Implementing Patch Management for OT Systems

When to Use

• When establishing a formal OT patch management program for the first time
• When responding to critical ICS-CERT advisories affecting deployed OT systems
• When preparing for NERC CIP-007-6 or IEC 62443 patch management compliance audits
• When planning patch deployment during limited maintenance windows in continuous operations
• When evaluating compensating controls for systems that cannot be patched

Do not use for IT-only patch management without OT considerations, for emergency patching during active cyber incidents (see performing-ot-incident-response), or for firmware upgrades that change PLC functionality (requires separate change management).

Prerequisites

• OT asset inventory with firmware/OS versions for all patchable systems
• Vendor patch notification subscriptions (Siemens ProductCERT, Rockwell, Schneider, etc.)
• Test/staging environment mirroring production OT systems for patch validation
• Maintenance window schedule aligned with process shutdowns and turnarounds
• Change management board approval process including operations and safety representatives