ICSNPP: Industrial Control System Network Protocol Parsers

A series of industrial control system protocol parsers developed by INL for the Zeek network security monitoring framework to enhance incident response capabilities.
Technology No. CW-20-31
INL has developed nine industrial control systems (ICS) protocol parser plugins for the Zeek network security monitoring framework. These protocol parsers cover the following ICS protocols: BACnet, BSAP, CIP, COTP, DNP3, Ethercat, Ethernet/IP, Genisys, Modbus, OPCUA-Binary, S7Comm, and S7Comm-Plus. INL continues to develop and produce additional protocol parsers. The purpose of the parsers is to expand incident response capabilities.

This software is open source and available at no cost. Download now by visiting the product's GitHub page.
  • swap_vertical_circlemode_editAuthors (2)
    Stephen Kleinheider
    Brett Rasmussen
  • swap_vertical_circlecloud_downloadSupporting documents (1)
    Product brochure
    ICSNPP: Industrial Control System Network Protocol Parsers.pdf
    DOWNLOAD
Questions about this technology?
Contact us