What is a patch?

When we talk about adding software patches, what does that mean, and why do those have to be managed?

Share

Dear Control Engineering: I see references to software patches and patch management. What are these and why do I need to be concerned with them?

Given the size and complexity of modern software operating systems and applications, it’s no wonder that problems pop up from time to time. These can be things that make the system crash, introduce cyber vulnerabilities, or other things that need to be fixed.

A patch is a bit of software to fix whatever the problem is, and it gets added to the larger platform. If you run Windows, you may have noticed that Microsoft sends out patches for Windows 7 on Wednesdays, and you need to let them load before you can turn your computer off. For most of us working in an office or at home, these things are a small annoyance at worst and we simply let them run their course.

However, if you’re running an industrial control system, patches are a bigger concern. For example, let’s say part of your system runs on Windows. The vendor that produced your software originally designed it to work within Windows as it was at the time. A patch may change something that is important to your control platform, and it may not run properly once the patch is put in place.

So, the software vendor may tell you not to install a new patch until the vendor has tested it to make sure it does not cause a problem with the application. This may delay your installation, but it is well worth it if running the test saves you from having your control platform go on the fritz.

The whole management thing comes from the fact that an average plant can have lots of computers running many kinds of software. Keeping up with patches for all these things can become a major undertaking.

Read Giving Your Plant a Cyber Health Checkup.

--Peter Welander, pwelander(at)cfemedia.com