TECHNICAL FIELD

[0001] The present disclosure generally relates to a security status determination of a firmware. Particularly, the present disclosure relates to a system and method for determining a security status of a firmware executing on one or more devices configured on premises.

BACKGROUND ART

[0002] Most of the electronic devices installed in a plant/network have a firmware installed on them for facilitating operations of the electronic devices. As the technology grows and to cope up with vulnerabilities in a network, the firmware in the electronic devices need to be updated. For instance, to cope with the advancement in the technology, one either has to switch to the newer devices that are packed with the latest technologies or has to update the device firmware to use those technologies without spending on a hardware. Similarly, in order to prevent the electronic devices from security vulnerabilities, the firmware of the electronic devices needs to be updated regularly with security patches, as and when needed. These updates are commonly propagated to the electronic devices over wired or wireless networks so that the user may revise their firmware with the latest upgrades provided by developers.

[0003] In a conventional plant environment, there can be several electronic devices that are connected on the network. The firmware on each of the electronic device needs to be updated for better performance and to protect the devices from security vulnerabilities. However, these electronic devices are constrained with an automatic feature update and if these electronic devices are left without security update, then they may be exposed to security vulnerabilities.

[0004] Conventionally, there are several technologies for monitoring and maintaining security firmware update on the devices. For example, Digi Remote Manager® (DRM) is a secure platform for monitoring and controlling distributed IoT devices. DRM is capable of performing mass firmware updates to all specified devices or device groups. However, in the DRM, the user has to manually specify the devices or the group of devices for which the firmware update is required. In addition, the user has to create a profile and a schedule for updating the security firmware.

[0005] Similarly, Manage Engine, a Firmware Vulnerability Management software, lists out all the vulnerabilities in the network and the number of devices affected by those vulnerabilities. A Network Configuration Manager in the Manage Engine identifies the potential vulnerabilities in the network devices and takes necessary action. However, the Network Configuration Manager works in accordance with NIST (National Institute of Standards and Technology) by fetching firmware vulnerability data and correlating it with the network devices, which are currently managed in an infrastructure.

[0006] However, the conventional techniques do not consider the security status of the firmware installed on the electronic device and therefore, there is need for determining the security status of the firmware that is currently executing on the electronic devices.

SUMMARY

[0007] It is an object of the present disclosure to mitigate, alleviate or eliminate one or more of the above-identified deficiencies and disadvantages in the prior art and solve at least the above- mentioned problem.

[0008] In view of the foregoing, an embodiment herein provides a first aspect, a method for determining a security status of a firmware executing on one or more devices configured on premises. The method includes the steps of: receiving a firmware version executing on each of the one or more devices from a computing device; comparing the received firmware version executing on each of the one or more devices with details stored in a memory to: identify a first set of devices from the one or more devices executing a secure version of the firmware; identify a second set of devices from the one or more devices executing an unsecure version of the firmware. Further, the method includes the steps of: determining the security status information for the one or more devices based on the identified secure version of the firmware executing on the first set of devices and the unsecure version of the firmware executing on the second set of devices; communicating the security status information of the one or more devices to the computing device. The security status information of the one or more devices comprises the first set of devices executing the secure version of the firmware and the second set of devices executing the unsecure version of the firmware. [0009] According to an embodiment, the method further includes the steps of: determining the secure version of the firmware for each of the second set of devices upon determining that the second set of devices executing the unsecure version of the firmware; and communicating the secure version of the firmware for each of the second set of devices executing the unsecure version of the firmware to the computing device. According to an another embodiment, the secure version for each of the second set of devices are determined based on features extension and known vulnerabilities associated with the current version of the firmware executing on each of the second set of devices.

[0010] According to yet another embodiment, the memory stores one or more firmware versions executing on the one or more devices, details of upgrades present in the current version of the firmware executing on the one or more devices, which comprises an information of features extensions and information about known vulnerabilities of all versions of the firmware.

[0011] According to yet another embodiment, the method performed by the computing device includes the steps of: receiving device information from the one or more devices associated with the computing device; checking whether the received device information of the one or more devices, consist a signature corresponding to a current version of the firmware by comparing the received device information with a predetermined information of the one or more devices stored in the computing device; identifying the firmware version executing on each of the one or more devices by comparing the received device information with the predetermined information; communicating the firmware version executing on each of the one or more devices; and receiving, the security status information of the one or more devices.

