Securing an Application Layer Gateway: An Industrial Case Study
Carmine Cesarano, Roberto Natella
TL;DR
This paper addresses the gap in rigorous security testing for Application Layer Gateways (ALGs) in safety-critical domains by proposing a CWE-driven, four-step methodology (risk analysis, attack scenarios, virtual testing environment, and security testing). The approach links CVEs to CWEs to generate targeted attack scenarios and validates them in a simulated, open-source–based testing environment, demonstrated through an on-board railway network case study. Experimental results reveal both policy-enforcement successes and application-layer vulnerabilities, including HTTP Request Smuggling and ReDoS risks in HAProxy, alongside practical performance metrics. The work offers a generalizable framework for evaluating ALG security across network and application layers, with potential to support testing and certification in critical infrastructure deployments.
Abstract
Application Layer Gateways (ALGs) play a crucial role in securing critical systems, including railways, industrial automation, and defense applications, by segmenting networks at different levels of criticality. However, they require rigorous security testing to prevent software vulnerabilities, not only at the network level but also at the application layer (e.g., deep traffic inspection components). This paper presents a vulnerability-driven methodology for the comprehensive security testing of ALGs. We present the methodology in the context of an industrial case study in the railways domain, and a simulation-based testing environment to support the methodology.