Software Configuration

From attackics
Jump to navigation Jump to search
Software Configuration
Mitigation
ID M0954
NIST SP 800-53 Rev. 4 CM-7
IEC 62443-3-3:2013 SR 7.7
IEC 62443-4-2:2019 CR 7.7

Description

Implement configuration changes to software (other than the operating system) to mitigate security risks associated with how the software operates.


Techniques Addressed by Mitigation

NameUse
Data Historian CompromiseConsider the principle of least functionality when configuring ICS software to limit host or network-based capabilities within the control environment.