Apparatus and method for dynamic customization of cyber-security risk item rules

US 10,686,841 B2
Filed: 05/24/2018
Issued: 06/16/2020
Est. Priority Date: 02/06/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

identifying by a risk manager system a plurality of risk items;

interacting with a user, by the risk manager system, to solicit from the user one or more parameters associated with at least some of the plurality of risk items;

automatically generating, by the risk manager system, a plurality of rules for the plurality of risk items to be monitored among a plurality of connected devices based at least in part on the one or more parameters entered by the user;

mapping each of the rules to one or more of the connected devices by the risk manager system;

monitoring the connected devices according to the rules by the risk manager system; and

displaying an output based on the rules and a status of the connected devices by the risk manager system.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure provides an apparatus and method for dynamic customization of cyber-security risk item rules. A method includes interacting with a user, by a risk manager system, to define a plurality of rules for risk items to be monitored among a plurality of connected devices. The method also includes mapping each of the rules to a corresponding one or more of the connected devices by the risk manager system. The method further includes monitoring the connected devices according to the rules by the risk manager system. In addition, the method includes displaying an output based on the rules and a status of the connected devices by the risk manager system.

Citations

21 Claims

1. A method comprising:
- identifying by a risk manager system a plurality of risk items;
  
  interacting with a user, by the risk manager system, to solicit from the user one or more parameters associated with at least some of the plurality of risk items;
  
  automatically generating, by the risk manager system, a plurality of rules for the plurality of risk items to be monitored among a plurality of connected devices based at least in part on the one or more parameters entered by the user;
  
  mapping each of the rules to one or more of the connected devices by the risk manager system;
  
  monitoring the connected devices according to the rules by the risk manager system; and
  
  displaying an output based on the rules and a status of the connected devices by the risk manager system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein each rule references one or more of the parameters, and each rule is displayed as a plain text explanation of what the rule will do with one or more parameters embedded in the plain text explanation.
  - 3. The method of claim 1, wherein the risk manager system defines and stores a configuration text template corresponding to one or more of the rules.
  - 4. The method of claim 1, wherein:
    - the risk manager system identifies the plurality of connected devices; and
      
      at least some of the plurality of connected devices are vulnerable to cyber-security risks.
  - 5. The method of claim 1, wherein at least one of the one or more parameters is accessible via a selectable hyperlink within a textual description of a rule.
  - 6. The method of claim 1, wherein each rule identifies a cyber-security risk to a computing device in an industrial process control and automation system.
  - 7. The method of claim 1, further comprising, for each rule:
    - obtaining information defining the rule;
      
      presenting a textual description describing an effect of the rule to the user by the risk manager system, the textual description including a selectable field associated with a parameter of the rule; and
      
      in response to receiving the user'"'"'s selection of the selectable field, presenting an editable field and receiving a value associated with the parameter of the rule from the user.

8. A risk manager system comprising:
- a display; and
  
  a controller configured to;
  
  identify a plurality of risk items;
  
  interact with a user to solicit from the user one or more parameters associated with at least some of the plurality of risk items;
  
  automatically generate a plurality of rules for the plurality of risk items to be monitored among a plurality of connected devices based at least in part on the one or more parameters entered by the user;
  
  map each of the rules to one or more of the connected devices by the risk manager system;
  
  monitor the connected devices according to the rules by the risk manager system; and
  
  display an output based on the rules and a status of the connected devices by the risk manager system.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The risk manager system of claim 8, wherein:
    - the controller is configured to display each rule as a plain text explanation of what the rule will do with one or more parameters embedded in the plain text explanation.
  - 10. The risk manager system of claim 8, wherein the controller is configured to define and store a configuration text template corresponding to one or more of the rules.
  - 11. The risk manager system of claim 8, wherein:
    - the controller is configured to identify the plurality of connected devices; and
      
      at least some of the plurality of connected devices are vulnerable to cyber-security risks.
  - 12. The risk manager system of claim 8, wherein:
    - at least one of the one or more parameters is accessible via a selectable hyperlink within a textual description of a rule.
  - 13. The risk manager system of claim 8, wherein each rule identifies a cybersecurity risk to a computing device in an industrial process control and automation system.
  - 14. The risk manager system of claim 8, wherein the controller is further configured, for each rule, to:
    - obtain information defining the rule;
      
      present a textual description describing an effect of the rule to the user by the risk manager system, the textual description including a selectable field associated with a parameter of the rule; and
      
      in response to receiving the user'"'"'s selection of the selectable field, presenting an editable field and receive a value associated with the parameter of the rule from the user.
  - 15. The risk manager system of claim 8, wherein the controller comprises one or more processors.

16. A non-transitory machine-readable medium containing instructions that when executed cause one or more processors of a risk manager system to:
- identify a plurality of risk items;
  
  interact with a user to solicit from the user one or more parameters associated with at least some of the plurality of risk items;
  
  automatically generate a plurality of rules for the plurality of risk items to be monitored among a plurality of connected devices based at least in part on the one or more parameters entered by the user;
  
  map each of the rules to one or more of the connected devices by the risk manager system;
  
  monitor the connected devices according to the rules by the risk manager system; and
  
  display an output based on the rules and a status of the connected devices by the risk manager system.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The non-transitory machine-readable medium of claim 16, wherein:
    - the medium further contains instructions that when executed cause the one or more processors of the risk manager system to display each rule as a plain text explanation of what the rule will do with one or more parameters embedded in the plain text explanation.
  - 18. The non-transitory machine-readable medium of claim 16, wherein the medium further contains instructions that when executed cause the one or more processors of the risk manager system to define and store a configuration text template corresponding to one or more of the rules.
  - 19. The non-transitory machine-readable medium of claim 16, wherein:
    - at least one of the one or more parameters is accessible via a selectable hyperlink within a textual description of a rule.
  - 20. The non-transitory machine-readable medium of claim 16, wherein each rule identifies a cyber-security risk to a computing device in an industrial process control and automation system.
  - 21. The non-transitory machine-readable medium of claim 16, wherein the medium further contains instructions that when executed cause the one or more processors of the risk manager system to:
    - obtain information defining the rule;
      
      present a textual description describing an effect of the rule to the user by the risk manager system, the textual description including a selectable field associated with a parameter of the rule; and
      
      in response to receiving the user'"'"'s selection of the selectable field, presenting an editable field and receive a value associated with the parameter of the rule from the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
Carpenter, Seth G.
Primary Examiner(s)
Shepperd, Eric W

Application Number

US15/988,184
Publication Number

US 20180270273A1
Time in Patent Office

754 Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/22   comprising specially adapte...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

Apparatus and method for dynamic customization of cyber-security risk item rules

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for dynamic customization of cyber-security risk item rules

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links