Industrial networks behave differently than IT systems, and generic security tools often miss what matters. This program focuses on the specific techniques attackers use against PLCs, SCADA systems, and HMIs.

You will work with actual ICS protocol traffic—Modbus, DNP3, and OPC—learning to spot anomalies that indicate reconnaissance, unauthorized commands, or data manipulation. The curriculum covers network segmentation analysis, baseline creation for industrial processes, and building detection rules that account for operational technology constraints.

What You Will Work With

We use packet captures from real facilities, simulated attacks on industrial equipment, and open-source monitoring tools adapted for OT environments. You will also learn how to communicate findings to plant operators who need actionable information, not security jargon.

Expect to spend significant time analyzing traffic patterns and understanding why certain industrial protocols make detection harder than in traditional networks.