Cisco Releases Open Source Backplane Traffic Visibility Tool for OT
06-Mar-24
A backplane is a piece of hardware that connects various modules and components together. In operational technology (OT) environments, for instance, backplanes enable organizations to link together programmable logic controllers (PLCs) and other modules for high-speed communication.
The problem is that in many cases OT security teams are unable to properly monitor all the traffic crossing the backplane, preventing them from gaining full visibility into their network.
More than a decade ago, the Sandia National Laboratory detailed a project named WeaselBoard, a PLC backplane analysis system that could be used to detect potentially problematic changes, including zero-day exploits aimed at PLCs.
However, more work needs to be done in this field and Cisco has now released an open source implementation of a hardware and software solution that can make backplane traffic visible for regular network security solutions such as Snort.
Cisco’s tool, named Badgerboard, focuses on Schneider Electric’s Modicon M580 PLCs and the industrial giant’s X80 backplane. Cisco noted that the tool should not be viewed as a fully engineered solution, its goal being only to show the feasibility of expanding backplane traffic visibility.
For monitoring of this type to truly become an option, consumer demand must drive the conversation. PLC vendors have both the capability and the product expertise to create products that accomplish what Badgerboard set out to do; they just need to be pushed by their customers,it added.
