Skip to content

CSET 4.0.0 Release Notes

Jump to bottom
Jason Kuipers edited this page Jul 21, 2021 · 3 revisions

CSET 4.0.0

Planned release on August 2011

New Features and Enhancements 🆕

  • The Option screen was redesigned to group standards of similar focus to improve ease of selection.
  • The following question sets were added:
    • Catalog of Security Recommendations (CoR), version 7,
    • North American Electric Reliability Council (NERC) Critical Infrastructure Protection (CIP), rev 3,
    • Key Requirements Evaluation,
    • US Nuclear Regulatory Commission (NRC) Regulatory Guide 5.71, and
    • Chemical Facility Anti-Terrorism Standards (CFATS) Risk-Based Performance Standards (RBPS) Guidance, standard 8, “Cyber.”
  • The outdated CoR V. 4 (Global 2009), NIST SP800-53 Rev 2 and Rev 3 Final Public Draft, and NERC CIP Rev 1 questionnaires were removed from the tool to keep the question sets relevant to current standards.
  • A new questionnaire called Key Requirements Evaluation, was created to assist users who have limited time available for an assessment. With less than 100 questions, this questionnaire focuses onthe most important concepts in cyber security.
  • A resource library was added to the tool. It contains multiple reference documents including the standards used in the tool, guidelines, white papers, and templates chosen to provide additional assistance to users. A search feature is included to facilitate finding specific documents or topics of interest.
  • The network diagramming function was improved to include layering and line security. Layering allows network components to be assigned to levels or tiers which can be displayed and analyzed or temporarily ignored by the tool. Line security allows designation of untrusted links between components.
  • The assessment report interface was redesigned to more closely match the look and feel of other sections of the tool.
  • Three new report options were added. Current report formats available are:
    • The Executive Report focusing on summary graphics,
    • The Site Summary Report providing additional detail,
    • The Detail Report ( the original printed report) containing user-selected sub-reports , and
    • The Enterprise Evaluation Report spotlighting business system compliance.
  • The gap analysis portion of the reporting function was separated onto its own screen.
  • The tool was adapted to operate in a 64-bit Windows 7 environment.
Clone this wiki locally