SlideShare a Scribd company logo

Low-Cost ICS Network Performance Testing

Download as PPTX, PDF
Jim Gilsinn
Jim Gilsinn

Network performance testing for devices and systems can be a daunting task for vendors and end-users given the cost of test equipment and the investment that the companies have to spend in developing relevant tests and understanding the results. During the last couple years, a group of low cost computing systems have been introduced that are very capable from a functional point of view, but how well do they actually perform? Can they be used in a low-cost performance testing lab system to validate ICS devices before they go into production? Can end-users use them to capture live traffic in their network and get reliable performance results? This talk will discuss how and when different types of equipment can be used to develop a low-cost network performance testing lab. It will also show results from a series of performance tests conducted on some of the equipment and with different testing architectures.

Technology
1 of 21
Low-Cost ICS Network Performance Testing Jim Gilsinn Kenexis Consulting June 6, 2014 SCADASides 1
How This Got Started • In 2001 while I worked @ NIST my boss said: • Industrial Ethernet is the next big wave for manufacturing, so say our customers (auto manufacturers) • There are still a lot of questions about how well it performs • Is it deterministic enough for the factory floor? Yes, but… • Are there standardized metrics to show performance? Yes, but… • Are there test tools available? Yes, but… • Can companies put performance requirements into their procurements yet? Yes, but… June 6, 2014 SCADASides 2
Determinism • Vendors were building industrial Ethernet products that claimed certain performance • End-users were finding quirky performance • End-users would complain • Vendors would say, it works in our lab, there must be a problem in your system • End-users learned not to trust performance claims from vendors • Some build labs to approve devices before implementing them June 6, 2014 SCADASides 3
Standardized Metrics • Vendors would describe their performance in many different ways and with varying definitions • With ODVA, I helped to create a standard set of metrics for end-point devices based upon IETF definitions • Throughput • Jitter/Variability • Latency (action latency, response latency) June 6, 2014 SCADASides 4
Test Tools • After creating the metrics, NIST helped ODVA develop a set of performance tests • We build the ODVA Performance Testing Laboratory that ODVA charges companies money to certify their stated performance • No one has run the test since no one wants to fail • ODVA charges for every time a company tests and retests • NIST went on to develop a free capture file analysis tool • Available on SourceForge (1st gen is IENetP, 2nd gen is FENT) • Both of these are dormant • NIST also worked with the ODVA Interoperability Workshop to develop a series of 5 tests that could be conducted quickly June 6, 2014 SCADASides 5
Procurement Language • Big auto manufacturers have tried to get their vendors to use ODVA performance lab • Hasn’t worked out well • Have convinced vendors to go through PlugFest testing • Vendors and end-users have started using a common language • I guess that’s as good as it gets for now June 6, 2014 SCADASides 6
Low-Cost Performance Testing • Uses low-cost/readily-available equipment • Low-cost is relative, $15 – $3k • Readily-available, like laptops, switches, etc. • Uses open-source/low-cost/readily-available software • Open-source, like Linux, Wireshark, background traffic, and analysis tool • Low-cost analysis tool (Kenexis, in development) • Readily-available, like Windows, Office, browsers • Additional useful tools • Protocol-dependent master/scanner (software will get you ~2ms) June 6, 2014 SCADASides 7
Testing Equipment • Laptops x2 • Alienware M14x-R2 • Ubuntu 14.04 native • Windows VM • Backtrack 5r3 USB • DreamPlug • Raspberry PI • Model B, rev 1 • Netgear GS108E Switch • Throwing Star LAN Tap • Hilscher netANALYZER June 6, 2014 SCADASides 8
Testing Software • Linux (Ubuntu 14.04, Backtrack 5r3, Kali) • Wireshark (apt-get and compiled) • PlugFest background traffic captures and scripts • NIST Analysis Tool • 1st Generation = IENetP – http://www.sourceforge.net/projects/ienetp • 2nd Generation = FENT – http://www.sourceforge.net/projects/fent • Kenexis Analysis Tool • Follow-on, in development June 6, 2014 SCADASides 9
PlugFest Background Traffic • Traffic Captures • Generated by Ixia network analyzer and packet generator • Assembled into different sets (editcap & mergecap) • tcpreplay Scripts • Generated Linux scripts to replay capture files • Conducted Analysis of Results • Packet generator transmitting • Laptop transmitting • Laptop receiving June 6, 2014 SCADASides 10
PlugFest Background Traffic Traffic Type Rate (pps) Baseline Steady-State Managed Steady-State Unmanaged BurstManaged Burst Unmanaged ARP Request Broadcasts 180 Gratuitous ARP Broadcasts 180 DHCP Request Broadcasts 100 ICMP (ping) Request Broadcasts 100 NTP Multicasts 10 EtherNet/IP ListIdentity Req. 10 EtherNet/IP Class 1 1800 ARP Burst Requests 240 pkts @ 4k Hz
PlugFest Testing Architecture June 6, 2014 SCADASides 12
Eye Chart Slides Ahead June 6, 2014 SCADASides 13
June 6, 2014 SCADASides 14 Example PlugFest Testing (Hilscher)
June 6, 2014 SCADASides 15 Example PlugFest Testing (Switch Mirror)
Low-Cost Testing Architecture June 6, 2014 SCADASides 16
Low-Cost Testing • Laptop  Laptop • Laptop  DreamPlug • DreamPlug  Laptop • Laptop  Raspberry PI • Raspberry PI  Laptop June 6, 2014 SCADASides 17
June 6, 2014 SCADASides 18
What The Data Shows • Hilscher Capture Card • 10ns resolution time stamping • Hardware assisted • Good enough for hard real-time performance testing (1s µs) • High-End Laptop • Backtrack/Kali better than Ubuntu • Running from USB stick works • Good enough for soft real-time performance testing (~100 µs) June 6, 2014 SCADASides 19
What The Data Shows • DreamPlug • Good enough for mostprocess control • Offset of mean (~5-10 ms) • Random delays occur (~5-20 ms, sometimes 100+ ms) • On-par with Windows performance • Raspberry PI • Good enough for slow process control • Offset of mean (~5-25 ms) • Random delays occur (100-1000 ms) June 6, 2014 SCADASides 20
More Information • Jim Gilsinn, Kenexis Consulting • Email: Jim.Gilsinn@Kenexis.com • Phone: 614-323-2254 • Twitter: @JimGilsinn • SlideShare: http://www.slideshare.net/gilsinnj • Kenexis GitHub • https://github.com/kenexis/LowCostPerformance June 6, 2014 SCADASides 21

