There and Back Again: Detecting OT Devices Across Protocol Gateways
Rob King
DEF CON 33 (backfill) · Day 1 · Main Stage
In the realm of Operational Technology (OT) and Industrial Control Systems (ICS), maintaining a comprehensive inventory of devices is paramount for security and operational integrity. Rob King's DEF CON talk, "There and Back Again: Detecting OT Devices Across Protocol Gateways," delves into the intricate challenges of discovering these critical assets, particularly when they reside behind complex protocol gateways. King, an expert in device discovery and fingerprinting, highlights that while the convergence of OT with IP networks offers undeniable advantages in terms of cost and integration, it simultaneously introduces significant security blind spots and complicates traditional discovery methods.
AI review
King delivers a technically grounded, protocol-specific breakdown of OT asset discovery that goes well beyond the usual 'Shodan found your SCADA' surface treatment. The Ethernet/IP recursive backplane enumeration via SIP connection manager and source route path construction is the standout contribution — it's the kind of technique that makes defenders realize they have no idea what's sitting in slot 12. Solid DEF CON material.