For the evaluation of the system and especially networks security of an industrial control system (ICS) emlix offers a security review with thorough network tests and a fundamental analysis of the Linux platform. Besides the analysis of the current state of the product security as well as indications to threats, specific advises for increasing the system security are part of the scope of services.
The security review is based on industrial best practices. Development, product management and marketing shall be enabled to evaluate the recent level of development against the background of customer requests concerning ,,cyber security”, ,,embedded IT compliance” and ,,industrial security.”
Our security review includes e.g. the following services:
- Analyzing the product and its operational environment
- Implementation of network and interface testing
- Analyzing the applied software packages
- Evaluation of the applied software architecture and system
Additionally testing of security relevant functionality of the application and critical parts of the system can take place.
The results of the security review are summarized within a security report which will also include recommendations for action. In conclusion, a joint evaluation of findings, status and risks between customer and emlix engineers takes place. Furthermore, the security review of embedded Linux board support packages may serve as a basis for the announcement of product features as well as supplier declarations.