Use Case 1

How the SDN-microSENSE platform confronts a variety of attack methodologies in a controlled laboratory environment

• Attack vectors via business / HMI: Understanding of the type of communications arising during attacks as well as to obtain indicators of compromise from network traffic analysis
• Substation local networks: Investigating attacks occurring at the station bus network where traditionally little or no network monitoring takes place
• Process control attack vectors: Investigating attacks occurring at the process bus. Process bus networks should only ever be reachable from station bus networks by way of interaction among RTUs, PLCs and ultimately IEDs.