Sept. 05 – The MITRE Corporation and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have announced a new extension for the open source Caldera platform, which emulates adversarial attacks against operational technology (OT).

The latest Caldera for OT extension stems from a collaboration between the Homeland Security Systems Engineering and Development Institute (HSSEDI) and CISA as part of an effort to improve the resilience of critical infrastructure.

The Caldera platform provides automated adversary emulation, security assessments and red, blue and purple-teaming, with the MITRE ATT&CK framework at the core of everything.

OT security

Caldera for OT also enables Factory and Security Acceptance Testing (FAT/SAT). It’s currently available for industrial control system defenders.

In developing the extension, CISA and HSSEDI partnered to simulate adversary attacks within CISA’s Control Environment Laboratory Resource (CELR), resulting in new findings around adversary techniques that could be included in Caldera.

The extension, says MITRE, is intended to assist with identification and elimination of weak points within OT systems. “Protecting our nation’s critical infrastructure is essential,” said MITRE vice president and director Yosry Barsoum.

More information

Caldera for OT is downloadable via GitHub. MITRE and CISA are now working on new open source modules for the tools with the goal of expanding its capabilities. The intention is to have it cover new attacks, environments and protocols.

See the full story here. Lastly, to receive more timely cyber security insights and cutting-edge analyses, please sign up for the cybertalk.org newsletter.