Reduces inbound traffic to one-tenth without disclosing confidential information and expands test coverage by 10–30%
Hitachi has developed a technology that makes it possible to perform efficient pre-shipment security tests of OT*1 equipment used in factories and power facilities without disclosing confidential information externally. The technology also enables efficient testing in bandwidth-constrained environments*2 (10 Mbps–100 Mbps).
In assessing the security of OT equipment, tests that repeatedly simulate attacks to identify vulnerabilities*3 are effective. However, this type of testing often requires specialized equipment and expertise, sometimes prompting companies to outsource work to external organizations. In these cases, disclosing confidential information such as source code is a common concern. In addition, in environments with limited bandwidth, transmitting and receiving the coverage bitmap*4 (which indicates test progression) becomes a communication bottleneck, making it difficult to increase the number of test iterations.
The new technology standardizes product-specific connection methods through innovations in test software, enabling testing simply by supporting predefined I/O interfaces.*5 Furthermore, it reduces communication traffic by transmitting only the changed portions of the coverage bitmap. When there are no changes, it sends only the ID of similar data from the past. Verification results have confirmed that the technology reduces inbound traffic on the testing tool side to one-tenth while maintaining accuracy and expanding test coverage by 10–30%. Through internal deployment and validation with OT product vendors and testing service providers, Hitachi will promote standardization and labor-saving in pre-shipment security tests, contributing to stable operations and improved resilience in critical infrastructure.
*1 OT: Abbreviation for operational technology. Refers to devices and systems used to control on-site devices in factories and power facilities.
*2 Bandwidth-constrained environment: An environment where communication bandwidth is limited due to factors such as target devices that support only low-speed communication standards or distance between target devices and the testing system.
*3 Tests that repeatedly simulate attacks to identify vulnerabilities, including penetration tests (tests used to identify vulnerabilities through simulated attacks) and fuzzing (a testing method that inputs large volumes of varied data to uncover vulnerabilities through unexpected behavior).
*4 Coverage bitmap: Information showing which behaviors were triggered during testing.
*5 I/O interface: Defined specifications for inputting/outputting information required for testing. These include formats and protocols for transmitting the coverage bitmap to the testing tool, enabling OT equipment manufacturers to conduct tests by implementing programs on the target devices in accordance with these specifications.
Background and issues
Cyberattacks targeting critical infrastructure, such as factories and power facilities, are increasing. In addition to regulatory compliance, OT equipment requires more advanced security measures; the process of identifying and addressing vulnerabilities prior to product shipment, especially, is essential to minimizing damage after deployment. For verifications of the safety of OT equipment, tests that repeatedly simulate attacks to identify vulnerabilities, such as penetration tests and fuzzing, are effective. However, the prospect of disclosing confidential information such as source code to external testing organizations is often problematic, a concern that has hindered the adoption of advanced testing methods in outsourced testing. Furthermore, in bandwidth-constrained environments, the transmission and reception of the coverage bitmap imposes a communication load that results in insufficient test iterations. This issue is another important one to solve in improving testing efficiency.
Features of the technology and solutions developed to solve these issues
To address these issues, Hitachi developed a technology that streamlines pre-shipment security tests of OT equipment without disclosing confidential information, even in bandwidth-constrained environments. The key features of this technology are as follows:
1. Input/output interface enabling security tests without disclosing confidential information
In OT equipment testing, connection methods between testing tools and devices vary by product, creating deployment challenges. This technology standardizes these differences through innovations in testing software and defines input/output interfaces that exchange only the information required for testing. This allows users to perform penetration tests and fuzzing without disclosing source code or other confidential information to external testing organizations.
2. Feedback data–transfer method that reduces communication load in bandwidth-constrained environments
During testing, information indicating test progress (the coverage bitmap) is fed back to the testing tool to adjust subsequent input data. Conventional methods involve transmitting the entire coverage bitmap every time, which increases communication load in bandwidth-constrained environments and limits the number of test iterations. The new technology reduces communication volume by transmitting only the changed portions of the coverage bitmap and, if there are no changes, sending only the ID of similar past data.
Figure 1: Mechanism for streamlining pre-shipment security tests of OT equipment
Confirmed results
In an evaluation simulating a web server used in OT environments under bandwidth constraints of 10 Mbps to 100 Mbps, the technology was confirmed to reduce inbound traffic on the testing tool side to one-tenth while maintaining testing accuracy and expanding coverage by 10–30% compared with conventional methods. This enables an increase in the number of test iterations that can be done in a given time frame, thereby improving overall testing efficiency.
This work is based on results obtained from a project, JPNP24003, commissioned by the New Energy and Industrial Technology Development Organization (NEDO).
Looking ahead
Going forward, Hitachi will apply the technology to pre-shipment security tests of its internal products to strengthen the security of OT equipment for critical infrastructure. Through validation with OT product vendors and testing service providers, Hitachi will also work to standardize and streamline testing designed to be easily conducted even in bandwidth-constrained environments. By also enhancing industrial automation through improved security, Hitachi aims to help bring about a harmonized society that balances the development and advancement of social infrastructure with safety and security in everyday life.
A portion of these research findings was presented at the 40th International Conference on Advanced Information Networking and Applications (AINA-2026), held in New Zealand from April 8 to 10.
For more information, use the inquiry form below to contact the Research & Development Group, Hitachi, Ltd. Please make sure to include the title of the article.
https://www8.hitachi.co.jp/inquiry/hitachi-ltd/hqrd/news/en/form.jsp
