CyberPHAx Tool


Conduct Efficient Cyber Risk Assessments

The main objective of a Cyber Risk Assessment is to identify potential process risks resulting from a Cyber-attack. Given the increased connectivity of process plants, there is a need to see how potential cyber-attacks can impact process risk. Original assumptions regarding demand rates and effectiveness of various instrumented protection layers such as safety controls, alarms, and interlocks, including safety instrumented systems, may no longer be valid. CyberPHAx™ follows a traditional Process Hazards Analysis (PHA) approach to identify potential threats as well as countermeasures for those threats.

Request a Quote      Download Brochure   

CyberPHAx™ is a Process Hazards Analysis (PHA) tool tool that can be used by engineering personnel in project, process safety, information technology, and process control, as well as plant management, and operations personnel.

CyberPHAx™ guides users through the Cyber Risk Assessment process, effectively focusing the user on the task at hand, identifying types of cyber-attacks, potentially leading to hazardous events and their associated risks. Once the severity of a potential cyber-attack is understood, existing or planned countermeasures can be documented allowing an estimate of residual risk. If the tolerable risk target is not met, recommendations can be documented to lower the risk to a tolerable level.

The CyberPHAx tool allows users to easily define their infrastructure environment, consisting of zones within a plant and cyber nodes within zones. Cyber threats which are the cornerstone of the Cyber Risk Assessment process are defined for each node. Subsequently a cause with associated c onsequence, countermeasures, and recommendations can be defined for each cyber threat.

CyberPHAx™ Key Features & Benefits

  • Ability to group cyber nodes within zones for improved understanding & better access to information
  • Smart cyber threats based upon the risks applicable to the end user
  • Corporate risk customization capability
  • Navigation tree enhances information accessibility
Standards Compliance
  • Use of drop down lists for data entry based on cyber risk assessment methodology
Less Data Entry
  • Advanced automated report generation capabilities facilitate process safety & security management (e.g. Corporate, OSHA, Seveso, CFATS) compliance on a global basis
Standards Compliant Documentation

Cyber Attack Scenario Basis

Cyber Attack scenarios are the basis of all further countermeasure design work. Within CyberPHAx you can specify the Cause-Consequence pairs that are part of a Cyber Attack Scenario.


Items like Countermeasures, Recommendations, and References can be defined in a library which allows use of that item in multiple locations. A change to a library item will automatically be applied to all locations the library item is referenced. Using libraries will dramatically increase the efficiency and consistency of the various work activities to be performed.