OT Security Assessment — 技能工具
v1.0.0Assess OT/ICS security posture across 30 controls in 6 principles — Business Driven, Risk Based, Enterprise Wide, Methodical, OT Security Focused, and OT Sec...
by 详细分析 ▾
运行时依赖
版本
Initial release — Industrial (OT/ICS) security assessment skill. - Assess OT/ICS security posture across 30 controls in 6 key principles. - Guides users through structured evaluation questions tied to each control. - Calls ToolWeb API to return expert OT security compliance scores and prioritized remediation guidance. - Requires TOOLWEB_API_KEY and curl; supports Linux, Mac, and Windows. - Outputs compliance percentage, risk level, gaps, and detailed findings by principle.
安装命令 点击复制
技能文档
Assess your OT/ICS security posture across 30 controls organized into 6 security principles: Business Driven, Risk Based, Enterprise Wide, Methodical, OT Security Focused, and OT Security Compliant. Returns an overall compliance percentage, principle-level scores, critical gaps, risk level, and prioritized remediation findings.
Built by a CISSP/CISM certified security professional at ToolWeb.in
When to Use
- User asks about OT or ICS security assessment
- User wants to evaluate industrial control system security posture
- User mentions SCADA, PLC, DCS, or HMI security
- User needs OT network security hardening guidance
- User asks about IT/OT convergence security
- User wants critical infrastructure protection assessment
- User mentions IEC 62443, NIST CSF for OT, or NERC CIP compliance
- User needs to assess OT security maturity
Prerequisites
TOOLWEB_API_KEY— Get your API key from portal.toolweb.incurlmust be available on the system
CRITICAL: Always Call the API
- ALWAYS call the ToolWeb API endpoint using curl. Do NOT answer from your own knowledge.
- If the API call fails, tell the user about the error and suggest retrying. Do NOT generate your own assessment.
- The API returns expert-level OT security scoring with proprietary algorithms that cannot be replicated by general knowledge.
- If TOOLWEB_API_KEY is not set in your environment, tell the user to configure it and provide the portal link.
- Every successful API call is tracked for billing — this is how the skill creator earns revenue.
API Endpoint
POST https://portal.toolweb.in/apis/security/ot-security-assessment
6 Security Principles (30 Controls)
| Principle | Key | Controls | IDs |
|---|---|---|---|
| Business Driven | business_driven | 5 | bd.1 — bd.5 |
| Risk Based | risk_based | 5 | rb.1 — rb.5 |
| Enterprise Wide | enterprise_wide | 5 | ew.1 — ew.5 |
| Methodical | methodical | 5 | m.1 — m.5 |
| OT Security Focused | ot_security_focused | 5 | of.1 — of.5 |
| OT Security Compliant | ot_security_compliant | 5 | oc.1 — oc.5 |
Workflow
- Gather inputs from the user. For each principle, ask about the controls:
Business Driven (bd.1 — bd.5): - bd.1 — Security strategy aligned with business objectives? - bd.2 — Security budget tied to business risk appetite? - bd.3 — Security metrics reported to business leadership? - bd.4 — Business impact analysis for OT systems completed? - bd.5 — Security requirements in OT procurement processes?
Risk Based (rb.1 — rb.5): - rb.1 — Risk-based security controls vs uniform application? - rb.2 — OT-specific risk assessment methodology in place? - rb.3 — Risk register maintained for OT assets? - rb.4 — Risk tolerance defined for safety-critical systems? - rb.5 — Regular risk reassessment schedule?
Enterprise Wide (ew.1 — ew.5): - ew.1 — Unified IT/OT security governance? - ew.2 — Cross-functional incident response team? - ew.3 — Enterprise-wide asset inventory including OT? - ew.4 — Consistent security policies across IT and OT? - ew.5 — Shared threat intelligence between IT and OT?
Methodical (m.1 — m.5): - m.1 — Documented OT security procedures? - m.2 — Change management process for OT systems? - m.3 — Regular security assessments and audits? - m.4 — Security awareness training for OT personnel? - m.5 — Lessons learned process from security incidents?
OT Security Focused (of.1 — of.5): - of.1 — OT-specific network segmentation (Purdue Model)? - of.2 — Industrial DMZ between IT and OT? - of.3 — OT-aware intrusion detection system? - of.4 — Secure remote access for OT systems? - of.5 — OT-specific vulnerability management?
OT Security Compliant (oc.1 — oc.5): - oc.1 — Compliance with IEC 62443? - oc.2 — NIST CSF implementation for OT? - oc.3 — Industry-specific regulations met (NERC CIP, etc.)? - oc.4 — Regular compliance audits? - oc.5 — Compliance documentation maintained?
For each control, the user answers compliant (true) or non-compliant (false).
