Penetration Testing

Method Purpose Short description of the method's purpose and main benefits

Method description A detailed description of the method

-MiTM attack test
* preconditions: Enable access to local network over a cable (like Cat 6, etc)
* input conditions / steps: Try to sniff network communication
* expected results: Cannot sniff network communication.

-DoS attack test
* preconditions:Enable access to local network over a cable (like Cat 6, etc)
* input conditions / steps: Try to saturate local network by sending huge amount of communication packets.
* expected results: Detection and isolation of attacker.

-ARP poisoning test
* preconditions: Enable access to local network over a cable (like Cat 6, etc)
* input conditions / steps: Try to positioning with fake ARP requesting packets.
* expected results: Local switch infrastructure protected by security systems.

-User authentication protocol
* preconditions:Enable access to local network connection over a cable (like Cat 6, etc.).
* input conditions / steps: Try to connect to system on unauthorized access
* expected results:Unable to access to any systems.

-Penetration test (firewall, router etc.)
* preconditions: Enable access to local network and external IP address
* input conditions / steps: Try to bypass firewall and router systems.
* expected results: cannot bypass firewall and router systems.

Method Strengths A listof the strengths of the method

Ability to apply real world attacks
Relatively shorter test duration compared to model‑based and simulation‑based approaches

Method Limitations The limitations of the method

Test can be carried out after full commissioning
Possible side effects on other IT systems
Not include zero‑day vulnerabilities

Method References Bibliography references to papers about the method.

Method Dimensions

Evaluation Environment Type Type of environment where the method is applied. It can be more than one type of environment. (Dimension 1)

Evaluation Type Type of evaluation performed with that method. If a method is hybrid, more than one type can be selected. (Dimension 2)

Type of Component Under Evaluation Type of components that can be evaluated with that method. It can be more than one type. (Dimension 3)

Evaluation Stage The evaluation stage where the method is used. (Dimension 5)

Purpose of the Component Under Evaluation The type of purpose that can be evaluated by a method. It can be more than one type. (Dimension 6)

Type of Requirement Under Evaluation The type of requirements that a method is able to evaluate. It can be more than one type. (Dimension 7)

Evaluation Performance Indicator The type of evaluation criteria or KPI that a method is able to improve. It can be more than one type. (Dimension 8)

Relations

Related Methods A method could be related to other methods.

Tools A method can use zero or more tools.

Part Method A method (when it is a combination: Combination of method artefact that is a specialization of a V&V Method) could be composed of a set of V&V Methods.

Test Case or Verification and Validation activity Test Case or V&V activity performed in a Use Case. We will link to the method to the test cases where the method is used.

Standards A method can be linked with standards.

Context

Workflow

Contents

There are currently no items in this folder.