Security testing of OT environment

Industrial automation system security


In industry, IT technologies are increasingly combined with OT. As a result of these actions, various devices, systems, and tools are integrated into the production process. In addition to the benefits associated with improving efficiency and the ability to collect and analyze data collectively, there are also threats to infrastructure security.

The current state of OT systems is characterized by a very high susceptibility to ransomware attacks, which pose serious operational and financial consequences. The threat landscape is dynamically changing, and security gaps facilitate the spread of attacks. New, robust cybersecurity strategies are necessary.

OT environment tests involve controlled threat identification and do not affect the production process. They include examining the environment’s currency and the risk of disrupting the production process by eavesdropping or modifying network traffic. The analysis results in recommendations for configuration enhancements to increase security.

Scope of tests:

  • gathering information about the tested network
  • network topology analysis (LAN and Internet)
  • scanning open ports, TCP and UDP services
  • scanning active hosts in a given subnet
  • detection of network service types and versions
  • detection of software system versions and types
  • vulnerability scanning using Nessus scanner
  • passive recording of network traffic samples from OT devices
  • estimation of threats based on system documentation
  • providing a report with vulnerabilities and corrective recommendations along with suggestions for configuration hardening.

Benefits of security audit in the OT environment