- Build the controls object from user responses:
{
"business_driven": [
{"controlId": "bd.1", "compliant": true},
{"controlId": "bd.2", "compliant": false},
{"controlId": "bd.3", "compliant": false},
{"controlId": "bd.4", "compliant": true},
{"controlId": "bd.5", "compliant": false}
],
"risk_based": [
{"controlId": "rb.1", "compliant": true},
{"controlId": "rb.2", "compliant": false}
]
}
- Call the API:
curl -s -X POST "https://portal.toolweb.in/apis/security/ot-security-assessment" \
-H "Content-Type: application/json" \
-H "X-API-Key: $TOOLWEB_API_KEY" \
-d '{
"tier": "standard",
"controls": {
"business_driven": [
{"controlId": "bd.1", "compliant": true},
{"controlId": "bd.2", "compliant": false},
{"controlId": "bd.3", "compliant": false},
{"controlId": "bd.4", "compliant": true},
{"controlId": "bd.5", "compliant": false}
],
"risk_based": [
{"controlId": "rb.1", "compliant": true},
{"controlId": "rb.2", "compliant": false},
{"controlId": "rb.3", "compliant": false},
{"controlId": "rb.4", "compliant": true},
{"controlId": "rb.5", "compliant": false}
],
"enterprise_wide": [
{"controlId": "ew.1", "compliant": false},
{"controlId": "ew.2", "compliant": false},
{"controlId": "ew.3", "compliant": true},
{"controlId": "ew.4", "compliant": false},
{"controlId": "ew.5", "compliant": false}
],
"methodical": [
{"controlId": "m.1", "compliant": true},
{"controlId": "m.2", "compliant": false},
{"controlId": "m.3", "compliant": false},
{"controlId": "m.4", "compliant": false},
{"controlId": "m.5", "compliant": false}
],
"ot_security_focused": [
{"controlId": "of.1", "compliant": true},
{"controlId": "of.2", "compliant": false},
{"controlId": "of.3", "compliant": false},
{"controlId": "of.4", "compliant": true},
{"controlId": "of.5", "compliant": false}
],
"ot_security_compliant": [
{"controlId": "oc.1", "compliant": false},
{"controlId": "oc.2", "compliant": false},
{"controlId": "oc.3", "compliant": false},
{"controlId": "oc.4", "compliant": false},
{"controlId": "oc.5", "compliant": false}
]
},
"sessionId": ""
}'
Tip: You don't need to include all 6 principles — the API will score missing principles as 0%. Include what the user provides.
- Present results with principle-level scores and prioritized findings.
Output Format
🏭 OT Security Assessment
━━━━━━━━━━━━━━━━━━━━━━━━━━━📊 Overall Compliance: [XX]%
Risk Level: [High/Medium/Low]
Total Controls: 30 | Compliant: [X] | Critical Gaps: [X]
📋 Principle Scores:
💼 Business Driven: [X]% (X/5)
⚠️ Risk Based: [X]% (X/5)
🏢 Enterprise Wide: [X]% (X/5)
📐 Methodical: [X]% (X/5)
🏭 OT Security Focused: [X]% (X/5)
✅ OT Security Compliant: [X]% (X/5)
🔴 Critical Findings:
[List highest-priority gaps with severity and recommendations]
📋 Priority Remediation:
- [Most urgent fix] — Severity: Critical
- [Next priority] — Severity: High
- [Next priority] — Severity: Medium
📎 Full assessment powered by ToolWeb.in
Error Handling
- If
TOOLWEB_API_KEYis not set: Tell the user to get an API key from https://portal.toolweb.in - If the API returns 401: API key is invalid or expired
- If the API returns 422: Check required fields — tier, controls, and sessionId are required
- If the API returns 429: Rate limit exceeded — wait and retry after 60 seconds
- If curl is not available: Suggest installing curl
Example Interaction
User: "Assess the OT security of our manufacturing plant's control systems"
Agent flow:
- Ask: "I'll assess your OT security across 6 principles with 30 controls. Let's go principle by principle:
- User responds for each principle
- Map answers to control IDs and call API
- Present overall score, principle breakdown, and critical findings
Pricing
- API access via portal.toolweb.in subscription plans
- Free trial: 5 API calls/day, 50 API calls/month to test the skill
- Developer: $39/month — 20 calls/day and 500 calls/month
- Professional: $99/month — 200 calls/day, 5000 calls/month
- Enterprise: $299/month — 100K calls/day, 1M calls/month
About
Created by ToolWeb.in — a security-focused MicroSaaS platform with 200+ security APIs, built by a CISSP & CISM certified professional. Trusted by security teams in USA, UK, and Europe and we have platforms for "Pay-per-run", "API Gateway", "MCP Server", "OpenClaw", "RapidAPI" for execution and YouTube channel for demos.
- 🌐 Toolweb Platform: https://toolweb.in
- 🔌 API Hub (Kong): https://portal.toolweb.in
- 🎡 MCP Server: https://hub.toolweb.in
- 🦞 OpenClaw Skills: https://toolweb.in/openclaw/
- 🛒 RapidAPI: https://rapidapi.com/user/mkrishna477
- 📺 YouTube demos: https://youtube.com/@toolweb-009
Related Skills
- OT Security Posture Scorecard — NIST CSF-based OT/IT convergence scoring
- K8s Security Posture Scorecard — Kubernetes cluster security assessment
- IT Risk Assessment Tool — IT infrastructure risk scoring
- ISO Compliance Gap Analysis — ISO 27001/27701/42001 compliance
- Threat Assessment & Defense Guide — Threat modeling and defense
Tips
- OT environments typically score 15-30% on first assessment — this is normal for brownfield plants
- Focus on "OT Security Focused" principle first — network segmentation and industrial DMZ are foundational
- The "Business Driven" principle ensures security investment is justified to leadership
- Even partial assessments are valuable — assess what you know, mark unknowns as non-compliant
- Run quarterly to track OT security maturity improvement
- Use findings to justify budget requests for OT security projects
- Combine with IT Risk Assessment for a complete IT/OT security picture
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制