As companies move to WFH (working from home) as the pandamic goes, industerial sector already begun reducing number of employee and moving towards automation, years ago. Such setup required a human-machine interface to control its process, and in some instances, reachable via the internet, or intranet. Some vendors would assume "whitelisting", "firewalling" their control system would make them "safe". We will prove otherwise, and talk about how we research deeply into security implications of human-machine interfaces, including firmware analysis, defending against attacks, and developing safer software.