Recommended

ICS Performance Lab
ICS Performance LabICS Performance Lab
ICS Performance LabJim Gilsinn
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksJim Gilsinn
 
Havex Deep Dive (English)
Havex Deep Dive (English)Havex Deep Dive (English)
Havex Deep Dive (English)Digital Bond
 
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Digital Bond
 
Automating the cip compliance test lab
Automating the cip compliance test labAutomating the cip compliance test lab
Automating the cip compliance test labChuck Reynolds
 
CCNP Security-IPS
CCNP Security-IPSCCNP Security-IPS
CCNP Security-IPSmohannadalhanahnah
 
Solution scope
Solution scopeSolution scope
Solution scopeLimen Spot
 
Unittest og coverage målinger i udviklingsmiljøet hos Deif Windpower
Unittest og coverage målinger i udviklingsmiljøet hos Deif WindpowerUnittest og coverage målinger i udviklingsmiljøet hos Deif Windpower
Unittest og coverage målinger i udviklingsmiljøet hos Deif WindpowerInfinIT - Innovationsnetværket for it
 

Recommended

ICS Performance Lab
ICS Performance LabICS Performance Lab
ICS Performance LabJim Gilsinn
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksJim Gilsinn
 
Havex Deep Dive (English)
Havex Deep Dive (English)Havex Deep Dive (English)
Havex Deep Dive (English)Digital Bond
 
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Digital Bond
 
Automating the cip compliance test lab
Automating the cip compliance test labAutomating the cip compliance test lab
Automating the cip compliance test labChuck Reynolds
 
CCNP Security-IPS
CCNP Security-IPSCCNP Security-IPS
CCNP Security-IPSmohannadalhanahnah
 
