Cisco has introduced an open-source tool called Badgerboard to address the challenge of monitoring backplane traffic in industrial settings. Backplanes are crucial components in operational technology environments, facilitating high-speed communication between various modules like programmable logic controllers (PLCs). However, security teams often struggle to monitor all traffic crossing the backplane, limiting their visibility into network activity.
To tackle this issue, Cisco‘s Badgerboard focuses specifically on Schneider Electric’s Modicon M580 PLCs and the X80 backplane. While not a fully engineered solution, Badgerboard aims to demonstrate the feasibility of expanding backplane traffic visibility for regular network security solutions such as Snort. By making backplane traffic visible, organizations can better detect potentially problematic changes and zero-day exploits aimed at PLCs.
Cisco acknowledges that while they can develop hardware to perform this monitoring, concerns about warranty impacts from third-party modules must be addressed. They stress the importance of consumer demand in driving the conversation around enhancing monitoring solutions. PLC vendors have the capability and expertise to create products that accomplish what Badgerboard sets out to do but need encouragement from their customers to prioritize these advancements.
