A rogue master can be used to send legitimate control messages to other control system devices, affecting processes in unintended ways. Impersonating a master may also allow an adversary to avoid detection. Protocols used for control functions should provide authenticity through MAC functions or digital signatures. Use host-based allowlists to prevent devices from accepting connections from unauthorized systems. Segment operational assets and their management devices based on their functional role within the process. Enabling more strict isolation to more critical control and operational information within the control environment.”]
Source: https://collaborate.mitre.org/attackics/index.php/Technique/T0848