2025-09-05 –, Track 1
Operational Technology (OT) underpins the critical infrastructures on which we rely everyday: those delivering water and power to our homes, driving manufacturing environments and safe, continued operation of transportation systems. OT includes specialist devices such as programmable logic controllers and remote terminal units, proprietary networking protocols and platforms that run SCADA and control systems. IT security professionals have ready access to open-source platforms such as Kali. But no such platform exists for OT. This talk will cover experience of architecting, building and releasing such an open-source platform for OT pentesting and security analysis. You will feel the chill of the Judderman's lair as we come face to face with legacy tools and challenges of incorporating them, hear tales of the horrors we encountered and how we escaped their dastardly clutches, and what we’d do differently knowing what we know now.
The talk will cover four key elements:
Why did we decide to develop the LINICS (Linux for ICS) platform? This will be based on lived experiences, challenges and frustrations of adapting existing platforms such as Kali.
What were our hopes, dreams and aspirations regarding the platform: the tools we hoped to include, the coverage we dreamt of providing for OT pentesting and the user experience we aspired to deliver?
How did we go about doing it – from choice of underpinning Linux distribution to tackling the issues arising from various legacy tools used in OT pentesting through to decisions about documentation, maintenance, updates and support for users of the platform?
Beware the Judderman, i.e., pitfalls that we encountered, how we negotiated them and lessons for anyone aiming to embark on a similar endeavour in the future.
Awais Rashid is co-founder and director of Hacktonics Ltd, and lead architect and developer of LINICS. He is also Professor of Cyber Security at the University of Bristol. He has been involved in cyber security research and training for >30 years. He has led the development of multiple ICS testbeds, is Director of the EPSRC Centre for Doctoral Training focusing on cyber security of large-scale infrastructures and was the founder and director of the MSc in Cyber Security (Infrastructure Security) at University of Bristol. He has led many research programmes on ICS cyber security including a current programme on securing convergent ultra-large-scale infrastructures. He is also the editor-in-chief of the Cyber Security Body of Knowledge (CyBOK).