aeSolutions believes that ICSs should undergo Cybersecurity Acceptance Testing (CAT) following FAT and/or SAT. CAT should include verification that the system complies with the ICS Cybersecurity Requirements Specification. For example, the required security settings were configured correctly and the necessary security components (e.g. firewalls) were installed and properly configured. Additionally, CAT should include cybersecurity robustness testing, sometimes referred to as penetration testing, which is testing designed to discover and identify the weaknesses or vulnerabilities in a system. This type of testing should not be performed on a production system, but it can be safely performed before the system is operational.
aeSolutions offers Cybersecurity Acceptance Testing procedure development and testing.