iot-background.jpg

IoT Industrial

Scassi is an IoT expert.

Our business: securing critical assets

The development of Industry 4.0 is characterised by the convergence of IT and OT. The interdependency of systems creates security flaws and risks associated with the operation of industrial sites (production stoppage, loss of data, modification of configurations, performance alteration, etc.).

Sites using critical assets see several generations of equipment coexist with different security rules. Some equipment does not have an access management system or is simply equipped with obsolete perimeter protection systems .

Our technical team is composed of electronics experts, industrial systems’ experts, low-level programming engineers, software developers and pentesters.

Our technical team is supported by Scassi Consulting’s Governance and Compliance centre of expertise.

Scassi is behind the IoT Smart & Secure label distributed by the Digital 113 cluster.

A few examples of projects carried out by SCASSI engineers:

  • Configuration audit and support to secure industrial installations
  • Survey of equipment and mapping of IT/OT interconnections, identification of access points, analysis of vulnerabilities (equipment, systems, software, organisation).
  • Recognition of connected components made by practices at the frontier of professional missions (smartphones, mass-market smart objects, etc.).
  • Technical and organisational recommendations in terms of cybersecurity.
  • Support and training to maintain the IoT security plan for critical assets.
  • Inclusion of new requests for monitoring and managing industrial assets through, for example, predictive maintenance with a heavy reliance on new smart objects or objects connected by the addition of connected gateways.
  • Hardware and software intrusion tests on the installation’s IT and OT components.

Main technologies:

  • Field bus (serial, CAN, Modbus, Profibus, etc.)
  • Industrial Ethernet (Profinet, EtherCAT, Modbus TCP, etc.)
  • Wireless (BLE, WiFi, Sigfox/LoRa, NB-IoT, Nest etc.)
  • Ethernet IT

Our methods:

  • Radio analysis: SDR key, hackRF, bladeRF, Bluetooth hack kit
  • Analysis of hardware and embedded software: Bus Pirate, sensors and microcontrollers, JTAG, SWD, logic analyser
  • Electronic analysis (electronic assembly and disassembly, design of specific boards, tools and connectors)
  • Forensic tools (X-Ways Forensics, Cellebrite UFED, MAGNET IEF)
  • Low-level reprogramming of electronic boards
  • Reverse engineering software
iot-bottom.jpg