Machine security - by design: spOT™

With spOT™ by OTORIO, ANDRITZ keeps the security of machines fully compliant and in line with security policies - from delivery throughout the entire lifecycle.

Key benefits

  • Verify machine against security policies to ensure compliance with security regulations and standards
  • Provide visibility of asset inventory and vulnerabilities
  • Significantly reduce time and costs for factory acceptance tests (FAT) and system acceptance tests (SAT)

Key features

  • Visibility of all integrated third-party technologies from the machine level to the entire production line
  • Machine security and asset level compliance including IEC 62443, NIST, NERC CIP, CSA Z462, OSHA 3132
  • Automated policy verification including best practices and proper configuration before and after customer delivery
  • Actionable mitigation playbooks with clear recommendations for remediation of gaps and hardening against ransomware
  • Optional ongoing notifications about vulnerabilities in each machine’s IT/OT/IIoT assets throughout its lifecycle based on unique threat intelligence
  • Automated, easy-to-read reports to keep operations teams up to date regarding the security posture

Machine security guaranteed

Today’s machine manufacturing ecosystem extends far beyond the factory acceptance test. This is why ANDRITZ is committed to maintaining machine security in line with customer policies, best practices, warranty requirements and regulatory demands even when machines already work on the customer premises. As a world-leading provider of digital machinery, ANDRITZ utilizes the most advanced technology to verify that each machine delivered is aligned with industry regulations (e.g. IEC 62443) as well as customer policies, warranty and service requirements.

Automated security assessment and management

ANDRITZ utilizes spOT™, a unique technology developed by its OT security partner OTORIO. spOT™ is an integral part of the machine delivery and quality procedures, supporting system hardening. By checking the full machine against the relevant IEC62443 / NIST / NERC standards or additional standards required by customers, spOT creates a cyber security “machine fingerprint” and automatically generates machine-specific IEC compliance letters.

Lifecycle vulnerability management as a service

Based on the "fingerprint" of delivered machines, spOT™ periodically checks the configurations against current threats and vulnerabilities. By conducting cyclic cybersecurity risk potential evaluations of end customer machinery, machine builders can enhance their offering by providing lifecycle vulnerability management as a service.

  • spOT™ Lifecycle / Simplifying OT Cybersecurity for Machine Builders PDF : 698 KB
  • spOT™ Lifecycle / Simplifying OT Cybersecurity for Machine Builders PDF : 698 KB