SCADA Security Testing

  1. Home

We cater to a wide variety of customers typically for their network assessment, website pen-testing needs. Besides these we cover multiple offerings in the cyber security domain, for almost all industry sectors. Below are few categorized based on industry sectors which you can refer to.

IT software developemt
SCADA Based Automation
Manufacturing Company
Mobile Software Testing
Investment Consultancy
DR Site Implementation
Finance / Banking
DR Process Implementation

Case Study - SCADA Based Automation Plant


Task Title

SCADA based automation plant testing
Industry Vertical Manufacturing vendor to automation industry
Industry Details Firm manufactures electronic equipments/products Products include SCADA systems, RTUs and automation plants Product includes web interface for monitoring automation systems
Location Mumbai (India)
Time to solution 2 months

Business situation

The manufacturing firm based at Mumbai and is one of the eminent manufacturers of automation equipment. They approached Valency Networks for the purpose of performing serious and elaborate penetration testing to see if their SCADA systems and the automation plant built around those, is really secure from internal and external attacks. Purpose was also to come up with checklist to action, which would result in improved security and security monitoring.

Solution

  • Valency Networks started work via a kickoff meeting with stakeholders and studied given network and plant automation scenario.
  • A list of possible security attack vectors was created. The list was further segregated into intrusive and non-intrusive vectors, to decide which test would result into a plant shutdown.
  • A test laboratory to simulate plant and its infrastructure was created for IT components which were crucial from plants operation perspective.
  • The SCADA lab infrastructure was subjected to elaborate security penetration tests and results were recorded. These results were further utilized to create map of tests to be performed on the actual infrastructure.
  • In the presence of customer’s IT support team, Valency Networks subjected actual plan infrastructure to non-intrusive tests and gathered results.
  • Subsequent serious tests were performed without stopping plant operations or jeopardizing IT functionality. List of sever items was prepared for IT support team to action and were facilitiated with technical help as and when required.
  • Another round of re-testing was performed to ensure all the vulnerabilities were fixed.
  • Finally a detailed audit and test report with problems found and their solutions suggested was presented in front of the customer's management. IT architecture changes were suggested in the report too, with action dates and plans.

Benefits

  • Customer's senior management gained confidence in their products and SCADA based system offerings, from cyber security standpoint. This also resulted in providing a noble selling point and marketing pitch to the customer's sales team.
  • Customer's clients especially in the industry verticals such as petrochemical and power generation, gained confidence towards a better cyber security.

What Our Customers Say?

Valency Networks is a very techie company, focusing on a continuous improvement in service quality. Our customers like us exactly for that and that helps us keep our quality to the best extent.

Jane Doe

Valency Networks is our only preferred vendor because the way they find vulnerabilities in our network is par excellence. We hired them on a long term contract to top up our perimeter and wish to continue with them.

CTO
Fortune 50 Manufaturing Company, Pune
Jane Doe

Hardly goes a day when I have not learnt anything new in cyber security space and IT technologies.

Team-mate
for 6+ yrs
Jane Doe

Working at Valency Networks helps me gain great knowledge everyday.

Team-mate,
for 3+ yrs