Improving the security posture of industrial control systems is an active area of research. Most of today's offered concrete solutions for the lowest levels of the Purdue model, especially the control and field levels, are restricted to external controls that focus on protecting the perimeter through network filtering technologies such as firewalls. Mainly due to the lack of flexibility to support the deployment of security features beyond what is built-in at the factory, controllers, sensors, and actuators are not security aware devices. Lacking awareness about the current security status prevents automated response events that would drastically increase the survivability rate for such devices. The fact that perimeter protection is, in fact, the only really effective measure that has been used to protect industrial control systems implies that programmable logic controllers (PLCs) cannot survive in environments that are intrinsically highly exposed (e.g. cyber-military systems, or remote locations that could leverage existing connectivity options to be managed).
Another aspect that constitutes a gap on existing technologies is that smart field devices offer additional connectivity and processing capabilities, but the default security features available don't follow at the same level. Despite the increasing trend in terms of the computational power available to industrial devices, only a very limited number of functions related to user and device identification and authorization are available. Currently existing industrial devices are also inflexible in terms of allowing the addition of security features (no additional security functionality can be deployed and no attack detection or response features are considered).