RiskZone RiskZone

Services

We help manufacturers and operators align OT/IACS products, systems, and development processes with IEC 62443.

Product & component conformity

Independent gap assessments against IEC 62443-4-2 with actionable remediation measures.

  • SR/RE mapping & evidence traceability
  • Threat-model review in IACS context
  • Gap analysis report with prioritised remediation plan
  • Support for supplier assurance & due diligence

System security & architecture

Risk-based system assessment per IEC 62443-3-2 and requirement coverage against IEC 62443-3-3.

  • Zone & conduit model and target SL derivation
  • System risk analysis (threat scenarios, impact)
  • Requirements coverage matrix (3-3 SRs)
  • Test & validation strategy at system level

Secure development lifecycle (SDLC)

Assessment and guidance for secure development processes per IEC 62443-4-1.

  • SDLC maturity assessment (process gaps)
  • Policy & procedure reviews
  • SBOM & third-party component management
  • Vulnerability handling & coordinated disclosure

Training & workshops

Tailored training on IEC 62443 and IACS security concepts, for development, product management, and security teams.

  • IEC 62443 fundamentals & requirements (4-1, 4-2, 3-2, 3-3)
  • Secure-by-design principles for OT/IACS
  • Hands-on workshops with your own use cases
  • Executive briefings, hands-on labs, train-the-trainer

How we work

1

Scoping

Clarify scope, target SL, existing evidence, and timelines. We identify quick wins and critical gaps.

2

Assessment planning

We propose sampling depth, testing strategy, and timeline with clearly defined deliverables.

3

Execution

Evidence collection, interviews, technical reviews, and testing, remote or on-site. Regular interim results throughout.

4

Reporting & handover

Assessment report with findings, risk assessment, and prioritised remediation plan. Handover to certification body or follow-up as needed.

Ready for an initial conversation?

Get in touch. We'll clarify your requirements and propose a tailored approach.

Get in touch