Apparatus and method for dynamic customization of cyber-security risk item rules

US 10,075,475 B2
Filed: 09/30/2015
Issued: 09/11/2018
Est. Priority Date: 02/06/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

obtaining information defining a rule by a risk manager system, the rule identifying a cyber-security risk to a computing device in an industrial process control and automation system;

presenting a textual description describing an effect of the rule to a user by the risk manager system, the textual description including a selectable configuration parameter associated with the rule;

receiving the user'"'"'s selection of the configuration parameter by the risk manager system; and

in response to receiving the user'"'"'s selection of the configuration parameter, converting the configuration parameter in the textual description into an editable field and receiving a value associated with the configuration parameter from the user by the risk manager system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure provides an apparatus and method for dynamic customization of cyber-security risk item rules. A method includes obtaining information defining a rule by a risk manager system, the rule identifying a cyber-security risk to a computing device in an industrial process control and automation system. The method includes presenting a textual description describing the rule to a user by the risk manager system, the textual description including a selectable configuration parameter associated with the rule. The method includes receiving the user'"'"'s selection of the configuration parameter by the risk manager system. The method includes, in response to receiving the user'"'"'s selection of the configuration parameter, receiving a value associated with the configuration parameter from the user by the risk manager system.

136 Citations

22 Claims

1. A method comprising:
- obtaining information defining a rule by a risk manager system, the rule identifying a cyber-security risk to a computing device in an industrial process control and automation system;
  
  presenting a textual description describing an effect of the rule to a user by the risk manager system, the textual description including a selectable configuration parameter associated with the rule;
  
  receiving the user'"'"'s selection of the configuration parameter by the risk manager system; and
  
  in response to receiving the user'"'"'s selection of the configuration parameter, converting the configuration parameter in the textual description into an editable field and receiving a value associated with the configuration parameter from the user by the risk manager system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the selectable configuration parameter is displayed as a hyperlink within the textual description.
  - 3. The method of claim 1, wherein the value associated with the configuration parameter is received through the editable field.
  - 4. The method of claim 1, wherein the textual description describes what the rule will do.
  - 5. The method of claim 1, wherein each rule is associated with at least one physical device.
  - 6. The method of claim 1, further comprising:
    - interacting with the user, by the risk manager system, to define a plurality of rules for risk items to be monitored among a plurality of connected devices in the industrial process control and automation system;
      
      mapping each of the rules to a corresponding one or more of the connected devices by the risk manager system;
      
      monitoring the connected devices according to the rules by the risk manager system; and
      
      displaying an output based on the rules and a status of the connected devices by the risk manager system.
  - 7. The method of claim 6, wherein each rule has one or more parameters and is displayed as a plain-text sentence in a plain text explanation of what the rule will do.
  - 8. The method of claim 6, wherein the risk manager system also defines and stores a configuration text template corresponding to one or more of the rules.
  - 9. The method of claim 6, wherein the risk manager system also identifies the plurality of connected devices, and the plurality of connected devices are vulnerable to cyber-security risks.
  - 10. The method of claim 6, wherein each rule has a selectable configuration parameter that is displayed as a hyperlink within a textual description of the corresponding rule.

11. A risk manager system comprising:
- a controller; and
  
  a display;
  
  wherein the controller is configured to;
  
  obtain information defining a rule, the rule identifying a cyber-security risk to a computing device in an industrial process control and automation system;
  
  present a textual description describing an effect of the rule to a user, the textual description including a selectable configuration parameter associated with the rule;
  
  receive the user'"'"'s selection of the configuration parameter; and
  
  in response to receiving the user'"'"'s selection of the configuration parameter, convert the configuration parameter in the textual description into an editable field and receive a value associated with the configuration parameter from the user.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The risk manager system of claim 11, wherein the controller is configured to display the selectable configuration parameter as a hyperlink within the textual description.
  - 13. The risk manager system of claim 11, wherein the controller is configured to receive the value associated with the configuration parameter through the editable field.
  - 14. The risk manager system of claim 11, wherein the textual description describes what the rule will do.
  - 15. The risk manager system of claim 11, wherein each rule is associated with at least one physical device.
  - 16. The risk manager system of claim 11, wherein the controller is further configured to:
    - interact with the user to define a plurality of rules for risk items to be monitored among a plurality of connected devices in the industrial process control and automation system,map each of the rules to a corresponding one or more of the connected devices,monitor the connected devices according to the rules, anddisplay an output based on the rules and a status of the connected devices.
  - 17. The risk manager system of claim 16, wherein each rule has one or more parameters, and the controller is configured to display each rule as a plain-text sentence in a plain text explanation of what the rule will do.
  - 18. The risk manager system of claim 16, wherein the controller is further configured to define and store a configuration text template corresponding to one or more of the rules.
  - 19. The risk manager system of claim 16, wherein the controller is further configured to identify the plurality of connected devices, and the plurality of connected devices are vulnerable to cyber-security risks.
  - 20. The risk manager system of claim 16, wherein each rule has a selectable configuration parameter that the controller is configured to display as a hyperlink within a textual description of the corresponding rule.

21. A non-transitory machine-readable medium encoded with executable instructions that, when executed, cause one or more processors of a risk manager system to:
- obtain information defining a rule, the rule identifying a cyber-security risk to a computing device in an industrial process control and automation system;
  
  present a textual description describing an effect of the rule to a user, the textual description including a selectable configuration parameter associated with the rule;
  
  receive the user'"'"'s selection of the configuration parameter; and
  
  in response to receiving the user'"'"'s selection of the configuration parameter, convert the configuration parameter in the textual description into an editable field and receive a value associated with the configuration parameter from the user.
- View Dependent Claims (22)
- - 22. The non-transitory machine-readable medium of claim 21, further encoded with executable instructions that, when executed, cause the one or more processors of the risk manager system to:
    - interact with the user to define a plurality of rules for risk items to be monitored among a plurality of connected devices in the industrial process control and automation system;
      
      map each of the rules to a corresponding one or more of the connected devices;
      
      monitor the connected devices according to the rules; and
      
      display an output based on the rules and a status of the connected devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
Carpenter, Seth G.
Primary Examiner(s)
Shepperd, Eric W

Application Number

US14/871,605
Publication Number

US 20160234252A1
Time in Patent Office

1,077 Days
Field of Search

707700, 707710, 707711, 707735, 707736, 707747, 707760, 707809, 707833, 707834
US Class Current
CPC Class Codes

H04L 41/22   comprising specially adapte...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

Apparatus and method for dynamic customization of cyber-security risk item rules

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

136 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Apparatus and method for dynamic customization of cyber-security risk item rules

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

136 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others