Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Cisco Releases Open Source Backplane Traffic Visibility Tool for OT 

Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT. 

Cisco on Tuesday unveiled an open source proof-of-concept tool designed to improve visibility into backplane traffic in industrial organizations.

A backplane is a piece of hardware that connects various modules and components together. In operational technology (OT) environments, for instance, backplanes enable organizations to link together programmable logic controllers (PLCs) and other modules for high-speed communication.

The problem is that in many cases OT security teams are unable to properly monitor all the traffic crossing the backplane, preventing them from gaining full visibility into their network. 

More than a decade ago, the Sandia National Laboratory detailed a project named WeaselBoard, a PLC backplane analysis system that could be used to detect potentially problematic changes, including zero-day exploits aimed at PLCs.

However, more work needs to be done in this field and Cisco has now released an open source implementation of a hardware and software solution that can make backplane traffic visible for regular network security solutions such as Snort.

Cisco’s tool, named Badgerboard, focuses on Schneider Electric’s Modicon M580 PLCs and the industrial giant’s X80 backplane. Cisco noted that the tool should not be viewed as a fully engineered solution, its goal being only to show the feasibility of expanding backplane traffic visibility. 

“We hope that this project will serve as a call to arms for customers to demand more advanced and more complete monitoring solutions from their vendors,” Cisco said in a blog post detailing the Badgerboard project.

The company believes this is a problem that security vendors cannot solve on their own.

Advertisement. Scroll to continue reading.

“While groups like Cisco are capable of building the hardware to perform this type of monitoring, the impact to customer warranties introduced by plugging in a third-party module cannot be ignored,” Cisco said.

“For monitoring of this type to truly become an option, consumer demand must drive the conversation. PLC vendors have both the capability and the product expertise to create products that accomplish what Badgerboard set out to do; they just need to be pushed by their customers,” it added.

Related: Zeek Security Tool Vulnerabilities Allow ICS Network Hacking

Related: Cyber Insights 2024: OT, ICS and IIoTs

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...