[0012] In one embodiment, the security status information comprises the first set of devices executing the secure version of the firmware and a second set of devices executing the unsecure version of the firmware. In another embodiment, the device information comprises a Platform Configuration Register, which consist the signature of current version of the firmware executing on the one or more devices.

[0013] According to yet another embodiment, the method further includes the step of: receiving the secure version of the firmware for each of the second set of devices executing the unsecure version of the firmware.

[0014] According to yet another embodiment, the method further includes the step of: providing a plant- wide visualization that represents the security status of the firmware executing on the one or more devices. In one embodiment, the security status represents the first set of devices executing the secure version of the firmware and the second set of devices executing the unsecure version of the firmware. In another embodiment, the plant-wide visualization specifies the secure version of the firmware for each of the second set of devices that are executing the unsecure version of the firmware.

[0015] According to yet another embodiment, the predetermined information comprises a device name, a device identification number, a firmware name, a firmware type, a version of the firmware, a signature corresponding to each version of the firmware, the security status of the firmware and information about known vulnerabilities associated with each version of the firmware.

[0016] According to a second aspect, a system for determining a security status of a firmware executing on one or more devices configured on the premises is provided. The system includes a master device and a computing device. The master device includes a memory and a processor. The processor is configured to receive a firmware version executing on each of the one or more devices from the computing device; compare the received firmware version executing on each of the one or more devices with details stored in a memory to: identify the first set of devices from the one or more devices executing a secure version of the firmware; identify the second set of devices from the one or more devices executing an unsecure version of the firmware. The processor is further configured to determine the security status information for the one or more devices based on the identified secure version of the firmware executing on the first set of devices and the unsecure version of the firmware executing on the second set of devices; determine the secure version of the firmware for each of the second set of devices upon determining that the second set of devices executing the unsecure version of the firmware; and communicate the security status information of the one or more devices to the computing device.

[0017] In one embodiment, the secure version for each of the second set of devices are determined based on features extension and known vulnerabilities associated with the current version of the firmware executing on each of the second set of devices. In another embodiment, the security status information of the one or more devices includes the first set of devices executing the secure version of the firmware, the second set of devices executing the unsecure version of the firmware. [0018] In yet another embodiment, the master device further communicates the secure version of the firmware for each of the second set of devices executing the unsecure version of the firmware to the computing device.

[0019] According to an embodiment, the computing device includes a memory storing predetermined information of the one or more devices and a processor. The processor is configured to: receive device information from the one or more devices associated with the computing device; check whether the received device information of the one or more devices, consist a signature corresponding to a current version of the firmware by comparing the received device information with predetermined information of the one or more devices stored in the computing device; identify the firmware version executing on each of the one or more devices by comparing the received device information with the predetermined information; communicate the firmware version executing on each of the one or more devices to the master device; and receive the security status information of the one or more devices from the master device. According to another embodiment, the computing device further receives the secure version of the firmware for each of the second set of devices executing the unsecure version of the firmware from the master device.

[0020] In one embodiment, the security status information includes the first set of devices executing a secure version of the firmware and a second set of devices executing an unsecure version of the firmware. In another embodiment, the device information includes a Platform Configuration Register, which consist the signature of current version of the firmware executing on the one or more devices.

[0021] According to yet another embodiment, the computing device is configured to provide a plant- wide visualization that represents the security status of the firmware executing on the one or more devices. In one embodiment, the security status represents the first set of devices executing the secure version of the firmware and the second set of devices executing the unsecure version of the firmware. In another embodiment, the plant-wide visualization specifies the secure version of the firmware for each of the second set of devices that are executing the unsecure version of the firmware.

[0022] According to yet another embodiment, the predetermined information includes a device name, a device identification number, a firmware name, a firmware type, a version of the firmware, a signature corresponding to each version of the firmware, the security status of the firmware and information about known vulnerabilities associated with each version of the firmware.

