Deployment assurance checks for monitoring industrial control systems
First Claim
Patent Images
1. A method for deployment assurance checks for monitoring an industrial control systems, comprising:
- identifying, by a risk manager system, a plurality of connected devices that are vulnerable to cyber-security risks;
determining, by the risk manager system, devices to be monitored from the plurality of connected device;
verifying any relevant software or hardware prerequisites on the devices to be monitored;
validating whether an appropriate software version is present on each device to be monitored through a remote Windows Management Infrastructure (WMI) query by a user;
evaluating system resource usage, by the risk manager system, on each device to be monitored;
evaluating, by the risk manager system, security prerequisites on the connected devices, the evaluating security prerequisites includes;
checking firewall setting on each device,validating that monitoring process is running from an account that is recognized, andreceiving credentials from a user and sending credentials to the connected devices; and
providing recommendations to the user, by the risk manager system, as to whether or not the user should proceed with the monitoring, based on the evaluation and on whether the monitoring would increase the system resource usage beyond a predetermined threshold and recommendations as to whether or not to install a monitoring agent on each of the connected devices and providing a level of enforcement of the recommendations, the level of enforcement includes at least one of “
No”
enforcement “
Soft”
enforcement or “
Hard”
enforcement.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure provides an apparatus and method for deployment assurance checks for monitoring industrial control systems and other systems. A method includes identifying, by a risk manager system, a plurality of connected devices that are vulnerable to cyber-security risks. The method includes determining devices to be monitored from the plurality of connected devices. The method includes evaluating system resource usage, by the risk manager system, on each device to be monitored. The method includes providing recommendations to a user as to whether or not the user should proceed with the monitoring, based on the evaluation.
8 Citations
14 Claims
-
1. A method for deployment assurance checks for monitoring an industrial control systems, comprising:
-
identifying, by a risk manager system, a plurality of connected devices that are vulnerable to cyber-security risks; determining, by the risk manager system, devices to be monitored from the plurality of connected device; verifying any relevant software or hardware prerequisites on the devices to be monitored; validating whether an appropriate software version is present on each device to be monitored through a remote Windows Management Infrastructure (WMI) query by a user; evaluating system resource usage, by the risk manager system, on each device to be monitored; evaluating, by the risk manager system, security prerequisites on the connected devices, the evaluating security prerequisites includes; checking firewall setting on each device, validating that monitoring process is running from an account that is recognized, and receiving credentials from a user and sending credentials to the connected devices; and providing recommendations to the user, by the risk manager system, as to whether or not the user should proceed with the monitoring, based on the evaluation and on whether the monitoring would increase the system resource usage beyond a predetermined threshold and recommendations as to whether or not to install a monitoring agent on each of the connected devices and providing a level of enforcement of the recommendations, the level of enforcement includes at least one of “
No”
enforcement “
Soft”
enforcement or “
Hard”
enforcement. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A risk manager system comprising:
-
a controller; and a memory, the risk manager system configured to; identify a plurality of connected devices that are vulnerable to cyber-security risks; determine devices to be monitored from the plurality of connected devices; verify any relevant software or hardware prerequisites on the devices to be monitored; validate whether an appropriate software version is present on each device to be monitored through a remote Windows Management Infrastructure (WMI) query by a user; evaluate system resource usage on each device to be monitored; evaluate evaluating security prerequisites on the connected devices, the evaluation of security prerequisites includes; check firewall setting on each device, validate that monitoring process is running from an account that is recognized, and receive credentials from the user and send credentials to the connected devices; and provide recommendations to the user as to whether or not the user should proceed with the monitoring, based on the evaluation and on whether the monitoring would increase the system resource usage beyond a predetermined threshold and recommendations as to whether or not to install a monitoring agent on each of the connected devices and provide a level of enforcement of the recommendations, the level of enforcement includes at least one of “
No”
enforcement, “
Soft”
enforcement or “
Hard”
enforcement. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory machine-readable medium encoded with executable instructions that, when executed, cause one or more processors of a risk manager system to:
-
identify a plurality of connected devices that are vulnerable to cyber-security risks; determine devices to be monitored from the plurality of connected devices; verify any relevant software or hardware prerequisites on the devices to be monitored; validate whether an appropriate software version is present on each device to be monitored through a remote Windows Management Infrastructure (WMI) query by a user; evaluate system resource usage on each device to be monitored; evaluate security prerequisites on the connected devices, the evaluation of security prerequisites includes; check firewall setting on each device, validate that monitoring process is running from an account that is recognized, and receive credentials from the user and send credentials to the connected devices; and provide recommendations to the user as to whether or not the user should proceed with the monitoring, based on the evaluation and on whether the monitoring would increase the system resource usage beyond a predetermined threshold and recommendations as to whether or not to install a monitoring agent on each of the connected devices and provide a level of enforcement of the recommendations, the level of enforcement includes at least one of “
No”
enforcement, “
Soft”
enforcement or “
Hard”
enforcement. - View Dependent Claims (12, 13, 14)
-
Specification