Improved Security Posture for ICS

Abstract

Vulnerabilities have always been the most dangerous part for any organization or an individual. Keeping that in mind, Siemens aims to have a perfect safe and secure environment for all its customers. Today, the era is of all the Internet of Thing (IoT) based devices which come under the umbrella of Operational Technology (OT) and Industry Control System (ICS) is yet another important kind for any smart technology organization like Siemens. Having all the smart devices also invites different kinds of vulnerabilities into it, which can risk out the organization in any form. So, for minimalizing such vulnerabilities, it is important to have smart ways of conducting the security tests and that is what Siemens has to offer, Industry Automations_x000D_ Having automation in place, makes it easy and quick to conduct all the security tests and the same is the heart of this as well. This presents the automation of 5 different epics (refer to Section 3.3 of this report) categorized into two different categories, MITRE ATT&CK TTPs for ICS and OWASP Top 10 Web Application Security Risks, under the umbrella of Cybersecurity. These automations make a hefty difference when in place. Starting from the development of the automations to finally, testing and validating it, is what this report is all about. All the development and testing related information is outlined in this report with all the experiments conducted as well as the surveys done to collect the absolute data and present the most efficient algorithms depending upon its kind.