There and Back Again: Discovering OT Devices Across Protocol Gateways
Rob King
BSidesSF 2025 — Here Be Dragons · Day 2 · Main
Operational technology (OT) devices — the PLCs, SCADA systems, and field devices controlling physical infrastructure — are increasingly reachable over IP networks, often with no authentication whatsoever. Security researcher Rob King walks through exactly how to discover these devices not just at the IP perimeter but through the protocol gateways that bridge legacy industrial buses to modern networks, using Modbus TCP, DNP3, and EtherNet/IP as case studies. ---
AI review
Rob King delivers a technically precise tour through OT protocol internals that most IT/OT convergence talks never bother to reach. The key insight — that protocol gateways are not security boundaries, they're transparent proxies — is simple to state and apparently still news to a lot of defenders. Solid, practical, field-ready content.