Logitek, Bronze sponsor in Spain of the Centro de Ciberseguridad Industrial (CCI) and member of the Red Nacional de Laboratorios Industriales (RNLI), an initiative promoted by the INCIBE, has received the 2016 ICT Security Service Award, granted by the magazine redseguridad for its service “Vulnerabilities audits and analysis of OT environments based on MAASERISv2.1: Methodology for analysis, security audit and operating risk evaluation of industrial networks and SCADA systems.”
As part of the industrial cybersecurity ongoing improvement process, the first step is always the need to analyze and identify the main assets and vulnerabilities associated to OT (Operation Technology) environments, and to carry out a comprehensive management and evaluation of operating risks.
Specific methodologies which consider the particular features of these operation environments are required for this analysis and evaluation. Logitek provides this new audit and analysis service of vulnerabilities associated to OT environments on the basis of a proprietary methodology named MAASERISv2.1 (Methodology for analysis, security audit and operating risk evaluation of industrial networks and SCADA systems).
This methodology consists of a set of processes, tools and deliverables which allow to:
- Analyze the current condition of an industrial network from the point of view of security, emphasizing availability evaluation.
- Perform a deep analysis of the main vulnerabilities associated to OT.
- Provide a quantitative evaluation of operating risks.
- Use the information gathered for a correct definition of zones, conduits and channels, and the calculation of security target levels according to IEC 62443/ISA99.
- Serve as complementary and useful documentation to develop PSO (Plan de Seguridad del Operador or Operator Security Plan) and PPE (Plan de Protección Específico or Specific Protection Plan) as required in Spain.
Why is it an innovative service?
- Because it’s supported by a methodology that covers the existing gap between strategic risk analysis and management methodologies, and specific best practices for the analysis of assets and asset groups vulnerabilities.
- Because it helps to overcome the most relevant challenges to face in this kind of operations in critical and specific environments, like those involving industries and/or infrastructures. These challenges include:
- Perform the analysis without affecting the evaluated industrial network availability or the correct operation of industrial processes – which are usually in operation while tests are carried out.
- Add the analysis of all existing assets and asset groups in the OT environment evaluated regardless of the manufacturer, version of obsolescence level.
- Get enough information about OT devices involved in analysis with current industrial network setups with commonly used tools. In many cases this required the development of specific, non-invasive tools and typical protocols in OT environments.
- Focus the analysis in operating risks, i.e., related to the OT environment operation, leaving the IT environment and strategy risks to other audits and analysis.
- Achieve the cooperation of production and systems teams during the audit process – usually these teams are not involved at all in this kind of analysis.
3. Because its usefulness is being validated in many projects with customers in different industries in Spain.
4. Because the methodology has been endorsed by the scientific community after being published in the I Jornadas Nacionales de Investigación en Ciberseguridad (Cybersecurit Research Sessions) with the following article: “Methodology for analysis, security audit and operating risk evaluation of industrial networks and SCADA systems
(MAASERISv2.1)” by Fernando Sevillano and Marta Beltrán Pardo.
MAASERIS defines three analysis areas, establishes an analysis and audit development cycle, and includes a set of deliverables and dossiers.