interruptions in service. Simply stated, a control system gathers information and then performs a function based on its established parameters and the information it receives. The patch management of industrial control systems software used in CIKR is inconsistent at best and nonexistent at worst. Patches are important to resolve security vulnerabilities and functional issues. This report recommends patch management practices for consideration and deployment by industrial control systems owners.},
doi = {10.2172/944885},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Mon Dec 01 00:00:00 EST 2008},
month = {Mon Dec 01 00:00:00 EST 2008}
}
Copy to clipboard
Technical Report:
View Technical Report
DOI:  10.2172/944885
Save / Share:
Export Metadata
Save to My Library
You must Sign In or Create an Account in order to save documents to your library.

  • ;
    Cyber forensics has been in the popular mainstream for some time, and has matured into an information-technology capability that is very common among modern information security programs. The goal of cyber forensics is to support the elements of troubleshooting, monitoring, recovery, and the protection of sensitive data. Moreover, in the event of a crime being committed, cyber forensics is also the approach to collecting, analyzing, and archiving data as evidence in a court of law. Although scalable to many information technology domains, especially modern corporate architectures, cyber forensics can be challenging when being applied to non-traditional environments, which are notmore » comprised of current information technologies or are designed with technologies that do not provide adequate data storage or audit capabilities. In addition, further complexity is introduced if the environments are designed using proprietary solutions and protocols, thus limiting the ease of which modern forensic methods can be utilized. The legacy nature and somewhat diverse or disparate component aspects of control systems environments can often prohibit the smooth translation of modern forensics analysis into the control systems domain. Compounded by a wide variety of proprietary technologies and protocols, as well as critical system technologies with no capability to store significant amounts of event information, the task of creating a ubiquitous and unified strategy for technical cyber forensics on a control systems device or computing resource is far from trivial. To date, no direction regarding cyber forensics as it relates to control systems has been produced other than what might be privately available from commercial vendors. Current materials have been designed to support event recreation (event-based), and although important, these requirements do not always satisfy the needs associated with incident response or forensics that are driven by cyber incidents. To address these issues and to accommodate for the diversity in both system and architecture types, a framework based in recommended practices to address forensics in the control systems domain is required. This framework must be fully flexible to allow for deployment into any control systems environment regardless of technologies used. Moreover, the framework and practices must provide for direction on the integration of modern network security technologies with traditionally closed systems, the result being a true defense-in-depth strategy for control systems architectures. This document takes the traditional concepts of cyber forensics and forensics engineering and provides direction regarding augmentation for control systems operational environments. The goal is to provide guidance to the reader with specifics relating to the complexity of cyber forensics for control systems, guidance to allow organizations to create a self-sustaining cyber forensics program, and guidance to support the maintenance and evolution of such programs. As the current control systems cyber security community of interest is without any specific direction on how to proceed with forensics in control systems environments, this information product is intended to be a first step.« less

  • ;
    This paper addresses an often overlooked “backdoor” into critical infrastructure control systems created by modem connections. A modem’s connection to the public telephone system is similar to a corporate network connection to the Internet. By tracing typical attack paths into the system, this paper provides the reader with an analysis of the problem and then guides the reader through methods to evaluate existing modem security. Following the analysis, a series of methods for securing modems is provided. These methods are correlated to well-known networking security methods.

  • A summary of the technique of magnesium alloy preparation and treatment by the HAE process is presented. The equipment necessary for the installation of the process is described, as well as the operating procedure and bath control. coating characteristics are given, and an outline of recent process development is discussed. Military specification for coating magnesium alloy is included as well as data on the process and methods of bath analysis. (J.R.D.)

  • ;
    Many papers and reports have been written on studies conducted by the Oak Ridge National Laboratory and investigations by others on the effect of high-altitude electromagnetic pulses (HEMP) on electric power systems. More than 100 of the published unclassified documents were reviewed with the objectives of: 1. summarizing the mitigation methods suggested in the documents and providing a subjective evaluation of each 2. discussing various standards . that presently apply to the effects of HEMP on utility systems and suggesting additions or modifications or new standards where deficiencies appear to exist; and 3. recommending future studies or actions to improvemore » the utility response to HEMP. While all three components of HEMP were mentioned, only the early-time short-duration E[sub 1] pulse and the late-time long-duration E[sub 3] pulse were considered in detail; the E[sub 2] intermediate component was not considered to affect the power system significantly.« less

  • ;
    Many papers and reports have been written on studies conducted by the Oak Ridge National Laboratory and investigations by others on the effect of high-altitude electromagnetic pulses (HEMP) on electric power systems. More than 100 of the published unclassified documents were reviewed with the objectives of: 1. summarizing the mitigation methods suggested in the documents and providing a subjective evaluation of each 2. discussing various standards . that presently apply to the effects of HEMP on utility systems and suggesting additions or modifications or new standards where deficiencies appear to exist; and 3. recommending future studies or actions to improvemore » the utility response to HEMP. While all three components of HEMP were mentioned, only the early-time short-duration E{sub 1} pulse and the late-time long-duration E{sub 3} pulse were considered in detail; the E{sub 2} intermediate component was not considered to affect the power system significantly.« less