[0023] Effects and features of the second aspect are to a large extent analogous to those described above in connection with the first aspect. Embodiments mentioned in relation to the first aspect are largely compatible with the second aspect.

[0024] Hence, it is to be understood that the herein disclosed disclosure is not limited to the particular component parts of the device described or steps of the methods described since such device and method may vary. It is also to be understood that the terminology used herein is for purpose of describing particular embodiments only, and is not intended to be limiting. It should be noted that, as used in the specification and the appended claim, the articles "a", "an", "the", and "said" are intended to mean that there are one or more of the elements unless the context explicitly dictates otherwise. Thus, for example, reference to "a unit" or "the unit" may include several devices, and the like. Furthermore, the words "comprising", "including", "containing" and similar wordings does not exclude other elements or steps.

[0025] The present disclosure will become apparent from the detailed description given below. These and other aspects of the embodiments and other objects and advantages of the present invention herein will be better appreciated and understood when considered in conjunction with the following description and the accompanying drawings. The accompanying drawings are incorporated for illustration of preferred embodiments of the present invention and are not intended to limit the scope thereof. It should be understood, however, that the following descriptions, while indicating preferred embodiments and numerous specific details thereof, are given by way of illustration and not of limitation. Different configuration changes and modifications may be made within the scope of the embodiments herein without departing from the spirit thereof, and the embodiments herein include all such modifications.

BRIEF DESCRIPTIONS OF THE DRAWINGS [0026] The detailed description is set forth with reference to the accompanying figures. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The use of the same reference numbers in different figures indicates similar or identical items. [0027] FIG. 1 illustrates a system for determining a security status of a firmware executing on one or more devices configured on the premises according to an embodiment herein;

[0028] FIG. 2 illustrates an interaction diagram showing an interaction between a computing device and a master device according to an embodiment herein;

[0029] FIG. 3 illustrates a table showing information stored in a computing device and a master device according to an embodiment herein;

[0030] FIG. 4 illustrates a plant-wide visualization showing security status information of one or more devices configured on the premises according to an embodiment herein; and [0031] FIG. 5 is a flow diagram illustrating a method for determining a security status of a firmware executing on one or more devices according to an embodiment herein.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

[0032] The embodiments herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments and detailed in the following description. Descriptions of well-known components and processing techniques are omitted so as to not unnecessarily obscure the embodiments herein. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein may be practiced and to further enable those of skill in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.

[0033] As mentioned above, there is a need for a system and a method for determining a security status of a firmware executing on one or more devices connected through a common network. The embodiments herein achieve this by providing a system, that collects device information from one or more devices that are connected through a common network using a computing device and determining a security status of each of the one or more devices by communicating with a master device. Referring now to the drawings, and more particularly to FIGS. 1 through 5, where similar reference characters denote corresponding features consistently throughout the figures, there are shown preferred embodiments. [0034] FIG. 1 illustrates a system for determining a security status of a firmware executing on one or more devices 102A-N configured on the premises according to an embodiment herein. The system includes a computing device 106 and a master device 112. The computing device 106 includes a memory 108 and a processor 110. The computing device 106 receives device information from the one or more devices 102A-N that are associated with the computing device through a network 104. In one embodiment, the device information comprises a Platform Configuration Register (PCR), which consist a signature of a current version of the firmware executing on the one or more devices 102A-N. In another embodiment, the signature is a hash value that represents the current version of the firmware executing on the one or more devices 102A-N. The computing device 106 checks whether the received device information of the one or more devices 102A-N, consist the signature corresponding to a current version of the firmware by comparing the received device information with predetermined information of the one or more devices 102A-N stored in the memory 108. In an embodiment, the computing device 106 verifies that the device information received from the known device (i.e. legitimate device) only when the received device information consisting the signature corresponding to the current version of the firmware executing on the one or more devices 102A-N.

[0035] Further, the computing device 106 identifies the firmware version currently executing on each of the one or more devices 102A-N by comparing the received device information with the predetermined information. In an embodiment, the computing device 106 stores the predetermined information corresponding to each valid firmware versions. In another embodiment, the predetermined information includes but not limited to a device name, a device identification number, a firmware name, a firmware type, a version of the firmware, the signature corresponding to each version of the firmware, the security status of the firmware and information about known vulnerabilities associated with each version of the firmware. Once the firmware version currently executing on each of the one or more devices 102A-N are identified, the computing device 106 communicates the firmware version executing on each of the one or more devices 102A-N to the master device 112. In one embodiment, the master device 112 is a server or a computing device.

