Recommended Baseline Types for OT Assets - PAS Integrity Software Suite - 7.3 - Administration & Configuration - Intergraph

Integrity Administration Guide

Language
English
Product
PAS Integrity Software Suite
Subproduct
Cyber
Search by Category
Administration & Configuration
PAS Version
7.3

On the OT side, PAS by Hexagon recommends the following methodology for conducting a risk ranking of OT assets:

user-cyber-base-riskOT

Assets with a Low risk level (basic inventory):

  • Vendor-Provided Software: Compiled (or has the ability to be compiled) machine language instructions specific to an individual node, controller, or I/O card provided by the vendor as part of the standard manufactured product.

  • Vendor-Provided Hardware: Collection of physical elements that constitutes a node, controller, or I/O card provided by the vendor as part of the standard manufactured product.

  • Vendor-Provided Firmware: Software that provides control, monitoring, and data manipulation of a node, controller, or I/O card provided by the vendor as part of the standard manufactured product.

Assets with a Medium risk level (detailed inventory):

  • Base Configuration: Attributes that are configured on an individual node, controller, or I/O card that define how or what the system is on the network and/or what it controls/has access to.

  • 3rd Party Software: Compiled (or has the ability to be compiled) machine language instructions specific to an individual node, controller, or I/O card provided by the vendor or 3rd party that has been customized to meet user or system requirements.

  • Scripts: Uncompiled (does not have the ability to be compiled) scripting language files typically used for simulating user interaction, system administration, automating day to day office tasks, or system monitoring.

Assets with a High risk level (intraconnection):

  • Intra-connected items with internal communication capabilities: Communication that occurs within the same asset but not within the same node, controller, or I/O card. These items should include the internal logical topology, or arrangement of nodes, controllers, and I/O cards that illustrate how they communicate with one another.

  • Inter-connected items with external communication capabilities: Communication that occurs outside of the current asset. These items should include an external logical topology, or arrangement of nodes, controllers, and I/O cards that illustrate how they communicate with one another.

Assets with a Safety Critical risk level (safety critical devices):

  • Process-Connected Devices: Where the response of the console operator is the primary method by which harm to a human is avoided.