Patch management is an important component of an overall control system security strategy. In some cases, it's the most effective mitigation strategy against for a newly discovered vulnerabilities. The difficulty with patch management is deployment into the ICS environment without risking operations disruption. Careful maintenance window scheduling, testing and associated policies and practices are required to balance system reliability.
PM SCADA undergoes these tests in its laboratory to:
▲ Understand the vulnerabilities that exist in the ICS, the exposure of the vulnerable components, and the relevant controls available;
▲ Assess risks by determining the right balance between vulnerabilities consequences, patches advantages and deployment efforts required and impacts at the applications, operating systems and organization levels;
▲ To respect a strict deployment scheduling;
▲ Use a dedicated patch manager and an anti-virus server located in the ICS DMZ.