Penetration Testing

Analysis of sensor data and server-PLC communication to evaluate the system robustness in the case of sensor data manipulation and to evaluate effects of data manipulation in communication between server and PLC, including several attack types such as man in the middle (MiTM), Denial of Service (DoS) and Address Resolution Protocol (ARP) Poisoning.

-MiTM attack test
* preconditions: Enable access to local network over a cable (like Cat 6, etc)
* input conditions / steps: Try to sniff network communication
* expected results: Cannot sniff network communication.

-DoS attack test
* preconditions:Enable access to local network over a cable (like Cat 6, etc)
* input conditions / steps: Try to saturate local network by sending huge amount of communication packets.
* expected results: Detection and isolation of attacker.

-ARP poisoning test
* preconditions: Enable access to local network over a cable (like Cat 6, etc)
* input conditions / steps: Try to positioning with fake ARP requesting packets.
* expected results: Local switch infrastructure protected by security systems.

-User authentication protocol
* preconditions:Enable access to local network connection over a cable (like Cat 6, etc.).
* input conditions / steps: Try to connect to system on unauthorized access
* expected results:Unable to access to any systems.

-Penetration test (firewall, router etc.)
* preconditions: Enable access to local network and external IP address
* input conditions / steps: Try to bypass firewall and router systems.
* expected results: cannot bypass firewall and router systems.

  • Ability to apply real world attacks
  • Relatively shorter test duration compared to model‑based and simulation‑based approaches
  • Test can be carried out after full commissioning
  • Possible side effects on other IT systems
  • Not include zero‑day vulnerabilities
     

Method Dimensions
Open evaluation environment
Experimental - Testing
Hardware, Software
Other
Thinking, Acting, Sensing
Non-Functional - Security
V&V process criteria, SCP criteria
Relations
Contents

There are currently no items in this folder.