Security Testing

Secured products can only be reached thanks to a combination of actions, from implementing security guidelines

while designing a product to managing monitoring tools once in the field. Nevertheless, an important milestones in the life of a product

is when it is ready to be shipped, or in an advanced drafted shape.

That is the right moment to conduct security testing, making sure the product is robust and/or comply with the targeted industry security requirements. Let’s see how a security testing mission can support a company in its strategy of delivering only safe products.

The security testing value

Whatever the composition of a product, hardware, software, it can be tested against its security merits. Security testing with an experienced security lab is about making sure the product you designed and implemented is ready to actually be distributed, aka, falling potentially in the hands of hackers. What does security testing bring to your company? Security testing, made by experts labs is a business decision tool.

 

It allows to take decision to invest more (or not) into security measure to re-inforce or not the security of a product. So the real value of a testing lab is to identify valid attack scenario and let the product owner aware of the risk taken, while deploying his products. How can Security Labs such as Trusted Labs can get that?*

The quest for vulnerability

Security Labs are one step ahead hackers to detect vulnerability. Because, in addition to have survived to a number of attack, analysis, and security certification, Security Labs like TrustedLabs have access to product documentation and are able to analyses the entire stack of the product. Professional security testing relies on reading code, playing attacks that may cover software and hardware aspects. One angle for identifying vulnerabilities is to focus on the code, and more specifically on sensitive functions, such as secure boot, secured storage and authentication. Another usual angle is to perform reverse engineering, attacking the physical interfaces of the product, analyzing interfaces in normal and debug configurations, probing all communication ports, and dumping the flash memory.

 

That is to make sure the product does not leak any of the sensitive code or data or process it contains. One last series of important checks by our security experts, is to make sure that when the product is composite, made of different libraries, coming from different parties, and requiring configuration, all the versions of the products are resistant to the attacks. Last but not least possible angle is to stress all the product interfaces. This is to make sure that, despite the multiple or wrong commands, the product still answers correctly and stay safe, even in a fail state. All those vulnerabilities detection are made thanks to highly skilled scientists and security engineers, and usually mix the white box or black box methodology.

Testing security report

After having extensively looked for vulnerabilities, and potentially found some, the security expert can build some attack scenario and associate to it two important notions: i) what would be the impact of exploiting such a vulnerability thanks to a possible attack and ii) how probable it is that someone actually plays that specific attack, iii) the skills required to conduct such an attack, giving an idea of potential attackers.

 

This combination of information gives a serious idea of the risk taken by rolling out the product in the field. This is the security report that our customers are paying for. By having an extensive description of the vulnerabilities found, and the possible ways to exploit it, our customers can take decision to invest in security improvement. The testing security report can also contain some recommendation to upgrade the security of a product, if this is required by the customer.

Security certification

All well-known security certifications such as CSPN, GPTE and Bancontact BCMC are also requiring this kind of security testing. Each security certification scheme is defining an exact scope for conducting the security tests. The security certification details the test cases, the conditions (with or without code and documentation), the conditions of attacks (reduced material or unlimited material), and the duration of the testing. In that case, the security labs has to be certified by the certification scheme. Trusted Labs as of today is labelled for conducting security certification for xx, yy, zz (to be detailed)