ILT-U-4008
Electronic Security Perimeter Proficiency Testing Scheme (ESP-PTS). Cyber Security — Electronic Security Perimeter(s) according to NERC CIP-005-7
DETERMINATION | METHOD |
| Validation of firewall and access control rules | Technical analysis of firewall rulesets, ACLs, and communication restrictions according to NERC CIP-005-7 principles |
| Assessment of deny-by-default implementation | Evaluation of default communication restrictions and exception management practices |
| Verification of communication justification | Technical interpretation of authorized connectivity and associated business or operational requirements |
| Evaluation of routing and communication paths | Analysis of routing policies, segmentation, and communication reachability |
| Identification of unauthorized or over-permissive access | Structured cybersecurity review of communication exposure and access control weaknesses |
| Assessment of communication consistency | Technical interpretation of access control alignment with operational requirements and cybersecurity principles |
| Identification of cybersecurity inconsistencies and compliance deviations | Technical assessment of communication control deviations associated with CIP-005-7 principles |
| Documentation and classification of findings | Recording, classification, and technical justification of identified findings using ILT reporting templates |
Related products
ILT-U-802
Mobile Application Security Proficiency Test. Aligned with the App Defense Alliance Mobile Application Security Testing Approach
ILT-U-3693
Proficiency Testing Scheme for Random Number Generator (RNG) Assessment. Remote Gambling Technical Standards (RTS) and applicable regulatory assessment frameworks
ILT-U-1749
Software safety validation of software module for an Adaptative Cruise Control System (ACC)
