Cybersecurity and Improvements to a Device-Monitoring System in Building Automation
For years, a supplier of electronic equipment distributed a system to monitor mandatory safety devices to owners of major property holdings. Given the advances in technology, some of the supplier’s major clients now questioned the cybersecurity of the emergency lighting monitoring system installed on their properties and turned to the supplier for answers. An in-depth assessment of the vulnerabilities of the control system and related software was essential.
As the solution hardware was already installed in client facilities around the world with no upgrades since its original design, many physical constraints had to be taken into account. Cysca harnessed the ingenuity of its various experts to overcome the variety of software security and technical capacity challenges the system posed.
The team carefully analyzed the system’s operating system, application source code, and database to pinpoint any weaknesses and cybersecurity risks. The rigorous process in place meant that for every issue raised, a potential solution to eliminate or mitigate the risk was proposed to the client. We developed a series of improvements targeting the operating system, database layers, tools, libraries, and applications.
Several improvements to the software platform and applications were required to fix any potential breaches and protect users from hacker intrusion. However, these developments had to take into account the memory and processing limitations of the installed controllers. A project manager then joined the client’s in-house team to see the project through, from design to review, testing, and certification.
The client provided its service representatives with the new software package, which was soon distributed to the major users who had shared their concerns about the current equipment. The software package was also adapted to be able to handle future hardware platform upgrades, thus setting up the development of the solution for a new generation of users.
User clients were reassured regarding their cybersecurity and can now enjoy the extended service life of the solution, despite the inevitable, eventual obsolescence of first-generation controllers. The supplier’s responsiveness had a positive impact on its brand image among these major businesses, opening the door to further future collaboration opportunities.
Project Services and Industries
Unstructured Radio Network