River Caudle
OT / ICS security · field research & frameworks

Index · Methodologies · Portfolio

Frameworks

The Riverman methodologies for industrial networks.

Six frameworks, each addressing a different problem on the plant floor: from how networks are designed, to how they are secured, to how they are troubleshot, to how the people who run them learn the work. Each is small, named, and meant to be carried in the head.

Free to plant operators and industrial workers. Forever. Commercial use under the Riverman Fair License v2.0.

River Caudle · Riverman · OT/ICS Security Practice

§ Design

How the network gets built.

F.01Network Design

SHIP Framework

Standardize · Harden · Isolate · Protect

Four steps for designing industrial networks that actually serve the people who depend on them. If you can't explain your network on one page, it's too complex.

Read the framework →

§ Security

How the network gets defended.

F.02Cybersecurity

SECURE Method

Segment · Establish · Control · Update · Respond · Evaluate

IEC 62443 simplified for industrial networks. Six steps mapped to the standard. Making industrial cybersecurity standards actually usable.

Read the method →

§ Troubleshooting

How the network gets fixed.

F.03Troubleshooting · Linear

RIVER Method

Reboot · Inspect · Verify · Examine · Replace

Layer-1-up, physical-first troubleshooting. For the tech on shift. When in doubt, follow the RIVER.

Read the method →
F.04Troubleshooting · Cyclic

STREAM Method

Scope · Test · Replicate · Execute · Assess · Mitigate

Cyclic methodology for intermittent, remote, and multi-system problems. Execute → Assess → Execute → Assess until you reach the solution.

Read the method →

§ Training

How people learn to do the work.

F.05Knowledge Transfer

Schema on Read vs Write

Adaptive · Analogical · Trade-native

Training framework that builds on what skilled trades already know. Flow systems, feedback loops, hierarchical organization. Instead of replacing it.

Read the framework →

§ Doctrine

How the work is held.

F.06Change Management

OT Stability Doctrine

In OT, change is risk. Stability is security.

Why "if it ain't broke, don't fix it" is professional excellence. Firmware longevity as a feature, not a flaw.

Read the doctrine →
F.07Architecture · External

Industrial Independence Architecture

One unit per zone · scope is the only thing that changes

Operational sovereignty for industrial infrastructure. The full doctrine lives at industrialindependence.org.

External site ↗

§ How They Fit Together

The stack is small and they stack.

SHIP is what you build, SECURE is how you defend it, RIVER and STREAM are how you fix it, Schema on Read is how you teach it, and the OT Stability Doctrine is how you stop people from breaking it. The Industrial Independence Architecture is the lens through which they all line up.

If you're starting from zero on a plant floor:

  1. SHIP first. Without a designed network, the rest is renovation on rotted wood.
  2. SECURE second. Apply IEC 62443 against the network you just built.
  3. RIVER in the badge pocket. For daily troubleshooting at the cabinet.
  4. STREAM on the desk. For the cases RIVER can't catch.
  5. Schema on Read when you hire. So trade expertise becomes network expertise faster.
  6. OT Stability Doctrine as your defense. When IT shows up Friday afternoon demanding you patch.
All frameworks · originated by River Caudle Used under the Riverman Fair License v2.0

River Caudle · river@riverman.io · Houston, Texas