Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mitre/caldera-ot

MITRE Caldera™ for OT Plugins & Capabilities
https://github.com/mitre/caldera-ot

adversary-emulation bacnet caldera cybersecurity dnp3 mitre mitre-attack mitre-corporation modbus operational-technology ot profinet

Last synced: 17 days ago
JSON representation

MITRE Caldera™ for OT Plugins & Capabilities

Awesome Lists containing this project

README 

        
# MITRE Caldera™ for OT Plugins



A collection of plugins that extend [MITRE Caldera™](https://github.com/mitre/caldera) to the Operational Technology (OT) environment.



It is built on the [MITRE ATT&CK® for ICS framework](https://attack.mitre.org/matrices/ics/).



This repository contains all the Caldera for OT plugins as git submodules. As described in each individual plugin README, it is also possible to `git clone` a specific protocol plugin directly into the Caldera `plugins` directory, following the "Installation" guidance.



## Install Caldera for OT Plugins



To install all the Caldera for OT plugins, use the recursive flag while cloning this repository:



```

git clone https://github.com/mitre/caldera-ot.git --recursive

```



Note, that after performing the `git clone`, you will still need to:



1. Ensure the plugin(s) of interest are moved into the `caldera/plugins` directory of your caldera instance

2. Enable the plugin(s) by adding their names to the `conf/local.yml` or `conf/default.yml` (if running Caldera in insecure mode)



For example,

```

- bacnet

- dnp3

- modbus

- profinet

- iec61850

```



The OT plugins can also be setup individually:

* [bacnet](https://github.com/mitre/bacnet#readme)

* [dnp3](https://github.com/mitre/dnp3#readme)

* [modbus](https://github.com/mitre/modbus#readme)

* [profinet](https://github.com/mitre/profinet#readme)

* [iec61850](https://github.com/mitre/iec61850#readme)



### Installing the IEC 61850 Payloads



Using the IEC 61850 plugin requires the additional step of installing the plugin's payloads by following these steps:

1. Download the appropriate compiled payload from the **Releases** section of the [iec61850-payloads](https://github.com/mitre/iec61850-payloads/releases) repository.

2. Save the downloaded payload file(s) in the `caldera/plugins/iec61850/payloads` directory of your Caldera installation.



## What are the Caldera for OT plugins?



The Caldera for OT plugins unify and expose open-source OT protocol libraries in the form of protocol specific plugins:

* `bacnet` - for the Building Automation and Control Networks (BACnet) protocol

* `dnp3` - for the Distributed Network Protocol 3 (DNP3)

* `modbus` - for the Modbus protocol

* `profinet` - for the Profinet protocol - *Basic Discovery and Configuration Protocol (DCP) only*

* `iec61850` - for the IEC 61850 series of communication protocols - *Manufacturing Message Specification (MMS) only*



Each plugin contains the following documentation:

* High-level README.md

* Source code specific README.md (located under `/src`)

* Caldera Field Manual documentation (located under `/docs`)



### What is the motivation for the plugins?



The Caldera for OT plugins enable adversary emulation in the OT environment, which supports traditional Caldera [use cases](https://caldera.mitre.org/). For example, training and testing of operators and defenses.



Also see our presentation on [Emulating Adversary Actions in the Operational Environment with Caldera (TM) for OT](https://speakerdeck.com/bjeffries/emulating-adversary-actions-in-the-operational-environment-with-caldera-for-ot).



## Contact



Please reach out to [email protected] with comments, questions, and to discuss collaboration opportunities.



The Caldera for OT team can also be reached on the official [Caldera slack](https://join.slack.com/t/mitre-caldera/shared_invite/zt-rvngjjpw-OQHAqpUT87DcyClTosF8dQ).