Our approach to ICS/SCADA Security Consulting

Our ICS / SCADA security testing follows a step-by-step methodology. The methodology is based on the CREST ICS Testing methodology and is compliant with NIST standards.


Pre Engagement

This first stage helps the client and security consultant identify the business intent of the engagement and comprehend the ICS process model of engagement, thorough analysis & mapping of the in-scope framework, devices, and infrastructure, and ensuring that the company's day-to-day operations are not jeopardised.


Threat Modelling

This phase's main goal is to create a threat profile using aggressive threat intelligence and threat modelling exercises. As a result, security consultants can better tailor the best test cases for identifying major vulnerabilities.


Asset Identification

The target environment, such as ICS devices, network topology, and device configuration, must be identified. Vulnerabilities, exposures, and security gaps are scanned on the discovery target systems. Security Consultants typically use a database containing all known vulnerabilities for the test object to conduct such a scan.


ICS Penetration Testing

Our team performs a comprehensive test by combining the results from phase 2 and phase 3. All potential entry points are regressively tested using both manual and automated approach, ensuring in-depth testing.


Report submission

Once the assessment is complete, a detailed written report outlining each observed and or exploited vulnerabilities, along with the root cause analysis and categorisation along with mitigation and confirmatory re-test certificate if the need arrives.



What really makes us stand apart is our excellent and round the clock support, making sure our clients never have to witness hurdles in the business.

What we offer

ICS/ SCADA Cyber Security Framework Assessment

ICS / SCADA Risk Assessment & Threat Modelling

ICS Penetration Testing

Stress and Scalability Testing

SCADA Penetration Testing

OT Penetration Testing

Firewall Security Assessment


The following provides an example of the tests we may perform; please note this is not an exhaustive list, and many of the checks will depend on the specific system under review:

  • Port Scanning
  • Identifying weak access controls.
  • Network Equipment Security Controls Testing
  • Administrator Privileges Escalation Testing
  • Password Strength Testing
  • Network segregation.
  • Exploitation research.
  • Brute Force attacks.
  • Denial of service checks.
  • Misconfiguration attacks.
  • Manual Vulnerability Testing and Verification
  • Network architecture: network separation between control and node networks, network protocol vulnerabilities, network access point identification, traffic capture, and Command and Control intercept/modification
  • Node service: Weak authentication and authorisation, as well as issues with the Sandbox
  • RTU/PLC/IED firmware: Hardening, password/crypto key capture, and removal and overwriting.
  • System tests: Engineering workstations, Control server, IO server, HMI, Data Historian.


ICS/SCADA Security Assessment?

SCADA systems are frequently obsolete legacy systems that are riddled with flaws. SCADA network segments are being connected to the Internet by businesses today. For fear of breaking something, there is a reluctance to patch SCADA systems. As a result, you may have gaps in your digital defence that attackers can take advantage of. In today's threat environment, industrial control systems that are not adequately secured are at risk. The following are some of the most important business drivers for successfully managing this risk:

  • Safeguarding the significant capital investment that they, as well as the equipment that they manage, represent.
  • Maintaining business continuity to avoid the direct and indirect costs associated with any production interruption.



HackersEra has conducted penetration tests on Industrial Control Systems (ISC)/SCADA systems across various industries, including the following:

  • Services and utilities
  • Manufacturing Production
  • Chemical Manufacturing Facility

This has included systems in various states of operation, from those that required extreme caution to those that permitted thorough penetration testing.

Thousands of penetration tests and security assessments are performed each year by HackersEra Consultants on software applications, products, and environments. Among them are web applications, mobile applications, hardware devices, software applications, social engineering engagements, automotive, IIoT, wireless, and various other areas.

HackersEra has conducted research and in-depth testing on automotive security, banking systems such as ATMs and payment card devices, hardware security modules, payment applications, and various other mobile and end-user systems that have used sensitive data.

HackersEra is a market leader in cybersecurity assurance testing, risk management, consulting, incident response, and threat intelligence on a global scale. We provide penetration testing services for infrastructure, applications, mobile, and social engineering.