630/620/615/611 series Cyber Security Robustness Testing
2Pages

Cyber Security Robustness Testing Industry faces intensifying cyber security risks. In order to increase stability, security, and robustness in its solutions, ABB has formally established cyber security robustness testing as part of the product development process. Cyber security is important in all phases of a product development process, including design, implementation, testing, release and life-cycle support. One key activity in this process is robustness testing. As a result ABB has established an independent Device Security Assurance Center (DSAC). Examples of used test tools: - Achilles from Wurldtech - Mu-8000 from Spirent - Defensics from Codenomicon The test center performs a multitude of different tests, including port scanning, network flooding, vulnerability scanning and protocol fuzzing. This is done by using a variety of best in class testing platforms such as the examples listed above, as well as other complementary testing tools. Testing is performed by highly trained specialists in close collaboration with the suppliers of the test platforms. For example, ABB testing specialists receive instruction, support and accreditation directly from the test platform suppliers. Products are tested continually in different configurations with an explicit focus on operational performance. In order to evaluate product performance as precisely as possible, they are tested without additional protection such as firewalls. As a formally established practice, results from the independent DSAC testing are returned to the respective development group for resolution. Why does the ABB process not formally include product certification by third parties? ABB has chosen to concentrate its efforts on a continuous improvement process able to quickly adapt to the changing environment. Examples of performed tests Vulnerability Scanning Used to check for known flaws, identifying services with known vulnerabilities and testing with known exploits Protocol fuzzing Uses targeted manipulation of the protocol fields beyond the specification to test for weaknesses in the protocol Network flooding Floods the products with too many packets with different specified rates Power and productivity for a better world™

For more information please contact: ABB Oy, Medium Voltage Products Distribution Automation P.O. Box 699 65101 Vaasa, Finland Phone: +358 10 22 11 ABB Limited, Distribution Automation Maneja, Vadodara - 390013, India Phone: +91 265 260 4386 Fax: +91 265 263 8922 www.abb.com/relion 1MRS758432 A © Copyright 2015 ABB. All rights reserved. Power and productivity for a better world™