– Nohau helps to identify security risk of the device and detect vulnerabilities early avoiding expensive consequences from attacks.
Cyber attacks on critical infrastructure are on the increase and are a growing concern for both system operators and the device manufacturers who supply equipment to these systems. Attacks on critical infrastructure can severely impact service uptime, data integrity, compliance and even public safety.
Nohau’s Communications Robustness Check service identifies a security risk level existing in embedded software of a device and allows fixing security issues proactively. Nohau’s Service is a rapid, economical appraisal that identifies product robustness related security weaknesses and provides direction for further analysis. We offer a service that reveals quickly vulnerabilities in attacker-accessible communications interfaces. Nohau’s security analysts use a state of art AchillesTM testing tool to run industry standard test suites that are compliant with ISA Secure Communication robustness test.
- Provides evidence for further analysis
-Supplies direction for areas of greatest concern and justifies budget for further analysis
- Enhances product security
-Focuses on addressing most critical weaknesses and reduces need for product recalls
- Protects brand reputation
-Reduces the possibility of public vulnerability disclosures
- Consulting work 3-5 days depending on project scope
- An analysis of one device and one firmware/software
- Tool licenses for consulting time
- Report describing the risk status and list of issues found
- Closeout meeting
- Executive summary
- Brief description of assessment
- Any identified vulnerabilities, areas of weakness and areas of concern. Listing line level information of issues found
- Scope for full assessment (as appropriate)
Unlike assessment services from other vendors, our service features work conducted by embedded software domain expert with the most advanced tools. All Nohau assessments are based on technical expertise developed over many years in ICS and security for embedded systems and related tools.
Communications Robustness Check may also include or be extended by:
- Security Architecture Review
- Security Code Analysis
- Software development process assessment