Solution scope
Solution scopeSolution scope
Solution scopeLimen Spot
 
Unittest og coverage målinger i udviklingsmiljøet hos Deif Windpower
Unittest og coverage målinger i udviklingsmiljøet hos Deif WindpowerUnittest og coverage målinger i udviklingsmiljøet hos Deif Windpower
Unittest og coverage målinger i udviklingsmiljøet hos Deif WindpowerInfinIT - Innovationsnetværket for it
 
Migrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data CenterMigrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data CenterAlgoSec
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlAlgoSec
 
Carrier grade linux maintenance
Carrier grade linux maintenanceCarrier grade linux maintenance
Carrier grade linux maintenanceNagesh Kollu
 
Design Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesDesign Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesInductive Automation
 
Managing 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single consoleManaging 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single consoleManageEngine, Zoho Corporation
 
Shift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesShift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesAlgoSec
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance FiresLiraz Goldstein
 
Network fault management and IT automation training
Network fault management and IT automation trainingNetwork fault management and IT automation training
Network fault management and IT automation trainingManageEngine, Zoho Corporation
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...ManageEngine, Zoho Corporation
 
Daniel Cross, Electronics Engineer
Daniel Cross, Electronics EngineerDaniel Cross, Electronics Engineer
Daniel Cross, Electronics EngineerDaniel Cross
 
Free training on NCM - Discovery & Disaster recovery
Free training on NCM - Discovery & Disaster recovery Free training on NCM - Discovery & Disaster recovery
Free training on NCM - Discovery & Disaster recovery ManageEngine, Zoho Corporation
 
5 things you didn't know you could do with security policy management
5 things you didn't know you could do with security policy management5 things you didn't know you could do with security policy management
5 things you didn't know you could do with security policy managementAlgoSec
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 
Embracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsEmbracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsTom Cappetta
 
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...arnaudsoullie
 
DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010Affan Basalamah
 
Qradar as a SOC core
Qradar as a SOC coreQradar as a SOC core
Qradar as a SOC coreMona Arkhipova
 
Yes Virginia, Automatic Monitoring DOES Exist
Yes Virginia, Automatic Monitoring DOES ExistYes Virginia, Automatic Monitoring DOES Exist
Yes Virginia, Automatic Monitoring DOES ExistDevOps.com
 
Copy of learn_the_art_of_firewall_security(1)
Copy of learn_the_art_of_firewall_security(1)Copy of learn_the_art_of_firewall_security(1)
Copy of learn_the_art_of_firewall_security(1)ManageEngine, Zoho Corporation
 
Network and server performance monitoring training
Network and server performance monitoring trainingNetwork and server performance monitoring training
Network and server performance monitoring trainingManageEngine, Zoho Corporation
 
Hadoop engineering bo_f_final
Hadoop engineering bo_f_finalHadoop engineering bo_f_final
Hadoop engineering bo_f_finalRamya Sunil
 
DevOps for Big Data - Data 360 2014 Conference
DevOps for Big Data - Data 360 2014 ConferenceDevOps for Big Data - Data 360 2014 Conference
DevOps for Big Data - Data 360 2014 ConferenceGrid Dynamics
 

More Related Content

What's hot

Migrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data CenterMigrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data CenterAlgoSec
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlAlgoSec
 
Carrier grade linux maintenance
Carrier grade linux maintenanceCarrier grade linux maintenance
Carrier grade linux maintenanceNagesh Kollu
 
Design Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesDesign Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesInductive Automation
 
Managing 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single consoleManaging 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single consoleManageEngine, Zoho Corporation
 
Shift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesShift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesAlgoSec
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance FiresLiraz Goldstein
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...ManageEngine, Zoho Corporation
 
Daniel Cross, Electronics Engineer
Daniel Cross, Electronics EngineerDaniel Cross, Electronics Engineer
Daniel Cross, Electronics EngineerDaniel Cross
 
5 things you didn't know you could do with security policy management
5 things you didn't know you could do with security policy management5 things you didn't know you could do with security policy management
5 things you didn't know you could do with security policy managementAlgoSec
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 
Embracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsEmbracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsTom Cappetta
 
