Mitigation of external exposure of energy delivery systems

Mitigation of external exposure of energy delivery systems

Method include receiving banner information from one or more queries of a network connecting a set of devices, wherein the banner information of one or more of the devices includes common vulnerability and exposure identifiers (CVEs) and the banner information of one or more of the devices does not...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Mylrea, Michael E, Pal, Seemita, Johnson, Beverly E, Gourisetti, Sri Nikhil Gupta, Brown, Newton B, Touhiduzzaman, Md, Ashley, Travis, McKenzie, Penny L
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
CONTROL OR REGULATING SYSTEMS IN GENERAL
CONTROLLING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
FUNCTIONAL ELEMENTS OF SUCH SYSTEMS
MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS ORELEMENTS
PHYSICS
REGULATING
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Method include receiving banner information from one or more queries of a network connecting a set of devices, wherein the banner information of one or more of the devices includes common vulnerability and exposure identifiers (CVEs) and the banner information of one or more of the devices does not include a CVE, identifying the devices based on the banner information including classifying devices without known CVEs by a device type, determining vulnerability scores for the devices with known CVEs based on retrieved CVE information, and determining vulnerability scores for the devices without CVEs based on a series of exploitability and impact parameter estimates associated with the device type classifications. Some methods include estimating a cyberattack vulnerability risk for the devices using the determined vulnerability scores.