DEPLOYMENT ASSURANCE CHECKS FOR MONITORING INDUSTRIAL CONTROL SYSTEMS

US 20170140154A1
Filed: 11/17/2015
Published: 05/18/2017
Est. Priority Date: 11/17/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

identifying, by a risk manager system, a plurality of connected devices that are vulnerable to cyber-security risks;

determining, by the risk manager system, devices to be monitored from the plurality of connected devices;

evaluating system resource usage, by the risk manager system, on each device to be monitored; and

providing recommendations to a user, by the risk manager system, as to whether or not the user should proceed with the monitoring, based on the evaluation.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure provides an apparatus and method for deployment assurance checks for monitoring industrial control systems and other systems. A method includes identifying, by a risk manager system, a plurality of connected devices that are vulnerable to cyber-security risks. The method includes determining devices to be monitored from the plurality of connected devices. The method includes evaluating system resource usage, by the risk manager system, on each device to be monitored. The method includes providing recommendations to a user as to whether or not the user should proceed with the monitoring, based on the evaluation.

15 Citations

View as Search Results

20 Claims

1. A method comprising:
- identifying, by a risk manager system, a plurality of connected devices that are vulnerable to cyber-security risks;
  
  determining, by the risk manager system, devices to be monitored from the plurality of connected devices;
  
  evaluating system resource usage, by the risk manager system, on each device to be monitored; and
  
  providing recommendations to a user, by the risk manager system, as to whether or not the user should proceed with the monitoring, based on the evaluation.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising verifying any software or hardware prerequisites on the devices to be monitored.
  - 3. The method of claim 1, further comprising evaluating security prerequisites on the connected devices.
  - 4. The method of claim 1, wherein identifying the plurality of connected devices includes performing an automatic discovery process by the risk manager system.
  - 5. The method of claim 1, wherein the system resource usage includes processor usage, memory usage, and disk space usage.
  - 6. The method of claim 1, further comprising enforcing the recommendations.
  - 7. The method of claim 1, wherein identifying the plurality of connected devices includes receiving device information by the risk manager system from the user.

8. A risk manager system comprising:
- a controller; and
  
  a memory, the risk manager system configured to;
  
  identify a plurality of connected devices that are vulnerable to cyber-security risks;
  
  determine devices to be monitored from the plurality of connected devices;
  
  evaluate system resource usage on each device to be monitored; and
  
  provide recommendations to a user as to whether or not the user should proceed with the monitoring, based on the evaluation.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The risk manager system of claim 8, wherein the risk manager system is further configured to verify any software or hardware prerequisites on the devices to be monitored.
  - 10. The risk manager system of claim 8, wherein the risk manager system is further configured to evaluate security prerequisites on the connected devices.
  - 11. The risk manager system of claim 8, wherein the risk manager system is configured to identify the plurality of connected devices by performing an automatic discovery process.
  - 12. The risk manager system of claim 8, wherein the system resource usage includes processor usage, memory usage, and disk space usage.
  - 13. The risk manager system of claim 8, wherein the risk manager system is further configured to enforce the recommendations.
  - 14. The risk manager system of claim 8, wherein the risk manager system is configured to identify the plurality of connected devices by receiving device information by the risk manager system from the user.

15. A non-transitory machine-readable medium encoded with executable instructions that, when executed, cause one or more processors of a risk manager system to:
- identify a plurality of connected devices that are vulnerable to cyber-security risks;
  
  identify cyber-security risks in the connected devices;
  
  for each identified cyber-security risk, identify at least one possible cause, at least one recommended action, and at least one potential impact; and
  
  display a user interface that includes a summary of the identified cyber-security to risks.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory machine-readable medium of claim 15, wherein the non-transitory machine-readable medium is further encoded with instructions to verify any software or hardware prerequisites on the devices to be monitored.
  - 17. The non-transitory machine-readable medium of claim 15, wherein the non-transitory machine-readable medium is further encoded with instructions to evaluate security prerequisites on the connected devices.
  - 18. The non-transitory machine-readable medium of claim 15, wherein the instructions to identify the plurality of connected devices includes instructions to perform an automatic discovery process by the risk manager system.
  - 19. The non-transitory machine-readable medium of claim 15, wherein the system resource usage includes processor usage, memory usage, and disk space usage.
  - 20. The non-transitory machine-readable medium of claim 15, wherein the non-transitory machine-readable medium is further encoded with instructions to enforce the recommendations.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
Knapp, Eric D., Carpenter, Seth G.

Granted Patent

US 10,181,038 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G05B 19/00   Programme-control systems

G05B 23/0208   characterized by the config...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

G06Q 10/06   Resources, workflows, human...

DEPLOYMENT ASSURANCE CHECKS FOR MONITORING INDUSTRIAL CONTROL SYSTEMS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

DEPLOYMENT ASSURANCE CHECKS FOR MONITORING INDUSTRIAL CONTROL SYSTEMS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others