TBN-FLD / WIB
Zero Trust · OT/IT Architecture

Cyber Shield

Never trust, always verify. Continuous identity verification and per-asset containment across Pertamina EP Tambun's OT/IT estate, aligned with IEC 62443 and NIST CSF 2.0.

User & Device Verification

Continuous · Last 24h
Operator 1 · Andi R.
SCADA Operator · SOC Tambun
WS-OT-014
Verified Explicitly
Least Privilege Granted
08:42:11
Operator 2 · Sari W.
HMI Supervisor · Pad B Control
WS-OT-022
Verified Explicitly
Least Privilege Granted
08:39:04
Contractor · Budi T.
Maintenance · Bekasi VPN
VPN-7732
MFA Pending
Read-Only
08:36:18
Engineer · Ratna P.
Process Eng. · HQ Workshop
LAP-EN-007
Verified Explicitly
Least Privilege Granted
08:21:47
Unknown · ********
· Foreign IP
185.142.x.x
Blocked
Denied
08:14:02
Operator 3 · Dimas H.
Field Tech · Booster Station
TAB-FLD-09
Verified Explicitly
Least Privilege Granted
08:02:31
Verified 4 Pending 1 Blocked 1
Policy: NEVER TRUST · ALWAYS VERIFY

OT/IT Asset Mapping

4 critical assets · IEC 62443
SCADA System
OT · Purdue L2
● Online
Honeywell Experion · 4 servers · 1,284 tags
  • Explicitly Verified
  • Least Privilege Active
  • Data Fully Encrypted
Isolate Asset
Emergency containment
Master Server
OT · Purdue L3
● Online
Historian + MES cluster · 12 nodes
  • Explicitly Verified
  • Least Privilege Active
  • Data Fully Encrypted
Isolate Asset
Emergency containment
Field IoT Sensors
OT · Purdue L0–L1
● Online
Heat · Gas · Pressure · 1,832 endpoints
  • Explicitly Verified
  • Least Privilege Active
  • Data Fully Encrypted
Isolate Asset
Emergency containment
Tactical Radar
Edge · Anti-UAV
● Online
RF + Doppler · 5KM dome · 3 arrays
  • Explicitly Verified
  • Least Privilege Active
  • Data Fully Encrypted
Isolate Asset
Emergency containment
Containment protocol: Toggling "Isolate Asset" suspends all east-west traffic to the asset and notifies the SOC within 3 seconds.