Apparatus and method for assigning cyber-security risk consequences in industrial process control environments
First Claim
Patent Images
1. A method comprising:
- identifying multiple devices or groups of devices in an industrial process control and automation system;
for each device or group of devices;
obtaining impact values identifying potential effects of a failure or compromise of the device or group of devices due to one or more cyber-security risks, wherein multiple impact values associated with different categories of potential effects are obtained; and
identifying a consequence value using the impact values, the consequence value identifying an overall effect of the failure or compromise of the device or group of devices; and
using the consequence value for a first of the devices or groups of devices to modify the consequence value for a second of the devices or groups of devices based on a process control connection between the first and second devices or groups of devices.
1 Assignment
0 Petitions
Accused Products
Abstract
A method includes identifying multiple devices or groups of devices in an industrial process control and automation system. The method also includes, for each device or group of devices, (i) obtaining impact values identifying potential effects of a failure or compromise of the device or group of devices due to one or more cyber-security risks and (ii) identifying a consequence value using the impact values. Multiple impact values associated with different categories of potential effects are obtained, and the consequence value identifies an overall effect of the failure or compromise of the device or group of devices.
129 Citations
21 Claims
-
1. A method comprising:
-
identifying multiple devices or groups of devices in an industrial process control and automation system; for each device or group of devices; obtaining impact values identifying potential effects of a failure or compromise of the device or group of devices due to one or more cyber-security risks, wherein multiple impact values associated with different categories of potential effects are obtained; and identifying a consequence value using the impact values, the consequence value identifying an overall effect of the failure or compromise of the device or group of devices; and using the consequence value for a first of the devices or groups of devices to modify the consequence value for a second of the devices or groups of devices based on a process control connection between the first and second devices or groups of devices. - View Dependent Claims (2, 3, 4, 6, 7)
-
-
5. A method comprising:
-
identifying multiple devices or groups of devices in an industrial process control and automation system; and for each device or group of devices; obtaining impact values identifying potential effects of a failure or compromise of the device or group of devices due to one or more cyber-security risks, wherein multiple impact values associated with different categories of potential effects are obtained; identifying a consequence value using the impact values, the consequence value identifying an overall effect of the failure or compromise of the device or group of devices; and calculating one or more risk scores associated with the device or group of devices, each risk score associated with at least one of the one or more cyber-security risks and calculated using the consequence value for the device or group of devices. - View Dependent Claims (8)
-
-
9. An apparatus comprising:
at least one processing device configured to; identify multiple devices or groups of devices in an industrial process control and automation system; for each device or group of devices; obtain impact values identifying potential effects of a failure or compromise of the device or group of devices due to one or more cyber-security risks, wherein multiple impact values associated with different categories of potential effects are obtained; and identify a consequence value using the impact values, the consequence value identifying an overall effect of the failure or compromise of the device or group of devices; and use the consequence value for a first of the devices or groups of devices to modify the consequence value for a second of the devices or groups of devices based on a process control connection between the first and second devices or groups of devices. - View Dependent Claims (10, 11, 12, 13, 14)
-
15. An apparatus comprising:
at least one processing device configured to; identify multiple devices or groups of devices in an industrial process control and automation system; and for each device or group of devices; obtain impact values identifying potential effects of a failure or compromise of the device or group of devices due to one or more cyber-security risks, wherein multiple impact values associated with different categories of potential effects are obtained; identify a consequence value using the impact values, the consequence value identifying an overall effect of the failure or compromise of the device or group of devices; and calculate one or more risk scores associated with the device or group of devices, each risk score associated with at least one of the one or more cyber-security risks and calculated using the consequence value for the device or group of devices.
-
16. A non-transitory computer readable medium embodying computer readable program code that when executed causes at least one processing device to:
-
identify multiple devices or groups of devices in an industrial process control and automation system; and for each device or group of devices; obtain impact values identifying potential effects of a failure or compromise of the device or group of devices due to one or more cyber-security risks, wherein multiple impact values associated with different categories of potential effects are obtained; identify a consequence value using the impact values, the consequence value identifying an overall effect of the failure or compromise of the device or group of devices; and calculate one or more risk scores associated with the device or group of devices, each risk score associated with at least one of the one or more cyber-security risks and calculated using the consequence value for the device or group of devices. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A non-transitory computer readable medium embodying computer readable program code that when executed causes at least one processing device to:
-
identify multiple devices or groups of devices in an industrial process control and automation system; for each device or group of devices; obtain impact values identifying potential effects of a failure or compromise of the device or group of devices due to one or more cyber-security risks, wherein multiple impact values associated with different categories of potential effects are obtained; and identify a consequence value using the impact values, the consequence value identifying an overall effect of the failure or compromise of the device or group of devices; and use the consequence value for a first of the devices or groups of devices to modify the consequence value for a second of the devices or groups of devices based on a process control connection between the first and second devices or groups of devices.
-
Specification