[0036] The master device 112 includes a memory 114 that stores one or more firmware versions of the one or more devices 102A-N, details of upgrades present in the current version of the firmware executing on the one or more devices 102A-N, which comprises an information of features extensions and information about known vulnerabilities of all versions of the firmware and a processor 116.

[0037] The master device 112 receives the firmware version currently executing on each of the one or more devices 102A-N from the computing device 106 and compares the received firmware version executing on each of the one or more devices 102A-N with details stored in the memory 114 to (i) identify a first set of devices from the one or more devices 102A-N executing a secure version of the firmware and (ii) identify a second set of devices from the one or more devices 102A-N executing an unsecure version of the firmware. Once the devices (i.e. the first set of devices and the second set of devices) running the secure version of the firmware and the unsecure version of the firmware is identified, the master device 112 determines a security status information for each of the one or more devices 102A-N based on the identified secure version of the firmware executing on the first set of devices and the unsecure version of the firmware executing on the second set of devices. The security status information of the one or more devices 102A-N provides the security status of each device. For example, the security status information includes the first set of devices executing the secure version of the firmware and the second set of devices executing the unsecure version of the firmware.

[0038] Further, the master device 112 determines and suggests a secure version of the firmware for the devices (i.e. the second set of devices) that are currently executing the unsecure version of the firmware upon determining that the second set of devices executing the unsecure version of the firmware. The secure version for each of the second set of devices are determined based on features extension and known vulnerabilities associated with the current version of the firmware executing on each of the second set of devices. In one embodiment, the firmware version suggestion is decided based on the current version of the firmware running on the devices. [0039] For example, if a device 102B currently executing the version VI, the master device 112 suggest version V3 as an updated version, since the security update in the version V3 is corresponding to a vulnerability that existed in the firmware from initial version itself (e.g. versions VI and V2). In another example, if the security update in version V3 is corresponding to a vulnerability that is introduced in version V2, and if a device 102A is currently executing version VI, then there is no need to provide/suggest a firmware update.

[0040] Further, the master device 112 communicates (i) the security status information of the one or more devices 102A-N to the computing device 106 and (ii) the suggested secure version of the firmware for each of the second set of devices 404 executing the unsecure version of the firmware to the computing device 106.

[0041] The computing device 106 receives (i) the security status information of the one or more devices 102A-N and (ii) the suggested secure version of the firmware for each of the second set of devices executing the unsecure version of the firmware to the computing device 106.

[0042] Upon reception of the security status information and the secure version of the firmware for each of the second set of devices from the master device 112, the computing device 106 generates a plant- wide visualization (e.g. a holistic view) that represents the security status of the firmware executing on the one or more devices 102A-N. The security status may indicate the current version of the firmware executing on the one or more devices 102A-N is the secure version or the unsecure version. For example, the plant-wide visualization shows the first set of devices executing the secure version of the firmware and the second set of devices executing the unsecure version of the firmware.

[0043] In one embodiment, the plant-wide visualization also shows the suggested secure version of the firmware for each of the second set of devices that are executing the unsecure version of the firmware.

[0044] In an embodiment, the one or more devices 102A-N are field instruments that are deployed in the premises and connected through the common network 104. The one or more devices 102A-N boots with a specific version of the firmware.

