Practice area

OT Security

OT Security

Specializes in delivering security solutions for all aspects of Operational Technology, including industrial control systems (ICS) and embedded devices

Cyber security for operational technologies

ICS and embedded devices are now core parts of critical operational infrastructure and key to emerging sectors such as smart buildings, automobiles and wearables. Commonly referred to as Operational Technology (OT), their unique constraints demand specific methodology and tools to ensure complete and effective security assessment and enhancement.

MWR InfoSecurity’s OT Security practice focuses on developing ICS hardware and vulnerability research abilities. We work with clients to help them understand the unique security risks involved and provide guidance on how they can be overcome. Our specialist knowledge also protects embedded devices and ICS against the latest physical and radio frequency (RF) attack vectors.

"From Industrial Control Systems to embedded systems in the home, OT Security helps clients make the most secure choices possible"

Rob Miller, Head of OT Security, MWR

Core Solutions

Established ICS Assessments

Analyses a deployed ICS environment to improve security by mapping current system state and external interfaces.

Through-life ICS Security

Guides the ICS development process to ensure through-life security of the environment is embedded in the design.

Black box Assessments

Third party security assessment of embedded devices. Our black box tests assess the levels of risk each product poses for an organization.

Solution Design Review

Works with developers to ensure their embedded device is designed to protect critical assets and eliminate security flaws that could mean redesign or recall.

Our thinking on OT Security

Article

SENAMI: A Hybrid Approach to Monitoring Critical Infrastructure

Article

Building Automation Systems, the Forgotten Point of Access

Article

LoRa - The securable Long Range Low Powered Wide Area Network technology

Article

Transport control systems: Bespoke approaches to ICS security testing

Article

Android Auto - Safely Connecting Cars

Article

Project Vision: Passive mapping for fragile systems

Article

Protecting against side channel attacks at the application layer

Article

Making Life Difficult for Hardware Hackers

Article

Making Life Difficult for Hardware Hackers

Article

Securing the Smart City

Article

Cyber security and the energy Trilemma – Part 2

Article

Forging a SCADA defence strategy

Whitepaper

An Overview of ZigBee Networks

Article

ICS Demystified

Article

Cyber security and the energy Trilemma – Part 1

An Embedded Risk

Article

How should we respond to ICS advisories?

 

Accreditations

As members of CHECK we are measured against high standards set by CESG for the services we provide to Her Majesty's Government.
We are certified in the ISO 9001 quality management system (QMS) in the UK, ensuring reliable delivery of our products and services.
We are certified to comply with ISO 14001 in the UK, an internationally accepted standard that outlines how to put an effective environmental management system in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR are approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.