Case Study:-Mobile based software product


Home > Case Study:-Mobile based software product

Task TitleMobile based software product security testing
Industry VerticalSoftware development IT firm catering to irrigation and power generation sector
Industry DetailsFirm manufactures mobile based software
Products are meant for irrigation and water management sector
as well as power generation plants
LocationPune (India)
Time to solution2 Months

Business situation

The software development firm is based at Pune, India and primarily creates mobile based software. The software is used by firms providing water and irrigation services, as well power generation units. Purpose of software is multifold, to record attendance, to record temperature and other scientific parameters at remote locations. They approached Valency Networks for the purpose of performing mobile application security testing as well as the server software which connected to all mobile devices.

Solution

  • Valency Networks started work via a kickoff meeting with stakeholders and studied server software architecture as well as its operations using mobile devices.
  • A list of possible security attack vectors was created. Separate testing list of mobile software was created. Mobile software vectors were simulated on a windows machine.
  • Intrusive tests were performed on server as well as on the mobile device end to capture logs.
    Logs were processed to find out additional hacking points.
  • A separate Android operating system module was created to measure mobile logs and was corelated with the server logs.
  • Subsequent serious tests were performed to simulate all mobile scenarios typically found at
    irigiation plant as well as power generation plants.
  • Technical solution engineering was performed and provided as a consultancy service to the customer.
  • Additional round of re-testing was performed to ensure all the vulnerabilities were fixed.
  • Finally a detailed audit and test report with problems found and their solutions suggested was presented in front of the customer's management. IT architecture changes were suggested in the report too, with action dates and plans.

Benefits

  • Customer's products were enhanced due to the value addition of IT security.
  • Customer could acquire multiple orders by emphasizing the cyber security enablement of their products and services.
  • Customer was imparted with cyber security knowledge and could use it in their next version of the same product, as well as upcoming mobile products.