Skip to main content
SpringerLink
Log in
Book cover

European Conference on Software Process Improvement

EuroSPI 2020: Systems, Software and Services Process Improvement pp 543–554Cite as

An ICS Based Scenario Generator for Cyber Ranges

  • Conference paper
  • First Online:

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1251))

Abstract

Cybersecurity is playing a key role in industrial control systems’ scenario because they are one of the targets of cyber-attacks. In order to mitigate the impact in industrial scenarios, it is necessary to train people not only in IT breaches, but also in OT breaches in industrial settings. Training is one of the weaknesses identified within the industry especially by practitioners, and the use of cyber ranges is motivated. In this sense, this paper deals with the deployment of Industrial Control Systems scenarios based on honeypots for training purposes. An example illustrates the deployment of a scenario within a cyber range.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Thames, L., Schaefer, D. (eds.): Cybersecurity for Industry 4.0. Springer Series in Advanced Manufacturing. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-50660-9

    Book  Google Scholar 

  2. Lezzi, M., Lazoi, M., Corallo, A.: Cybersecurity for Industry 4.0 in the current literature: a reference framework. Comput. Ind. 103, 97–110 (2018). https://doi.org/10.1016/j.compind.2018.09.004

    Article  Google Scholar 

  3. CCN-CERT. Cyber threats and Trends 2019 (2019). https://www.ccn-cert.cni.es/informes/informes-ccn-cert-publicos/4041-ccn-cert-ia-13-19-threats-and-trends-report-executive-summary/file.html. Accedido 02 July 2020

  4. Make UK. Cyber security and manufacturing: a briefing manufactureres. https://www.makeuk.org/-/media/cyber-security-and-manufacturing-a-briefing-for-manufacturers.pdf

  5. Thames, L., Schaefer, D.: Industry 4.0: an overview of key benefits, technologies, and challenges. In: Thames, L., Schaefer, D. (eds.) Cybersecurity for Industry 4.0. SSAM, pp. 1–33. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-50660-9_1

    Chapter  Google Scholar 

  6. Baines, T., Lightfoot, H.W.: Servitization of the manufacturing firm. Int. J. Oper. Prod. Manag. 34, 2–35 (2014)

    Article  Google Scholar 

  7. Tropina, T.: Public–private collaboration: cybercrime, cybersecurity and national security. Self- and Co-regulation in Cybercrime, Cybersecurity and National Security. SC, pp. 1–41. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16447-2_1

    Chapter  Google Scholar 

  8. Fenton, D., Traylor, T., Hokanson, G., Straub, J.: Integrating cyber range technologies and certification programs to improve cybersecurity training programs. In: Auer, M.E., Tsiatsos, T. (eds.) ICL 2018. AISC, vol. 917, pp. 632–643. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-11935-5_60

    Chapter  Google Scholar 

  9. Larrucea, X.: Modelling and certifying safety for cyber-physical systems: an educational experiment. In: 2016 42th Euromicro Conference on Software Engineering and Advanced Applications (SEAA), Limassol, Cyprus, pp. 198–205 (2016). https://doi.org/10.1109/seaa.2016.28

  10. Korwin, A.R., Jones, R.E., et al.: Do hands-on, technology-based activities enhance learning by reinforcing cognitive knowledge and retention? 1(2) (1990). (Spring 1990)

    Google Scholar 

  11. Cuppens-Boulahia, N., Lambrinoudakis, C., Cuppens, F., Katsikas, S. (eds.): CyberICPS 2016. LNCS, vol. 10166. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61437-3

    Book  Google Scholar 

  12. Lee, S., Lee, S., Yoo, H., Kwon, S., Shon, T.: Design and implementation of cybersecurity testbed for industrial IoT systems. J. Supercomput. 74(9), 4506–4520 (2017). https://doi.org/10.1007/s11227-017-2219-z

