SecureState’s Logical Device Penetration follows an iterative process of initial discovery, followed by prototyping and testing to learn about the system being targeted, then finally creating tools to target and attack the system. This unique process needs to be followed because many systems use custom protocols, and so few off the shelf tools exist to test these system. Throughout this process, SecureState works to understand the business process the device is supporting, so that attacks can be tailored to the system. Understanding the business process also allows SecureState’s consultants to understand the impact of any vulnerability discovered and develop recommendations to minimize business impact.
Penetration tests are simply blind to threats effecting these types of systems, and since very little security research has been conducted, the true extent of business impact is unknown. SecureState’s Research and Innovation professionals will address these unknowns and develop customized tools to assess the devices, providing our clients with the knowledge and confidence to be resilient to a potential attack. Since the testing is adaptive by nature, the procedures are unique to each environment. SecureState follows an overall methodology when performing research projects.
The initial phase, generally done onsite, involves the gathering of various data points pertaining to the system. Using a variety of gathering techniques, all data collected will be used to benchmark system behavior and determine possible abnormalities via communication, system utilization/ processing and ICS interfaces. Additionally SecureState will perform off site research to gather previous research on the topic and look for public information on the system being tested. For example information could be gathered from vendor documentation, patent files and regulatory documentation.
Next, the data SecureState collects will be registered, processed, and analyzed using quantitative data analysis. Focusing on pattern recognition will allow SecureState to develop “modified” patterns to determine how the systems respond to valid requests. These results are opportunities and criteria for further development. These criteria will be a key component of determining the business impact in the next phase.
In the third phase, the opportunities and criteria/requirements identified in the previous phase will be used as inputs for idea creation and concept-development. SecureState will co-develop the conceptual framework used to prototype customized interfaces to the system. During this process, the “what if” scenarios will be sketched out, and any additional insights into the systems by the client will be considered.
SecureState will then begin prototype development, drawing on experiences and resources from SecureState’s R&I staff. In many instances, our staff has developed a new framework with the ability to incorporate new tools and adopt existing tools into the framework.
Once the prototype has been developed, SecureState will test various “conceptual” scenarios and determine the successfulness of the prototype based on the criteria or requirements outlined in the early phases. The testing is adaptive by nature, and includes iterations between the conceptualization and prototyping phases.
Finally, SecureState will write a detailed report, outlining each phases and providing all of the data collected and analyzed along with detailed testing results. Ultimately, SecureState will score the impact of the device's security to the business via the criteria developed and the successfulness of the prototype.