- Beginning of the page
Vector is known for the full portfolio of testing tools. Vector Consulting also delivers external and independent Security Testing. We support companies worldwide , ranging from Code Quality Analysis, to Unit tests, Fuzzing and Penetration Testing. Our novel Grey-Box PenTest techniques yield better vulnerability with lower cost. All test is also offered as remote activity.
At Vector Consulting, we are using a specific methodology for risk-based testing. While brute-force testing might sound appealing to detect weakness at any place, it is expensive and not effective. No test is complete, and brute-force PenTest for sure will overlook specific feature correlations.
Vector therefore has developed our own Grey-box Security Testing suite where we conduct a mini-TARA and on this basis, identify the attack vectors and test focus based on assets and risks. It is grey-box because we follow the black-box security testing approach, while considering specific risks due to attacks and implementation. For instance, a specific architecture or protocol – when known – invites specific attacks, such as CAN with DOS attacks. On this well-founded methodological basis, the security items in scope of the security engineering process are identified and agreed.
"Vector Consulting Services is a good partner for Claas to implement cybersecurity. Claas had great benefits from the Vector team for TARA and Security Engineering."
- Alexander Grossmann, Manager, Claas
"Vector Consulting Services supported Panasonic with cybersecurity, demonstrating an outstanding level of expertise. The goal of a comprehensive TARA integrated into a security concept was achieved. The support was intense and very successful!"
- Michael Prantke, Project Manager, Panasonic
- Frame fuzzing is used to check the general robustness of the device. To detect any ‘silent’ services that may be available in the system but only activate upon receiving a CAN frame with a specific ID, a CAN-Frame Fuzzer is used which is able to generate random CAN frames within a configurable address range.
- Signal fuzzing is used on the database defined messages to target the application software of the DUT with forged signal data which may uncover unexpected behavior, like resets. Such behavior of the target may point to a software vulnerability which may be exploitable.
- Interface Discovery: All available hardware interfaces of the system will be determined, and preliminary tests will be performed to detect target responsiveness towards communication attempts over the respective external interface.
- Network Discovery: The network traffic will be analyzed to determine used protocols, communication patterns and determine the systems baseline behavior.
- Network penetration test: With the information from network discovery, we are able to mount network-based attack against the system, using low-level access to the bus to stress the DUT with forged frames.
- Software penetration test: Through reverse engineering vulnerabilities are searched and possible attack vectors determined.
- Grey-Box penetration test: We conduct a mini-TARA and on this basis, identify the attack vectors and test focus based on assets and risks. It is grey-box because we follow the black-box security testing approach, while considering specific risks due to attacks and implementation. Grey-Box PenTest enhances test-effectiveness and cost-efficiency thanks to the knowledge of architecture, good traceability, attack-free accuracy and risk-analysis.
Code Quality Analysis
- Architecture analysis: Verification of the implemented architecture against the planned architecture
- Design and code analysis: Identification of typical design weakness, verification of the source codes with regards to compliance with programming specifications or critical code areas.
- Preventive defect analysis: Tool-supported analysis independent of suspicion on faulty or critical programming construction and maintenance risks.
- License analysis: Early identification of open source components to check the legal requirements.
TECHNICAL ARTICLE HIGHLIGHT
Published on IEEE Software, 03-04/2020
Cybercriminals can break into any connected system. Traditionally, IT systems with their many open interfaces had been in the focus of attackers, while embedded systems were perceived to be too difficult to hack and not worth the time and energy required. But as systems have added Ethernet, WLAN, USB, Bluetooth, GPS, and other connectivity features, the number of attack surfaces has increased. The most popular hacking method involves attacking a diagnosis port, or otherwise open interface, which can give a malevolent party access to functions or, at least, the ability to corrupt data and prohibit performance such as denial-of-service attacks.