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...arnaudsoullie
 
DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010Affan Basalamah
 
Yes Virginia, Automatic Monitoring DOES Exist
Yes Virginia, Automatic Monitoring DOES ExistYes Virginia, Automatic Monitoring DOES Exist
Yes Virginia, Automatic Monitoring DOES ExistDevOps.com
 

What's hot (20)

Migrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data CenterMigrating and Managing Security Policies in a Segmented Data Center
Migrating and Managing Security Policies in a Segmented Data Center
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. Control
 
Carrier grade linux maintenance
Carrier grade linux maintenanceCarrier grade linux maintenance
Carrier grade linux maintenance
 
Design Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesDesign Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best Practices
 
Managing 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single consoleManaging 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single console
 
Shift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy ChangesShift Happens: Eliminating the Risks of Network Security Policy Changes
Shift Happens: Eliminating the Risks of Network Security Policy Changes
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
 
Network fault management and IT automation training
Network fault management and IT automation trainingNetwork fault management and IT automation training
Network fault management and IT automation training
 
5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...5 ways you can strengthen and secure your network infrastructure with Firewal...
5 ways you can strengthen and secure your network infrastructure with Firewal...
 
Daniel Cross, Electronics Engineer
Daniel Cross, Electronics EngineerDaniel Cross, Electronics Engineer
Daniel Cross, Electronics Engineer
 
Free training on NCM - Discovery & Disaster recovery
Free training on NCM - Discovery & Disaster recovery Free training on NCM - Discovery & Disaster recovery
Free training on NCM - Discovery & Disaster recovery
 
5 things you didn't know you could do with security policy management
5 things you didn't know you could do with security policy management5 things you didn't know you could do with security policy management
5 things you didn't know you could do with security policy management
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practices
 
Embracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsEmbracing the Rise of SecDevOps
Embracing the Rise of SecDevOps
 
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
Introduction to Industrial Control Systems : Pentesting PLCs 101 (BlackHat Eu...
 
DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010DNS Measurement Activity on ITB 2010
DNS Measurement Activity on ITB 2010
 
Qradar as a SOC core
Qradar as a SOC coreQradar as a SOC core
Qradar as a SOC core
 
Yes Virginia, Automatic Monitoring DOES Exist
Yes Virginia, Automatic Monitoring DOES ExistYes Virginia, Automatic Monitoring DOES Exist
Yes Virginia, Automatic Monitoring DOES Exist
 
Copy of learn_the_art_of_firewall_security(1)
Copy of learn_the_art_of_firewall_security(1)Copy of learn_the_art_of_firewall_security(1)
Copy of learn_the_art_of_firewall_security(1)
 
Network and server performance monitoring training
Network and server performance monitoring trainingNetwork and server performance monitoring training
Network and server performance monitoring training
 

Similar to Low-Cost ICS Network Performance Testing

Hadoop engineering bo_f_final
Hadoop engineering bo_f_finalHadoop engineering bo_f_final
Hadoop engineering bo_f_finalRamya Sunil
 
DevOps for Big Data - Data 360 2014 Conference
DevOps for Big Data - Data 360 2014 ConferenceDevOps for Big Data - Data 360 2014 Conference
DevOps for Big Data - Data 360 2014 ConferenceGrid Dynamics
 
Functional Testing of RESTful Applications
Functional Testing of RESTful ApplicationsFunctional Testing of RESTful Applications
Functional Testing of RESTful ApplicationsNenad Bozic
 
Demo how to efficiently evaluate nf-vi performance by leveraging opnfv testi...
Demo how to efficiently evaluate nf-vi performance by leveraging opnfv testi...Demo how to efficiently evaluate nf-vi performance by leveraging opnfv testi...
Demo how to efficiently evaluate nf-vi performance by leveraging opnfv testi...OPNFV
 
Selenium Automation at Incapsula
Selenium Automation at IncapsulaSelenium Automation at Incapsula
Selenium Automation at Incapsulaadamcarmi
 
Change management in hybrid landscapes
Change management in hybrid landscapesChange management in hybrid landscapes
Change management in hybrid landscapesChris Kernaghan
 
Deploying your SaaS stack OnPrem
Deploying your SaaS stack OnPremDeploying your SaaS stack OnPrem
Deploying your SaaS stack OnPremKris Buytaert
 
