By now, unrestricted connectivity has almost become one of our society’s fundamental requirements. There is scarcely an area of life which does not depend on technical information systems. This applies both to industrial systems and transport infrastructures. For the producers and operators of complex technical systems, technology trends and new threat scenarios increase the need to meet IT security challenges. Internet threats should not be permitted to manipulate security-critical software in control systems for industrial equipment and transport infrastructures.
ESE Engineering und Software-Entwicklung GmbH supports its customers with the following tasks as they protect themselves against attacks on industrial equipment and transport infrastructures:
- Defence in Depth: Design complete protection plans with multiple organisational and technical protection levels
- Security by Design: Integrate specific IT security issues into the life cycle for developing functionally secure technical systems
- Define IT security requirements: Working from an in-depth threat analysis, we carry out a thorough requirements survey based on rules which are generally accepted within the sector
- Secure Coding: We produce software based on the IEC62443-3-3 IT security norm which is robust when subject to external attacks. Our aim is to detect vulnerabilities in the software at an early stage and eliminate them.
- Protect security properties: We run tests to show that the system protection measures are effective. We carry out requirement-based testing, test the effectiveness of counter-measures, test for vulnerabilities, and run penetration tests to take the system to its limits.
- Approval and certification: Our Assessment Service Center activities support you in gaining approval for your system and showing that the technical and organisational measures taken to achieve the required protection level are adequate.