CyOTE: Detecting Cyber Attacks in Operational Technology Environments

CyOTE Research Tool Library (CRTL)
Technology No. CW-21-24
CRTL is a library of unique proof-of-concept tools to detect indicators of cyber attacks within Operational Technology (OT) environments. The goal is to improve threat detection capabilities for energy sector asset owners and operators by identifying potential gaps in cyber events' recognition, investigation, and characterization and developing methodologies and example codes to assist the industry. This research requires utility personnel that understand their operational environment, how active technology operates, and what constitutes anomalous behavior. The CyOTE program is not providing a commercial solution but working with utilities to understand cyber-related issues and providing proof-of-concept tools to the utilities. INL benefits from these industry engagements by gaining insights into analysis requirements associated with OT environments to identify anomalous events.

This software is under copyright. To purchase a license, please use the 'Contact Us' form on this page. We will respond as promptly as possible.
  • swap_vertical_circlemode_editAuthors (20)
    Idaho National Laboratory
    CRI Advantage
    Lawrence Wellman
    Jeremy Jones
    Christopher Spirito
    Rishi Chatterjee
    Douglas Nicholls
    Michael Durller
    Justin Cox
    Edward Springer
    Robert Erbes
    Daniel Hearn
    Troy Moore
    Vince Greco
    Qua'on Thomas
    Patrick Morris
    Edmund Huminski
    Mia Huncharek
    Andrew Aquire
    Willis Jordan
  • swap_vertical_circlecloud_downloadSupporting documents (0)
Questions about this technology?