Product cybersecurity assessment laboratory
Identification of threats and risks
These tests are meant to saturate the product’s communication interfaces with incorrect and/or poorly formed messages in order to check their robustness. These injected messages are generated through different techniques (fuzzing, grammars, storms) that allow to cover a wide spectrum of all possible combinations to form frames of different industrial communication protocols. In addition to checking the robustness of the products’ communications, these tests also allow to detect new, unknown vulnerabilities as a result of the analysis of the behaviour observed. The support tool for these tests is Achilles, created by GE Digital. This tool is recognised by the ISASecure certification program and supports numerous industrial communication protocols (Ethernet, TCP/IP, UDP, Foundation Fielbus (FF-HSE), MMS (IEC 61850/ICCP), Modbus TCP/IP, OPC UA, PROFINET IO, DNP3, SES-92, ZigBee SE (802.15.4), ICMP, ARP, Link State, OPC (via VCS), Heartbeat).
The purpose of these tests is to verify that cybersecurity requirements have been correctly met and to evaluate the measures implemented against the threats detected in the cybersecurity risk analysis. In short, they allow to verify the performance, correctness and robustness of the cybersecurity measures implemented. The tests can be set up as an audit to verify the correct implementation of cybersecurity requirements in accordance with the IEC 62443-4-2 standard.
Implementation testing consists mainly of performing reverse engineering of electronic components using different techniques, among which we can find: - Side channel: consists of analysing information through interfaces derived from the physical implementation of the component (consumption, electromagnetic radiation, sound, etc.). - Fault injection: consists of manipulating the device to divert it from its normal operation (voltage, clock signal, electromagnetic pulses, etc.). Information obtained by these techniques is processed using specialised equipment, and the result allows to collect sensitive information from the device (e.g. cryptographic keys) and detect potential vulnerabilities derived from implementation. The support tool for these tests is the SCA (Side Channel Analysis) channel from the manufacturer Riscure.
A PKI (Public Key Infrastructure) enables the life cycle management of digital certificates used to establish cybersecure communications between two parties. These certificates can be used, among other things, to ensure the identification and authentication of the users involved or to guarantee the integrity of the information exchanged, and are particularly useful when communication takes place between parties who do not know each other in advance. To deploy this service in accordance with currently recognised best practices, a dedicated HSM (Hardware Security Module), from the manufacturer nCipher, is available. This module is used to generate the root of trust, using the cryptographic techniques that currently offer the most guarantees and enabling the highest levels of cybersecurity in line with the IEC 62443 standard.
Comprehensive service for the development, validation and certification of products or systems with cybersecurity requirements, according to emerging standards (IEC 62443). The knowledge of our researchers and the equipment of our laboratory allows us to carry out the cybersecurity development of industrial products and their subsequent validation through different types of tests (vulnerability and penetration tests, communications robustness tests, implementation tests, functional security tests). These activities allow to carry out the pre-homologation of products, and they are used as a reference for assisting companies in the certification process with accredited entities.
Vulnerability testing consists of running tests aimed at identifying vulnerabilities in the products or systems assessed. It can be approached as black-box testing, in which external interfaces with no knowledge of the design and implementation details of the product are used to discover known product vulnerabilities (ports and services that are insecure by design, versions or configurations of insecure protocols, etc.). Nmap and Nessus are support tools for these tests. Penetration testing consists of conducting an ethical attack on the component or system in order to find weaknesses that could be exploited to compromise its confidentiality, integrity and/or availability. The purpose of these tests is to break the cybersecurity measures implemented. They are considered black-box tests that assume the role of the attacker, who would take advantage of all the public information of the device to try to exploit one or several vulnerabilities. Nessus and Metasploit are the support tools for these tests.