Abstract: Disclosed herein are systems and methods for assessing an impact of malicious software causing a denial of service of components of industrial automation and control systems (IACS). In one aspect, an exemplary method comprises, generating a configuration of the IACS on a testing device based on specifications, obtaining a set of investigated software, where the set includes at least one sample of one malicious software, testing the generated configuration using the received set of investigated software, identifying occurrences of denials of service of the components of the testing device which are used to simulate the generated configuration, determining an impact of the malicious software on the generated configuration, and a degree of degradation of a performance of the generated configuration of IACS, and pronouncing a verdict as to a danger of the malicious software for the generated configuration of IACS based on the determined impact of the malicious software.

Abstract: Disclosed herein are systems and methods for assessing an impact of malicious software causing a denial of service of components of industrial automation and control systems (IACS). In one aspect, an exemplary method comprises, generating a configuration of the IACS on a testing device based on specifications, obtaining a set of investigated software, where the set includes at least one sample of one malicious software, testing the generated configuration using the received set of investigated software, identifying occurrences of denials of service of the components of the testing device which are used to simulate the generated configuration, determining an impact of the malicious software on the generated configuration, and a degree of degradation of a performance of the generated configuration of IACS, and pronouncing a verdict as to a danger of the malicious software for the generated configuration of IACS based on the determined impact of the malicious software.

Abstract: Systems and methods for assessing an impact of software on components of an industrial automation and control systems (IACS) are disclosed. In one aspect, an exemplary method comprises, selecting samples of software to be analyzed for capability to cause harm to the IACS. In one aspect, the method further comprises, for each particular configuration of the IACS being tested, performing analysis to identify effects of the selected samples on the particular configuration, wherein the identified effects include at least causes and events resulting in disruption of operations of the particular configuration of the IACS, and where the particular configuration including at least components of the industrial system being simulated on a testing device. In one aspect, the method further comprises, analyzing identified causes and events, and based on the analysis, assessing the impact of the selected sample by determining a degree of influence of the software on the particular configuration.

Abstract: Disclosed herein are systems and methods for assessing an impact of software on components of an industrial automation and control systems (IACS). In one aspect, an exemplary method comprises, selecting samples of software to be analyzed for capability to cause harm to the IACS, for each particular configuration of the IACS being tested, performing analysis to identify effects of the selected samples on the particular configuration, wherein the identified effects include at least causes and events resulting in disruption of operations of the particular configuration of the IACS, the particular configuration including at least components of the industrial system being simulated on a testing device, analyzing all identified causes and events, and based on the analysis, assessing the impact of the selected sample by determining a degree of influence of the software on the particular configuration.

Abstract: Disclosed are system, method and computer program product for updating software programs on a computer. The system detects an attempt by an update process to execute on the computer and retrieves information about authorized category of software programs to determine whether the detected update process is authorized. When the update process is authorized, the system (i) designates the update process as trusted process, (ii) allows the update process to download on the computer an update object, (iii) and designates the update object as a trusted object. The system then detects an attempt by an installation process to install the update object, and determines from the policy whether the detected installation process is associated to authorized category and related to the trusted update process. When the installation process authorized and related to the trusted update process, the system allows the trusted installation process to install the trusted update object.