Security Claims Evaluation is an open and easily configurable cybersecurity platform for the evaluation of endpoint, gateway, and other networked components’ security capabilities.
In an industrial environment setting, monitoring of sensors provides a window into the system and operational efficiencies. Specifically, monitoring key parameters such as temperature, vibration, currents, and voltage provide the operator with insights into whether operations are normal, within normal failure mode, or whether there is an indication of a cybersecurity/security breach.
Security Claims Evaluation provides a platform for users to evaluate whether data from the sensors under test is indicative of normal operation or abnormal operation in a non-invasive and non-intrusive manner. Furthermore, using machine learning in combination with real-time analytics capabilities, the sensor operation can be monitored and analyzed 24/7. Logging of abnormal events can be performed for further assessment and future remediation actions. Through running a pre-defined security test suite that encompasses pen testing, known vulnerabilities, and other testing methodologies, testbed users’ security claims can be evaluated at a single or multiple connection points – encompassing an endpoint to a gateway to cloud assessment. A report based on the test results can be provided to users describing potential security weaknesses and proposed recommendations and remediation methods.
The main objective is the software roll out to customers. At a closer look the licensing platform should be an entry point for end users with granted rights only to access their specific licenses, safe enough to guarantee a protected environment even without dongle distribution in the field, and fully powerful for optimal and swift data processing even on a time box implementation scenario.
In order to prevent eavesdropping, most vendors encrypt the data being transmitted by wireless keyboards, however it appears that the same security was not built into the mouse communications. The communication between the dongle and mice tested by the research team showed that there was no authentication in place, leaving the dongle unable to determine the difference between commands originating from the user’s mouse and those coming from an attacker. This results in the ability for an attacker to pretend to be a mouse and transmit their own packets to the dongle.