Skip to main content

Advertisement

SpringerLink
Log in

Design and implementation of cybersecurity testbed for industrial IoT systems

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

In the era of Industry 4.0, information and communication technology (ICT) has been applied to various critical infrastructures, such as power plants, smart factories, and financial networks, to ensure and automate industrial systems. In particular, in the field of power control systems, ICT technology such as industrial internet of things (IoT) is applied for efficient remote measurement. Therefore, legacy systems that were previously operated as standalone now have contact points with the external networks. In this trend, security vulnerabilities from legacy ICT have been inherited by power control systems. Therefore, various security technologies are being researched and developed to cope with cyber vulnerabilities and threats. However, it is risky to apply novel security technologies that are not verified as secure, to power control systems, the availability of which must be guaranteed to provide electricity consistently. Thus, verifying the effectiveness and stability of new security technologies is necessary to apply the technologies to power control systems. In this paper, we analyze the configuration and characteristics of the power control systems network, which is an area where industrial IoT technology is applied. We also build a testbed environment that can verify the security technology and conduct experiments to confirm the security technology for the power control system and the suitability of the testbed. The proposed testbed will be able to stably incorporate new security technologies into the critical industrial infrastructure. Further, it is also expected that the security and stability of the system will be enhanced.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. Drias Z, Serhrouchni A, Vogel O (2015) Taxonomy of attacks on industrial control protocols. In: 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), Paris, pp 1–6

  2. Yoo H, Shon T (2016) Challenges and research directions for heterogeneous cyber physical system based on IEC 61850: vulnerability, security requirement, and security architecture. Future Gener Comput Syst 61:128–136

    Article  Google Scholar 

  3. Lee S, Shon T (2016) User privacy-enhanced security architecture for home area network of smartgrid. Multimed Tools Appl 75(20):12749–12764

    Article  Google Scholar 

  4. Karnouskos S (2011) Stuxnet worm impact on industrial cyber-physical system security. In: IECON 2011–37th Annual Conference of the IEEE Industrial Electronics Society, Melbourne, VIC, pp 4490–4494

  5. Liang G, Weller SR, Zhao J, Luo F, Dong ZY (2017) The 2015 ukraine blackout: implications for false data injection attacks. IEEE Trans Power Syst 32(4):3317–3318

    Article  Google Scholar 

  6. Messaoud BID, Guennoun K, Wahbi M, Sadik M (2016) Advanced persistent threat: new analysis driven by life cycle phases and their challenges. In: 2016 International Conference on Advanced Communication Systems and Information Security (ACOSIS), Marrakesh, pp 1–6

  7. IEC 62351, Power system management and associated information exchange—data and communications security, IEC (2017)

  8. NIST SP 800-82 Rev 2, Guide to industrial control systems (ICS) security (2015)

  9. Mallouhi M, Al-Nashif Y, Cox D, Chadaga T, Hariri S (2011) A testbed for analyzing security of SCADA control systems (TASSCS). ISGT 2011, Hilton Anaheim, CA, pp 1–7

  10. Jarmakiewicz J, Maślanka K, Parobczak K (2015) Development of cyber security testbed for critical infrastructure. In: 2015 International Conference on Military Communications and Information Systems (ICMCIS), Cracow, pp 1–10

  11. Korkmaz E, Dolgikh A, Davis M, Skormin V (2016) ICS security testbed with delay attack case study. In: MILCOM 2016–2016 IEEE Military Communications Conference, Baltimore, MD, pp 283–288

  12. Kumar N, Madhuri J, ChanneGowda M (2017) Review on security and privacy concerns in internet of things. In: 2017 International Conference on IoT and Application (ICIOT), Nagapattinam, pp 1–5

  13. Yoo H, Shon T (2016) Grammar-based adaptive fuzzing: evaluation on SCADA modbus protocol. In: 2016 IEEE International Conference on Smart Grid Communications (SmartGridComm), Sydney, NSW, pp 557–563

  14. Niedermaier M, Fischer F, von Bodisco A (2017) PropFuzz-An IT-security fuzzing framework for proprietary ICS protocols. In: 2017 International Conference on Applied Electronics (AE), Pilsen, pp 1–4

  15. Karati A, Islam SH, Biswas GP, Bhuiyan MZA, Vijayakumar P, Karuppiah M (2017) Provably secure identity-based signcryption scheme for crowdsourced industrial internet of things environments. In: IEEE Internet of Things Journal

