– CRITICAL INFRASTRUCTURE · HANS STUDY

Network and OT security for systems that cannot fail quietly

Plant networks. SCADA environments. Transmission and generation. Water treatment. District energy. Large municipal systems where a network problem becomes an operational problem becomes a public safety problem. The advisory draws on field experience across critical infrastructure environments.

What is different about critical infrastructure

Operational technology is not enterprise IT with a different brand of switch. The protocols are different. The traffic patterns are different. The acceptable downtime is different. A patch deployed without thinking can take a treatment plant offline. A reboot during a peak load event can cascade. The people running plant operations have different priorities than the people running corporate IT, and most network designs that fail in critical infrastructure environments fail because the designer treated the OT environment like an extension of the office network.

Doing this well requires understanding both sides. The discipline of enterprise network architecture and the operational reality of plant systems. Industrial protocols (Modbus, DNP3, IEC 61850, OPC UA, BACnet) and what they actually do on the wire. Why segmentation matters and where it has to give. How IT and OT convergence is supposed to work and how it usually fails in practice.

Where independent advisory adds value

OT network architecture

Purdue Model alignment. Segmentation between corporate, DMZ, and plant zones. Conduit and zone design. Architecture that stands up to a NERC CIP audit and to a real plant operator on a Tuesday morning.

SCADA and industrial protocol security

Modbus, DNP3, IEC 61850, OPC UA, BACnet. Protocol-aware segmentation, deep packet inspection where it adds value and where it does not, and the operational impact of every control imposed.

IT and OT convergence

The architectural bridge between corporate and plant networks. DMZ design, jump host architecture, secure remote access for vendors and operators, and a clean answer to the question of what crosses the boundary and why.

NERC CIP compliance

For bulk electric system operators in scope of the NERC Critical Infrastructure Protection standards. Asset identification, electronic security perimeters, baseline configuration, and the documentation that an audit actually requires.

Plant network refresh and modernization

Migration from flat plant networks to segmented architectures without taking the plant offline. Phased cutover, fallback design, and operational continuity during the work.

Vendor and integrator oversight

Independent owner's representative services during ICS and SCADA deployment. Submittal review. Acceptance testing. The technical voice in the room that is not invoicing for equipment.

Standards and frameworks in scope

  • NERC CIP, bulk electric system reliability standards
  • NIST SP 800-82, guide to industrial control systems security
  • IEC 62443, industrial automation and control systems security
  • NIST SP 800-53, security controls for federal information systems
  • NIST SP 800-171, controlled unclassified information
  • ITSG-33, Government of Canada IT security risk management
  • ISO/IEC 27001, information security management
  • TIA-942, data centre infrastructure standard

What field experience looks like

I have worked on plant network architecture, SCADA segmentation, IT and OT convergence, and remote access design across critical infrastructure environments in Canada and the United States. The work has covered network refresh on operating plants, integration of new SCADA systems into existing plant networks, segmentation projects driven by both compliance and operational risk, and the documentation work that turns a working plant network into a defensible plant network when an auditor or an incident response team shows up.

The advisory draws on direct field experience, not whitepapers.

Independent oversight before the design is committed

Pre-design architecture review, vendor proposal review, owner's representative engagement during deployment, and post-deployment audit are all available as discrete engagements. The earliest point of engagement is also the highest-impact point.

Start a conversation