Securing Critical Infrastructure

Because individual OT devices and protocols often cannot defend themselves, security in critical infrastructure is achieved primarily through architecture: how networks are zoned, what is allowed to talk to what, and how the whole environment is monitored.

This lesson builds a layered defense around the components and protocols you have studied, anchored by the Purdue model.

The Purdue Enterprise Reference Architecture organizes ICS into layered levels, separating business IT from process control.

• Level 0 — sensors and actuators
• Level 1 — PLCs, RTUs, controllers
• Level 2 — SCADA, HMI, supervisory control
• Level 3 — site operations, historians, EWS
• Levels 4-5 — enterprise IT and business networks

The model's value is defining clear boundaries where traffic must be controlled.