Cisco on Tuesday unveiled an open source proof-of-concept tool designed to improve visibility into backplane traffic in industrial organizations.
A backplane is a piece of hardware that connects various modules and components together. In operational technology (OT) environments, for instance, backplanes enable organizations to link together programmable logic controllers (PLCs) and other modules for high-speed communication.
The problem is that in many cases OT security teams are unable to properly monitor all the traffic crossing the backplane, preventing them from gaining full visibility into their network.
More than a decade ago, the Sandia National Laboratory detailed a project named WeaselBoard, a PLC backplane analysis system that could be used to detect potentially problematic changes, including zero-day exploits aimed at PLCs.
However, more work needs to be done in this field and Cisco has now released an open source implementation of a hardware and software solution that can make backplane traffic visible for regular network security solutions such as Snort.
Cisco’s tool, named Badgerboard, focuses on Schneider Electric’s Modicon M580 PLCs and the industrial giant’s X80 backplane. Cisco noted that the tool should not be viewed as a fully engineered solution, its goal being only to show the feasibility of expanding backplane traffic visibility.
“We hope that this project will serve as a call to arms for customers to demand more advanced and more complete monitoring solutions from their vendors,” Cisco said in a blog post detailing the Badgerboard project.
The company believes this is a problem that security vendors cannot solve on their own.
“While groups like Cisco are capable of building the hardware to perform this type of monitoring, the impact to customer warranties introduced by plugging in a third-party module cannot be ignored,” Cisco said.
“For monitoring of this type to truly become an option, consumer demand must drive the conversation. PLC vendors have both the capability and the product expertise to create products that accomplish what Badgerboard set out to do; they just need to be pushed by their customers,” it added.
Related: Zeek Security Tool Vulnerabilities Allow ICS Network Hacking
