Penetration testing increases the security of systems through tasking testers to 'think like the adversary' and attempt to find the ways that an attacker would break into the system. For many systems, this can be conducted in a safe and controlled way; however, some systems are so critical to human life and safety that the risk of their failure or disablement due to active penetration testing cannot be assumed. These systems are also critical to evaluate the security of, to prevent attackers from disabling them or causing their maloperation; however, this must be done in a manner that doesn't risk the very malady that testing seeks to avoid through the testing process itself. This paper presents P2SCP, a paradigm for penetration testing of systems that cannot be subjected to the risk of penetration testing. It discusses how data collection, the creation of digital twins and cousins and evaluative analysis can be utilized to conduct virtual penetration tests on critical infrastructure systems. This proposed paradigm is analyzed through the use of several case studies.

翻译：渗透测试通过要求测试者“像对手一样思考”并尝试发现攻击者入侵系统的方式，从而提升系统安全性。对于许多系统而言，这一过程可在安全可控的环境中进行；然而，某些系统对人类生命与安全至关重要，其因主动渗透测试而导致失效或停摆的风险不可承担。尽管此类系统的安全性同样必须评估，以防止攻击者使其瘫痪或引发误操作，但评估方式必须避免因测试过程本身招致测试旨在防范的灾祸。本文提出P2SCP，一种面向不可承受渗透测试风险系统的渗透测试范式。文中探讨了如何利用数据采集、数字孪生与具象系统创建，以及评估性分析，对关键基础设施系统实施虚拟渗透测试。通过多个案例研究对该范式进行了分析。