A Security Assessment Methodology for Critical Infrastructures

  • Marco CaselliEmail author
  • Frank Kargl
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8985)


Interest in security assessment and penetration testing techniques has steadily increased. Likewise, security of industrial control systems (ICS) has become more and more important. Very few methodologies directly target ICS and none of them generalizes the concept of “critical infrastructures pentesting”. Existing methodologies and tools cannot be applied directly to critical infrastructures (CIs) due to safety and availability requirements. Moreover, there is no clear understanding on the specific output that CI operators need from such an assessment. We propose a new methodology tailored to support security testing in ICS/CI environments. By analyzing security assessments and penetration testing methodologies proposed for other domains and interviewing stakeholders to identify existing best practices adopted in industry, deriving related issues and collecting proposals for possible solutions we propose a new security assessment and penetration testing methodology for critical infrastructure.


Critical infrastructure Penetration testing methodology Security assessment Industrial control system 


  1. 1.
    Deraison, R., Meer, H., Walt, C.V.D.: Nessus Network Auditing. Syngress Media Incorporated (2004)Google Scholar
  2. 2.
    Searle, J.: NESCOR Version 3 - Guide to Penetration Testing forElectric Utilities (2012).
  3. 3.
    Herzog, P.: OSSTMM 3–The open source security testing methodologymanual (2010).
  4. 4.
    Scarfone, K., Souppaya, M., Cody, A., Orebaugh, A.: NIST Special Publication 800–115: Technical Guide to Information Security Testing and Assessment (2008)Google Scholar
  5. 5.
    Rathore, B., Brunner, M., Dilaj, M., Herrera, O., Brunati, P., Subramaniam, R.K., Raman, S., Chavan, U.: ISSAF 0.2.1 - Information Systems Security Assessment Framework (2006)Google Scholar
  6. 6.
    CRitical InfrastructureSecurity AnaLysIS (CRISALIS) (2012).
  7. 7.
    Duggan, D., Berg, M., Dillinger, J., Stamp, J.: Penetration testing of industrial control systems. Sandia National Laboratories (2005)Google Scholar
  8. 8.
    Metasploit, L.: The metasploit framework (2007).
  9. 9.
  10. 10.
    UtiliSec, Samurai Project’s Security Testing Framework for Utilities (Samu-raiSTFU).
  11. 11.
    Offensive Security Ltd., Kali Linux.
  12. 12.
    Radvanovsky, R., Brodsky, J.: SCADA Strangelove or How Ilearned to StartWorrying and Love Nuclear Plant.
  13. 13.
    Matherly, J.: Expose online devices, May 2013.

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.SCS GroupUniversity of TwenteEnschedeThe Netherlands
  2. 2.University of UlmUlmGermany

Personalised recommendations