Control SoftwarePatched

URI: SoftwarePatched

Package: Network

< prev | next >

Description: Represents the application of security patches to eliminate software vulnerabilities in a device or process. Should be used only for run-time decision support calculations.

Host	A device that can store, process, transmit or receive data.
Process	Represents a process (usually implemented by software running on a Host) that can read, update or create data, or exchange data with other processes.

CSG-BugFixingAtHost-Implementation	Represents a situation in which software patches have been applied manually by *HostManager* to address functional bugs in device *Host. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager. Then deselect the SoftwarePatched control and restore the asserted Intrinsic TWL of Host* once the update has been confirmed.
CSG-PatchingAtHost-Implementation	Represents a situation in which software patches have been applied manually by *HostManager* to eliminate vulnerabilities in device *Host. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager. Then deselect the SoftwarePatched control and restore the asserted Extrinsic TW levels of Host* once the update has been confirmed.
CSG-PatchingAtProcess-Implementation	Represents a situation in which software patches have been applied manually by *HostManager* to eliminate vulnerabilities in process *Process. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager*.
CSG-PatchingAtService-Implementation	Represents a situation in which software patches have been applied manually by *HostManager* to eliminate vulnerabilities in process *Service. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager*.