The present disclosure relates to security and network operations.
Operational technology networks associated with industrial control systems generally use proprietary technology and are generally isolated. However, operational technology networks and controller devices within the networks can be connected with other networks (e.g., enterprise networks), raising the possibility of network attacks to operational technology networks and/or controller devices in an industrial control system. Insider attacks may be launched by authorized users in an enterprise network or operational technology network control zone, whereas outsider attacks may be launched by attackers who are not authorized users. Properties targeted by an attacker may generally include control (e.g., timeliness) and security (e.g., availability, integrity, confidentiality) properties.