Wall to Wall Inventory in the OT Space

ravikamma · ‎08-28-2025

Hi all - Hope everyone is doing good. I am writing to check on the approach taken to perform a wall to wall inventory for a plant. Following the below suggested model , how do you get the devices from Level 0 to Level 2 into your CMDB ? I would think it would be a flat file integration/data import and the validation of the devices would be a physical inspection ?

Looking forward to hear from any real life experiences !!

ZacharyR · 4 weeks ago

Hi Ravikamma,

I'm not an asset owner, but I've had the chance to visit a ton of plants and get to see how a bunch of different folks manage this.

Here's what I see in order of popularity:

1. excel import - most people have a BOM or excel spreadsheet that they've created over time and they use that to import these devices into their CMDB

2. OT cyber IDS - this is some kind of OT intrusion detection cyber system (like Claroty, Nozmi, Dragos, etc.), which collects asset inventory data (usually via sensors installed in the network or on SPAN ports on switches)

3. IT inventory tool - this is just for the PCs and servers on the OT network which usually make up the workstations, HMIs, etc. Examples would be like Armis or even CrowdStrike XDR

There are a couple other considerations to look out for too. Not all OT facilities are entirely networked, leaving us with "islands" of automation networks. These islands have to be captured somehow if they're not connected to the main network. Also, the spares and inventory in the stockroom are worth bringing online, but that tends to be a secondary priority to getting the live assets online.

ravikamma · 2 hours ago

@ZacharyR Thanks a ton. I think a roadmap from ServiceNow should be helpful in this case