Our cyber lab provides a controlled environment prepared for testing many different elements relating to Industrial Control Systems (ICS) and Internet of Things (IoT). The lab is managed by a team of Operation Technology (OT) experts who possess specialist IT security knowledge, so they can add real value to the test results.

Our cyber lab is accredited to carry out assessments against recognized National Cyber Security Centre (NCSC) schemes, as well as develop custom assessment profiles and evaluate against them. We have experience testing IT hardware, software, services and embedded systems. Assessments are carried out by CHECK testers, ISO/IEC 27001 lead auditors and NCSC - Certified Professionals (CCP) to ensure they are completed to the highest standard.

Our cyber lab assessment schemes:

Cyber testing services provided

Vulnerability discovery

A wide range of industrial control and IoT devices can be tested, in order to expose vulnerabilities. Methods for vulnerability discovery provided by our cyber lab include:

  • Penetration testing
  • Fuzz testing
  • White box / black box testing

Code analysis

Code analysis can be applied to industrial control and IoT devices, to ensure the appropriate sanitization. Applications we examine include:

  • Control logic analysis (for industrial control devices)
  • OWASP benchmarking

Vulnerability remediation

To countermeasure the vulnerability findings, we provide remidiation in the form of:

  • Physical controls
  • Architecture best practices

Testing a wide variety of hardware, software and protocols

Our cyber testing team can examine a variety of hardware, software and protocols.

Hardware:

  • Control devices: PLCs, RTUs, and DCUs
  • Control network devices: I/O concentrators, control servers
  • IoT: smart meters, smart domestic devices

Protocols:

  • SCADA: Modbus, DNP3, IEC 60870, Profinet
  • Wireless: Wi-Fi, Bluetooth, ZigBee

Software:

  • SCADA software
  • Web applications
  • Mobile applications


eDiscovery and digital forensics

Our consultants take a comprehensive approach to managing digital investigations. We leverage specialist skills, proven experience and advanced technology to deliver forensically sound results. Our digital investigations are carried out in our ISO/IEC 27001 certified laboratory, ensuring data security and client confidentiality are maintained at all times. 

Our eDiscovery and digital forensics security testing lab is controlled within a sandboxed network and used to conduct:  

  • Malware analysis
  • SCADA forensics
  • Secure code development 
  • Data collection from cloud based sources