Tempting isn't it?

Everything's running well, it has been for some time. In fact your control systems have worked for years. Why risk loading an update? It carries some risk and offers no improvement to the performance or function of the system.

The decision seems even simpler if there's no connection between your automation and IT networks.

Hardware with please don't touch notice next to it

Rogeriofox [CC BY 2.0], via Flickr

Peter has a recent example that gives pause for thought, he wrote about it here.

We know the benefits of preventative maintenance (if you know the pads are worn out, you wouldn't drive your car until the brakes stopped working). However it seems easier to justify delaying software maintenance.

I'm not saying you should blindly install updates as soon as they're available. But that it makes sense to evaluate the risks before deciding whether to take action or not (driving carefully until you can get your car to a garage). The steps are not complicated:

  1. Review updates available for your software
  2. Make a risk-based decision on whether to implement them now, in the future, or never

The same process is used to manage security. You need to be aware of the known vulnerabilities your systems have, even if you're not in a position to do anything about them at the moment. Incorporating them into risk assessments means decisions are based on known risks and mitigation costs, not just left to chance.