Computer Hazard and Security Evaluation (CHASE) has been developed in conjunction with Andy Geddes - we've combined over 70 years of Process and Control experience in a variety of critical industries to propose a pragmatic, effective & efficient approach to the dynamic challenge of Cyber-Security.
At the heart of CHASE is a fundamental principle of first understanding logical and physical assets before attemting to identify and address vulnerabilities.
Understanding your assets is facilitated via familiar graphical platforms to visualise relationships between Information Technology (IT), Operational Technology (OT) and Physical Technology (PT) and the digital threats that can escalate into process consequences if not prevented, slowed or mitigated via technical and organisational measures.
We developed this because Cyber-Security is wrongly perceived as the responsibility of the IT department in the same way as Functional Safety is attributed to the Control & Instrumentation engineering discipline. In practice, cyber security is the ultimate responsibility of the company Executive Team and covers people, procedures, physical & IT security, asset management and risk assessment.
The threats and consequences associated with cyber security are very broad and visualisation assists with understanding and addressing the vulnerabilities. We've integrated our control & process experience to develop a solution that considers not only the obvious Adversarial but also Accidental, Structural & Environmental challenges.
High-level or preliminary risk assessment (per HSE OG-0086) starts with a topological representation if the physical assets which are categorised according to their potential for Major Accident (MA), Loss of Essential Service (LES), Environmental Impact or Commercial & Reputational damage.
Industrial Automation Control Systems (IACS) are similarly represented in a topological rather than literal form to focus on the key logical assets with the Information/Operational network. In the above represenation, the hazards from the physical view are added to the IACS diagram to highlight which assets are controlled or protected.
The severity of tangible consequences is determined by the hazards and the likelihood is derived from the vulnerability of the IACS. As cyber attacks are becoming more complex and less predictable, vulnerability is considered to be pragmatic method for determining the potential for attack. The above left diagram shows IACS component vulnerability using the criteria in the CSC Cyber Assessment Framework (CAF). The above right diagram shows the risk (considering both hazard severity and attack likelihood) for the logical assets.
Detailed risk assessments use the bowtie technique to visualise specific Threats to the IACS (including Adversarial attacks via inter-zone conduits and Accidental, Structural or Environmental dangers) which could escalate (if not slowed/stopped by countermeasures or barriers) to result in serious Consequences typically associated with Loss of Containment (Major Accident) or Denial of Service (Loss of Essential Service). The connection between logical and physical bowties utilises bow-tie chaining.