About the Project

We are pleased to announce the official launch of the CATT-46 project, a collaboration between i46 and the CyberSecDome consortium. This initiative is designed to rigorously test and refine CyberSecDome’s AI-powered penetration testing tools within a realistic, highly representative IoT environment.

The project leverages the i46.io platform, our proprietary compliance monitoring solution built to support the requirements of the European Cyber Resilience Act. This legislation aims to ensure that IoT devices distributed in the EU meet stringent cybersecurity standards, and i46.io has been purpose-built to track telemetry data from IoT devices in real time, identify compliance gaps, and provide actionable insights. For CATT-46, we are taking this capability and using it as a dedicated, isolated testing environment that mirrors the complexity of operational IoT systems.

Testing Environment

Our testing environment is a unique blend of cloud and physical infrastructure. We are operating on both an AWS-hosted cloud server and a physical server located in our compliance laboratory in Prague. A fleet of at least eight IoT devices, deployed across the Czech Republic, South Korea, and Thailand, is feeding data into these systems. The devices are varied in type and configuration, enabling us to cover a broad range of potential vulnerabilities.

Test Methodology

The testing methodology is rooted in the SMART framework — Specific, Measurable, Achievable, Relevant, and Time-bound — ensuring that every scenario we simulate has a clear objective and measurable outcome. Attacks will target multiple layers, including the device level, network level, application level, and even the human layer through simulated social engineering. To challenge the adaptability of the AI, we will introduce controlled anomalies, such as intentional device failures, unusual network behaviours, and simulated real-world events like power outages or physical device tampering.

Project Goal

The goal is not only to evaluate how quickly and accurately CyberSecDome’s tools can detect and respond to these threats but also to provide concrete recommendations for enhancing their performance. By the end of the project, CyberSecDome will have a detailed, data-rich report offering actionable improvements that can make their tools even more accurate, efficient, and user-friendly for cybersecurity professionals worldwide.

This is an exciting step forward for both organisations, combining our real-world IoT expertise with CyberSecDome’s cutting-edge AI to advance the state of automated penetration testing. We will be sharing updates throughout the project as the scenarios unfold and the insights begin to emerge.