Connected devices and the Internet of Things permeate our lives, shaping current interactions with the physical world in manifold ways. Undeniably, they triggered a revolution, fundamentally changing the role and impact of information systems. However, they also brought forth an unprecedented number of cybersecurity risks and challenges: Cybersecurity encompasses a plethora of aspects ranging from protecting data from unauthorized access, i.e. manipulation, leakage, to protecting functions from misbehavior and unauthorized exploitation, i.e. bypassing, corruption, usurpation, denial of service. Furthermore, though traditionally classified as a distinct concern, safety and cybersecurity are nowadays closely interlinked. Ensuring protection against exploitation of vulnerabilities to compromise safety in the context of vehicles, industrial and medical devices, or energy plants, for instance, has become crucial.
Large parts of today’s systems have not been designed with a focus on the security challenges triggered by increased connectivity. As a consequence, they potentially host numerous classes of vulnerabilities and weak entry points that can be exploited for security breaches. Examples range from highly publicized hardware (e.g. Meltdown/Spectre reported in 2018) or software (e.g. Stagefright reported in 2017) vulnerabilities reported by research teams or encountered in the wild and used to conduct worldwide cyberattacks (e.g. such as EternalBlue used for the WannaCry ransomware attack in 2017). Other less publicized attacks that could be reproduced on different targets include GPS spoofing attacks, remote car exploitation, commercial aircraft exploitation, etc.
Cybersecurity analysis is the key to addressing multiple attack vectors, detecting vulnerabilities and weak points at all the stages of the systems’ life-cycle. It paves the way for the application of the security-by-design principles which are a cornerstone of modern regulations such as GDPR and ePR in Europe and HIPAA in US, and promote continuous improvement.
Internet of Trust conducts cybersecurity analyses of architectures, products, systems, solutions and services by focusing on the identification of threats, vulnerabilities and/or risks. Our strengths consist in security assessment and modeling skills backed by over 20 years of experience, as well as in a proven practical methodology that focuses on the essentials and allows us to deliver sharp results and custom recommendations. Our iterative methodology allows to address specificities of verticals and use cases at any time during the analysis without any loss. This methodology was already applied in several Industrial IoT and automotive use cases.
We provide state-of-the-art services, relying on vulnerabilities databases, industry guidelines, and best practices, as well as on findings from the research realm.
The aim of a cybersecurity analysis may highly vary, ranging from compliance to regulations (internal, domestic, international, sectorial, etc.), to identification of improvement sources and derivation of supplier requirements. A typical project consists of several phases:
The first step is to determine the objectives and the scope of the cybersecurity analysis. This is generally done through a workshop to determine the (set of) products/services that are under study, the typical use cases that are in scope, to identify the stakeholders including the risk owners. This includes the choice of the methodology to apply, e.g. ISO 27005, EBIOS (Risk Manager), SAHARA, TARA, and the level of abstraction to use during the analysis.
In this step, we gather knowledge on the system from public and customer sources. This means compiling descriptions, plans, specifications, applicable standards, processes and procedures, assumptions, regulations, and identifying the system’s assets and feared events. Usually, the relevant information is distributed across the company, which leads to a close interaction with the customer and to interviews of key actors such as architects, developers, risk managers, information system administrators, and/or legal & regulation managers. This phase also includes the identification and selection of relevant vulnerabilities databases.
The next step consists in building a technical and organizational cartography of the system, which allows determining the exposure surface, as well as the security relevant parameters and their impact with respect to the behavior and the properties of the system. The metrics of the analysis and the appropriate scales of likelihood, severity, impact, etc. are defined during this phase as well.
The analysis phase consists in scanning the system’s technical and organizational characteristics, with a single or a multiple focus on vulnerabilities, threats and/or risks. The depth of the audit, which determines the type of result, is linked to the scope and precision of the cartography and to the goals of the study.
The delivery plan is tailored to meet the customer’s milestones and the goals of the project. This may include overviews and presentations, periodic, intermediate and final reports. In practice, the outcome of a cybersecurity analysis may take different forms depending on the scope and depth, for instance:
We provide three types of services, which can be customized and used together or separately:
Focused Fast Cybersecurity Analysis, which targets selected aspects of the system and is performed in a mutually agreed upon amount of time. Targeted aspects include but are not limited to core functions, processes or services, properties such as data reliability or privacy, or robustness against some types of attack vectors. For instance, when considering the supply chain of an IoT solution which tracks objects across multiple sites, the analysis may focus on the reliability of the collected data with the goal of identifying the weak components and configurations that may compromise this property.
System-wide Systematic Cybersecurity Analysis, which is an in-depth study of the solution at the hardware, firmware, and software component level. This type of analysis addresses all the sources of threats/vulnerabilities/risks depending on the scope of the study and the specificities of selected verticals and use cases if applicable) and allows deriving a variety of work products such as a vulnerabilities catalog, a risk mitigation plan, a set of requirements for suppliers, a solution/components configuration policy, etc. For instance, a low-level architecture analysis of this type allows to identify the set of potential vulnerabilities of the device or solution under consideration and the set of attack scenarios that could exploit these vulnerabilities and therefore compromise a bench of assets.
Monitoring and Maintenance Cybersecurity Analysis, which consists in the upgrade of a previous analysis, either periodically, e.g. with regard to field events, or upon system changes at technical or organizational levels. The main tool behind such a service is the impact analysis of the changes to the environment, usage, configuration, and patches to the products, which drives the revision plan and, in the end, the update of the overall results.