Cybersecurity Acceptance Testing for Industrial Control & Safety Systems
Time & Location
About the Event
ICS cybersecurity standards such as IEC 62443 provide many requirements including access control, hardening, physical security, patch management, network segmentation and malware protection. aeSolutions refers to a core group of these as the Top 20 ICS Cybersecurity Practices which are fundamental to an effective Cybersecurity Management System. Included in this Top 20 is Security Testing. This testing is performed to verify that a new or upgraded ICS is implemented and commissioned according to the security requirements set forth in the design. This testing typically takes place in two phases in the project lifecycle: CFAT (Cyber Factory Acceptance Testing) and CSAT (Cyber Site Acceptance Testing).
The challenges of cyber acceptance testing include the type and timing of the testing and how to align these efforts project requirements, budget, and schedule. Additional challenges include equipment and site access during the current global pandemic and how to effectively execute and manage remote testing, if required. Today’s webinar will discuss the 2 types of cyber acceptance testing, CFAT and CSAT, and at what point in the ICS project lifecycle this testing occurs as well as outline their benefits. We will highlight the different approaches to CSAT and CFAT, tools deployed, typical test protocols and illustrate the concepts through case studies and lessons learned.