A cyber-physical experimentation environment for the security analysis of networked industrial control systems

Genge, Béla; Siaterlis, Christos; Fovino, Igor Nai; Masera, Marcelo

doi:10.1016/j.compeleceng.2012.06.015

Cited by 68 publications

(25 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Genge et al [3] have proposed a framework based on Emulab and Simulink to recreate cyber components and physical processes when conducting security analyses of industrial control networks. The underlying architecture strikes a balance between experiments that consist entirely of physical components as in [2] and experiments that are based entirely on simulated components.…”

Section: Related Workmentioning

confidence: 99%

Enhancing a Virtual SCADA Laboratory Using Simulink

Thornton

Morris

2015

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

This chapter describes a virtual supervisory control and data acquisition (SCADA) security laboratory and the improvements made using Simulink. The laboratory was initially constructed using virtual devices written in Python that simulate industrial processes, emulate control system ladder logic functionality and utilize control system communications protocols. However, given the limitations of Python programs with regard to modeling industrial processes, an improved model was constructed using the Simulink modeling environment. Custom and commercially-available human-machine interfaces used in real-world SCADA environments were deployed in the new laboratory. In addition, various attacks were developed and implemented against the virtual SCADA system. The behavior of the improved laboratory and its earlier version are compared against the physical system after which both were modeled.

show abstract

Section: Related Workmentioning

confidence: 99%

Enhancing a Virtual SCADA Laboratory Using Simulink

Thornton

Morris

2015

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…The previously developed framework [7] follows a hybrid approach, where the Emulab-based testbed recreates the control and process network of NICS, including PLCs and SCADA servers, and a software simulation reproduces the physical processes. The architecture, as shown in Figure 1, clearly distinguishes 3 layers: the cyber layer, the physical layer and a link layer in between.…”

Section: Framework Architecturementioning

confidence: 99%

“…The attack scenario has been implemented with the help of our previously developed framework [7] that uses simulation for the physical components and an emulation testbed based on Emulab [8,9] to recreate the cyber part of NICS, e.g., SCADA servers, corporate network, etc. In the implemented scenario we have used the model of a Boiling Water Power Plant developed by Bell and Åström [10].…”

Section: Introductionmentioning

confidence: 99%

Impact of Network Infrastructure Parameters to the Effectiveness of Cyber Attacks Against Industrial Control Systems

Genge

Siaterlis

Hohenadel

2014

INT J COMPUT COMMUN

Self Cite

View full text Add to dashboard Cite

Abstract:The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of SCADA systems, today we still lack the proper understanding of the effects that cyber attacks have on NICS. In this paper we identify the communication and control logic implementation parameters that influence the outcome of attacks against NICS and that could be used as effective measures for increasing the resilience of industrial installations. The implemented scenario involves a powerful attacker that is able to send legitimate Modbus packets/commands to control hardware in order to bring the physical process into a critical state, i.e. dangerous, or more generally unwanted state of the system. The analysis uses a Boiling Water Power Plant to show that the outcome of cyber attacks is influenced by network delays, packet losses, background traffic and control logic scheduling time. The main goal of this paper is to start an exploration of cyber-physical effects in particular scenarios. This study is the first of its kind to analyze cyber-physical systems and provides insight to the way that the cyber realm affects the physical realm.

show abstract

“…Especially, the Industry 4.0 revolution, defined by Germany, further emphasizes the essential role of networking technology in the networked control system [2]. However, the application of networking technology has broken the original closure of industrial control systems, such as SCADA (supervisory control and data acquisition), DCS (distributed control system) and PLC (programmable logic controller), and the accompanying security issues are increasing exposed [3][4][5]. The research reports of the USA ICS-CERT (industrial control systems cyber emergency response team) point out in recent years the number of security incidents in industrial control systems show a sensible rise, and only in 2014 the attack number against critical infrastructures reaches 245 [6].…”

Section: Introductionmentioning

confidence: 99%

Content-based deep communication control for networked control system

et al. 2016

View full text Add to dashboard Cite

In smart cities, the networked control system plays a significant role in transportation systems, power stations or other critical infrastructures, and it is facing many security issues. From this point, this paper proposes a content-based deep communication control approach to guarantee its security. Based on the layer architecture, this approach analyzes the interactive content in depth according to different industrial communication protocols, and implements the access control between two distinct enclaves. For OPC Classic, we acquire the dynamic port provided by OPC server, and open a new connection belonging to this port; for Modbus/TCP, we not only analyze the ordinary function codes and addresses, but also check the register or coil values by using the multi-bit Trie-tree matching algorithm. Besides, the white-listing strategy is introduced to satisfy the special requirements of industrial communication. Our experiment results show that, on the one hand the proposed approach pro- vides OPC and Modbus/TCP defenses in depth; on the other hand it has less than 1 ms forwarding latency and 0 packet loss rate when the rule number reaches 200, and all these meet the availability requirements in the networked control system. In particular, this approach has been successfully applied in several real-world petrochemical control systems.

show abstract

A cyber-physical experimentation environment for the security analysis of networked industrial control systems

Cited by 68 publications

References 18 publications

Enhancing a Virtual SCADA Laboratory Using Simulink

Enhancing a Virtual SCADA Laboratory Using Simulink

Impact of Network Infrastructure Parameters to the Effectiveness of Cyber Attacks Against Industrial Control Systems

Content-based deep communication control for networked control system

Contact Info

Product

Resources

About