Works with the AI tools you already use

    CCCGGVW

    Scada Hmi Security Assessment

    by LocoLoboZ

    2

    Perform evidence-based security assessments and compliance audits for SCADA/HMI systems in OT environments.

    $20

    · or 100 credits

    30-day refund guarantee

    Secure checkout via Stripe

    About this skill

    Professional Security Auditing for SCADA & HMI Systems

    Maintaining security in Operational Technology (OT) environments is critical but complex. This skill provides a structured, developer-centric framework for conducting evidence-based security assessments of SCADA systems, HMIs, and engineering workstations.

    What it does

    Evaluates SCADA Human-Machine Interface security across four assessment categories - authentication, communication security, web HMI vulnerabilities, and OS hardening - producing a structured findings report with IEC 62443 and NIST SP 800-82 compliance mapping. Works from HMI system inventory, authorised test environment access, optional network PCAP files, and HMI configuration JSON exports. Includes 21 structured checks (AUTH-01 to HARD-05) mapped to IEC 62443 SR references, a full HMISecurityAssessment class for guided manual walkthroughs, and an automated CLI agent for port scanning, PCAP protocol analysis, and configuration file review using only Python stdlib. Suited to OT security engineers, ICS assessors, and compliance teams preparing for IEC 62443 or NERC CIP audits in manufacturing, energy, and process industries. This is a working baseline skill, ready for use and modification to suit your specific use case as needed.

    Why use this skill

    • Safety-First Analysis: Built specifically for ICS/OT constraints, ensuring remediation plans respect operational availability.
    • Audit Readiness: Aligns findings with industry standards like IEC 62443, NIST SP 800-82, and NERC CIP.
    • Evidence-Based Reporting: Distinguishes between confirmed facts and evidence gaps, preventing "hallucinated" security conclusions.
    • Tool Agnostic: Adaptable to any HMI platform (Ignition, FactoryTalk, WinCC) or monitoring stack (SIEM/EDR) provided by the user.

    Structured Output

    The skill produces modular technical outputs including a detailed Findings Register, an Evidence Gap Analysis, and a Remediation Plan with prioritised risk treatment actions.

    Details

    How to install

    Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.

    Security Scanned

    Passed automated security review

    Permissions

    Terminal / Shell

    Allowed Hosts

    external domains: user-supplied target ip only (opt-in http credential check via --http-check flag) network access: tcp socket connections to user-supplied target on ics ports (102, 502, 44818, 20000, 1962, 2404). http connections via urllib.request to http://{target}:{port}/ only when --http-check flag is explicitly passed

    File Scopes

    performing-scada-hmi-security-assessment/**

    Creator

    I design and publish skills built from real professional practice across three areas: cyber security consulting, business operations, and AI workflow engineering. My cyber security skills draw on active advisory work spanning governance, risk, compliance, assurance, and executive reporting. They are built for practitioners who need structured, defensible outputs - not generic templates. My business operations skills cover the day-to-day work of running a consulting practice: bookkeeping, financial tracking, expense reconciliation, and marketing content - designed to reduce repetitive overhead and keep outputs consistent. My AI platform and workflow skills are built for people who want to get more out of Claude and similar platforms - covering prompt engineering, skill architecture, automation pipelines, and agent enhancement. Every skill I publish has been tested in production use before it reaches the marketplace. If it is here, it works.

    Frequently Asked Questions

    More Premium Skills