Notes and Known Issues - PAS ICS Integrity - 7.3.1 - Release Notes/Bulletin - Intergraph

ICS Integrity Release Notes

Language
English
Product
PAS ICS Integrity
Subproduct
ICS
Search by Category
Release Notes/Bulletin
PAS Version
7.3.1

The following sections describe known issues related to this version of the product.

ConfigMgr Role Cannot Delete Public Favorites

Users with the ConfigMgr role cannot delete or save over public favorites in the following windows:

  • Inventory Browse

  • SDI Defects Browse

  • Vulnerabilities Browse

To work around this issue, ask an administrator for Integrity to delete or overwrite public favorites.

User Interface Elements Might Appear Different

Some user interface elements could look different if you are upgrading from a previous version of Integrity. For example, colors might appear slightly different or some window items might be sized differently than in previous releases.

Fox I/A Control Map Report Packages Do Not Complete

For Fox I/A assets, control map report packages do not finish processing. The event log contains no errors in these circumstances.

To work around this issue, print individual ad-hoc reports for these assets instead of combining them with other reports in a report package.

Several Viewers Print First Page Only

Results displayed in viewers with many rows contain only the first page of results when using Print. To work around this issue, export the results using Export to Excel, and then print as needed from the exported file. The following viewers print only the first page:

  • Event Analytics Settings

  • Sensor Data Integrity Tag Consistency Viewer

  • Sensor Data Integrity Template Defect Summary

  • Browse Spares

  • Browse Reservations

  • Spares Projects

  • Defects Viewer

  • Changes Viewer

  • Policies Viewer

  • Summary Viewer, such as the Alarms Viewer for tags

Multiple Endpoints Listed on Vulnerability Browse

In the Vulnerability Browse and CVE Management windows, ICS systems with redundant components built in (such as Triconex TS1131 TMR) you might see those redundant endpoints represented in one of the following ways:

  • When the ICS system data has been data forwarded, the endpoints will appear as multiple endpoints in one row in results.

  • When the ICS system has not been data forwarded, only the first endpoint will appear in results.

Risk Score Shows Value of 0

In some cases, your data results in a risk score could show a value of 0. If a risk score shows a 0 value, contact Technical Support to troubleshoot and resolve.

Changed Behavior for Workflows Clear Button

When viewing workflow cases, the Clear State button now only clears the grid state columns. In previous versions, the Clear State button also cleared any search criteria applied to the list of cases. The Clear Search button, an x to the right of the search text, now clears the search text. Click the Search button with no search text to refresh the displayed list. For more information, see the User Guide.

Only Built-in Widgets Support Sensor Data Integrity Data

If you add widgets to the Sensor Data Integrity Summary, you cannot configure them to access Sensor Data Integrity data. Only built-in widgets support displaying Sensor Data Integrity data.

Integrity and PAS Dashboard Must be Installed in Same Domain

If you are using Integrity with PAS Dashboard, install both products in the same domain. For more information, see the PAS Dashboard User Guide.

Inventory Items Might Not Forward Correctly in Some Multiple Database Environments

Some complex enterprise scale architectures requiring data forwarding between multiple Integrity instances, multiple databases, or bidirectional configurations might experience issues with inventory data coherence. This is a known issue that will be corrected in a future release.

Inventory Filtering Can Produce Unexpected Results in Advanced Search

In this release, inventory items do not appear by default in the Advanced Search window. After you install this version, you must create the default filter, save it, and apply the settings to display inventory items in the Advanced Search window.

If you are updating from a previous version of the product, previously created filters that included quotation marks do not display items. You must create new filters and apply the settings to display inventory items that include quotation marks in the filter for the Advanced Search window.

Listing Inventory Items in the Advanced Search Window Requires a Filter

Integrity can create a very large number of objects as it records your inventory items, such as I/O cards and drives, across many systems. The Integrity web interface allows you to view your inventory items and filter the list to find the specific items of interest. If you try to view all your inventory items without any filter in the Advanced Search window, that request can time out due to the large number of items. Define a filter that reduces the amount of data and helps you focus on the information you need.

Ability to Adjust Vulnerability Management Security Levels Suspended

The Severity level on the Vulnerability Management window represents the level assigned by the NVD. If you defined custom severity levels for CVSS Base Score ranges in Integrity 6.3.0, your customized severity level are no longer represented in the Vulnerability Management window.

Recon Report Views

For environments with very large databases, Recon Report Views could time out and not show the requested report.

User Cannot Create Notes

When configuring Web server roles during Integrity installation, do not enable WebDAV Publishing under Common HTTP Features, and make sure that it does not show as installed. For more information, see the Installation Guide.