StarWest 2019 - End to end testing: Stupid or Legit?
StarWest 2019 - End to end testing: Stupid or Legit?StarWest 2019 - End to end testing: Stupid or Legit?
StarWest 2019 - End to end testing: Stupid or Legit?mabl
 
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]APNIC
 
Summit 16: Multi-site OPNFV Testing Challenges
Summit 16: Multi-site OPNFV Testing ChallengesSummit 16: Multi-site OPNFV Testing Challenges
Summit 16: Multi-site OPNFV Testing ChallengesOPNFV
 
5 Steps on the Way to Continuous Delivery
5 Steps on the Way to Continuous Delivery5 Steps on the Way to Continuous Delivery
5 Steps on the Way to Continuous DeliveryXebiaLabs
 
Ph.D Annual report II
Ph.D Annual report IIPh.D Annual report II
Ph.D Annual report IIMatteo Avalle
 
Infrastructure as Code for Network
Infrastructure as Code for NetworkInfrastructure as Code for Network
Infrastructure as Code for NetworkDamien Garros
 
OVS and DPDK - T.F. Herbert, K. Traynor, M. Gray
OVS and DPDK - T.F. Herbert, K. Traynor, M. GrayOVS and DPDK - T.F. Herbert, K. Traynor, M. Gray
OVS and DPDK - T.F. Herbert, K. Traynor, M. Grayharryvanhaaren
 
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...Lucas Jellema
 
Effective .NET Core Unit Testing with SQLite and Dapper
Effective .NET Core Unit Testing with SQLite and DapperEffective .NET Core Unit Testing with SQLite and Dapper
Effective .NET Core Unit Testing with SQLite and DapperMike Melusky
 
LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2Linaro
 

Similar to Low-Cost ICS Network Performance Testing (20)

Hadoop engineering bo_f_final
Hadoop engineering bo_f_finalHadoop engineering bo_f_final
Hadoop engineering bo_f_final
 
DevOps for Big Data - Data 360 2014 Conference
DevOps for Big Data - Data 360 2014 ConferenceDevOps for Big Data - Data 360 2014 Conference
DevOps for Big Data - Data 360 2014 Conference
 
Functional Testing of RESTful Applications
Functional Testing of RESTful ApplicationsFunctional Testing of RESTful Applications
Functional Testing of RESTful Applications
 
Demo how to efficiently evaluate nf-vi performance by leveraging opnfv testi...
Demo how to efficiently evaluate nf-vi performance by leveraging opnfv testi...Demo how to efficiently evaluate nf-vi performance by leveraging opnfv testi...
Demo how to efficiently evaluate nf-vi performance by leveraging opnfv testi...
 
Selenium Automation at Incapsula
Selenium Automation at IncapsulaSelenium Automation at Incapsula
Selenium Automation at Incapsula
 
Change management in hybrid landscapes
Change management in hybrid landscapesChange management in hybrid landscapes
Change management in hybrid landscapes
 
Spark Uber Development Kit
Spark Uber Development KitSpark Uber Development Kit
Spark Uber Development Kit
 
Deploying your SaaS stack OnPrem
Deploying your SaaS stack OnPremDeploying your SaaS stack OnPrem
Deploying your SaaS stack OnPrem
 
StarWest 2019 - End to end testing: Stupid or Legit?
StarWest 2019 - End to end testing: Stupid or Legit?StarWest 2019 - End to end testing: Stupid or Legit?
StarWest 2019 - End to end testing: Stupid or Legit?
 
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
The performance of IPv6, by John Brzozowski [APNIC 38 / IPv6 Plenary]
 
Summit 16: Multi-site OPNFV Testing Challenges
Summit 16: Multi-site OPNFV Testing ChallengesSummit 16: Multi-site OPNFV Testing Challenges
Summit 16: Multi-site OPNFV Testing Challenges
 
5 Steps on the Way to Continuous Delivery
5 Steps on the Way to Continuous Delivery5 Steps on the Way to Continuous Delivery
5 Steps on the Way to Continuous Delivery
 
OpenVINO introduction
OpenVINO introductionOpenVINO introduction
OpenVINO introduction
 
