DNVGL.com

Cyber security health test

DNV GL’s health test offers the most comprehensive and cost-effective cyber security validation for energy IT systems, smart grid components and smart meters.

Contact us:

Elena Henriquez Elena Henriquez
Head of Section Intelligent Networks & Communication
SHARE:
PRINT:
Cyber security health test

Smarter electricity grids mean IT systems in the energy industry are becoming ever-more complex. And that makes cyber security more important and more challenging. As a result, rigorous testing is essential to ensure your critical infrastructure is secure. DNV GL’s cyber security health test offers the most comprehensive and cost-effective cyber security validation for energy IT systems, smart meters and smart grid components

Our health test service takes a fresh look at cyber security testing to help you identify and address more threats to cyber security than ever before. It uses the proven bottom-up, in-situ or white-box testing approach. This exploits knowledge of your system to pinpoint vulnerabilities that black-box or penetration testing could miss. It also provides detailed and testable system and procurement cyber security requirements.

By translating international security standards into specific technical requirements for each component type, we have developed a set of detailed test cases. Using the well-known Common Criteria methodology, our analysts identify which test cases are relevant to your device. Then, exploiting knowledge of how the device is applied in your system, they perform a series of exploit and robustness tests that are tailored to energy IT and smart meter protocols. This allows them to verify how secure the device is to all globally known vulnerabilities.

A complete cyber security health test

  • Thorough cyber security testing of energy IT, smart grid and smart meter components
    • Based on international standards such as IEC 62351, NERC-CIP and IEEE 1686
  • Identify relevant test cases using well known Common Criteria methodology
  • Perform a series of exploit and robust tests to highlight any vulnerabilities
  • Detailed report back of findings and possible mitigation measures
  • Suggestions for improvements the device for dialogue with management or vendor