Software Configuration

From attackics
Jump to navigation Jump to search
Software Configuration
ID M0954
NIST SP 800-53 Rev. 4 CM-7
IEC 62443-3-3:2013 SR 7.7
IEC 62443-4-2:2019 CR 7.7


Implement configuration changes to software (other than the operating system) to mitigate security risks associated with how the software operates.

Techniques Addressed by Mitigation

Data Historian CompromiseConsider the principle of least functionality when configuring ICS software to limit host or network-based capabilities within the control environment.