Ensuring that Industrial Automation & Control System (IACS) cybersecurity aspects are well managed in a project is a multiple step process starting at the beginning of a project, even before selecting the supplier.

Only specifying cybersecurity requirements is not enough as the maturity of the cybersecurity solutions that can be implemented to address those requirements can strongly vary from supplier to supplier.

To properly manage the cybersecurity risk of an IACS system, the solutions must be discussed and technically validated by specialists who are aware of the IACS world. We provide security FAT and SAT test services – tailored to your cybersecurity requirements – as to ensure that the cybersecurity aspects of IACS projects is handled and implemented properly. Specific security FAT and SAT test procedures will be written which can be embedded in your cybersecurity framework and policy.

It is important to understand that during our testing, NO changes will be made to the systems under test except for those specific settings necessary for authentication testing.

The outcome of these security FAT and SAT tests will be a set of reports containing the following information:

  • Non-compliance issues compared to the agreed requirements checklist (included within the FAT and SAT reports)
  • After the FAT: Discovered vulnerabilities and weaknesses within the design and setup of the information systems under test. An indication will be given of items to solve, mitigate or accept the riskpotential mitigating measures.
  • After the SAT: Issue verification report in which the previously discovered risks are either marked as solved, not solved or to be accepted as residual risk and/or mitigated in other ways. Any newly discovered issues are mentioned as well.

Contact us for more information