Abstract
Monitoring the operational integrity of industrial control systems (ICS) is a fundamental concern in modern infrastructure environments. While previous studies have primarily relied on direct access to controllers’ data for system observation, this study adopts a passive network-based approach to minimize potential disruptions. By analyzing communication traffic within a simulated dam control system, the research investigates how network-observable information exchanged between devices can reflect system-level operational behavior. Through detailed inspection of packet-level data, including protocol usage, register values that reveal PLC operational states, the study aims to enhance situational awareness without interfering with system operations.
https://ror.org/01b8kcc49 
