Abstract
Industrial control system security has been a topic of scrutiny and research for several years, and many security issues are well known. However, research efforts are impeded by a lack of an open virtual industrial control system testbed for security research. This paper describes a virtual testbed framework using Python to create discrete testbed components including virtual devices and process simulators. The virtual testbed is designed such that the testbeds are inter-operable with real industrial control system devices and such that the virtual testbeds can provide comparable industrial control system network behavior to a laboratory testbed. Two virtual testbeds modeled upon actual laboratory testbeds have been developed and have been shown to be inter-operable with real industrial control system equipment and vulnerable to attacks in the same manner as a real system. Additionally, these testbeds have been quantitatively shown to produce traffic close to laboratory systems.
Similar content being viewed by others
References
Brugger, S.T.: KDD Cup ’99 dataset considered harmful. http://www.bruggerink.com/zow/GradSchool/KDDCup99Harmful.html
Das K.: Attack Development for Intrusion Detection Evaluation. Bachelor, MIT (2000)
Kendall K.: A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems. Master, MIT (1999)
Kennedy, T., Hunt, R.: A review of WPAN security: attacks and prevention. The International Conference on Mobile Technology, Applications & Systems, Ilan, Taiwan (2008)
KDD Cup 1999 Data. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
McHugh J.: Testing intrusion detection system: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)
Giani, A., Karsai, G., Roosta, T., Shah, A., Sinopoli, B., Wiley, J.: A testbed for secure and robust SCADA systems. 14th IEEE Real-time and Embedded Technology and Applications Symposium (RTAS’08) WIP session (2008)
Bergman, D.C.: Power grid simulation, evaluation, and test framework. Master’s thesis, University of Illinois, Urbana-Champaign, IL (2010)
Fovino, I., Masera, M., Guidi, L., Carpi, G.: An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants. Human System Interactions (HSI), 2010 3rd Conference on, pp. 679–686 (2010)
Morris, T., Srivastava, A., Reaves, B., Gao, W., Pavurapu, K., Reddi, R.: A control system testbed to validate critical infrastructure protection concepts. Int. J. Crit. Infrastruct. Prot. Elseiver. (2011). doi:10.1016/j.ijcip.2011.06.00
Reddi R., Srivastava A.: Real time test bed development for power system operation, control and cyber security. N. Am. Power Symp. (NAPS) 2010, 1–6 (2010)
Brugger, S.T.: The Quantitative Comparison of Computer Networks. Doctoral dissertation, University of California, Davis, Davis, CA (2009)
Cheung, S., Dutertre, B., Fong, M., Lindqvist, U., Skinner, K., Valdes, A.: Using model-based intrusion detection for SCADA networks. Proceedings of the SCADA Security Scientific Symposium. Miami, FL, Digital Bond (2007)
Valdes, A., Cheung, S.: Communication pattern anomaly detection in process control systems. 2009 IEEE Conference on Technologies for Homeland Security, Waltham, MA, USA, pp. 22–29 (2009)
East S., Butts J., Papa M., Shenoi S.: A taxonomy of attacks on the DNP3 protocol. Crit. Infrastruct. Prot. III 311, 67 (2009)
Fleury, T., Khurana, H., Welch, V.: Towards a taxonomy of attacks against energy control systems. In: Papa, M., Shenoi, S. (eds.) Critical Infrastructure Protection II, IFIP International Federation for Information Processing. Springer, Boston, vol. 290, pp. 71–85 (2009). doi:10.1007/978-0-387-88523-0_6
Huitsing P., Chandia R., Papa M., Shenoi S.: Attack taxonomies for the modbus protocols. Int. J. Crit. Infrastruct. Prot. I, 37–44 (2008)
Igure, V.: Security Assessment of SCADA Protocols: A Taxonomy Based Methodology for the Identification of Security Vulnerabilities in SCADA Protocols. VDM Verlag Dr. Muller, Saarbrucken (2008)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Reaves, B., Morris, T. An open virtual testbed for industrial control system security research. Int. J. Inf. Secur. 11, 215–229 (2012). https://doi.org/10.1007/s10207-012-0164-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-012-0164-7