Analysis of cyber security risk in industrial control environment

摘要

A method (300) for analyzing cyber security risk in an industrial control system (ICS) (150) including a plurality of network devices (145), comprising a processor (110) and a memory (115) storing a cyber security algorithm. Providing (301). The processor collects data to accumulate security data including at least vulnerability data including cyber risks (risks) associated with a plurality of network devices by executing a cyber security algorithm and scanning the plurality of devices. (302), using a rule engine (122) to associate a numerical score with each of the risks, processing (303) the security data, ranking the risk across the plurality of network devices, Implementing (304) aggregating data including arranging in a logical grouping and displaying (305) the logical grouping on a user station (125).