“This is a report from a customer project. Here we found several vulnerabilities when scanning a Linux-based device designed for industrial environments.”
Harri Susi, SW Testing & Cyber Security Specialist at Etteplan, is showing us a document that contains a detailed analysis of services provided by an IoT device and how hackers may be able to exploit it. A report like this is the first step towards more secure devices.
Suddenly the central heating is switched off and a Finnish block of flats starts getting colder. A random service denial attack from China brought the central computer of the building automation to its knees.
The block of flats made a lucky escape. But what if the target was a hospital, an industrial site or a central part of the infrastructure? Or a smart building, or a branch of an enterprise?
Software development relies on agile practices and methods, which avoid large debacles and promote teamwork. Testing is an inseparable part of the development process right from the definition phase. The tasks overlap and information moves smoothly within a modern design team. The test engineer is a team member and no longer considered a messenger of bad news.