SCADA and Critical Infrastructure Audit

Security for Plants, Critical Infrastructures and Industrial Systems

An audit helps preventing shortfalls in production by external adversaries. It also stops espionage or sabotage of your facilities and consequently protects your Know-How, production line and infrastructure. In addition, an audit ensures that your industry components are securely connected to prepare you for Industry 4.0.

Overview

Industry Control Systems (ICS) as well as critical infrastructures are often summarized by the buzzword SCADA. They usually consist of multiple high specialized devices that monitor and control industrial processes. Even the smallest production lines have Programmable Logic Controllers (PLC), actuators or sensors. The increasing connectivity like it is propagated in Industry 4.0 leads to new targets and new security relevant issues.

During an audit, we analyze relevant attack vectors and verify identified vulnerabilities by exploiting them if desired. In order to assess the security of your plant, we not only have a look at SCADA relevant vectors like manipulation of actuators or sensors, but also at traditional targets like web servers. An additional focus lies in separating OT/IT-networks as well as Defense-In-Depth.

Properties

A SCADA and critical infrastructure audit is a security audit where the following properties apply.

What can be tested

Control systems, critical infrastructures, industrial networks

Basis of information

White, grey- or blackbox

Source

External or internal

Strategy

Direct attack attempts or covert attack

Scope

Full or focused (concentrate on specific aspects of security)

Aggressiveness

Passive, polite, aggressive or paranoid

Get more InformationContact