25-50253_OT-Cybersecurity-Capabilities-Catalog_R10

b'0 1 1 0 0 1 1 0 0 1 0 0 1 1 0 0 0 0 1 1 0 0 0 0 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 1 0 0 1 1 0 00 1 0 0 1 1 0 0 0 1 0 1 1 0 1 1 0 0 0 1 1 0 1 0 1 1 0 0 1 0 1 1 0 0 1 0 0 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 1 0 1 0 01 0 1 0 1 0 0 0 1 0 1 1 0 1 0 1 1 0 1 0 0 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 0 1 1 0 1 1 0 00 0 0 1 0 0 1 1 0 1 1 0 1 0 0 0 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 0 1 0 0 0 0 1 1 0 01 0 1 1 0 0 0 1 0 1 1 0 1 1 0 0 0 0 1 0 1 I N T E L L I G E N C E 1 1 0 1 0 1 1 0 0 0 1 0 1 1 0 M A C H I N E 0 1 0 11 0 1 0 1 0 0 0 1 L 0 1 0 1 1 0 1 0 0 0 1 1 0 0 1 1 0 0 D E F E N S E 0 1 1 1 1 0 1 0 0 0 L E A R N I N G 1 1 0 1 00 1 1 0 0 1 1 0 0 0 0 1 1 0 0 1 R E S I L I E N C E 1 0 1 0 0 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 1 1 0 1 0 0 0 1 1 0 0 10 1 1 0 0 1 C Y B E R S E C U R I T Y 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 S A F E T Y 1 1 0 1 0 0 1 1 0 0 1 1 0 1 00 1 1 0 0 1 1 0 0 1 0 4 0 VULNERABILITY 0 0 1 1 0 1 0 0 0 0 1 1 0 1 0 0 1 1 0 0 0 00 1 1 0 0 0 1 1 0 0 0 0 1 0 0 1 1 0 1 0 0 0 0 1 10 1 0 0 1 1 0 0 0 1 0 1 1 0 1 1 0 0 0 1 1 0 1 0 1 1 0 0 1 0 1 1 0 0 1 0 0 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 1 0 11 0 1 0 1 0 0 0 1 0 1 1 0 1 0 1 DISCOVERY AND 0 1 1 0 0 1 0 1 1 0 0 1 0 0 1 1 0 1 1 0 01 0 1 0 0 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 00 0 0 1 0 0 1 1 0 1 1 0 1 0 0 0 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0MITIGATIONOT vulnerability discovery and mitigation development identifies known and/or unknown vulnerabilities residing within the OT ecosystems, along with any tangentially connected IT architecture. Using a variety of cybersecurity strategies and reverse engineering techniques and tools allows INL to increase cybersecurity posture, manage assets, and address security vulnerabilities across systems and operations.Hardware and software enumeration identifies andVulnerability assessments (discovery, verification, catalogs the hardware and software systems within avalidation) evaluates a given environment to identify computing environment. It provides a comprehensiveand address potential operational security risks. This inventory to help manage resources and detectthree-phase approach involves: discovery mapping all ICS unauthorized or malfunctioning components. components; verifying and testing identified vulnerabilities; and validating to ensure remediation efforts resolve Hardware/software bill of materials (H/S BOM)risks without disrupting functions of the system. creates a detailed inventory of the components and systems within a computing environment. Using assetReverse engineering (hardware, software, firmware) management tools or scanning software simplifies thedeconstructs and analyzes components to understand their collection process, ensures accuracy, organizes informationdesign, functionality, and underlying code. This technique in a database, and updates as materials change. is often used to uncover vulnerabilities, identify malicious code or validate security measures. Cybersecurity experts Supply chain risk management identifies, assesses,leverage reverse engineering to enhance defenses, patch and mitigates risks within the network of suppliers andvulnerabilities and ensure the integrity of systems against vendors that provide hardware, software, and services to anevolving threats. This process incorporates intellectual organization. INL teams conduct cybersecurity assessmentsproperty rights and uses reverse engineering tools such as:of vendor equipment, implement secure procurement processes, monitor emerging threats and establishBinary Ninja contingency plans to address potential disruptions.IDAPro GhidraWireshark0 1 1 0 0 1 1 0 0 1 0 0 1 1 0 0 0 0 1 1 0 0 0 0 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 1 0 0 1 1 0 00 1 0 0 1 1 0 0 0 1 0 1 1 0 1 1 0 0 0 1 1 0 1 0 1 1 0 0 1 0 1 1 0 0 1 0 0 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 1 0 1 0 01 0 1 0 1 0 0 0 1 0 1 1 0 1 0 1 1 0 1 0 0 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 0 1 1 0 1 1 0 00 0 0 1 0 0 1 1 0 1 1 0 1 0 0 0 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 0 1 0 0 0 0 1 1 0 09 Capabilities Catalog 1 0 1 1 0 0 0 1 0 1 1 0 1 1 0 0 0 0 1 0 1 I N T E L L I G E N C E 1 1 0 1 0 1 1 0 0 0 1 0 1 1 0 M A C H I N E 0 1 0 11 0 1 0 1 0 0 0 1 L 0 1 0 1 1 0 1 0 0 0 1 1 0 0 1 1 0 0 D E F E N S E 0 1 1 1 1 0 1 0 0 0 L E A R N I N G 1 1 0 1 00 1 1 0 0 1 1 0 0 0 0 1 1 0 0 1 R E S I L I E N C E 1 0 1 0 0 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 1 1 0 1 0 0 0 1 1 0 0 10 1 1 0 0 1 C Y B E R S E C U R I T Y 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 S A F E T Y 1 1 0 1 0 0 1 1 0 0 1 1 0 1 00 1 1 0 0 1 1 0 0 1 0 0 1 1 0 0 0 0 1 1 0 0 0 0 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 1 0 0 1 1 0 00 1 0 0 1 1 0 0 0 1 0 1 1 0 1 1 0 0 0 1 1 0 1 0 1 1 0 0 1 0 1 1 0 0 1 0 0 1 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0 1 1 0 1 0 01 0 1 0 1 0 0 0 1 0 1 1 0 1 0 1 1 0 1 0 0 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 0 0 1 0 1 1 0 0 1 0 0 1 1 0 1 1 0 00 0 0 1 0 0 1 1 0 1 1 0 1 0 0 0 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 1 0 0 0 1 1 0 0 1 1 0 1 0 0 1 1 0 1 0 0 0 0 1 1 0 0'