System, method and medium for certifying and accrediting requirements compliance
First Claim
1. A computer-assisted method of generating at least one test procedure for a target system having at least one device capable of being identified, each of the at least one device having hardware and/or software, said method comprising the steps of:
- a) collecting information descriptive of at least a hardware and/or software specification for the at least one device;
b) selecting at least one predefined standard, regulation and/or requirement with which the target system is to comply;
c) associating hardware and/or software information pertaining to the at least one device, collected in said step a), with at least one pre-defined platform category;
d) for each of said at least one platform category, determining which of one or more test procedures will be used to test hardware and/or software associated with said at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement; and
e) generating one or more test procedures as determined in said step d) for each platform category.
5 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented system, method and medium for assessing the risk of and/or determining the suitability of a system to comply with at least one predefined standard, regulation and/or requirement. In at least some embodiments of the present invention, the method comprises the steps of: 1) automatically or manually gathering information pertaining to the system, 2) selecting one or more requirements with which the system is to comply; 3) testing the system against the requirements; 4) performing risk assessment of the failed test procedures, and 5) generating certification documentation based on an assessment of the first four elements.
-
Citations
86 Claims
-
1. A computer-assisted method of generating at least one test procedure for a target system having at least one device capable of being identified, each of the at least one device having hardware and/or software, said method comprising the steps of:
-
a) collecting information descriptive of at least a hardware and/or software specification for the at least one device;
b) selecting at least one predefined standard, regulation and/or requirement with which the target system is to comply;
c) associating hardware and/or software information pertaining to the at least one device, collected in said step a), with at least one pre-defined platform category;
d) for each of said at least one platform category, determining which of one or more test procedures will be used to test hardware and/or software associated with said at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement; and
e) generating one or more test procedures as determined in said step d) for each platform category. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72)
-
-
25. In a general purpose computing system, a computer-assisted method of generating at least one test procedure for a target system having at least one device capable of being identified, each of the at least one device having hardware and/or software, said method comprising the steps of:
-
a) collecting information descriptive of at least a hardware and/or software specification for the at least one device;
b) selecting at least one predefined standard, regulation and/or requirement with which the target system is to comply;
c) associating hardware and/or software information pertaining to the at least one device, collected in said step a), with at least one pre-defined platform category;
d) for each of said at least one platform category, determining which of one or more test procedures will be used to test hardware and/or software associated with said at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement; and
e) generating one or more test procedures as determined in said step d) for each platform category.
-
-
49. A computer program medium storing computer instructions therein for instructing a computer to perform a computer-implemented and user assisted process of generating at least one test procedure for a target system having at least one device capable of being identified, each of the at least one device having hardware and/or software, said program medium comprising the steps of:
-
a) collecting information descriptive of at least a hardware and/or software specification for the at least one device;
b) selecting at least one predefined standard, regulation and/or requirement with which the target system is to comply;
c) associating hardware and/or software information pertaining to the at least one device, collected in said step a), with at least one pre-defined platform category;
d) for each of said at least one platform category, determining which of one or more test procedures will be used to test hardware and/or software associated with said at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement; and
e) generating one or more test procedures as determined in said step d) for each platform category.
