High Assurance Review

Using the Intertek EWA-Canada methodology, we conduct high-level activities on all telecom products and network system hardware and firmware. Our high assurance software security assessment is conducted using a model driven methodology and has its primary purpose to identify potential security weaknesses, vulnerabilities, malware, Trojans or backdoors contained in the software implementation of the telecom network. We additionally provide an ongoing assessment and analysis of components in the planning stages of being added to the network and existing software going through a revision or upgrade.

Intertek EWA-Canada will conduct a security review of the hardware and firmware components at a level of detail and depth necessary to address client assurance concerns.

Our hardware high assurance review activities could include but not are not limited to reviewing the conformance of production hardware to the OEM Device specifications as delivered and documented by the client. As well, board design, selected components and general client specified testing of relevant security concerns.

Potential high assurance firmware activities include:

• investigation of firmware source code;
• operational firmware down to the bit level.

A typical network is composed of a complicated and heterogeneous mix of equipment from a variety of suppliers. To achieve the secure objective requires a highly credible, trusted third-party service provider with deep security knowledge and expertise to conduct this assessment.

Elements in high assurance software review include:

• detailed code review;
• using operational analysis tools to drastically reduce time and effort;
• highly skilled staff with extensive knowledge of telecom technologies.

The detailed test procedures, depth of examination and specific level of effort will be negotiated between Intertek EWA-Canada and the client prior to commencement of these review activities to ensure that all essential requirements are addressed.