SCADA and ОТ audit

Security assessment of critical elements of your industrial infrastructure

Use our Industrial IT/OT audit calculator. Spend just a few minutes to check how much time and money is needed for a security audit of industrial IT and OT of your enterprise.

We provide Industrial IT/OT Security audit, implementation, and training services together with our partners AT Engineering (ATE). This is a team of software, electrical, and industrial process engineers who specialize in the field of industrial automation. Their experience in industrial automation and software begins in 1995, and they have completed more than 150 projects. Since 2005, they have completed more than 100 projects with an average capacity of 500 man-hours each.

Industrial information security audits

Listed below are the levels and assets of industrial systems that we analyze during audits. The layer and asset structure is per ISA/IEC 62443, which is not significantly different from the Purdue model. These classifications are used in the design and implementation of industrial IT/OT information security systems, as well as in assessing the current level of security.

Level 0 – Physical process

  • sensors
  • actuators
  • motors
  • network devices
  • other physical-level assets

Level 1 – Basic control

  • soft starter drives
  • VFD drives
  • PID regulators
  • PLC and RTU
  • other basic control assets

Layer 2 – Supervisory control

  • HMI touch panels
  • HMI PC and SCADA-computers
  • engineering workstations
  • other supervisory control assets

Level 3 – Site operations

  • DB servers
  • file servers
  • application servers (web, report, etc.)
  • domain controllers
  • HMI servers
  • industrial DMZ proxy servers
  • industrial DMZ DB replication servers
  • industrial DMZ remote gateways
  • industrial DMZ remote gateways
  • industrial DMZ patch management
  • other site operations assets

Level 4 – Enterprise systems (business planning and logistics)

  • database servers
  • application servers
  • file servers
  • email clients
  • supervisor desktops
  • other site business and logistics assets
  • other assets of the enterprise network

Check out our additional services and business cases. Send the form below to request a SCADA/ICS audit. Get a free consultation.

Business cases of projects we completed

Information security incident response and investigation
Managed security and compliance (ISO 27001, etc.)
Security analysis of software source code
Security assessment: audits and penetration tests
Security Operations Center cases