Successfully reported this slideshow.
Your SlideShare is downloading. ×

An Open Framework for Deploying Experimental SCADA Testbed Networks

Ad

An Open Framework for Deploying
Experimental SCADA Testbed Networks
Peter Maynard, Kieran McLaughlin, and Sakir Sezer
Augu...

Ad

Outline
▶ Background
▶ High-Level Overview of Framework
▶ Tooling
▶ Ongoing/Future Work
2 / 14

Ad

About Myself
▶ Research Assistant, at Queen’s University Belfast, CSIT
▶ PhD 4 years ICS Network-IDS
▶ Research Engineer, ...

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Upcoming SlideShare
Aicis'18 evaluation paper 47
Aicis'18 evaluation paper 47
Loading in …3
×

Check these out next

1 of 14 Ad
1 of 14 Ad

An Open Framework for Deploying Experimental SCADA Testbed Networks

Download to read offline

@conference{
author = "Peter Maynard and Kieran McLaughlin and Sakir Sezer",
title = "An Open Framework for Deploying Experimental SCADA Testbed Networks",
journal = "5th International Symposium for ICS & SCADA Cyber Security Research",
year = "2018"
}

@conference{
author = "Peter Maynard and Kieran McLaughlin and Sakir Sezer",
title = "An Open Framework for Deploying Experimental SCADA Testbed Networks",
journal = "5th International Symposium for ICS & SCADA Cyber Security Research",
year = "2018"
}

More Related Content

An Open Framework for Deploying Experimental SCADA Testbed Networks

  1. 1. An Open Framework for Deploying Experimental SCADA Testbed Networks Peter Maynard, Kieran McLaughlin, and Sakir Sezer August, 2018 Queen’s University Belfast « CSIT 1 / 14
  2. 2. Outline ▶ Background ▶ High-Level Overview of Framework ▶ Tooling ▶ Ongoing/Future Work 2 / 14
  3. 3. About Myself ▶ Research Assistant, at Queen’s University Belfast, CSIT ▶ PhD 4 years ICS Network-IDS ▶ Research Engineer, at Southampton University, UK ▶ 5G Networks ▶ Computer Science BSc, at Aberystwyth University, UK 3 / 14
  4. 4. Introduction ▶ Framework for creating virtualised SCADA networks ▶ Developed for packet generation for NIDS ▶ Open Source (GPLv3) 4 / 14
  5. 5. Related Work ▶ IDS networking datasets (e.g. KDD’99) ▶ Lack of reproducible ICS/SCADA testbeds ▶ Lack of IEC 60870-5-104 protocol support 5 / 14
  6. 6. Use Cases TestBed ▶ Packet Generation ▶ Attack Simulations ▶ Agent Benchmarking ▶ Extending Limited Hardware 6 / 14
  7. 7. Requirements of a TestBed ▶ Reproducible ▶ Scalability ▶ Domain Fidelity ▶ Process Simulation ▶ Network Emulation ▶ Physical Network ▶ Physical Devices ▶ Multi-Protocol 7 / 14
  8. 8. High-Level Overview of Framework VM RTU/HMI/... a) Compilation Stage Node Image Build Provision SRC Configuration Profile 1) CreateBaseImage() 3.1) ConfigureBaseImage() 3.3) InstallPackages() 2) CompileSource() 3.2) LoadConfig() b) Orchestration Stage Deploy Operational ProfileProvision ConfigureStart 4) BootUpVirtualMachine() 5.1) AsignIP() 5.2) LoadConfig()5.3) StartServices() c) Operation Stage Control VM SSH/Console/Telnet Manage Shutdown Testbed 6) Monitor() 8 / 14
  9. 9. Tooling 9 / 14
  10. 10. Example Network DNS DHCP RTURTU RTU RTURTU Switch Process Simulator HMI Historian DB IEC104 IEC104 IEC104 IEC104 STP DHCP DNS IEC104 OPC UA Sockets Key Virtual Physical 10 / 14
  11. 11. Dataset ▶ Network Reconnaissance ▶ IEC104 Command Injection ▶ 192K Packet Dataset 11 / 14
  12. 12. Ongoing Work ▶ Integration Process Simulators ▶ Implementing additional operation/configuration profiles ▶ Simplify deployment ▶ Expand documentation 12 / 14
  13. 13. Future Work ▶ Testbed Federation ▶ Auto configuration of networking equipment ▶ Amazon Web Services (AWS) and Google Compute Engine ▶ Experimentation with alternative network paradigms 13 / 14
  14. 14. End ▶ www: petermaynard.co.uk ▶ twitter: @pgmaynad ▶ email: p.maynard@qub.ac.uk ▶ git: https://github.com/PMaynard/ ICS-TestBed-Framework ▶ dataset: https://dx.doi.org/10.6084/ m9.figshare.6133457.v1 14 / 14

×