Woman typing on a laptop

CALDERA FOR OT

A scalable, adversary emulation platform empowering critical infrastructure cyber practitioners to save time, money, and energy through automated security assessments.

Released in partnership with the Critical Infrastructure Security Agency, MITRE Caldera™ for OT provides free and open-source OT adversary emulation capabilities to critical infrastructure stakeholders, including asset owners and operators, and OT cyber practitioners. Adversary emulation has long helped defenders of information systems exercise and improve their cyber defenses by using real adversary techniques.

Similar to Caldera, Caldera for OT supports multiple types of cybersecurity engagements and activities. For example:

  • Autonomous adversary emulation of native OT protocol functionality
  • Automated compliance and certification testing
  • Test and evaluation of detection, analytic, and response platforms
  • Manual red-team engagements
  • Purple team and Red vs. Blue research and training exercises

Caldera for OT exposes native OT protocol functionality as a collection of plugins: BACnet, DNP3, Modbus, IEC 61850 – MMS, and Profinet/DCP protocols with abilities mapped to the ATT&CK for ICS matrix. Rather than reinventing the wheel, the OT plugins uniformly leverage existing, open-source OT protocol libraries to represent protocol functions as these abilities in a standardized format.

Users benefit from reduced operator workload, consistency in OT, and the ability to develop and capture standard testing metrics. Caldera for OT plugins are open-source and available for free on Github.

New users to the plugins may be interested in the following resources:

Caldera for OT:

Caldera:

Caldera & Caldera for OT Benefactor Program:

Caldera for OT is also a part of the MITRE Caldera Benefactor program, where the global community is invited to directly support development, advancement, and maintenance of Caldera for OT through charitable donations. To learn more about the MITRE Caldera Benefactor program, visit MITRE Engenuity or reach out to OT@mitre.org.