    Article  Google Scholar 

  13. National Institute of Standards and Technology. Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1, 05 dic 2017. https://csrc.nist.gov/publications/detail/white-paper/2017/12/05/cybersecurity-framework-v11/draft

  14. Salah, K., Hammoud, M., Zeadally, S.: Teaching cybersecurity using the cloud. IEEE Trans. Learn. Technol. 8(4), 383–392 (2015). https://doi.org/10.1109/tlt.2015.2424692

    Article  Google Scholar 

  15. Network Emulation Testbed https://www.emulab.net/

  16. Cyber-Defense Technology Experimental Research Laboratory Testbed. http://deter-project.org/

  17. Morelli, U., Nicolodi, L., Ranise, S.: An open and flexible cybersecurity training laboratory in IT/OT Infrastructures. In: Fournaris, A.P., et al. (eds.) IOSEC/MSTEC/FINSEC 2019. LNCS, vol. 11981, pp. 140–155. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-42051-2_10

    Chapter  Google Scholar 

  18. Scaffidi, C.: What training is needed by practicing engineers who create cyberphysical systems? 298–305 (2015). https://doi.org/10.1109/SEAA.2015.19

  19. Corallo, A., Lazoi, M., Lezzi, M.: Cybersecurity in the context of industry 4.0: a structured classification of critical assets and business impacts. Comput. Ind. 114, 103165 (2020). https://doi.org/10.1016/j.compind.2019.103165

  20. Kweon, E., Lee, H., Chai, S., Yoo, K.: The utility of information security training and education on cybersecurity incidents: an empirical evidence. Inf. Syst. Front. (2019). https://doi.org/10.1007/s10796-019-09977-z

  21. Asghar, M.R., Hu, Q., Zeadally, S.: Cybersecurity in industrial control systems: issues, technologies, and challenges. Comput. Netw. 165, 106946 (2019). https://doi.org/10.1016/j.comnet.2019.106946

  22. Baykara, M., Das, R.: A novel honeypot based security approach for real-time intrusion detection and prevention systems. J. Inf. Secur. Appl. 41, 103–116 (2018). https://doi.org/10.1016/j.jisa.2018.06.004

  23. Naruoka, H., et al.: ICS honeypot system (CamouflageNet) based on attacker’s human factors. Procedia Manuf. 3, 1074–1081 (2015). https://doi.org/10.1016/j.promfg.2015.07.175

    Article  Google Scholar 

  24. Conpot. http://conpot.org/. Accessed 17 Mar 2020

  25. Yamin, M.M., Katt, B., Gkioulos, V.: Cyber ranges and security testbeds: scenarios, functions, tools and architecture. Comput. Secur. 88, 101636 (2020). https://doi.org/10.1016/j.cose.2019.101636

    Article  Google Scholar 

  26. Ferrag, M.A., Ahmim, A.: Security Solutions and Applied Cryptography in Smart Grid Communications. IGI Global, Hershey (2016)

    Google Scholar 

  27. Yao, W.-M., Fahmy, S.: Flow-based partitioning of network testbed experiments. Comput. Netw. 58, 141–157 (2014). https://doi.org/10.1016/j.comnet.2013.08.029

    Article  Google Scholar 

  28. Fang, B.: Positions of states toward cyberspace and cyber-relating regulations. Cyberspace Sovereignty, pp. 243–320. Springer, Singapore (2018). https://doi.org/10.1007/978-981-13-0320-3_8

    Chapter  Google Scholar 

  29. Beuran, R., Tang, D., Pham, C., Chinen, K., Tan, Y., Shinoda, Y.: Integrated framework for hands-on cybersecurity training: CyTrONE. Comput. Secur. 78, 43–59 (2018). https://doi.org/10.1016/j.cose.2018.06.001

    Article  Google Scholar 

  30. Spitzner, L.: Honeypots: catching the insider threat. In: 19th Annual Computer Security Applications Conference, 2003. Proceedings, pp. 170–179 (2003)

