Survey on international standards and best practices for patch management of complex industrial control systems: the critical infrastructure of particle accelerators case study

Industrial control systems (ICSs) are control and data acquisition systems employed to control distributed assets with a centralised data acquisition and supervisory control. ICSs strictly rely on computer-based systems and on installed remote controllers, which are subject to a constant patch deployment to upgrade functionalities, to resolve security issues and to reduce potential flaws. The patch management is not a trivial process since it can introduce new vulnerabilities within the systems. A key factor to perform successful patch management is to comply with the recommendations provided by the international standards and by the best practices currently adopted in the industry. This paper surveys the few existing international standards on patch management and the best practices, currently adopted in industry, and evaluates the relevance of standards and the best practices to the context of critical infrastructures for particle accelerators.