OT Cybersecurity
Cybersecurity is the protection of networks and computer systems, including hardware and software, against cyberattacks. Of particular interest to engineers is the computer control of physical systems that monitor and control transportation, pipelines, water treatment, waste treatment, chemical manufacture, factories, energy production, and other industrial processes. Two areas of cybersecurity focus are:
- Information Technology (IT): computer systems including software, data, and networks
- Operational Technology (OT): devices that control the physical world
OT Cybersecurity is concerned with keeping intruders out of the local control system network and detecting malicious intent from those who have access. Malicious intent may be subtle such as signal manipulation to decrease production, damage equipment, or steal information. One of the first notable cyberattacks was the Stuxnet virus that replayed normal data to the operator to run undetected while damaging equipment over a period of months.

Machine Learning for Cybersecurity has many applications that detect phishing, password strength, abnormal network packet flow, intrusions, spam, malware, ransomware, distributed denial of service (DDoS), and other cyberattacks. Most of ML Cybersecurity is focused on classification to detect bad actors.
Activity

IOT/OT Cybersecurity with the TCLab: Classification to detect when the heater power supply is unplugged or the heater power level is set to zero.

✅ Knowledge Check
1. Which of the following best describes the primary focus of OT Cybersecurity?
- Incorrect. OT Cybersecurity is not primarily about protecting the devices that control computer systems but rather about protecting devices that control the physical world.
- Correct. OT Cybersecurity is concerned with keeping intruders out of the local control system network and detecting malicious intent from those who have access.
- Incorrect. While data and software protection are important, this is more related to IT Cybersecurity. OT focuses on devices controlling the physical world.
- Incorrect. Although these are applications where OT is used, OT Cybersecurity's primary focus is on protecting these systems from cyber threats.
2. What is the main application of Machine Learning in Cybersecurity?
- Incorrect. Machine Learning for Cybersecurity is aimed at detecting and preventing cyber threats, not creating them.
- Incorrect. While automation might be a side benefit, the primary use of ML in Cybersecurity is for threat detection and classification.
- Correct. Most of ML Cybersecurity is focused on classification to detect bad actors.
- Incorrect. Data storage and management are essential components, but they aren't the main application of Machine Learning in Cybersecurity.
