Industrial automation and control systems (IACS) play an important role in modern production plants. Their robustness and safety are also becoming increasingly important due to progressive networking. Highly networked IACS are particularly susceptible to attacks from a distance, as they can be reached by an attacker from the network on the one hand, and can influence the production process on the other. Thus, an attacker has the possibility to cause damage to the production process without physical access. The attacker achieves this by exploiting weak points in the IACS. For this reason it is necessary to avoid weak points in IACS. One possibility for this is security testing. The aim is to detect weaknesses already during the development of IACS. If the vulnerabilities are already found during the development process, they can be closed before the IACS is used productively. For more information about our research in the area of security testing, please refer to the corresponding page Network Security Testing.
In our security testing laboratory, automation components can be tested with various variants of security testing. The focus here is on automated black-box tests via an Ethernet interface. In black-box tests, the system to be tested is only viewed from the outside, knowledge about internal components does not have to be included in the test. In addition to standard network protocols, weak points in communication via industrial protocols such as PROFINET or MODBUS/TCP are also examined in our laboratory. If the examined system offers a website, this is also checked for weak points. The Security Testing Framework ISuTest developed by Fraunhofer IOSB is used for this purpose (for further information see the corresponding page Network Security Testing an Achilles Testing Platform from GE and various other supporting programmes.
Through regular security tests of real hardware in our security testing laboratory, our systems are constantly evaluated and further developed. This ensures that they can meet the current security testing requirements for industrial automation components.
In previous tests, bus couplers, (safety) controllers, switches and edge devices were examined for existing weak points. In general, it is possible to examine systems that provide communication via an Ethernet interface.
Our well-equipped Security Testing Laboratory enables us to offer various services. We can carry out security tests for manufacturers in our laboratory. The above mentioned investigation methods can be applied. We can also provide our laboratory for manufacturers who want to have their hardware tested by their own developers using our environments. If the goal is to carry out the hardware tests in your own company on a long-term basis, we can also advise on setting up a security testing laboratory at the manufacturer's premises.
The research project CyberProtect also focuses on security testing and the establishment and further development of a security testing laboratory. Through regular security tests of real hardware in our security testing laboratory, our systems are constantly evaluated and further developed. This ensures that they can meet the current requirements for security tests in the field of industrial automation components.