Industrial Automation and Control Systems (IACS) Security

Applied Risk has, for many years, pioneered and led the Process Control and Industrial Automation Security space. This activity has helped asset owners, operators and suppliers to address the risks and challenges of process control security and design.

With a wealth of threat intelligence and situational awareness options, our security training covers the full spectrum of clients’ critical asset requirements. Our IACS solution consists of five key elements:

Security Design and Architecture: In-depth knowledge of reviewing and designing complex process control networks based on the Purdue model and ISA99/IEC 62443, taking into consideration functional and security requirements.


Industrial Control Systems Security Framework: Our security professionals have substantial experience writing cyber security policies, procedures and baselines for industrial automation based on international standards (ISA99/IEC 62443 and NIST 800-82) and industry best practices.

Security Test Planning: We develop and conduct tailored Security Factory Acceptance Test (SFAT) and Site Acceptance Test (SSAT) testing procedures to provide required security assurance level for asset owners, integrators and suppliers.

Safety Instrumented System (SIS) Security: We take a unique and proven approach to dealing with safeguarding systems security as part of our safety philosophy for all sites.

Security Requirements Specification: We develop and review security requirements for suppliers to ensure that security is addressed at all phases of the project.