Exploring the intersection of cybersecurity and industrial control systems. Documenting my journey into OT/ICS and SCADA security — through research, hands-on labs, and real-world projects — as I prepare for graduate study and a career defending critical infrastructure.
Hands-on industrial control system security work — from building SCADA labs to threat modelling critical infrastructure.
Designing and deploying a virtualized industrial control system lab to simulate SCADA environments, test attack scenarios, and practice OT network defense.
Deploying Zeek and Suricata to monitor OT network traffic and detect anomalies in Modbus, DNP3, and S7comm industrial protocols.
Applying STRIDE and MITRE ATT&CK for ICS frameworks to model threats against a simulated water treatment plant's SCADA architecture.
Literature reviews, framework analyses, and explorations in OT/ICS security — building toward graduate-level research.
A survey of current research on intrusion detection systems designed for OT/ICS environments — examining process-aware detection, machine learning approaches, and the challenges unique to industrial networks.
An exploration of the IEC 62443 standard for industrial automation security — how it structures security requirements, and how its zone and conduit model applies to practical OT architectures.
Insights on OT/ICS security, industrial protocol analysis, incident case studies, and reflections on my journey.
The case for focusing on industrial control system security — why this niche matters, what drew me to it, and how I'm building toward a career in critical infrastructure protection.
A deep dive into the Modbus protocol — how it works, why it's still everywhere in industrial environments, and why its lack of security is a critical concern.
Analysing the most significant attacks on industrial control systems and what they reveal about how adversaries think, how defences fail, and what defenders must prioritise.