WP-012-2018: New sensors for monitoring OT security

There are many sensors to monitor the security of IT systems. Vulnerability scanners can find
and track vulnerabilities. Anti-virus can detect malware on laptops or servers. Network intrusion
detection systems can detect attacks over the network.
But these sensors do not work well for Operation Technology (OT) systems, such as SCADA
systems. Vulnerability scanners can cause devices in substations to crash or misbehave. There
is no anti-virus for specialized devices such as RTUs or protection relays. And network intrusion
detection systems cannot understand OT communication protocols. So, until recently, grid
operators could not monitor the security of OT systems.To solve this problem new sensors have
been developed for OT systems. But what can these sensors detect?

Download this document (ENCS members only)

Employees of ENCS members can download the document by entering their e-mail address below. A link to the document will be sent to the address.

This field is for validation purposes and should be left unchanged.