As the cybersecurity landscape continually evolves, engineers here at exida are working with organizations looking to achieve and maintain cybersecurity compliance. Tools like exSILentia® Cyber help end users comply with the standards and improve the traceability and documentation of cybersecurity tasks throughout their company. 

exSILentia Cyber is a great tool for those looking to simplify their Operational Technology (OT) Cyber Risk Assessment process. Dwane Shelton, a Senior Safety, Cybersecurity, and Alarm Engineer at exida, outlines the methodology of an OT risk assessment and demonstrates how to use exSILentia Cyber in his latest webinar: 

To begin your OT cybersecurity journey, the IEC 62443 standard is the place to start. IEC 62443 is recognized as the international global standard for OT cybersecurity. It is composed of many focus areas, applying to the wide-ranging aspects of the world of cybersecurity.

More specifically in the IEC 62443 standard, parts 2-1, 3-2, and 3-3 focus on the requirements for cyber risk assessments. The approach to completing the risk assessments is laid out in part 3-2 is as follows:

• Identify the System under Consideration
• Perform a High-Level Risk Assessment (HLRA)
• Partition the System under Consideration into Zones & Conduits
• If the initial risk exceeds the tolerable risk, perform a Detailed Level Risk Assessment (DLRA)
• Develop the Cyber SRS 

To perform the risk assessment, exSILentia Cyber can help! 

exSILentia Cyber, first released in 2018, streamlines communication across an organization when performing your cyber risk assessments and provides a standardized approach while aligning the cybersecurity activities with the overall corporate risk criteria. 

exSILentia Cyber now has dedicated modules for both the HLRA and DLRA risk assessments, making it easier to move through the workflow. 

In the HLRA module, helpful features such as a zone-specific navigation tree, dedicated columns for devices, threats, consequences, and non-hackable protections, and risk ranking ability throughout the worksheet allows for a comprehensive risk assessment process. 

Screenshot of the HLRA module worksheet, showing features such as the navigation tree and new columns.

In the DLRA module, exSILentia’s linking functionality allows you to link original HLRA cyber consequences into the DLRA with ease, and a library of custom countermeasures can be built and reused within the worksheet. 

Screenshot of the DLRA worksheet, showing the linking functionality within the Countermeasure column.

Screenshot of the Cyber Countermeasures library where countermeasures can be created and stored to be used throughout the tool

Default likelihood settings can be configured for both modules. Each time a new line item is added, the likelihood is pre-set, saving valuable time and effort.

Screenshot of the Cyber Risk Configuration Wizard where you can set default likelihoods throughout your cyber worksheet.

Once the risk assessment has been completed, exSILentia offers HLRA and DLRA reports with customizable filters and options.

With exida’s expertise and the power of exSILentia, achieving your cybersecurity goals has never been easier.

For more in-depth information on how to perform an OT Cyber Risk Assessment and a live demonstration of the exSILentia tool, watch Dwane’s webinar: 

To inquire about exSILentia, please visit.