Blog

Industrial Users: If you aren’t testing the I/O, you aren’t testing the device!

We know that one of the unique benefits of Achilles testing is its ability to test the functions available on I/O. When a square wave is no longer a square wave, the devices connected to a process control asset can no longer be expected to perform as designed. It is a unique value proposition of this tool, but some may question whether or not it is necessary.

Discerning industrial users and suppliers already have robust testing methodologies in place that test functionality, but device resiliency from a security perspective is undeniably a confusing topic for many folks still today. Security professionals are quick to point to fuzzers, vulnerability assessment tools, and network scanners as the tools of the trade when assessing security risk. So why not use one of these tools?

During a recent test, we had the opportunity to evaluate the performance of Achilles against a tool that fits into the category of commonly available network stack testers. This tool evaluated the control system for many hours, and only found one potential security fault. Many testers may point to this as a relatively secure control system, but our testing showed something different. Within 15 minutes, we found approximately 10 severe faults, and all but one were device I/O faults… the whole the time network stack was still active giving the “appearance” of the device being up and functional.

This should be of concern to any supplier or asset owner. It’s why we have often seen industrial processes crash when scanned by commonly available IT scanners, yet they don’t see the problem and just do it again. I will never forget an asset owner’s IT auditor that I spoke with one time that admitted they had several failures when he scanned the network, but he couldn’t understand why the process control folks kept complaining and that he intended to scan again as it was too much of a time savings to scan. Using such a tool doesn’t show enough of the picture. Asset owners that must deal with potential safety problems should accept nothing less than testing that involves monitoring not only device health and responsiveness, but also I/O functionality and performance.