We audit our clients' solutions and systems based on international methodologies for laboratory testing of software products. To detect this, we examine the architecture, the implementation capability, and the security features of the software. We even dig deeper down to the source code level to uncover the smallest details.
For the security functions, we check the appropriateness of their selection, the depth of risk identification, the definition of security requirements, and their implementation. Our measurements and tests follow, among others, the OWASP and ISO/IEC 15408 guidelines, in order to assess our partner's software products according to standardized, internationally recognized methods.
Our approach to the analysis of IT systems is very similar to the methodology used for the laboratory-level analysis of software products. We examine the architecture of the IT systems, the security settings, and whether the security systems used have been properly selected, implemented, and configured.
This includes a full audit of security processes, from checking their compliance to auditing role configuration and process specifications.
Industrial systems are tested at the laboratory level using the international NIST SP 800-53A and NIST SP 800-82 system safety measurement methods. We test the architecture and configuration of industrial components and systems and also perform a full analysis of the adequacy and status of the security systems in place, the roles set, and the process specifications. During the audit, ICS, DCS, and SCADA systems are also audited.
While the ICS is capable of monitoring a wide range of infrastructure and raw material systems, the DCS is a system that links controllers, sensors, operator terminals, and control elements. In addition to these, SCADA (Supervisory Control and Data Acquisition) is a system architecture for managing large and complex processes. SCADA systems are typically found in utilities, such as natural gas and electricity transmission, where control functions are distributed over a large geographical area.