Attack and Penetration Testing
Assuring your safety critical systems have no cybersecurity vulnerabilities prior to making them operational in your environment is one of the challenges you face when extending your network or even modifying an existing sub-system. Approaching your operational systems like an attacker is the essence of conducting penetration testing, in order to identify and characterize practical security-related issues focused on discovering and exploiting vulnerabilities in your system. This process is required to ensure
efforts have been taken to discover security-related issues that could allow your system to be exploited.
We perform attack and penetration testing on your rail operation systems including signaling and control systems, onboard systems, and wireless communication networks. The purpose of the tests is to
identify security-related issues in the system that could allow it to be exploited. This drives you towards implementing solutions to reduce and mitigate the vulnerabilities, in order to keep the critical operational network protected from cybersecurity attacks.
During the test, we will attempt to penetrate the identified systems using an agreed controlled testing environment and approach, which will guarantee that safety won’t be compromised. Our approach
utilizes our in-depth knowledge of rail-specific technologies and protocols and a specialized toolkit for testing rail equipment. Our penetration testing methodology is based on the guidelines of the IEC 62443 standard and follows an approach that includes discovery, vulnerability identification, and exploitation phases.