[0045] FIG. 2 illustrates an interaction diagram showing an interaction between the computing device 106 and the master device 112 according to an embodiment herein. At step 202, the computing device 106 receives the device information from the one or more devices 102A-N. At step 204, the computing device 106 checks whether the received device information of the one or more devices 102A-N, consist the signature corresponding to a current version of the firmware by comparing the received device information with predetermined information of the one or more devices 102A-N stored in the memory 108. At step 206, the computing device 106 identifies the firmware version executing on each of the one or more devices 102A-N by comparing the received device information with the predetermined information. At step 208, the computing device 106 communicates the identified firmware version executing on each of the one or more devices 102A-N to the master device 112. Once, the identified firmware version executing on each of the one or more devices 102A-N are received from the computing device 106, the master device 112 compares the received firmware version with details stored in the memory 114 and identifies (i) the first set of devices from the one or more devices 102A-N executing the secure version of the firmware and (ii) the second set of devices from the one or more devices 102A-N executing the unsecure version of the firmware. Upon determining the devices that are executing the secure version and the unsecure version of the firmware, the master device 112 determines the security status information for the one or more devices 102A-N based on the identified secure version of the firmware executing on the first set of devices and the unsecure version of the firmware executing on the second set of devices.

[0046] Further, the master device 112 determines or suggests the secure version of the firmware for each of the second set of devices upon determining that the second set of devices are executing the unsecure version of the firmware. At step 210, the master device 112 communicates the security status information along with the suggested secure version of the firmware for the second set of devices, which are executing the unsecure version of the firmware. At step 212, the computing device 106 generates the plant- wide visualization that represents the security status of the firmware executing on the one or more devices 102A-N upon receiving the security status information and the suggested secure version of the firmware for the second set of devices from the master device 112. The security status information includes the first set of devices executing the secure version of the firmware and the second set of devices executing the unsecure version of the firmware.

[0047] FIG. 3 illustrates a table showing information stored in the computing device 106 and the master device 112 according to an embodiment herein. The computing device 106 stores a list of device information for valid firmware versions executing on the one or more devices 102A- N. For example, the computing device 106 stores the device information for each version of the firmware. The master device 112 stores details about each of the valid firmware versions. The details include the one or more firmware versions of the one or more devices 102A-N, details of upgrades present in the current version of the firmware executing on the one or more devices 102A-N, which comprises an information of features extensions and information about known vulnerabilities of all versions of the firmware.

[0048] Further, the table shows that each of the one or more devices 102A-N stores the corresponding device information. The device information of each of the one or more devices 102A-N are collected during a boot process. [0049] FIG. 4 illustrates the plant-wide visualization 400 showing the security status information of the one or more devices 102A-N configured on the premises according to an embodiment herein. The plant-wide visualization 400 shows the security status information of the firmware executing on each of the one or more devices 102A-N. The security status information includes the first set of devices 402 executing the secure version of the firmware and the second set of devices 404 executing the unsecure version of the firmware. Further, the plant wide visualization 400 shows the suggested secure version of the firmware for each of the second set of devices 404 that are executing the unsecure version of the firmware.

[0050] FIG. 5 is a flow diagram illustrating a method for determining the security status of a firmware executing on the one or more devices 102A-N according to an embodiment herein. At step 502, the master device 112 receives the firmware version executing on each of the one or more devices 102A-N from the computing device 106. At step 504, the master device 112 compares the received firmware version executing on each of the one or more devices 102A-N with details stored in the memory 114 and identifies (i) the first set of devices 402 from the one or more devices 102A-N executing the secure version of the firmware and (ii) the second set of devices 404 from the one or more devices 102A-N executing the unsecure version of the firmware. At step 506, the master device 112 determines the security status information for the one or more devices 102A-N based on the identified secure version of the firmware executing on the first set of devices 402 and the unsecure version of the firmware executing on the second set of devices 404. At step 508, the master device 112 further determines/suggests the secure version of the firmware for each of the second set of devices 404 upon determining that the second set of devices 404 are executing the unsecure version of the firmware. At step 510, the master device 112 communicates the security status information of the one or more devices 102A-N along with the suggested secure version of the firmware for each of the second set of devices 404 executing the unsecure version of the firmware to the computing device 106.

[0051] An advantage of the above-mentioned system and method of determining the security status of the firmware executing on one or more devices 102A-N provides an overview of where the security patches are needed for the one or more devices 102A-N in a plant. The system and method verifies that the device is executing a firmware version without a known vulnerabilities. The system and method further provides a visibility into which devices are missing the security patches and real time cyber security status. This helps to prioritize the patching process across the plant.

[0052] The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that a person skilled in the art can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the scope of the embodiments as described herein.