Ph.D Annual report II
Ph.D Annual report IIPh.D Annual report II
Ph.D Annual report II
 
A Mayo Clinic Big Data Implementation
A Mayo Clinic Big Data ImplementationA Mayo Clinic Big Data Implementation
A Mayo Clinic Big Data Implementation
 
Infrastructure as Code for Network
Infrastructure as Code for NetworkInfrastructure as Code for Network
Infrastructure as Code for Network
 
OVS and DPDK - T.F. Herbert, K. Traynor, M. Gray
OVS and DPDK - T.F. Herbert, K. Traynor, M. GrayOVS and DPDK - T.F. Herbert, K. Traynor, M. Gray
OVS and DPDK - T.F. Herbert, K. Traynor, M. Gray
 
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
Automated Testing with Docker on Steroids - nlOUG TechExperience 2018 (Amersf...
 
Effective .NET Core Unit Testing with SQLite and Dapper
Effective .NET Core Unit Testing with SQLite and DapperEffective .NET Core Unit Testing with SQLite and Dapper
Effective .NET Core Unit Testing with SQLite and Dapper
 
LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2
 

More from Jim Gilsinn

ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionJim Gilsinn
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
 
Cook Like a Hacker!
Cook Like a Hacker!Cook Like a Hacker!
Cook Like a Hacker!Jim Gilsinn
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsJim Gilsinn
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
 
You name it, we analyze it
You name it, we analyze itYou name it, we analyze it
You name it, we analyze itJim Gilsinn
 
Wireshark Network Protocol Analyzer
Wireshark Network Protocol AnalyzerWireshark Network Protocol Analyzer
Wireshark Network Protocol AnalyzerJim Gilsinn
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)Jim Gilsinn
 

More from Jim Gilsinn (12)

ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and Production
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
 
Cook Like a Hacker!
Cook Like a Hacker!Cook Like a Hacker!
Cook Like a Hacker!
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
 
You name it, we analyze it
You name it, we analyze itYou name it, we analyze it
You name it, we analyze it
 
Wireshark Network Protocol Analyzer
Wireshark Network Protocol AnalyzerWireshark Network Protocol Analyzer
Wireshark Network Protocol Analyzer
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
 
Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)
 

