Industrial Control Systems and Operational Technology security is a growing field, but the barrier to entry remains prohibitively high. Commercial PLCs cost hundreds of pounds, training courses run into thousands, and purpose-built lab equipment can rival the price of a small car. This leaves aspiring OT security researchers stuck reading theory without hands-on practice.

This talk charts a practical journey from zero to a functional OT security lab without breaking the bank.
We begin with purely software-based approaches using OpenPLC and PyModbus to simulate industrial environments on hardware you already own. From there, we graduate to Arduino and microcontroller-based solutions, which run real PLC logic on inexpensive development boards. We then enhance these setups with LEDs, switches, and physical I/O to visualize ladder logic execution in real-time, making abstract concepts tangible.

To bring industrial processes to life, we explore 3D-printed models of substations, pumpjacks, and conveyor systems that respond to PLC outputs, creating compelling demonstrations without the need for large industrial budgets.

We also navigate the second-hand market for genuine PLCs and HMIs, discussing the licensing pitfalls, firmware challenges, and security considerations that await bargain hunters.

Finally, we announce the open-source release of the ModPwn Challenge Board a Raspberry Pi Pico-based Modbus challenge board - a complete attack and visualisation platform buildable for under £15, enabling anyone to practice Modbus protocol attacks and visualise the inputs and output.

Attendees will leave with practical blueprints, parts lists, and open-source tools to build their own OT security labs immediately.