The article discusses the role of Application Layer Gateways (ALGs) in securing critical systems such as railways, industrial automation, and defense applications. ALGs need rigorous security testing to prevent software vulnerabilities. The authors present a vulnerability-driven methodology for comprehensive security testing of ALGs, demonstrated with an industrial case study in the railways domain. They also introduce a simulation-based testing environment to support the methodology. The methodology not only addresses network-layer vulnerabilities but also delves into the application layer, where ALGs mainly operate.

 

Publication date: 15 Jan 2024
Project Page: Not provided
Paper: https://arxiv.org/pdf/2401.05961