10 June 2026
Legacy devices in critical infrastructure are often unintentionally exposed to the internet, creating significant cybersecurity risks. To address this challenge, a new research project involving DTU and CSIS is developing the open-source tool Clearsight, which helps identify vulnerabilities early, giving SMEs and utility providers a practical alternative to expensive all-in-one solutions and incomplete IT-focused tools.
Ventilation, heating, clean water. Denmark’s industrial sector delivers many of the essential services that keep society running. That is why cyberattacks targeting industrial control systems can cause serious disruption.
Small devices that were installed decades ago in good faith can become a major risk if hackers gain unrestricted access to exploit them. A pump may fail, a thermostat may shut down, or a conveyor belt may stop operating. For many organizations working with Operational Technology (OT), this is a growing challenge.
The new Clearsight research project, funded by the Danish Industry Foundation, the National Defence Technology Center, and DIREC, brings together researchers from DTU with the cybersecurity company CSIS to develop a more effective way of identifying when legacy devices pose a security risk.
“Far too many OT devices are unintentionally accessible from the internet. They are often outdated, difficult to update, and attractive targets for hostile actors. With Clearsight, our goal is to identify vulnerabilities early and provide operators with actionable warnings,” says Emmanouil Vasilomanolakis, Project Lead and Associate Professor at DTU.
“We want to create an effective OT-focused scanning tool and make it open source, allowing companies and public authorities to use and further develop it.”
According to the Confederation of Danish Industry’s analysis of the cyber threat landscape, limited visibility into OT networks remains a widespread challenge. Many organizations lack continous monitoring of their network connections and often discover security incidents only after systems have been compromised or operations have been disrupted.
“Today, organisations can choose between very expensive, comprehensive security solutions or incomplete IT-focused alternatives. There is a lack of specialized, cost-effective tools designed specifically for OT environments. That is exactly the gap Clearsight can fill,” says Simon Jonker, Director of Security Analysis at CSIS.
The Clearsight project brings together researchers and industry partners with a shared vision. DTU develops the methodology and measurement tools, while CSIS contributes industry feedback and implementation experience. This interdisciplinary collaboration has helped secure a total of DKK 2 million in funding from DIREC, NFC, and the Danish Industry Foundation.
“Clearsight is an excellent example of how cutting-edge cybersecurity research can be transformed into practical tools with real market potential. By making advanced security capabilities accessible to Danish SMEs and utility providers, we strengthen both operational resilience and society’s overall preparedness. Creating this bridge between research and real-world application is exactly what DIREC is here to support,” says Thomas Riisgaard Hansen, Managing Director of DIREC.
Interested in learning more about Clearsight’s approach to OT security? Read more about the project here.
Clearsight scans internet-exposed OT devices, ranging from pumps to dampers controlled by electronic systems. The tool continuously monitors internet-facing control devices and tracks changes over time. Its findings are translated into alerts and prioritized recommendations. This enables operators to make informed decisons about whether devices should be secured, isolated, upgraded, or replaced before they become a source of risk.
