BUILDING RISK ANALYSIS SYSTEM WITH DYNAMIC MODIFICATION OF ASSET-THREAT WEIGHTS
First Claim
1. A building management system comprising:
- one or more computer-readable storage media having;
a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and
instructions stored thereon that, when executed by one or more processors, cause the one or more processors to;
receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets;
identify a particular vulnerability of the data structure based on the particular threat type and the particular asset; and
determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset.
3 Assignments
0 Petitions
Accused Products
Abstract
A building management system includes one or more computer-readable storage media having a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities and instructions. The instructions cause one or more processors to receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets, identify a particular vulnerability of the data structure based on the particular threat type and the particular asset, and determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset.
16 Citations
20 Claims
-
1. A building management system comprising:
one or more computer-readable storage media having; a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and instructions stored thereon that, when executed by one or more processors, cause the one or more processors to; receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets; identify a particular vulnerability of the data structure based on the particular threat type and the particular asset; and determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method for risk analysis, the method comprising:
-
receiving a threat, the threat comprising a particular threat type of a plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of a plurality of assets; identifying a particular vulnerability of a data structure based on the particular threat type and the particular asset, wherein the data structure comprises the plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of the plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and determining, based on the particular vulnerability and the threat, the risk value associated with the particular asset. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A building management system comprising:
-
one or more computer-readable storage media communicably coupled to one or more processors and configured to store instructions and a data structure, wherein the data structure comprises a plurality of vulnerabilities and a plurality of pairs, each of the plurality of pairs comprising one of a plurality of assets and one of the plurality of threat types, wherein each of the plurality of pairs is associated with one of the plurality of vulnerabilities; and the one or more processors configured to execute the instructions to; receive a threat, the threat comprising a particular threat type of the plurality of threat types, the threat indicating an incident affecting a risk value associated with a particular asset of the plurality of assets; identify a particular vulnerability of the data structure based on the particular threat type and the particular asset; and determine, based on the particular vulnerability and the threat, the risk value associated with the particular asset.
-
Specification