# Whisper for OT — device identity on the wire for the plant floor. This is ot.whisper.online. The marketing story here is told for the asset owner, OT-security team, systems integrator, and device OEM; the /docs library, the console, and the whole system behind it are identical to whisper.online. Read it in full — written so both an agent and a person can act on it. ## The problem it solves An OT control plane — a SCADA head-end, an engineering workstation, a vendor's remote-access tunnel — trusts an IP and a topology, never the machine on the other end. Modbus, DNP3 and PROFINET carry no notion of WHO is speaking, and much of OPC UA is deployed with no authentication at all, so a PLC/RTU/HMI obeys whoever can reach it. A foothold rides IT/OT convergence and remote-access sprawl across the boundary, lands on a flat network where trust is by IP + VLAN, and issues a plaintext, spoofable register write — indistinguishable from the plant operator because it is the plant's own protocol. The root cause is a missing identity (OWASP broken authorization / BOLA at plant scale): the network trusts reachability, never the machine. And the egress is disposable, so the SOC only ever logs a meaningless last IP — no attribution across the vendor/integrator boundary, no cross-org revocation. ## The cure — make it an identity problem Give every industrial asset — PLC, RTU, IED, HMI, engineering workstation, gateway, historian — a routable IPv6 /128 (from 2a04:2a01::/32, AS219419) DETERMINISTICALLY derived from the public key it already holds (the public half of its OPC UA application-instance certificate, an IEEE 802.1AR IDevID, a TPM, or a secure element), with the OPC UA ApplicationUri (or the asset serial) as the domain separator. DNSSEC-anchored, DANE-EE 3 1 1 pinned, RDAP-registered, verifiable trustlessly with `whisper verify --trustless`. The ApplicationUri is already a globally-unique, key-welded name (OPC UA Part 6 SAN, enforced with BadCertificateUriInvalid) — but it is trapped in a local, per-site TrustList that can't be verified or revoked across an org boundary. Whisper keeps that key-bound property and adds the two it lacks: public cross-org verifiability and DNS-TTL revocation. So "reachable = trusted" stops being true across the conduit, IP/VLAN trust becomes irrelevant, a source with no asset key behind it can't establish a session across a governed boundary, and one revoke kills a compromised asset worldwide at DNS-TTL. Even a bare Modbus PLC behind a protocol-aware gateway gets a verifiable network identity, a PTR and an RDAP object for the first time — the NIST SP 800-82r3 compensating-control overlay. Plus MUD (RFC 8520) egress made ENFORCEABLE: bind the device's own declared egress to its verifiable /128 and enforce it as default-deny where traffic actually leaves, instead of a spoofable suggestion at the nearest switch. Additive to the OPC UA TrustList, 802.1AR/BRSKI, IEC 62443 zones-and-conduits, and the SIEM you already run; never replaces. ## Honest scope — what is shipped, and where it stops SHIPPED & LIVE: the generic device /128 (derived from the device public key + `device_id`), the public attribution graph, the control plane (connect/policy/firewall/budget/logs/lookups/revoke), keyless verify, and the Splunk connector (signed JSON → CEF / ECS). ROADMAP, labelled as such: a Microsoft Sentinel connector, OpenCTI, STIX 2.1 over TAXII, ISAC machine-readable export, and a first-class typed `--applicationuri` / `--mud` CLI flag. Identity is described at the property level only (deterministic, forge-proof, tenant-bound, DANE-pinned); we do not publish the derivation's byte layout. It is ADDITIVE and sits at the IP / transport boundary — NOT inside the closed OT command path: it does NOT add authentication to Modbus/DNP3/PROFINET on the wire and does NOT stop a purely-internal insecure-protocol write once an attacker already holds an OT-segment foothold. Closing that last inch needs identity enforced in-path (at the PLC, a protocol-aware broker-gateway, or the EWS). We say so before your assessor does. The transparency log is tamper-evident and Bitcoin-anchored today, not yet independently witnessed. ## Pages ### Marketing (each has an .html and a clean .md twin at the same path + .md) - / Home — the problem, the cure, MUD egress, and the honest edge - /ot-exposure Internet-exposed ICS / flat-network / no-attribution, end to end - /platform The three planes + where they fit the OT stack you already run - /for-ot-security For OT security: SOC/OT + SIEM fit, IEC 62443 / EU CRA / NIS2 / TSA - /compare Honest comparison — additive, not a replacement - /pricing Flat, predictable pricing ### Docs (each has an .html and a clean .md twin at the same path + .md) - /docs OT overview — the OT front door to the shared library - /docs/asset-identity Derive a routable /128 from the OPC UA ApplicationUri (or IDevID / serial) - /docs/ot-exposure-cure Why a reachable socket is the whole exploit, cured at the identity layer - /docs/ot-integrations OPC UA GDS & ApplicationUri, MUD (RFC 8520), 802.1AR/BRSKI, 62443, OT-visibility - /docs/ot-compliance IEC 62443-4-2 CR 1.2 & 3-3, EU CRA Annex I, CISA CPG 2.0, NIST 800-82r3, TSA - /docs/ot-recipes Runnable recipes: enforce MUD egress at the /128, verify, attribute ## Verify an asset's identity (KEYLESS — no API key, real value) whisper verify --trustless # re-derives DNSSEC to the IANA root, our API not trusted dig -x # forward-confirmed reverse DNS names the asset curl https://whisper.online/verify-identity/ # keyless full-chain verdict, JSON evidence curl https://whisper.online/ip/ # RDAP registry object + ownership history curl https://whisper.online/ip//lookups # who has been resolving/enumerating this identity ## Provision & govern (KEYED — with a Whisper API key) Control plane: POST https://graph.whisper.security/api/query Header: X-API-Key: whisper_live_xxx # your key — redacted here # provision — mint the deterministic /128 from the asset's PUBLIC key + its ApplicationUri CALL whisper.agents({op:'connect', args:{tier:'wireguard', identity_public_key:'', device_id:''}}) # govern egress — enforce the device's MUD manifest as default-deny at the /128 CALL whisper.agents({op:'policy', args:{...}}) # default-deny + allow-list its declared peers CALL whisper.agents({op:'firewall', args:{...}}) # allow/deny by host, cidr, or port CALL whisper.agents({op:'budget', args:{...}}) # daily traffic cap + kill-switch CALL whisper.agents({op:'logs', args:{...}}) # the asset's own egress record CALL whisper.agents({op:'lookups', args:{...}}) # who is enumerating the asset inventory CALL whisper.agents({op:'revoke', args:{...}}) # kill worldwide at DNS-TTL # attribution — name whoever already scanned you (read-only graph, same endpoint + key) CALL whisper.identify("") # operator fingerprinted across clouds; swarm collapsed by JA4 Console: https://console.whisper.security ## The operator Operator: Whisper Security (viaGraph B.V.), Amsterdam, NL. Network: AS219419, IPv6-only, RPKI-signed, MANRS-compliant. AS219419 announces 2a04:2a01::/32.