Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

An Open Framework for Deploying Experimental SCADA Testbed Networks

9 views

Published on

@conference{
author = "Peter Maynard and Kieran McLaughlin and Sakir Sezer",
title = "An Open Framework for Deploying Experimental SCADA Testbed Networks",
journal = "5th International Symposium for ICS & SCADA Cyber Security Research",
year = "2018"
}

Published in: Software
  • Be the first to comment

  • Be the first to like this

An Open Framework for Deploying Experimental SCADA Testbed Networks

  1. 1. An Open Framework for Deploying Experimental SCADA Testbed Networks Peter Maynard, Kieran McLaughlin, and Sakir Sezer August, 2018 Queen’s University Belfast « CSIT 1 / 14
  2. 2. Outline ▶ Background ▶ High-Level Overview of Framework ▶ Tooling ▶ Ongoing/Future Work 2 / 14
  3. 3. About Myself ▶ Research Assistant, at Queen’s University Belfast, CSIT ▶ PhD 4 years ICS Network-IDS ▶ Research Engineer, at Southampton University, UK ▶ 5G Networks ▶ Computer Science BSc, at Aberystwyth University, UK 3 / 14
  4. 4. Introduction ▶ Framework for creating virtualised SCADA networks ▶ Developed for packet generation for NIDS ▶ Open Source (GPLv3) 4 / 14
  5. 5. Related Work ▶ IDS networking datasets (e.g. KDD’99) ▶ Lack of reproducible ICS/SCADA testbeds ▶ Lack of IEC 60870-5-104 protocol support 5 / 14
  6. 6. Use Cases TestBed ▶ Packet Generation ▶ Attack Simulations ▶ Agent Benchmarking ▶ Extending Limited Hardware 6 / 14
  7. 7. Requirements of a TestBed ▶ Reproducible ▶ Scalability ▶ Domain Fidelity ▶ Process Simulation ▶ Network Emulation ▶ Physical Network ▶ Physical Devices ▶ Multi-Protocol 7 / 14
  8. 8. High-Level Overview of Framework VM RTU/HMI/... a) Compilation Stage Node Image Build Provision SRC Configuration Profile 1) CreateBaseImage() 3.1) ConfigureBaseImage() 3.3) InstallPackages() 2) CompileSource() 3.2) LoadConfig() b) Orchestration Stage Deploy Operational ProfileProvision ConfigureStart 4) BootUpVirtualMachine() 5.1) AsignIP() 5.2) LoadConfig()5.3) StartServices() c) Operation Stage Control VM SSH/Console/Telnet Manage Shutdown Testbed 6) Monitor() 8 / 14
  9. 9. Tooling 9 / 14
  10. 10. Example Network DNS DHCP RTURTU RTU RTURTU Switch Process Simulator HMI Historian DB IEC104 IEC104 IEC104 IEC104 STP DHCP DNS IEC104 OPC UA Sockets Key Virtual Physical 10 / 14
  11. 11. Dataset ▶ Network Reconnaissance ▶ IEC104 Command Injection ▶ 192K Packet Dataset 11 / 14
  12. 12. Ongoing Work ▶ Integration Process Simulators ▶ Implementing additional operation/configuration profiles ▶ Simplify deployment ▶ Expand documentation 12 / 14
  13. 13. Future Work ▶ Testbed Federation ▶ Auto configuration of networking equipment ▶ Amazon Web Services (AWS) and Google Compute Engine ▶ Experimentation with alternative network paradigms 13 / 14
  14. 14. End ▶ www: petermaynard.co.uk ▶ twitter: @pgmaynad ▶ email: p.maynard@qub.ac.uk ▶ git: https://github.com/PMaynard/ ICS-TestBed-Framework ▶ dataset: https://dx.doi.org/10.6084/ m9.figshare.6133457.v1 14 / 14

×