Audit of industrial systems

Evaluate the level of security!

Cybersecurity of industrial systems

Industrial system architectures have undergone major transformations in recent decades. Today, they are highly computerized and interconnected with traditional information systems (industry 3.0), and even with the Internet (industry 4.0). While functional security (or safety) is a well-mastered issue, industrial systems are now exposed to the same cyber threats as traditional information systems.

The consequences can nevertheless be potentially dramatic: pipeline rupture, water pollution, tramway derailment, sabotage of a nuclear reactor, etc.

The support of industrial actors has become a necessity, in order to raise awareness of cybersecurity risks among a potentially unaware population. In this sense, the SSI audit is an efficient way to evaluate the security level of an industrial system and its associated control devices. Industrial systems rely on IT technologies (control systems) but also on non-standard components (PLCs) which have a high availability risk.

In carrying out industrial system audits, Synetis uses a global, structured and pragmatic approach to take into account the organizational and technical constraints of your production environment (equipment sensitivity, diversity of entry points, partitioning of industrial networks, specificity of technologies, management of obsolescence) and focuses in particular on verifying both organizational and technical security measures, as well as the exposure of industrial networks to the risks of cyber intrusion.

Synetis uses the ANSSI guides relating to the cybersecurity of industrial systems to address potential industrial risks. In its approach, Synetis checks the following points (non-exhaustive list):

  • Statements about the employment context (including chain of custody);
  • Physical, logical and application mapping verification;
  • Backup Plan;
  • Document management ;
  • Analysis of the design and specification phases.

Read more

  • Account and Authentication Management;
  • Industrial system partitioning;
  • Protocol Security;
  • Hardening of configurations
  • Active monitoring process on vulnerabilities and maintenance of a configuration repository on industrial system components;
  • Mobile equipment management;
  • Safety of consoles, stations and posts.
  • Industrial system monitoring.

Read more

To complete the previous work, intrusion tests on industrial systems allow (for teams whose job it is not) to integrate the cyber problem within the industrial environment. After a reconnaissance phase of the industrial system as well as the discovery of active equipment (tcpdump probe, passive and active ARP scans, etc.) and services (TCP and UDP scans, etc.), the Synetis auditor seeks to identify the key components of the industrial system such as RTU or PLC type programmable logic controllers (PLCs), control systems (SCADA), supervision and management systems, etc. Finally, before the auditor's manual testing phase, the auditor verifies the presence of vulnerabilities through a vulnerability scanning solution and the use of SCADA categorized plugins. Other aspects can also be treated such as the search for the use of default passwords, the identification of access accounts from the HTTP service of certain automata, etc.
The vulnerabilities generally identified on industrial IS are :

Protection and monitoring of

Our Audit experts
answer your questions