ICS (Industrial Control System)
Systems that monitor or control physical processes, including SCADA systems, DCS platforms, and PLCs. ICS environments form the backbone of critical infrastructure and require specialized security approaches.
What is ICS (Industrial Control System)?
Systems that monitor or control physical processes, including SCADA systems, DCS platforms, and PLCs. ICS environments form the backbone of critical infrastructure and require specialized security approaches.
Industrial Control Systems (ICS) are the broad category of systems that monitor and control physical processes in industrial and critical infrastructure environments. ICS encompasses SCADA systems (supervisory control of distributed infrastructure), DCS platforms (continuous process control), PLCs (discrete machine automation), RTUs (remote field device monitoring), and HMIs (operator interfaces). These systems form the digital backbone of manufacturing, energy, water, transportation, and other critical infrastructure sectors.
ICS security has become a national priority as the frequency and sophistication of attacks against industrial targets has increased. Nation-state actors have demonstrated capabilities against ICS in the energy sector (Ukraine power grid attacks, 2015 and 2016), water systems (Oldsmar, Florida, 2021), pipeline infrastructure (Colonial Pipeline, 2021), and manufacturing. The potential consequences — power outages, water contamination, fuel shortages, production shutdowns — make ICS security a matter of public safety, not just enterprise risk management.
The security challenge is that ICS was designed for reliability and determinism, not security. Protocols are unauthenticated. Devices run legacy operating systems. Updates are infrequent and operationally disruptive. The IT security tooling that protects enterprise networks cannot be applied in ICS environments without risk of operational disruption. Specialized approaches — passive monitoring, protocol-aware analysis, non-disruptive assessment — are required.
Key Facts
- ICS-CERT responded to 295 incidents in critical infrastructure in 2022, a record high
- The 2021 Colonial Pipeline ransomware attack caused fuel shortages across the US East Coast
- Nation-state actors from Russia, China, Iran, and North Korea have all demonstrated ICS attack capabilities
- CISA lists 16 critical infrastructure sectors; ICS security is relevant to most of them
How ORDR Addresses ICS (Industrial Control System)
ORDR provides ICS-safe security monitoring through passive protocol analysis of Modbus, DNP3, BACnet, Profinet, EtherNet/IP, and other industrial protocols. It discovers and classifies PLCs, RTUs, HMIs, historians, and engineering workstations without active probing, establishes behavioral baselines, and detects anomalies — protocol-level command irregularities, unexpected connections, cross-zone communication — that indicate attack activity.
See ORDR in actionFrequently Asked Questions
Protect your operational technology.
ORDR discovers and monitors every OT asset in real time—even legacy PLCs and SCADA systems that cannot run agents.