Recently uploaded

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

Low-Cost ICS Network Performance Testing

  • 1. Low-Cost ICS Network Performance Testing Jim Gilsinn Kenexis Consulting June 6, 2014 SCADASides 1
  • 2. How This Got Started • In 2001 while I worked @ NIST my boss said: • Industrial Ethernet is the next big wave for manufacturing, so say our customers (auto manufacturers) • There are still a lot of questions about how well it performs • Is it deterministic enough for the factory floor? Yes, but… • Are there standardized metrics to show performance? Yes, but… • Are there test tools available? Yes, but… • Can companies put performance requirements into their procurements yet? Yes, but… June 6, 2014 SCADASides 2
  • 3. Determinism • Vendors were building industrial Ethernet products that claimed certain performance • End-users were finding quirky performance • End-users would complain • Vendors would say, it works in our lab, there must be a problem in your system • End-users learned not to trust performance claims from vendors • Some build labs to approve devices before implementing them June 6, 2014 SCADASides 3
  • 4. Standardized Metrics • Vendors would describe their performance in many different ways and with varying definitions • With ODVA, I helped to create a standard set of metrics for end-point devices based upon IETF definitions • Throughput • Jitter/Variability • Latency (action latency, response latency) June 6, 2014 SCADASides 4
  • 5. Test Tools • After creating the metrics, NIST helped ODVA develop a set of performance tests • We build the ODVA Performance Testing Laboratory that ODVA charges companies money to certify their stated performance • No one has run the test since no one wants to fail • ODVA charges for every time a company tests and retests • NIST went on to develop a free capture file analysis tool • Available on SourceForge (1st gen is IENetP, 2nd gen is FENT) • Both of these are dormant • NIST also worked with the ODVA Interoperability Workshop to develop a series of 5 tests that could be conducted quickly June 6, 2014 SCADASides 5
  • 6. Procurement Language • Big auto manufacturers have tried to get their vendors to use ODVA performance lab • Hasn’t worked out well • Have convinced vendors to go through PlugFest testing • Vendors and end-users have started using a common language • I guess that’s as good as it gets for now June 6, 2014 SCADASides 6
  • 7. Low-Cost Performance Testing • Uses low-cost/readily-available equipment • Low-cost is relative, $15 – $3k • Readily-available, like laptops, switches, etc. • Uses open-source/low-cost/readily-available software • Open-source, like Linux, Wireshark, background traffic, and analysis tool • Low-cost analysis tool (Kenexis, in development) • Readily-available, like Windows, Office, browsers • Additional useful tools • Protocol-dependent master/scanner (software will get you ~2ms) June 6, 2014 SCADASides 7
  • 8. Testing Equipment • Laptops x2 • Alienware M14x-R2 • Ubuntu 14.04 native • Windows VM • Backtrack 5r3 USB • DreamPlug • Raspberry PI • Model B, rev 1 • Netgear GS108E Switch • Throwing Star LAN Tap • Hilscher netANALYZER June 6, 2014 SCADASides 8
  • 9. Testing Software • Linux (Ubuntu 14.04, Backtrack 5r3, Kali) • Wireshark (apt-get and compiled) • PlugFest background traffic captures and scripts • NIST Analysis Tool • 1st Generation = IENetP – http://www.sourceforge.net/projects/ienetp • 2nd Generation = FENT – http://www.sourceforge.net/projects/fent • Kenexis Analysis Tool • Follow-on, in development June 6, 2014 SCADASides 9
  • 10. PlugFest Background Traffic • Traffic Captures • Generated by Ixia network analyzer and packet generator • Assembled into different sets (editcap & mergecap) • tcpreplay Scripts • Generated Linux scripts to replay capture files • Conducted Analysis of Results • Packet generator transmitting • Laptop transmitting • Laptop receiving June 6, 2014 SCADASides 10
  • 11. PlugFest Background Traffic Traffic Type Rate (pps) Baseline Steady-State Managed Steady-State Unmanaged BurstManaged Burst Unmanaged ARP Request Broadcasts 180 Gratuitous ARP Broadcasts 180 DHCP Request Broadcasts 100 ICMP (ping) Request Broadcasts 100 NTP Multicasts 10 EtherNet/IP ListIdentity Req. 10 EtherNet/IP Class 1 1800 ARP Burst Requests 240 pkts @ 4k Hz
  • 12. PlugFest Testing Architecture June 6, 2014 SCADASides 12
  • 13. Eye Chart Slides Ahead June 6, 2014 SCADASides 13
  • 14. June 6, 2014 SCADASides 14 Example PlugFest Testing (Hilscher)
  • 15. June 6, 2014 SCADASides 15 Example PlugFest Testing (Switch Mirror)
  • 16. Low-Cost Testing Architecture June 6, 2014 SCADASides 16
  • 17. Low-Cost Testing • Laptop  Laptop • Laptop  DreamPlug • DreamPlug  Laptop • Laptop  Raspberry PI • Raspberry PI  Laptop June 6, 2014 SCADASides 17
  • 18. June 6, 2014 SCADASides 18
  • 19. What The Data Shows • Hilscher Capture Card • 10ns resolution time stamping • Hardware assisted • Good enough for hard real-time performance testing (1s µs) • High-End Laptop • Backtrack/Kali better than Ubuntu • Running from USB stick works • Good enough for soft real-time performance testing (~100 µs) June 6, 2014 SCADASides 19
  • 20. What The Data Shows • DreamPlug • Good enough for mostprocess control • Offset of mean (~5-10 ms) • Random delays occur (~5-20 ms, sometimes 100+ ms) • On-par with Windows performance • Raspberry PI • Good enough for slow process control • Offset of mean (~5-25 ms) • Random delays occur (100-1000 ms) June 6, 2014 SCADASides 20
  • 21. More Information • Jim Gilsinn, Kenexis Consulting • Email: Jim.Gilsinn@Kenexis.com • Phone: 614-323-2254 • Twitter: @JimGilsinn • SlideShare: http://www.slideshare.net/gilsinnj • Kenexis GitHub • https://github.com/kenexis/LowCostPerformance June 6, 2014 SCADASides 21