Control System Assessments

HomeSecurity SolutionsControl System Assessments
Share:Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedIn

With the release of CIP version 5, more sites than ever are required to both document their asset list and implement a Cyber Vulnerability Assessments of that list.   Many utilities have plans to implement both tasks in-house.   This approach can create a gap in your compliance program.   How can you be sure you found all your devices?   Having a 3rd party implement a site walk down of all your assets to verify that your list is correct would greatly improve both your list of assets as well as give you additional documentation from an additional, 3rd party for your audit.

FoxGuard will send an ICS network engineer to site to support the network mapping service. Passive network scanning and network mapping tools will be utilized to generate visual maps and supporting data files with additional information. The passive network scanning and network mapping tools will only be utilized against devices or on network segments where approved and/or where technically supported. All other devices or network segments not approved and/or supported for a passive network scan will be discovered, mapped and documented as part of a manual walk down process.

Our process includes the following techniques:

  • Review of network diagrams and asset lists to gain knowledge of your systems
  • Review of network configuration files and logs to reconstruct and review device layout
  • Analysis of network protocol analyzer output to look for new assets
  • Walk down site to complete list

Deliverables of the network mapping service for each customer site location will include:

  • Summary overview detailing new devices found, discovered changes to network and concerns or recommendations concerning network mapping and layout should any be needed.
  • Graphical network map(s) for each generating unit
  • Supporting network mapping data files