The Design of ICS Testbed Based on Emulation, Physical, and Simulation (EPS-ICS Testbed)

Gao, Haihui; Peng, Yong; Jia, Kebin; Dai, Zhijiang; Wang, Ting

doi:10.1109/iih-msp.2013.111

Cited by 25 publications

(7 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…EPS-ICS [67] is a framework to implement a hybrid testbed, principally developed by the Technical Assessment Research Lab (CNITSEC) in Beijing, China. The testbed implements a multi-level design approach where Level 3, the corporate network, and Level 2, the supervisory control LAN, are emulated.…”

Section: F Hybridmentioning

confidence: 99%

A Survey on Industrial Control System Testbeds and Datasets for Security Research

Conti,

Donadel,

Turrin

2021

Preprint

View full text Add to dashboard Cite

The increasing digitization and interconnection of legacy Industrial Control Systems (ICSs) open new vulnerability surfaces, exposing such systems to malicious attackers. Furthermore, since ICSs are often employed in critical infrastructures (e.g., nuclear plants) and manufacturing companies (e.g., chemical industries), attacks can lead to devastating physical damages. In dealing with this security requirement, the research community focuses on developing new security mechanisms such as Intrusion Detection Systems (IDSs), facilitated by leveraging modern machine learning techniques. However, these algorithms require a testing platform and a considerable amount of data to be trained and tested accurately. To satisfy this prerequisite, Academia, Industry, and Government are increasingly proposing testbed (i.e., scaled-down versions of ICSs or simulations) to test the performances of the IDSs. Furthermore, to enable researchers to cross-validate security systems (e.g., security-bydesign concepts or anomaly detectors), several datasets have been collected from testbeds and shared with the community.In this paper, we provide a deep and comprehensive overview of ICSs, presenting the architecture design, the employed devices, and the security protocols implemented. We then collect, compare, and describe testbeds and datasets in the literature, highlighting key challenges and design guidelines to keep in mind in the design phases. Furthermore, we enrich our work by reporting the best performing IDS algorithms tested on every dataset to create a baseline in state of the art for this field. Finally, driven by knowledge accumulated during this survey's development, we report advice and good practices on the development, the choice, and the utilization of testbeds, datasets, and IDSs.

show abstract

Section: F Hybridmentioning

confidence: 99%

A Survey on Industrial Control System Testbeds and Datasets for Security Research

Conti,

Donadel,

Turrin

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Thus, the security of SCADA system is extremely important, as well as of national concern (Coletta and Armando, 2016;Shukla, 2016). In fact, the recent cyber-attacks on SCADA systems (Li et al, 2015;Gao et al, 2013) have drawn attention to the significance of vulnerability assessments and penetration testing exercises in SCADA systems, especially to detect potential vulnerabilities, security loopholes and threat agents. Figure 1 illustrates the SCADA network architecture and several components.…”

Section: Overview Of Scada Systemsmentioning

confidence: 99%

A review of security assessment methodologies in industrial control systems

Qassim

Jamil²,

Daud

et al. 2019

ICS

View full text Add to dashboard Cite

Purpose The common implementation practices of modern industrial control systems (ICS) has left a window wide open to various security vulnerabilities. As the cyber-threat landscape continues to evolve, the ICS and their underlying architecture must be protected to withstand cyber-attacks. This study aims to review several ICS security assessment methodologies to identify an appropriate vulnerability assessment method for the ICS systems that examine both critical physical and cyber systems so as to protect the national critical infrastructure. Design/methodology/approach This paper reviews several ICS security assessment methodologies and explores whether the existing methodologies are indeed sufficient to meet the cyber security assessment exercise required to validate the security of electrical power control systems. Findings The study showed that most of the examined methodologies seem to concentrate on vulnerability identification and prioritisation techniques, whilst other security techniques received noticeably less attention. The study also showed that the least attention is devoted to patch management process due to the critical nature of the SCADA system. Additionally, this review portrayed that only two security assessment methodologies exhibited absolute fulfilment of all NERC-CIP security requirements, whilst the others only partially fulfilled the essential requirements. Originality/value This paper presents a review and a comparative analysis of several standard SCADA security assessment methodologies and guidelines published by internationally recognised bodies. In addition, it explores the adequacy of the existing methodologies in meeting cyber security assessment practices required for electrical power networks.

show abstract

“…ICS testbeds generally consist of two main components, namely the physical process and the field devices such as PLC, HMI, RTU, etc. Depending on implementation methods, ICS testbeds are classified into three main categories as follows [1]: I) simulation testbed in which both components of the ICS are solely based on computer simulation [2], II) physical testbed where real physical parts are used in both components [3], and III) hybrid testbed in which a combination of simulation and physical testbed is considered where some components of the testbed such as the physical process is simulated and the rest are based on actual physical parts [4], [5].…”

Section: Introductionmentioning

confidence: 99%

“…Denial of Service,2 False Data Injection,3 Intrusion Detection System,4 Logistic Regression,5 Naïve Bayes ,6 Not Available,7 Auto-Associative Kernel Regression, 8 k-Nearest-Neighbors,9 Decision Tree,10 Random Forest,11 Man In The Middle,12 Firmware Reverse Engineering,13 Protocol Weakness Based,14 Principal Component Analysis ,15 One-Class Support Vector Machines ,16 Local Outlier Factor ,17 Isolation Forest,…”

mentioning

confidence: 99%

A Cyber-Security Methodology for a Cyber-Physical Industrial Control System Testbed

et al. 2021

View full text Add to dashboard Cite

Due to recent increase in deployment of Cyber-Physical Industrial Control Systems in different critical infrastructures, addressing cyber-security challenges of these systems is vital for assuring their reliability and secure operation in presence of malicious cyber attacks. Towards this end, developing a testbed to generate real-time data-sets for critical infrastructure that would be utilized for validation of realtime attack detection algorithms are indeed highly needed. This paper investigates and proposes the design and implementation of a cyber-physical industrial control system testbed where the Tennessee Eastman process is simulated in real-time on a PC and the closed-loop controllers are implemented on the Siemens PLCs. False data injection cyber attacks are injected to the developed testbed through the man-in-the-middle structure where the malicious hackers can in real-time modify the sensor measurements that are sent to the PLCs. Furthermore, various cyber attack detection algorithms are developed and implemented in real-time on the testbed and their performance and capabilities are compared and evaluated. INDEX TERMS Industrial Control Systems, Cyber Attack, Attack Detection Algorithm, Man-in-themiddle Attack, Hybrid Testbed.

show abstract

The Design of ICS Testbed Based on Emulation, Physical, and Simulation (EPS-ICS Testbed)

Cited by 25 publications

References 11 publications

A Survey on Industrial Control System Testbeds and Datasets for Security Research

A Survey on Industrial Control System Testbeds and Datasets for Security Research

A review of security assessment methodologies in industrial control systems

A Cyber-Security Methodology for a Cyber-Physical Industrial Control System Testbed

Contact Info

Product

Resources

About