Industrial Controls: Securing the Most Critical IoT Systems and Processes
With the introduction of networked and connected devices across industrial, building, maritime and agricultural systems, they have become much more sensitive to security risks. As part of our IoT developments, we are able to support partners from design choices up to and including verification of the chosen security architecture in practice on hardware and software level.
Connected device centric security evaluation of control systems
The connectivity of critical infrastructure systems requires much stronger consideration of device trustworthiness and integrity of the data flow.
Due to our device centric heritage, our team is uniquely positioned to evaluate the security of architectures which include substantial hardware and software interdependencies like many of today’s IoT systems.
As a security lab, we have reviewed the most relevant device hardware architectures in the world and have particularly large experience with System-On-Chip solutions and ARM hardware. Our software expertise is grounded in over a decade of embedded device experience and more recently as a leading evaluation lab for Trusted Execution Environments.
Whether for secure process control and sensoring with secure data flows and authentication or access solutions, we have the ability to assist partners in establishing RfQ requirements for the acquisition of a solution, evaluation of the robustnesss of a proposed architecture or verify and validate the robustness of a vendor solution for commercial purposes against either a simple 3rd party standard or established schemes like Common Criteria and GlobalPlatform.
Get started with our Security Canvas Workshop
If you are embarking on an innovation or RfQ for a connected industrial system but are evaluating which security requirements to consider, we would strongly recommend you start out with our Security Canvas Workshop to enable a "security by design" process. This is a one week effort together with one of our analysts, which is intended to give you solid insight into: assets to be protected, attacker profiles, threat modeling and attack tree definition.
Find more training and coaching options in our training academy course catalog.Training Academy
Become security self reliant in your development process
Riscure is a world leading provider of security testtools, built on a 15 year heritage in security knowledge. Many commercial security labs, vendors, government agencies and academic institutions use our tooling to execute evaluation, certification and research projects.
Because they are industry standard tooling, integration in your development cycle can help you spot problems early and independently, avoiding costly mistakes late in the development and will also be verifiable by third parties or certification bodies.More information on our test tools