Critical Infrastructure remains vulnerable to:
- Directed attacks
- Accidents
- Drive by attacks
It cannot be protected by procedures such as the Essential 8 or ... since a large code base is always vulnerable. Secondly a lot of the systems are no longer supported.
Laot deals with this by providing strong isolation of components and checks using seL4.