An Optical Time Domain Reflectometer (OTDR) is a fundamental tool for characterizing and troubleshooting optical fibers. For security purposes, it operates by sending high-powered light pulses down a fiber and analyzing the backscattered and reflected signal. A physical intrusion, such as an attempt to tap the fiber, requires bending it, which induces a measurable, localized power loss (attenuation). The OTDR detects this attenuation event and, by measuring the round-trip time of the light pulse, can pinpoint the exact location of the intrusion along the fiber. This makes it a primary tool for detecting physical tampering with the fiber optic plant.

B. Power injection one channel: This type of attack, also known as jamming, is detected by monitoring power per wavelength. The correct tool for this is an Optical Spectrum Analyzer (OSA) or Optical Channel Monitor (OCM), not an OTDR.

C. Hacking of L1 encryption: This is a cryptographic attack on the data itself. It occurs at a logical layer and does not create a physical change in optical power that an OTDR could detect.

D. Intrusions in the cryptographic keys: This is a data security breach involving the compromise of encryption keys. Like hacking, it is a logical attack with no corresponding physical layer event for an OTDR to measure.

1. Nokia White Paper: "Protecting critical infrastructure with a secure optical foundation" (2021).

Page 4, Section: "Physical intrusion detection": "Physical intrusion detection can identify and locate a fiber-tapping attempt in real time. It works by monitoring fiber attenuation, which increases when a fiber is bent to install a tap. An optical time-domain reflectometer (OTDR) can be used to pinpoint the location of the tap." This reference directly supports that OTDRs are used to detect physical intrusions (A).

2. Nokia Application Note: "Ultra-fast data protection for the cloud era" (2017).

Page 5, Section: "Multi-layer protection": "The 1830 PSS can also detect attempts to jam the fiber with a foreign light source. This is accomplished by monitoring the optical spectrum for unexpected signals." This confirms that power injection/jamming attacks (B) are detected by monitoring the optical spectrum (using an OSA/OCM), not with an OTDR.

3. Nokia Courseware: "Nokia Optical Networking Fundamentals" Student Guide.

Module on Optical Layer Security: The course material explains that Layer 0 (photonic layer) security involves protecting the physical fiber. It explicitly details the use of OTDRs to detect and locate fiber taps by measuring attenuation changes, while identifying jamming (power injection) as a separate threat detected by spectrum analysis. This distinguishes the use cases for OTDRs versus other monitoring tools.