Cyber Security Solutions

 

In the recently (year 2016) published edition 2 of IEC 61511, there is a NEW explicit requirement to conduct a security risk assessment

(IEC 61511, Part 1, Clause 8.2.4).

Phased Solutions for your Security Needs

The following activities should be carried out:

    • Assessement of Risk
    • Implement Countermeasures
    • Maintenance Procedures

Inspec Solutions Ltd can assist with Assessment of risk, Implementation of countermeasures and architecture practices and Maintenance procedures and work instructions.

  Contact Us +

Assess Phase

  • The output of this step is an assessment of major accident risk based on the IACS simple network drawing and IACS/SIS asset register.
  • The purpose of the risk assessment process is to determine the vulnerability of each IACS/SIS zone to the range of security threats so as to allow the appropriate countermeasures to be selected.
  • Recommended Cyber Security Implementation strategy and Gap Analysis of Cyber Security Management Procedures and Management of Change procedures.

Implementation Phase

Implementation of cyber security to include for example:

  • Develop a Physical & Cybersecurity Plan
  • Configure a Perimeter Firewall.
  • Configure an ICSA/SIS Firewalls
  • Conduct ICA/SIS Device Hardening
  • Conduct Network Device Hardening
  • Conduct Security Configuration Auditing
  • Conduct System Robustness Testing

Maintain Phase

Implementation of cyber security to include for example:

  • The IACS should be periodically audited and reviewed, and modified where necessary, in order to ensure that it remains effective as organisations and technologies change and develop.
  • Maintain evidence to demonstrate audit and review of the IACS could include:
  • Development of procedures
  • Audit reports
  • Review reports
  • Organisational and procedural change logs
  • Management of resulting actions.

Planning: A cyber security policy should exist that establishes a formal governance framework to ensure senior management commitment to cyber security and a security culture that ensures that IACS security risks are managed on an on-going basis

Source HSE