I was asked by Anna Ribiero from the Industrial Cyber Newsletter about the cybersecurity of Purdue Reference Model Level 0 control system field devices (process sensors, actuators, etc.). Level 0 devices are the 100% trusted input in all sectors. Yet Level 0 devices have no cybersecurity, authentication, cyber forensics, nor appropriate cybersecurity training. If you canβt trust the Level 0 sensor signals, the βsecureβ data being sent to the rest of the Levels cannot be trusted. Cybersecurity standards, guidelines, and risk assessment methodologies have not addressed the unique issues with Level 0 devices. Cybersecurity issues with Level 0 devices have led to catastrophic unintentional and malicious control system cyber incidents with most not having been identified as being cyber-related. Moreover, the operator displays for the Level 0 devices do not address the key information that indicates the health of the process sensors and the actual process. At Level 0, cybersecurity is still an aspiration whereas there has been cybersecurity progress at Level 1 and Level 2. It is important for organizations to realize that Level 0 compromises are happening to them and not happening only to others. Moreover, adversarial nation states are aware of the Level 0 issues and are exploiting them. Level 0 is the last unprotected cyber frontier. Until the raw physical signals are independently validated β not inferred β upstream cybersecurity will always be one exploitable layer too late.