There's an entire school of thought for #ICS #OT security where the ultimate issue at stake is sensor integrity and compromise.

You can tell this school of thought is intellectually bankrupt because they focus on the incredibly hard problem (in terms of access of deeply-embedded devices and number as these will be numerous and overlapping in scope), instead of looking at actual abuse of sensor technology: by compromising the endpoint or midpoint to spoof, replay, or otherwise manipulate the telemetry stream, while leaving the sensor itself alone.

This is what #Stuxnet did. This is kinda what #Triton tried to do. Arguably it alings with the #Siprotec relay DoS in #Industroyer. Yet because of commercial interests (or maybe lack of analysis and creativity) we observe a focus on the hardest possible avenue for corrupting #OT ecosystem integrity - compromising sensors - while ignoring the very real AND REALIZED threat of telemetry abuse and spoofing.