Control SoftwarePatching

A device that can store, process, transmit or receive data.

Anti-malware software is installed on device Host and kept up to date by regular software patches, and so can detect and prevent the execution of malicious code.

Anti-malware software is installed on device SHost and kept up to date by regular software patches, and so can detect and prevent the execution of malicious code.

Use a systematic procedure for regular updating of software used (including hosted processes) on device Host, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply updates immediately should the need for them become urgent.

Represents a situation in which software patches have been applied manually by HostManager to address functional bugs in device Host. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager. Then deselect the SoftwarePatched control and restore the asserted Intrinsic TWL of Host once the update has been confirmed.

Use a systematic procedure for regular security patching of software used (including hosted processes) on device Host, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply patches immediately should the need for them become urgent.

Represents a situation in which software patches have been applied manually by HostManager to eliminate vulnerabilities in device Host. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager. Then deselect the SoftwarePatched control and restore the asserted Extrinsic TW levels of Host once the update has been confirmed.

Use a systematic procedure for regular security patching of software used (including hosted process Process) on device Host, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply patches immediately for Process should the need for them become urgent.

Represents a situation in which software patches have been applied manually by HostManager to eliminate vulnerabilities in process Process. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager.

Use a systematic procedure for regular security patching of software used (including hosted process Service) on device SHost, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply patches immediately for Service should the need for them become urgent.

Represents a situation in which software patches have been applied manually by HostManager to eliminate vulnerabilities in process Service. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager.

Use a systematic procedure for updating software used (including hosted processes) on device Host.