    Google Scholar 

  31. Dionaea Project. https://github.com/rep/dionaea. Accessed 17 Mar 2020

  32. SNARE. https://github.com/mushorg/snare. Accessed 17 Mar 2020

  33. HonSSH Project. https://github.com/tnich/honssh/wiki. Accessed 17 Mar 2020

  34. Sebek Project. https://projects.honeynet.org/sebek/. Accessed 17 Mar 2020

  35. Redwood, O., Lawrence, J., Burmester, M.: A symbolic honeynet framework for SCADA system threat intelligence. In: Rice, M., Shenoi, S. (eds.) ICCIP 2015. IAICT, vol. 466, pp. 103–118. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26567-4_7

    Chapter  Google Scholar 

  36. Lopez, J., Setola, R., Wolthusen, S.D. (eds.): Critical Infrastructure Protection 2011. LNCS, vol. 7130. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28920-0

    Book  Google Scholar 

  37. Sokol, P., Míšek, J., Husák, M.: Honeypots and honeynets: issues of privacy. EURASIP J. Inf. Secur. 2017(1), 1–9 (2017). https://doi.org/10.1186/s13635-017-0057-4

    Article  Google Scholar 

  38. Hui, H., McLaughlin, K.: Investigating current PLC Security Issues Regarding Siemens S7 Communications and TIA Portal. In: presentado en 5th International Symposium for ICS & SCADA Cyber Security Research 2018 (2018). https://doi.org/10.14236/ewic/ics2018.8

  39. ENISA. Introduction to Network Forensics ICS/SCADA Environment Toolset, Document for students (2019). https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/documents/introduction-to-network-forensics-ex1-toolset.pdf

  40. Lei, C., Donghong, L., Liang, M.: The spear to break the security wall of S7CommPlus. https://www.blackhat.com/docs/eu-17/materials/eu-17-Lei-The-Spear-To-Break%20-The-Security-Wall-Of-S7CommPlus-wp.pdf

  41. Schuster, S., van den Berg, M., Larrucea, X., Slewe, T., Ide-Kostic, P.: Mass surveillance and technological policy options: improving security of private communications. Comput. Stand. Interfaces 50, 76–82 (2017). https://doi.org/10.1016/j.csi.2016.09.011

    Article  Google Scholar 

Download references

Acknowledgements

This work has been partially funded by the Sendai - Segurtasun Integrala Industria Adimentsurako (KK-2019/00072) Elkartek framework programme from the Basque Government, and partially funded by the SPEAR project (787011) H2020.

Author information

Authors and Affiliations

  1. TECNALIA, Basque Research and Technology Alliance (BRTA), Derio, Bizkaia, Spain

    Xabier Larrucea & Alberto Molinuevo

  2. University of the Basque Country, Vitoria-Gasteiz, Spain

    Xabier Larrucea

Authors
  1. Xabier Larrucea
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alberto Molinuevo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xabier Larrucea .

Editor information

Editors and Affiliations

  1. School of Computing, Dublin City University, Dublin, Ireland

    Murat Yilmaz

  2. University of Applied Sciences Düsseldorf, Düsseldorf, Germany

    Jörg Niemann

  3. School of Computing, Dublin City University, Dublin, Ireland

    Paul Clarke

  4. I.S.C.N. GesmbH, Graz, Steiermark, Austria

    Richard Messnarz

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Larrucea, X., Molinuevo, A. (2020). An ICS Based Scenario Generator for Cyber Ranges. In: Yilmaz, M., Niemann, J., Clarke, P., Messnarz, R. (eds) Systems, Software and Services Process Improvement. EuroSPI 2020. Communications in Computer and Information Science, vol 1251. Springer, Cham. https://doi.org/10.1007/978-3-030-56441-4_41

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-56441-4_41

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-56440-7

  • Online ISBN: 978-3-030-56441-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation