ICS Killswitch — Cyber-Physical Industrial Security Research

DETAIL

Industrial control systems are a class of attack surface where the consequences of compromise are categorically different from enterprise IT. Production safety, environmental release, regulatory exposure, and physical asset damage all live in the OT layer. The ICS Killswitch research programme set out to demonstrate, from public-facing primitives, that the path from "attacker on the network" to "safety-relevant physical outcome" is shorter than most operators assume.

The research demonstrated specific attack chains where seemingly minor compromises — default credentials surviving in production, unpatched firmware on field devices, weak network segmentation between IT and OT — could be combined into deterministic paths to physical effect. The chains were validated against representative test environments and disclosed to affected vendors with coordinated remediation timelines before public presentation.

The work was presented at DefCon in 2017 and an extended version in 2018. The methodology and a subset of findings have been integrated into industry guidance on OT/ICS security architecture; the priority-ordered control set in the 2018 update remains a useful reference for plant-level risk assessment.

[TODO(matthew): Add specific vendor names where the disclosure window has fully closed, links to slides and recordings, any associated CVEs, and a sentence on the practical controls that derive from the chains.]

Or learn more about full advisory engagements.