Improve OT security without losing sight of plant operation
Industrial cybersecurity cannot be treated in the same way as office IT. Availability, safety, production continuity, equipment lifetime and vendor support must all be considered when security controls are assessed or changed. Kalman Control combines industrial automation knowledge with structured OT security assessment. We review the available architecture, assets, communication paths, access methods and operational practices, then translate identified gaps into practical engineering actions. The assessment scope can be adapted to an individual machine, packaged unit, production line, control system, compressor package, process plant or wider industrial network.
Structured assessment for industrial control environments
Select the review that best matches your current project, plant or improvement objective.
IEC 62443 Assessment
An IEC 62443-aligned review of industrial automation security practices, architecture, access controls and lifecycle activities.
Explore the serviceOT Security Gap Analysis
A structured comparison of the current OT security posture against agreed requirements and recognised industrial practices.
Learn more →Industrial Network Review
Engineering review of industrial network architecture, segmentation, communication paths, remote access and exposure.
Learn more →Industrial systems that can be included in the review
- Distributed Control Systems
- PLC and machine-control systems
- SCADA systems
- Safety Instrumented Systems
- Burner Management Systems
- Compressor and turbine control
- Process control networks
- Industrial Ethernet networks
- Remote I/O systems
- HMI and operator stations
- Engineering stations
- Historians
- OPC UA and OPC Classic systems
- Modbus TCP devices
- Industrial firewalls
- Managed industrial switches
- Remote-access solutions
- Vendor support connections
- Virtualised control-system infrastructure
- Package-unit automation systems
The exact assessment scope depends on system ownership, available documentation, permitted access and operational constraints.
What can be reviewed
Governance and responsibilities
- OT security roles
- System ownership
- Responsibility boundaries
- Security policies
- Change-management practices
- Supplier responsibilities
- Project security requirements
Asset visibility
- PLCs
- DCS controllers
- Safety systems
- HMIs
- Engineering stations
- Servers
- Network devices
- Remote I/O
- Industrial applications
- Connected vendor systems
Network architecture
- Network topology
- Segmentation
- Zones and conduits
- VLAN use
- Routing paths
- Firewall placement
- Inter-zone communication
- External connections
- IT and OT boundaries
- Wireless access where applicable
Identity and access
- User accounts
- Shared accounts
- Administrator access
- Role separation
- Password practices
- Authentication methods
- Account review
- Vendor access
- Remote engineering access
- Session control
System hardening
- Unnecessary services
- Ports and protocols
- Host firewall use
- Antivirus or application control
- USB controls
- Local security settings
- Default credentials
- Unused accounts
- Engineering workstation protection
Backup and recovery
- Controller backups
- HMI and server backups
- Network-device configuration backups
- Virtual-machine backups
- Restore procedures
- Backup storage
- Offline copies
- Recovery testing
- Configuration version control
Patch and vulnerability management
- Operating-system patch status
- Vendor-supported updates
- Firmware review
- Unsupported components
- Vulnerability handling
- Compensating controls
- Maintenance windows
- Risk-based patch decisions
Monitoring and logging
- Alarm and event logs
- Windows event logging
- Firewall logs
- Remote-access logs
- Time synchronisation
- Log retention
- Security-event visibility
- Existing monitoring capability
Physical and environmental security
- Control-cabinet access
- Server-room access
- Engineering-station access
- Network-port access
- Removable-media control
- Portable engineering devices
- Site visitor access
Security organised around systems, zones, conduits and lifecycle responsibilities
IEC 62443 provides a structured framework for industrial automation and control-system security. Depending on the agreed scope, the assessment can consider system boundaries, zones and conduits, security requirements, organisational processes and the responsibilities of asset owners, service providers, integrators and product suppliers. Kalman Control uses IEC 62443 principles as an engineering reference for assessment and improvement planning. This does not constitute accredited certification or a formal declaration of compliance.
IEC 62443 assessment concepts
System definition
Clarify system boundaries, included assets, interfaces and external dependencies.
Zones and conduits
Group assets according to function, criticality, trust and required communication.
Risk-based requirements
Relate protection measures to operational consequence, exposure and agreed security objectives.
Lifecycle activities
Review how security is considered during design, integration, operation, maintenance and change.
Make communication paths and trust boundaries visible
Flat or poorly documented industrial networks make it difficult to understand exposure and control communication. A zones-and-conduits review helps identify which systems should communicate, which paths require restriction and where monitoring or protective controls may be appropriate.
Zones and conduits review can include
- Proposed zone boundaries
- Conduit identification
- Required communication flows
- Unnecessary communication paths
- Firewall and ACL opportunities
- Remote-access paths
- Safety and control-system separation
- Package-unit interfaces
- Connections to plant networks
- Connections to enterprise IT
- External and vendor connections
- Recommended architecture documentation
A practical process from scope definition to improvement roadmap
Define the system and objective
Clarify the plant, machine, control system or network to be reviewed and the expected assessment outcome.
Collect available information
Review network diagrams, asset lists, system architecture, access methods, policies and existing security documentation.
Interview key stakeholders
Discuss system operation, maintenance, remote access, backup, change management and current security concerns.
Perform the technical review
Assess the agreed systems, architecture, configurations and operational practices using non-disruptive methods.
Prioritise findings
Classify identified gaps according to technical significance, exposure, operational impact and implementation priority.
Deliver the roadmap
Provide documented findings, recommended actions and a practical sequence for improvement.
Clear findings for engineering and management teams
- Executive summary
- Assessment scope
- System-boundary description
- Asset and architecture observations
- Network and communication findings
- Access-control findings
- Backup and recovery findings
- Remote-access review
- Identified security gaps
- Risk and priority classification
- Quick-win actions
- Medium-term recommendations
- Documentation gaps
- Suggested roadmap
- Optional management presentation
- Optional technical review workshop
The report reflects the systems, information and access available during the agreed assessment. It is intended to support improvement planning and does not guarantee that all vulnerabilities or attack paths have been identified.
Cybersecurity assessment grounded in industrial engineering
Automation experience
Recommendations are developed with awareness of PLC, DCS, SCADA, safety, commissioning and operational constraints.
Engineering-led review
The assessment focuses on practical system architecture, communication, access and maintainability rather than generic IT checklists alone.
Operational awareness
Availability, safety, vendor support, production continuity and system lifecycle are considered when actions are prioritised.
Structured reporting
Technical findings are documented with priorities, context and recommended next steps.
Scalable scope
Reviews can begin with one machine or package and later expand to production lines, control-system domains or wider plant networks.
Support for new projects and existing plants
New projects
- Security requirements
- Architecture review
- Zones and conduits
- Vendor requirements
- Remote-access concept
- Account concept
- Backup requirements
- FAT and SAT security checks
- Handover documentation
- Security punch-list support
Existing installations
- Current-state assessment
- Network review
- Asset visibility
- Legacy-system concerns
- Access review
- Backup and restore review
- Hardening opportunities
- Remote-access review
- Improvement roadmap
- Documentation updates