Visible to the public Biblio

Filters: Keyword is vulnerability patching  [Clear All Filters]
2018-06-11
Wang, Brandon, Li, Xiaoye, de Aguiar, Leandro P., Menasche, Daniel S., Shafiq, Zubair.  2017.  Characterizing and Modeling Patching Practices of Industrial Control Systems. Proceedings of the 2017 ACM SIGMETRICS / International Conference on Measurement and Modeling of Computer Systems. :9–9.

Industrial Control Systems (ICS) are widely deployed in mission critical infrastructures such as manufacturing, energy, and transportation. The mission critical nature of ICS devices poses important security challenges for ICS vendors and asset owners. In particular, the patching of ICS devices is usually deferred to scheduled production outages so as to prevent potential operational disruption of critical systems. In this paper, we present the results from our longitudinal measurement and characterization study of ICS patching behavior. Our analysis of more than 100 thousand Internet-exposed ICS devices reveals that fewer than 30% upgrade to newer patched versions within 60 days of a vulnerability disclosure. Based on our measurement and analysis, we further propose a model to forecast the patching behavior of ICS devices.