Red‐Pi: A Low‐Cost Red Teaming Platform for Water Infrastructure Security Assessment
Agustin Di Bartolo, Mohammadhossein Homaei, Pablo García Rodríguez, José Carlos Sancho Núñez, Andrés Caro Lindo, María Mar Ávila VegasABSTRACT
The water and wastewater sector faces growing cyber threats due to rapid digitalization and the use of IoT‐based control systems. Many utilities manage essential services that affect public health and the environment but do not have enough cybersecurity staff and cannot afford regular security tests. Traditional penetration testing is often too expensive, complex, and requires expert knowledge. This work presents Red‐Pi, a portable and low‐cost platform for the cybersecurity assessment of water systems. Red‐Pi uses a single‐board computer (SBC) and automates main security tasks: reconnaissance, vulnerability detection, exploitation, and report generation. It supports both IT and OT protocols, and it includes encrypted storage, modular connectivity, and secure remote control. Following a six‐stage workflow based on MITRE ATT&CK, Red‐Pi allows realistic tests in labs and real utility environments. An evaluation in 30 deployments showed a 62.9% reduction in assessment time (Cohen's ), 91.9% cost savings, and 91.4% F1‐score for vulnerability detection. With a Composite Performance Index of 84.5/100, Red‐Pi helps small and medium utilities perform continuous automated cybersecurity audits, thereby increasing assessment frequency by over 9000% and improving digital resilience according to the NIS2 Directive requirements. This approach reduces barriers and enhances security in critical water infrastructure.