Industrial Controls Systems (ICS) Cybersecurity

Anvil’s approach to helping clients with OT cybersecurity risk is focused on consequence based risk management using tools the industry has been using to manage process risks for decades and modified to incorporate today’s cyber risks.

Security Solutions in an Unpredictable World

Cybersecurity is a risk on everyone’s mind today. Industrial facilities can no longer protect against cyber threats by physically separating IT and OT systems. Today’s facilities use integrated IT and OT systems serving multiple purposes and it is these interconnections that have the highest potential as entry points for cyber criminals.

Our team of experts understand these vulnerabilities and help clients identify their risk tolerance and Security Level definitions. We specialize in consequence-based risk analysis focusing on the risk to, and consequences of, a cyber-attack on a process unit. We use industry standard tools (i.e., HazOps) that include cybersecurity risk analysis. The goal is to design critical processes to be un-hackable rather than focus on potential cyber threats.

Understanding the urgency of protecting refineries, processing plants, and manufacturing facilities from these potentially catastrophic events, our cybersecurity experts from across multiple engineering disciplines work with clients to design defense-in-depth Cybersecurity Management Systems (CSMS) following ISA/IEC 62443 standards.

Assessing Risk Tolerance

Our engineers and designers work with clients to identify their risk tolerance and Security Level definition and uncover vulnerable cyber targets hidden deep within their networks and architectures. By conducting exhaustive HAZOP and LOPA studies and analyses and developing consequence-based risk models, our experts can pinpoint areas of OT cyber vulnerabilities. Only then can they build a multi-layered, cybersecurity framework embedded with countermeasures and response tactics to protect client critical infrastructure.

The goal is to design critical processes to be un-hackable rather than focus on the universe of potential cyber threats. In this way, cyber risk becomes manageable and controllable.

Our Cybersecurity Services

• Cybersecurity risk assessment support
• Cyber-HAZOPs leadership
• Cybersecurity training
• Field OT support
• OT TAR support
• Security Level audit and compliance support

Our Cyber Range Training and Simulation Center

To counter the escalating cyber threats to critical energy and manufacturing infrastructure, we have invested in a Cyber Range, located at our corporate headquarters in Bellingham, Washington. The Cyber Range is a partnership between Anvil, Whatcom Community College, and The National Cybersecurity Training & Education Center (NCyTE) which is funded by the National Science Foundation.

The Cyber Range simulates industrial controls OT operations and tests systems for cyber vulnerabilities. Used as a training tool for clients, cyber experts, and college students, the facility serves to improve cyber defense standards and techniques.

Student Resources:
Whatcom Community College →

← National Cybersecurity Training & Education Center

National Science Foundation →

Related projects

Sulfur Recovery and Tail Gas (STG) Unit
Gantry Crane Replacement Project
Calciner Waste Heat Recovery
Wharf Upgrade