MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology (OT).
The first Caldera for OT extensions were developed in partnership between the Homeland Security Systems Engineering and Development Institute (HSSEDI), a federally funded research and development center that is managed and operated by MITRE for the Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Security Agency (CISA) to increase the resiliency of critical infrastructure.
Adversary emulation has long helped defenders of information systems exercise and improve their cyber defenses by using real adversary techniques. As an open-source, scalable adversary emulation platform with MITRE ATT&CK as its backbone, Caldera helps cyber defenders save time, money, and energy by automating adversary emulation operations, security assessments, and red-, blue-, and purple-teaming.
With the release of Caldera for OT, defenders of industrial control systems now have the same benefit. Caldera for OT also enables Factory and Security Acceptance Testing (FAT/SAT), where a reliable and consistent testing process is critical to ensure an accurate and repeatable assessment.
“Protecting our nation’s critical infrastructure is essential. With Caldera for OT, we are pleased to partner with CISA to help defenders of operational technology exercise and improve the defenses of these critical systems,” said Yosry Barsoum, VP and director, Center for Securing the Homeland at MITRE.
This work emerged from CISA and HSSEDI’s collaboration to automate adversary emulation simulations in CISA’s Control Environment Laboratory Resource (CELR), a simulated environment for research on operational technology.
CISA and HSSEDI identified adversary techniques to emulate and built them into Caldera. These techniques and abilities form the foundation of the Caldera for OT extensions. To date, CISA has used Caldera to help its government and industry partners learn how best to address threats to their OT systems.
“Continued cyber threats to OT systems require a concerted focus on supporting the critical infrastructure community with actionable tools and resources,” said Eric Goldstein, executive assistant director for cybersecurity at CISA.
“Through our ongoing collaboration with HSSEDI, we are leveraging our collective expertise and resources to develop innovative measures that safeguard critical systems. Caldera for OT, as well as CELR, can help critical infrastructure owners and operators protect their systems against emerging threats,” Goldstein continued.
Caldera for OT is now available on GitHub. As an open-source platform, Caldera for OT will continue expanding to new environments, protocols, and attacks.