A Cyber-Security Methodology for a Cyber-Physical Industrial Control System Testbed

Noorizadeh, Mohammad; Shakerpour, Mohammad; Meskin, Nader; Ünal, Devrim; Khorasani, K.

doi:10.1109/access.2021.3053135

Cited by 27 publications

(6 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work by Noorizadeh et al [15] presents a hybrid testbed for industrial control systems implemented by realtime simulation of the Tennessee-Eastman process as the physical component of the testbed is combined with emulation of field devices. In their work, they address the challenge of obtaining hard-to-access field data by generating and logging the data from the physical part of the proposed testbed.…”

Section: B Cybersecurity Analysismentioning

confidence: 99%

Investigating the Cybersecurity of Smart Grids Based on Cyber-Physical Twin Approach

Sen

Carere

Santori

et al. 2022

2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)

View full text Add to dashboard Cite

While the increasing penetration of information and communication technology into distribution grid brings numerous benefits, it also opens up a new threat landscape, particularly through cyberattacks. To provide a basis for countermeasures against such threats, this paper addresses the investigation of the impact and manifestations of cyberattacks on smart grids by replicating the power grid in a secure, isolated, and controlled laboratory environment as a cyber-physical twin. Currently, detecting intrusions by unauthorized third parties into the central monitoring and control system of grid operators, especially attacks within the grid perimeter, is a major challenge. The development and validation of methods to detect and prevent coordinated and timed attacks on electric power systems depends not only on the availability and quality of data from such attack scenarios, but also on suitable realistic investigation environments. However, to create a comprehensive investigation environment, a realistic representation of the study object is required to thoroughly investigate critical cyberattacks on grid operations and evaluate their impact on the power grid using real data. In this paper, we demonstrate our cyber-physical twin approach using a microgrid in the context of a cyberattack case study.

show abstract

Section: B Cybersecurity Analysismentioning

confidence: 99%

Investigating the Cybersecurity of Smart Grids Based on Cyber-Physical Twin Approach

Sen

Carere

Santori

et al. 2022

2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)

View full text Add to dashboard Cite

show abstract

“…It has been used as a base for several cybersecurity testbeds such as the NIST's cybersecurity performance testbed [7], Damn Vulnerable Chemical Process [31], and GRFICS [13]. Consequently, many recent cyberattack and anomaly detection studies [26,14,35,21,41] use TE as a test case.…”

Section: Research Questionsmentioning

confidence: 99%

“…The process can operate in six different modes that reflect the desired values of the ∕ ratio as well as of the production rate; we used the base case -Mode 1. The process has 41 measurements, XMEAS(1) through XMEAS (41), and 12 manipulated variables, XMV(1) through XMV (12). For example, XMEAS(1) measures the feed of component A, and XMV(3) allows controlling this feed by manipulating the corresponding valve.…”

Section: Te Process Descriptionmentioning

confidence: 99%

Practical Evaluation of Poisoning Attacks on Online Anomaly Detectors in Industrial Control Systems

Kravchik

Demetrio²,

Biggio³

et al. 2022

Computers & Security

View full text Add to dashboard Cite

“…In addition, studies have been conducted on synthesis frameworks for specific attack vectors [23] as well as on an automated marking process for deployed protocol-specific attack [13]. In this context, research on stealthy MITM attacks for FDI in DNP3 or Profinet is also conducted in a cyber-physical test environment to analyze the impact on latency [24] or generate datasets for datadriven detection approaches [25]. Many of the related works involve the study of cyber-attacks on power grids for data generation and consequence analysis.…”

Section: Related Workmentioning

confidence: 99%

Investigating Man-in-the-Middle-based False Data Injection in a Smart Grid Laboratory Environment

Şen¹,

Velde²,

Linnartz³

et al. 2021

Preprint

View full text Add to dashboard Cite

With the increasing use of information and communication technology in electrical power grids, the security of energy supply is increasingly threatened by cyber-attacks. Traditional cyber-security measures, such as firewalls or intrusion detection/prevention systems, can be used as mitigation and prevention measures, but their effective use requires a deep understanding of the potential threat landscape and complex attack processes in energy information systems. Given the complexity and lack of detailed knowledge of coordinated, timed attacks in smart grid applications, we need information and insight into realistic attack scenarios in an appropriate and practical setting. In this paper, we present a man-in-the-middlebased attack scenario that intercepts process communication between control systems and field devices, employs false data injection techniques, and performs data corruption such as sending false commands to field devices. We demonstrate the applicability of the presented attack scenario in a physical smart grid laboratory environment and analyze the generated data under normal and attack conditions to extract domain-specific knowledge for detection mechanisms.

show abstract

A Cyber-Security Methodology for a Cyber-Physical Industrial Control System Testbed

Cited by 27 publications

References 40 publications

Investigating the Cybersecurity of Smart Grids Based on Cyber-Physical Twin Approach

Investigating the Cybersecurity of Smart Grids Based on Cyber-Physical Twin Approach

Practical Evaluation of Poisoning Attacks on Online Anomaly Detectors in Industrial Control Systems

Investigating Man-in-the-Middle-based False Data Injection in a Smart Grid Laboratory Environment

Contact Info

Product

Resources

About