-
-
73. A system for generating at least one test procedure for a target system having at least one device capable of being identified, each of the at least one device having hardware and/or software, said system comprising:
-
a) a discovery engine that scans the target system for the hardware configuration, operating system and/or application programs of each of the at least one device;
b) at least one storage medium for storing thereon at least;
(i) at least one predefined standard, regulation and/or requirement with which the segment is to comply; and
(ii) data pertaining to at least one platform category, each platform category having associated therewith one or more devices having at least a hardware specification and an operating system; and
c) decision logic for determining which of zero or more test procedures will be used to test each of the at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement. - View Dependent Claims (74, 75, 76)
-
-
77. A system for generating at least one test procedure for a target system having at least one device capable of being identified, each of the at least one device having hardware and/or software, said system comprising:
-
a) a discovery engine that scans the target system information descriptive of at least a hardware and/or software specification for the at least one device;
b) a storage medium for storing at least one predefined standard, regulation and/or requirement with which the target system is to comply; and
c) a plurality of information entities, each of said plurality of information entities storing data pertaining to at least one predefined platform category, each platform category defining one or more devices having at least a hardware specification and an operating system; and
d) decision logic for determining which of one or more test procedures will be used to test each platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement. - View Dependent Claims (78, 79)
-
-
80. A system for generating at least one test procedure for a target system comprising at least one device, each of the at least one device comprising a combination of hardware and software, said system comprising:
-
a) a discovery engine that scans the target system for at least a hardware and/or software specification for the at least one device;
b) at least one storage medium for storing thereon;
(i) at least one predefined standard, regulation and/or requirement with which the target system is to comply; and
(ii) data pertaining to at least one platform category, each platform category having associated therewith one or more devices having at least a hardware specification and an operating system; and
c) decision logic for;
i) associating hardware and/or software information pertaining to the at least one device, collected by said discovery engine, with at least one pre-defined platform category;
ii) for each of said at least one platform category, determining which of one or more test procedures will be used to test hardware and/or software associated with said at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement; and
iii) generating one or more test procedures as determined in said step ii) for each platform category. - View Dependent Claims (81, 82)
-
-
83. The system according to claim 83 wherein said network discovery engine further collects information pertaining to at least one of application software, hard disk drive capacity, device manufacturer, and device model.
-
84. A system for generating at least one test procedure for a target system having at least one device capable of being identified, each of the at least one device having hardware and/or software, said system comprising:
-
a) means for scanning the target system information descriptive of at least a hardware and/or software specification for the at least one device;
b) means for storing at least one predefined standard, regulation and/or requirement with which the target system is to comply; and
c) means for associating hardware and/or software information pertaining to the at least one device, collected by said means for scanning, with at least one pre-defined platform category;
d) for each of said at least one platform category, means for determining which of one or more test procedures will be used to test hardware and/or software associated with said at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement; and
e) means for generating one or more test procedures as determined in said step d) for each platform category.
-
-
85. A system for generating at least one test procedure for a target system comprising at least one device, each of the at least one device comprising a combination of hardware and software, said system comprising:
-
a) means for scanning the target system for at least a hardware and/or software specification for the at least one device;
b) means for storing thereon;
(i) at least one predefined standard, regulation and/or requirement with which the segment is to comply; and
(ii) data pertaining to at least one platform category, each platform category having associated therewith one or more devices having at least a hardware specification and an operating system; and
c) means for associating hardware and/or software information pertaining to the at least one device, collected by said discovery engine, with at least one pre-defined platform category;
d) for each of said at least one platform category, means for determining which of one or more test procedures will be used to test hardware and/or software associated with said at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement; and
e) means for generating one or more test procedures, as determined by said means for determining, for each platform category.
-
-
86. A computer-assisted method of generating at least one test procedure for a target system having at least one device capable of being identified, each of the at least one device having hardware and/or software, said method comprising the steps of:
-
a) collecting information descriptive of at least a hardware and/or software specification for the at least one device;
b) selecting at least one predefined standard, regulation and/or requirement with which the target system is to comply;
c) associating hardware and/or software information pertaining to the at least one device, collected in said step a), with at least one pre-defined platform category;
d) for each of said at least one platform category, determining which of one or more test procedures will be used to test hardware and/or software associated with said at least one platform category based on a mapping between the test procedures and the at least one predefined standard, regulation and/or requirement; and
e) generating one or more test procedures as determined in said step d) for each platform category;
f) performing the steps associated with the test procedures generated in said step e) to determine whether the target system passes or fails the at least one the test procedure;
g) generating a score for each of a plurality of threat elements, each score indicating a likelihood of that threat element affecting and/or impacting the target system; and
h) (1) obtaining a threat correlation indication associated with said at least one test procedure, wherein said threat correlation indication indicates a relative potential of one or more given threats to exploit a vulnerability caused by a failure of the at least one test procedure, and (2) determining a risk assessment by comparing each score generated in said step g) with a corresponding threat correlation indication of said step h) (1).
-
Specification