Skip to content

Bechtel’s Impact Report

Industrial Cybersecurity

Bechtel Industrial Cybersecurity

Secure asset performance management

The Industrial Internet of Things can provide mountains of data in near-real time. Buried in that data are nuggets of actionable information: a sensor reading here, an indicator readout there, that when analyzed over time can provide valuable insight for owners of critical infrastructure. But mining and refining that information has proven to be a formidable big-data challenge. And every window created to monitor and access that data creates a potential vulnerability of a critical asset.

We help our Customers protect and operate their critical infrastructure through our operational technology (OT) cybersecurity - asset performance management (APM) solutions.

APM is a unique suite of services that integrates process optimization, cybersecurity, software tools and applications for optimizing availability of operational assets (such as plant, equipment, and infrastructure) that are essential to the operation of an enterprise.

It uses data capture, integration, visualization, and analytics to improve operations, and maintenance and inspection activities. APM includes the concepts of asset strategy and risk management, predictive forecasting, and reliability-centered maintenance. We leverage our design, construction, and operations expertise for our customers to increase their asset’s efficiency while increasing their cyber resiliency. 

DOWNLOAD THE BROCHURE: Delivering Asset Performance Management (APM) Solutions through Cybersecurity

University cooperation

A research agreement with George Mason University’s Volgenau School of Engineering enables Mason students and faculty in cybersecurity to access the laboratory for research and internships. 

Cybersecurity expertise

The ability to remotely access Industrial Control Systems and Supervisory Control and Data Acquisition (ICS/SCADA) exposes these vital systems to an increasingly dangerous environment where thousands of cyber attacks per hour are the norm. Bechtel’s Industrial Control Systems Cybersecurity Technology Center focuses on helping customers protect large-scale industrial and infrastructure systems that support critical infrastructure such as equipment that controls government facilities, power plants, water treatment plants, or mass transit systems.

Bechtel is one of the first global EPC firms to offer an ICS cybersecurity capability for its customers. With many years of ICS expertise and access to subject matter experts, Bechtel brings a unique perspective through experience in design, startup and construction of complex and high-risk projects across the entire facility life cycle.

Bechtel’s dedicated research and development ICS/SCADA cybersecurity laboratory will be capable of:

  • Vulnerability analysis
  • NIST-RMF standardization & best practices
  • Blue and Red team assessments 
  • ICS system monitoring
  • ICS vendor equipment analysis

Additional future capabilities

  • Penetration testing
  • SIEM testing and implementations
  • Design, develop, and deploy a suite of tools for situational awareness (Event monitoring, intrusion detection systems, system logs, etc.)
  • Insider threat mitigation program

The center's lab will be able to test vulnerabilities of these systems on simulated and real-world equipment they control in a safe environment and will serve as a proving ground for producing robust systems for use at customer facilities. As a multinational company, Bechtel’s ability to move and procure equipment from key markets will support this testing.

MAN IN THE MIDDLE

Bechtel cyber defenders demonstrate how to detect and prevent a man-in-the-middle attack on an industrial control system.

Securing the nation

A successful cyber attack on a U.S. power grid could be more severe than a hurricane or large earthquake, affecting all elements of infrastructure from drinking water to food supply, shelter to transportation.

The tech center can help fill critical security gaps between software and hardware manufacturers, and plant operations – and provide expertise in the U.S. government’s National Institute of Standards and Technology Risk Management Framework (NIST-RMF).