Cyber Asset Protection (CAP) Software Update Subscription
The CAP Software Update Subscription supports operational continuity turbine, generator, and plant control systems and their associated networks. It includes patch management, updated virus signatures, and backup and recovery strategy.
This subscription-based offering includes operating system and application patches as well as anti-virus/intrusion detection signatures to cover updates for HMIs, servers, switches, and network intrusion detection. Updates can be applied to individual HMIs or via the SecurityST* appliance for network-wide deployment.
Subscribers receive monthly delivery of DVDs containing validated and tested patches, compatible with existing HMIs. Patch reports that detail US-CERT criticality, reboot requirements, and estimated install time.
• Provides proactive and timely monitoring of applicable software security patches and anti-virus/malware/intrusion signatures using a centralized patch deployment tool
• Minimizes operational risk by testing updates for potential adverse impacts
• Supports reporting requirements with an up-to-date and cumulative inventory of applicable updates and their status
Applicability Evaluation and Status Reporting
• GE reviews the applicability of available patches and anti-virus for operating machines, such as HMIs and servers, hardened switches, the SecurityST appliance and network intrusion detection system.
• Update DVDs provide “cumulative updates,” meaning that systems are updated to the latest revision, even if a previous update DVD was not applied.
• GE’s Patch Applicability Report provides a monthly record
of applicable updates and the status of the update (applied
or missing). This report can be used to support audit activities around patch management as shown below.
• GE maintains a validation laboratory in which operating system (OS), application patches, and anti-virus/host intrusion detection signature updates are tested in a controlled, environment that simulates the customer’s control system, OS and major ControlST* platform software revision at the customer site.
• Testing demonstrates that functional operation of the control system, its related interfaces, and the communication to the system is not adversely impacted by the updates. Testing includes: switches, firewalls, and SecurityST appliance.
• Any updates identified to potentially impact operations are excluded, and updates are documented. Any false-positive identified by new signatures, which would quarantine files needed for “Normal and Emergency” operations, are noted and detailed instruction on how to “whitelist” these files are included.
The updates are scripted into a single file that the operator can load manually onto each HMI or can deploy via the SecurityST appliance. Either deployed at the host or network level, any scripted update actions require operator acknowledgement prior to deployment .
Updates are transmitted to the site via tamper evident shipping envelope, and chain of custody of the update is maintained throughout transit .
Ports and Services
GE provides an updated list of ports, services and programs with baseline configuration that allow the end user to document and track services, programs, drivers and ports in use or installed on the HMI computer for "Normal and Emergency" services. This information can be used for self audit and change of management .
Backup and Recovery
• GE provides software to support backup and automated recovery of backup to support disaster recovery policy and practices.
• Deploying CAP updates via the SecurityST appliance assists the customer in enforcing change management and implementing frequent backups. Automated and user acknowledged backups can be executed based on major and minor changes and time driven rule sets. The SecurityST appliance keeps an inventory of machines and the history related to security related patches that were applied to those particular machines.
Compliance Reporting Support
• GE’s optional SecurityST appliance’s Security Information and Event Manager (SIEM) can create an event , alert , and alarm when changes are made to ports and services enabling operating system versions, software, ports and services and patch levels.
• GE can provide additional services to support refinement of logging policy and fine-tune event correlation based on defined types of events across user roles, origin host , impacted host , application, alerts on unauthorized or suspicious activity, and so forth for audit log reduction.
GE is dedicated to helping customers protect their assets, providing layers of options for in-depth cyber security. Configuration control and a robust patch management plan, along with frequent backups and periodic recovery drills, can help to reduce the risk of cyber attacks and human error during software upgrades. Ongoing system hardening supports these efforts.