Industrial Control System (ICS / SCADA) Penetration Testing

Providing the cybersecurity assurances you need when it comes to your critical Industrial Control Systems

Why do Industrial Control Systems need testing?

The impact of an Industrial Control System breach goes beyond data loss, it can result in huge financial manufacturing losses and, in the case of critical infrastructure, could potentially impact lives.

Many industrial systems do not undergo regular security updates and it’s common for a system to run for years without patching. This makes them extremely vulnerable to attacks that may have been patched decades ago.

Our ICS testing can help overcome the many issues associated with testing industrial systems and we are committed to providing an outstanding service that is tailored to your individual requirements.

ICS testing - what we review

ICS/SCADA testing takes place onsite and we have experience performing tests on live production systems, as well as test environments.

Our testing is tailored to your requirements and can cover the following areas of an ICS/SCADA system:


RTU/PLC/IED Firmware

Node service

Application security


System tests

ICS penetration testing process

Every ICS/SCADA penetration test goes through a rigorous process to ensure you get the best possible results. Below we outline the key stages our testing goes through:

1. Understanding your test requirements

No two organisations, or control systems, are the same. We work with you to gain an in-depth knowledge of your needs and a detailed understanding of the system under investigation, before putting forward a bespoke proposal of work.

2. Expert led, manual testing

Our ICS testing service is conducted manually by our expert cybersecurity consultants and is designed to fully challenge your cybersecurity measures. All our consultants are directly employed by us, meaning we ensure the highest quality of service.

3. Reporting, tailored to your needs

Reporting isn’t just a piece of paper, it’s a process. Our reporting process can be tailored to suit your needs, providing you with timely, relevant, and detailed information, not just on our findings but also our expert remediation advice.

4. Post-test support & documentation

Our job doesn't finish on the delivery of a test report. We make our security consultants available after the test to provide remediation support and can provide fix checks, as well as additional documentation where necessary.

Like the sound of our approach?

You can find out more about our test process and why it sets us apart.

Book your ICS penetration test today

Our team are on hand to provide you with all the information you need about our ICS penetration testing service. Please fill out the form below and one of our team will be in touch shortly.