Secure by Design

Evaluation of cyber security risks in an OT environment is a crucial part of security architecture design and development but often becomes an issue due to inherent complexity. This complexity in process and infrastructure is compounded by diverse team responsibilities and overlapping (or competing) requirements. Communication between stakeholders and across domains can often lead to gaps or redundancy and it takes time to ensure that the right knowledge is captured and correct design decisions shared.

We use the icsModel and icsDepend tools developed by Airbus to define and measure security risk and make it easier for teams to collaborate and communicate. icsModel and icsDepend work together to provide an easy platform for assessing the priority actions and design decisions you need to take:

icsModel is a graphical diagram tool that helps us model the processes that are taking place in your OT environment ā€“ it uses the BPMN standard extended for SCADA and ICS. The tool combines operations, infrastructure, and safety issues into one view, providing a platform for us to fully assess cyber security measures required.

icsDepend allows for collaborative team input captured by icsModel to be further developed and cascading dependency and risk can to be analysed across the OT environment. All of this additional information can then be represented back to the team through the process diagram in icsModel.