Internal penetration testing and careful assessment of the ICS environment specifics, including analysis of industrial systems and protocols followed by pre-approved tests demonstrated on the real system