Error When Using Notes

From the Notes Summary, when you view a note attached to a deleted object, clicking the +Add Notes button causes an error.

Associated Object Link in Notes Only Allows Deleted Objects

When editing a note, the Associated Objects link does not currently provide a way to associate to non-deleted objects.

Export to Excel Limitations on CVE Management Window

When you export results to Excel on the CVE Management window, the following limitations apply:

  • Microsoft Internet Explorer 11 exports a single page of results, up to 200 rows.

  • Microsoft Edge and Google Chrome export up to 30,000 rows of results.

To work around these limitations, create a query to display the data, and then create a report using the query.

Cannot Export to Excel on Integrity Server

Integrity allows you to export displayed information to a Microsoft Excel file in several areas of the Integrity web interface. However, if you are running the Integrity web interface in a browser on the Integrity server, the default security settings do not allow you to download files through Internet Explorer. You should not change or disable the IE Enhanced Security Configuration for Administrators and Users settings, which could make the server potentially vulnerable. Instead, you can use the Integrity web interface in a browser on another computer to export the information you need.

Common Fields Require Unique Sublist (Sub-field) Names

If you create multiple list common fields that have sublists, the name of each sublist (specified in Sub-field) must be unique. If two list common fields have a sublist with the same name, the values of that sublist can overwrite each other in the database.

Updating Asset Models with MOC Tabs

In previous Integrity versions, the terms Management of Change (MOC) and Workflows were used throughout parts of the product. Some asset models, such as PAS Recon, may still provide MOC and MOC Case tabs. If you want to change these tab names without upgrading the asset models, you can change them through the Asset Model Builder. Contact Technical Support to guide you through the process of updating the tab name.

In addition to asset models that provide information to Integrity about a specific class of systems, such as Honeywell EPKS or Yokogawa Centum VP, Integrity also provides product models and customer models. For more information, see the Installation Guide.

Customer models can include customer-specific implementation details and many have file names with square brackets, such as [PAS Dashboard] or [PAS Baselines]. If you import an updated version of these asset models, you can lose some of your implementation settings. When a new version of a customer model is available, contact Technical Support to determine how to adjust your model using the Asset Model Developer Kit (AMDK). In addition, most customer models are imported using the Asset Model Developer Kit (AMDK) rather than the Admin Utility. For more information about using the AMDK, see the Integrity Administration Guide.

Generating Visio Reports

When generating Visio reports from a viewer in Integrity, complex maps may not display correctly in Visio. In these cases, the maps the viewer displays include only the base objects of the map. Our development team is working on this issue.

Working with Baselines

When working with Baselines, several existing issues have been identified. Our development team are working to resolve the following issues:

  • The IntegrityDB service needs to be stopped before importing the PAS Baselines Asset Model into the primary database to prevent assets in the secondary database from throwing an error.

  • When locking a newly created baseline for the first time, you may receive an error that the baseline cannot be locked. If you try to lock the baseline a second time, you will not receive an error, but the baseline will lock after a period of 10 minutes.

  • Deleting an incomplete Security Baselines workflow case does not remove the case's association with the deviation objects, and these deviation objects can no longer be associated with a different workflow case.

  • When change objects from the Changes Summary are associated with a Security Baselines workflow case, an error occurs while displaying these associated objects from the case's detail viewer.

  • Deviation objects that are associated with an incomplete "Accept" workflow case still remain after they have been resolved in source.

  • Associated deviation objects of a completed "Accept" Security Baselines workflow case can change in the next import of source assets and cause confusion.

  • When accepting deviations through the web console, some of these changes in baselines are not properly displayed in the Change Summary viewer. However, they are available in the Modification viewer for the object.

Running Imports at the Same Time Causes an Error

An import error can occur if an import of one asset runs at the same time as an import of another asset and those two assets contain files for the same device. If you run the imports separately, no error occurs.

Please Wait Message Remains After PDF File Generated

In some cases, such as printing workflows, Integrity displays a window with a message to please wait. To work around this issue, install Adobe Reader on client machines that request PDF files from Integrity.

Display Issues with Darktrace and Internet Explorer

If you have integrated Darktrace with Integrity, you might have trouble displaying the Darktrace web interface in Internet Explorer. To work around this issue, right-click the Darktrace link in Integrity, copy the link address, and paste it in a Chrome browser address bar.

Patch Management Grid Does Not Resize to Show Results

When you search for items in Patch Management and select the Patch button under Options, the grid does not resize to show the results. To work around this issue, select another button under Options to show the results.

ICS Integrity Installation Guide Cover Error

The ICS Integrity Installation Guide PDF included with the ICS Integrity setup program incorrectly identifies the version as 7.3 instead of 7.3.1 and the release date as February 2023 instead of December 2023.