  16. Heo Y, Kim B, Kang D, Na J (2016) A design of unidirectional security gateway for enforcement reliability and security of transmission data in industrial control systems. In: 2016 18th International Conference on Advanced Communication Technology (ICACT), Pyeongchang, pp 310–313

  17. Bere M, Muyingi H (2015) Initial investigation of Industrial Control System (ICS) security using artificial immune system (AIS). In: 2015 International Conference on Emerging Trends in Networks and Computer Communications (ETNCC), Windhoek, pp 79–84

  18. Evesti A, Frantti T (2015) Situational awareness for security adaptation in industrial control systems. In: 2015 Seventh International Conference on Ubiquitous and Future Networks, Sapporo, pp 1–6

  19. Barbosa RRR, Sadre R, Pras A (2012) Towards periodicity based anomaly detection in SCADA networks. In: Proceedings of 2012 IEEE 17th International Conference on Emerging Technologies and Factory Automation (ETFA 2012), Krakow, pp 1–4

  20. Hong J, Liu CC, Govindarasu M (2014) Detection of cyber intrusions using network-based multicast messages for substation automation. In: ISGT 2014, Washington, DC, pp 1–5

  21. Gao W, Morris T, Reaves B, Richey D (2010) On SCADA control system command and response injection and intrusion detection. In: 2010 eCrime Researchers Summit. Dallas, TX, pp 1–9

  22. Yun J, Jeon S, Kim K, Kim W (2013) Burst-based anomaly detection on the DNP3 protocol. Int J Control Autom 6(2):313–324

    Google Scholar 

  23. Robinson D, Kim C (2017) A cyber-defensive industrial control system with redundancy and intrusion detection. In: 2017 North American Power Symposium (NAPS). Morgantown, WV, USA, pp 1–6

  24. Singh P, Garg S, Kumar V, Saquib Z (2015) A testbed for SCADA cyber security and intrusion detection. In: 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), Shanghai, pp 1–6

  25. EPRI, DNP3 (IEEE Std 1815TM) Secure authentication: implementation and migration guide and demonstration report, 2014.12

  26. IEC 60870-6-503, Telecontrol equipment and systems—Part 6-503: Telecontrol protocols compatible with ISO standards and ITU-T recommendations—TASE.2 Services and protocol, IEC (2014)

  27. IEC 61850-8-1, Communication networks and systems for power utility automation—Part 8–1: specific communication service mapping (SCSM)—mappings to MMS (ISO 9506-1 and ISO 9506-2) and to ISO/IEC 8802-3, IEC (2011)

  28. US-CERT Vulnerability Notes, http://www.kb.cert.org/vuls

  29. Distributed Test Manger, http://trianglemicroworks.com/products/testing-and-configuration-tools/dtm-pages

  30. Iron, http://www.trianglemicroworks.com/products/testing-and-configuration-tools/iron-pages/

  31. Lee S, Yoo H, Seo J, Shon T (2016) Packet diversity-based anomaly detection system with OCSVM and representative model. In: 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Chengdu, pp 498–503

Download references

Acknowledgements

This research was supported by the MSIP (Ministry of Science, ICT and Future Planning), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2017-2016-0-00304) supervised by the IITP (Institute for Information and communications Technology Promotion) and Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science, ICT and Future Planning (2015R1A1A1A05001238). This work was supported by the Power Generation and Electricity Delivery Core Technology Program of Korea Institute of Energy Technology Evaluation and Planning (KETEP) granted financial resource from the Ministry of Trade, Industry and Energy, Republic of Korea (No. 20131020402090).

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Ajou University, Suwon, Korea

    Seokcheol Lee, Sungmoon Kwon & Taeshik Shon

  2. Department of Computer Science, University of Georgia, Athens, GA, USA

    Seokjun Lee

  3. Department of Computer Science, University of New Orleans, New Orleans, LA, USA

    Hyunguk Yoo

Authors
  1. Seokcheol Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seokjun Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hyunguk Yoo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sungmoon Kwon
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Taeshik Shon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Taeshik Shon.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lee, S., Lee, S., Yoo, H. et al. Design and implementation of cybersecurity testbed for industrial IoT systems. J Supercomput 74, 4506–4520 (2018). https://doi.org/10.1007/s11227-017-2219-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-017-2219-z

Keywords

Search

Navigation