Aiming to support research and development of projects related to security in SCADA, and to meet our clients’ internal and external needs, S21sec has recently inaugurated a laboratory with the most appropriate resources, technology and tools.
We mentioned it some months ago
, without entering into details. Sporadically, other posts
of this blog have also made reference to it. Now, we wish to officially introduce some of the goals with which the project began:
- Assessment of the security status of on-site equipment and SCADA software. It is important to have an in-depth knowledge of the previous state of our clients’ equipment and applications in their facilities. Performing this type of analysis directly on the environments and devices is very often impossible – we promise you a post with real results very soon. The lab conditions provide us with a realistic work model and the guarantee that no damage will be done to the real infrastructure. Also, the client finds this procedure much safer and productive. For us, the assessment process is much easier, since:
Development and parameterization of security tools. To assess the security status of control equipments and applications, it is necessary to have a wide range of tools available to detect and deal with vulnerabilities. This is an expanding field in the world of control systems. There are dozens of different IT tools for auditing hardware and software. However, many of these tools are highly intrusive and therefore unadvisable for these environments, as we point out below. In the same way, some security issues cannot be assessed on-site due to a lack of specific tools. Thus, having an environment where we can, not only observe, but also manipulate the equipments’ configurations puts us in an advantaged position over other procedures, which must be developed using static elements that cannot be manipulated. The lab allows us to re-enact the targeted part of the client’s infrastructure and have preliminary configurations for those security tools that will be used during the analysis, as well as some preliminary results that can help us reshape the objectives before starting auditing.
Security assessment for third parties. With the intention to offer a high quality service to our clients, this third objective aims to give them an impartial perspective of the benefits of the solutions advertised by the vendors. Knowing first-hand the new technologies is key to choose the best security control implementations. The main advantage of the lab is that we can go beyond the mere analysis of the functions and test them in a realistic environment. This allows us to know the limitations of the product before considering it as a solution, or before guaranteeing that it can be suggested to other clients.
- Physical risk elements present in the environment are notably reduced. One example is connecting inside an energy plant in maintenance mode, which is not easy at all.
- Risks for the original infrastructure are diminished.
- It allows empirical studies in real time of various configurations to obtain different security assessments.
We will be publishing in the next posts some of the results that are already available. Specifically, a post on the Byres Security’s device Tofino will be published soon.
Elyoenai Egozcue and Iñaki López