- CYBER SECURITY
- INDUSTRIAL COMPUTING
- ABOUT US
The Patch and Update Management Program will simplify the process of understanding what patches are available for energy delivery industrial control system devices for both end users and equipment vendors. The program will also help utilities more easily adhere to NERC CIP requirements around patching, ultimately leading to a safer grid.
This program will research, develop and demonstrate technology and techniques needed to identify and verify the integrity of patches and updates for energy delivery industrial control system software, hardware and firmware. The project is comprised of four elements which can each stand alone to improve security posture, but when integrated together provide a more comprehensive solution meeting the patch and update needs of the energy industry.
Our mission is to create a safer grid by simplifying the process of patching and updating energy delivery industrial control system devices.
> Provides users a with single location to find information about patches and updates
applicable to energy delivery industrial control system devices
> The portal serves as a repository for Hash Authentication information, patch discovery
evidence and device End of Support (EOS) documentation
> Our aggregated Hash Files from vendors provide users a central location to help verify
the integrity of downloaded patches and updates prior to deployment
> The Hash Authentication Tool allows customers receiving aggregated patch data via
customized reports to authenticate that reports have not been compromised
> Provides users with proven methodologies to validate patches and updates before deployment
> Users may self-perform, set up their own validation lab, contract validation services or take a
> The Query Engine will support multiple device types and across various energy delivery ICS vendors
> Enables users to query IT and OT equipment to determine relevant baseline information such as
Make, Model, Firmware Version and Serial Number – this information is critical for accurate
> The Query Engine will offer an easy to use user interface supporting a Patch Gap Analysis
Dashboard simplifying the process of determining your current patch status and gaps