Visible to the public Characterizing and Modeling Patching Practices of Industrial Control Systems

TitleCharacterizing and Modeling Patching Practices of Industrial Control Systems
Publication TypeConference Paper
Year of Publication2017
AuthorsWang, Brandon, Li, Xiaoye, de Aguiar, Leandro P., Menasche, Daniel S., Shafiq, Zubair
Conference NameProceedings of the 2017 ACM SIGMETRICS / International Conference on Measurement and Modeling of Computer Systems
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5032-7
Keywordscomposability, industrial control systems (ICS), Metrics, Networked Control Systems Security, pubcrawl, resilience, Resiliency, shodan, vulnerability patching

Industrial Control Systems (ICS) are widely deployed in mission critical infrastructures such as manufacturing, energy, and transportation. The mission critical nature of ICS devices poses important security challenges for ICS vendors and asset owners. In particular, the patching of ICS devices is usually deferred to scheduled production outages so as to prevent potential operational disruption of critical systems. In this paper, we present the results from our longitudinal measurement and characterization study of ICS patching behavior. Our analysis of more than 100 thousand Internet-exposed ICS devices reveals that fewer than 30% upgrade to newer patched versions within 60 days of a vulnerability disclosure. Based on our measurement and analysis, we further propose a model to forecast the patching behavior of ICS devices.

Citation Keywang_characterizing_2017