// REGULATOR PACK · CONTROL FRAMEWORK ALIGNMENT
DARA · Read-only Industrial Intelligence
Control-framework alignment pack — illustrative artefact for utility CISOs and auditors
Generated
13 June 2026
Pack ID
RP-20260613-7680
Site profile
Water utility · Tier-2
Status
Illustrative · pre-pilot
This is not a compliance certification. DARA is a read-only industrial intelligence layer — every anomaly it surfaces is tagged to the control framework your regulator cares about, so your CISO can hand the artefacts straight to the auditor. The mappings below are illustrative until finalised with your CISO and named auditor during pilot weeks 2-3.
IEC 62443-3-3
System Security Requirements (SR)
| Control | Coverage | Mapping notes |
|---|---|---|
| SR 1 · Identification & authentication control | Aligned | Per-tenant OAuth + SSO; OPC UA cert-based auth on connector reads. |
| SR 2 · Use control | Aligned | Read-only client. No write methods exposed in DARA connector binary. |
| SR 3 · System integrity | Aligned | Signed connector releases. SBOM published per release. No code-loading in the field. |
| SR 5 · Restricted data flow | Aligned | Egress-only TLS 1.3. No inbound. Workspace-isolated storage. |
| SR 7 · Resource availability | Aligned | Connector rate-limited to ≤ 60 reads/min/tag. No PLC scan-cycle disruption observed in any pilot. |
NIST CSF 2.0
Identify · Protect · Detect · Respond · Recover
| Control | Coverage | Mapping notes |
|---|---|---|
| ID.AM-1 · Asset inventory | Aligned | Every connected tag, asset, and historian source is inventoried in the workspace. |
| PR.AC-1 · Access control | Aligned | Per-user, per-workspace RBAC. SOC 2 control alignment in progress. |
| DE.AE · Anomalies and events | Aligned | Each anomaly graded NOMINAL / DRIFT / ANOMALY with audit-trail. |
| DE.CM · Continuous monitoring | Aligned | 30-60s read cadence. Daily reconciled brief at 06:00 local. |
| RS.AN · Analysis | Aligned | Root-cause hypothesis generated per anomaly with action recommendation. |
AS/NZS 4360 · ISO 31000
Risk management framework
| Control | Coverage | Mapping notes |
|---|---|---|
| Risk identification | Aligned | Anomalies auto-logged to the tenant's risk register. |
| Risk analysis | Aligned | Consequence × likelihood × residual rating applied per anomaly class. |
| Risk treatment | Aligned | Each anomaly carries a recommended action and owner. |
| Monitoring & review | Aligned | Weekly trend report; monthly risk-register review packet. |
ACSC ISM (Australia)
Australian Government Information Security Manual
| Control | Coverage | Mapping notes |
|---|---|---|
| Control 1735 · OT read-only telemetry | Compliant | Read-only by design. No actuation, no writes, no PLC firmware touch. |
| Control 0072 · Data sovereignty | Compliant | AU-sovereign storage. No cross-border data transfer without explicit tenant authorisation. |
| Control 1546 · Cryptography in transit | Compliant | TLS 1.3 outbound only. AES-256 at rest. |
WSAA G2 · Water Services Association of Australia
Cyber security for water utilities
| Control | Coverage | Mapping notes |
|---|---|---|
| G2 · Section 4 · Network segmentation | Roadmap | Mapping finalised with utility CISO during pilot weeks 2-3. |
| G2 · Section 7 · Supply chain risk | Roadmap | SBOM + dependency mapping per release; tenant sign-off pre-deployment. |
Risk register · live snapshot
Every anomaly DARA flags is auto-logged to your risk register with consequence, likelihood, and residual rating — auditable, time-stamped, and exportable.
| ID | Asset | Consequence | Likelihood | Residual |
|---|---|---|---|---|
| RR-001 | Booster 2 · Northam | High | Medium | Medium |
| RR-002 | Rising-main AV-RM-4B → AV-RM-4D | High | Medium | Medium |
| RR-003 | Chlorine dosing pump 1 | High | Low | Low-Med |
| RR-004 | Aeration blower 1 · diffuser fouling | Medium | High | Medium |
DARA · 13 June 2026 · RP-20260613-7680 · Illustrative · Page 1 of 1
daraos.ai · regulator pack preview