Global site

ABB's website uses cookies. By staying here you are agreeing to our use of cookies. Learn more

Oil and Gas

Cyber Security Risk Assessment

Security Risk Assessment Service

This service contains an IEC 62443 based process for performing a security risk assessment. The assessment aims to guide the organization through the process of assessing the security risks to the control system, and propose a plan for prioritizing the threats / risks for the control system.

The service is carried out in several steps according to IEC 62443 grouped into parts.

Part 1 – High Level Risk Assessment

In accordance with IEC 62443, a high-level cyber security risk assessment (HLRA) of the system under consideration (SuC) is carried out first to obtain an overview of the worst-case risks.  It is important to perform such a HLRA of the system as a whole before breaking it down into sub-systems as critical hazards and risks may be overlooked when looking at the parts in isolation. System-wide risks are therefore identified first, and risks due to interdependencies between systems and processes are evaluated.

The output documentation is a list of scenarios that describe how threats could take advantage of particular types of vulnerabilities causing damage to system assets resulting in negative consequences. The output may also be used to partition the system under consideration into zones and conduits as described in IEC 62443

Part 2 – Detailed Risk Assessment

The prioritized detailed security risk assessments of zones and conduits will be carried out according to the process described in IEC 62443. An ABB template is used to assist in carrying out the detailed security risk assessments.

Part 3 – Documentation, requirements specification and acceptance of results

During part 3, ABB will assist the customer in documenting the security requirements, assumptions and constraints. 


Are you looking for support or purchase information?

  • Contact us

    Submit your inquiry and we will contact you

    Contact us