LNG Operator Establishes Formal OT Cybersecurity Baseline for DeltaV Control Environment

Cast Study

A U.S.-based liquefied natural gas operator engaged Armexa to conduct a Validated Cybersecurity Assessment (VCA) of its DeltaV-based distributed control system environment. While the facility had strong foundational practices in place, it lacked a formally documented OT cybersecurity program, leaving gaps in user account management, network segmentation, security monitoring, and policy documentation that prevented the operator from demonstrating a defensible compliance posture. Armexa delivered a structured risk assessment aligned to the DeltaV Security Manual, NIST CSF, and ISA/IEC 62443, producing a clear baseline and a prioritized roadmap for closing identified gaps. 

Challenges 

Strong operational practices, but no formally documented OT cybersecurity program 

The DeltaV control environment had a solid foundation, but the absence of a structured, documented program created risk exposure and compliance vulnerability across several domains. Key challenges included: 

  • User Account Management: Inconsistent practices for OT user account provisioning, periodic review, and deprovisioning. creating uncontrolled access risk 
  • Network Segmentation: Gaps in segmentation between control systems and third-party equipment, weakening the defensive boundary around critical OT assets 
  • Security Monitoring: Limited centralized monitoring and reduced visibility into OT security events, with no reliable mechanism for detecting anomalous activity 
  • Program Documentation: Incomplete cybersecurity policies, procedures, and standards alignment. This was insufficient to satisfy regulatory audit requirements or insurer expectations 

Our Solution 

A structured Basic Cybersecurity Assessment across all site domains, tailored to the DeltaV environment 

Armexa executed a VCA aligned to the DeltaV Security Manual, NIST CSF, and ISA/IEC 62443, combining pre-assessment data collection with on-site facilitated workshops and a structured evaluation across the full OT security domain: 

  • Pre-Assessment Data Collection: Gathered system documentation and technical configurations in advance to inform the on-site workshop and focus time on analysis rather than discovery. 
  • On-Site Assessment Workshop: Facilitated structured sessions with OT, IT, and operations stakeholders to evaluate current practices against industry standards. 
  •  OT Security Evaluation: Assessed network security, workstation hardening, user account management, patch management, physical security, security monitoring, and data management, producing findings across each domain. 
  • Findings & Roadmap: Documented prioritized recommendations practical for implementation within an operational LNG environment, without requiring operational disruption. 

Outcomes & Impact 

A defensible compliance baseline and the foundation for a broader OT cyber risk program 

The assessment gave the operator a clear, structured view of its current posture and a practical path forward: 

  • Clear, defensible baseline of OT cybersecurity posture benchmarked against the DeltaV Security Manual, NIST CSF, and ISA/IEC 62443, establishing documented evidence of program status for regulatory and insurer audiences 
  • Improved visibility into gaps across user access management, network segmentation, and security monitoring, replacing informal practices with documented findings 
  • Prioritized roadmap enabling targeted risk reduction without operational disruption to the LNG control environment 
  • Foundation for a broader OT cyber risk program and stronger IT/OT alignment, positioning the operator for more comprehensive assessments as maturity develops 
Facebook
X
LinkedIn
Industry  Energy: Liquefied Natural Gas (LNG) 
Location  United States 
Environment  DeltaV-based distributed control system 
Standards  Emerson DeltaV Security Manual 

NIST CSF 

ISA/IEC 62443 

 

 

Validated Cybersecurity Assessment (VCA)

OT Security Evaluation 

Pre-Assessment Data Collection & Configuration Review 

On-Site Assessment Workshop 

Prioritized Findings & Remediation Roadmap 

Latest Posts

Skip to content