Todays industrial control systems consist of tightly coupled components allowing adversaries to exploit security attack surfaces from the information technology side, and, thus, also get access to automation devices residing at the operational technology level to compromise their safety functions. To identify these concerns, we propose a model-based testing approach which we consider a promising way to analyze the safety and security behavior of a system under test providing means to protect its components and to increase the quality and efficiency of the overall system. The structure of the underlying framework is divided into four parts, according to the critical factors in testing of operational technology environments. As a first step, this paper describes the ingredients of the envisioned framework. A system model allows to overview possible attack surfaces, while the foundations of testing and the recommendation of mitigation strategies will be based on process-specific safety and security standard procedures with the combination of existing vulnerability databases.

翻译：当今的工业控制系统由紧密耦合的组件构成，使得攻击者能够利用信息技术侧的安全攻击面，进而访问位于运营技术层的自动化设备，从而危害其安全功能。为了识别这些问题，我们提出了一种基于模型的测试方法，该方法被视为分析被测系统安全与安保行为的一种有前景的途径，能够为保护系统组件提供手段，并提升整体系统的质量与效率。该基础框架的结构根据运营技术环境测试的关键要素分为四个部分。作为第一步，本文描述了所设想的框架的组成部分。系统模型可用于概览可能的攻击面，而测试基础及缓解策略建议将基于过程特定的安全与安保标准流程，并结合现有漏洞数据库。