Updates for Windows and Linux systems are an important part of maintaining the security of the digital information in these systems. However, the updates themselves may be a security risk – to avoid these risks and to maintain the integrity and availability of the systems and be able to make secure updates, special solutions are required.
Since Windows and/or Linux-based systems were implemented in ICS/SCADA, the need to be able to update these systems has increased. This need is due to the fact that complex software often contains bugs which should be corrected to ensure stability of the systems.
However, conducting these updates is also something that can be a security risk if not done properly. The integrity and availability of the systems must be maintained, and most system updates are normally not sufficiently evaluated in the environment in which they are used or in combination with the applications that are running.
The update can be conducted securely by using a data diode that ensures unidirectional communication.
To further ensure that the update has not been manipulated, the import of update packages can be conducted
through file sanitation consisting of two data diodes and a server for antivirus scanning.
