Daniele Antonioli
ABSTRACT
In recent years, tremendous effort has been spent to modernizing communication infrastructure in Cyber-Physical Systems (CPS) such as Industrial Control Systems (ICS) and related Supervisory Control and Data Acquisition (SCADA) systems. While a great amount of research has been conducted on network security of office and home networks, recently the security of CPS and related systems has gained increased attention. Unfortunately, real-world CPS are often not open to security researchers, and as a result very few reference physical-layer processes, control systems and communication topologies are available.
In this work, we present MiniCPS, a toolkit intended to alleviate this problem. The goal of MiniCPS is to create an extensible, reproducible research environment for network communications, control systems, and physical-layer interactions in CPS. Instead of focusing on a customized simulation settings for specific subsystems, the main goal is to establish a framework to connect together real CPS soft- and hardware, simulation scripts for such components, and physical-layer simulation engines. MiniCPS builds on Mininet to provide lightweight real-time network emulation, and extends Mininet with tools to simulate typical CPS components such as programmable logic controllers, which use industrial protocols (eg. EtherNet/IP, Modbus/TCP). To capture physical-layer interactions, MiniCPS defines a simple API to connect to physical-layer simulations. We demonstrate applications of MiniCPS in two example scenarios, and show how MiniCPS can be used to develop attacks and defenses that are directly applicable to real systems.
- D. C. Bergman and D. M. Nicol. Test bed for evaluation of power grid cyber-infrastructure. In P. M. K Popovici, editor, Real-Time Simulation Technologies Principles, Methodologies, and Applications. CRC Press, 2012.Google Scholar
Cross Ref
- T. Bhat and N. Nagappan. Evaluating the efficacy of test-driven development: industrial case studies. In Proceedings of symposium on Empirical Software Engineering (ISESE), pages 1--8, 2006. Google ScholarDigital Library
- M. Casado, T. Garfinkel, A. Akella, M. J. Freedman, D. Boneh, N. McKeown, and S. Shenker. SANE: a protection architecture for enterprise networks. In Proc. of the USENIX Security Symposium, pages 137--151, 2006. Google ScholarDigital Library
- R. Chabukswar, B. Sinópoli, G. Karsai, A. Giani, H. Neema, and A. Davis. Simulation of network attacks on scada systems. First Workshop on Secure Control Systems, 2010.Google Scholar
- CISCO. Industrial ethernet: A control engineer's guide. www.cisco.com/web/strategy/docs/manufacturing/industrial_ethernet.pdf.Google Scholar
- R. de Oliveira, A. Shinoda, C. Schweitzer, and L. Rodrigues Prete. Using Mininet for emulation and prototyping software-defined networks. In Proceedings of Conference on Communications and Computing (COLCOM), pages 1--6, June 2014.Google ScholarCross Ref
- X. Dong, H. Lin, R. Tan, R. K. Iyer, and Z. Kalbarczyk. Software-defined networking for smart grid resilience: Opportunities and challenges. In In Proceedings of The Cyber-Physical System Security Workshop (CPSS), April 2015. Google ScholarDigital Library
- Ettercap Project. Ettercap. https://ettercap.github.io/ettercap/.Google Scholar
- N. Feamster, J. Rexford, and E. Zegura. The road to SDN. ACM Queue, 11(12):20--40, 2013. Google ScholarDigital Library
- B. Galloway and G. P. Hancke. Introduction to industrial control networks. IEEE Communications Surveys & Tutorials, 15(2):860--880, 2013.Google ScholarCross Ref
- N. Handigol, B. Heller, V. Jeyakumar, B. Lantz, and N. McKeown. Reproducible network experiments using container-based emulation. In Proceedings of Conference on Emerging Networking Experiments and Technologies (CoNEXT), CoNEXT '12, pages 253--264, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
- T. Issariyakul and E. Hossain. Introduction to Network Simulator NS2. Springer Publishing Company, Incorporated, 1 edition, 2008. Google ScholarDigital Library
- P. Kundert. Communications protocol python parser and originator. https://github.com/pjkundert/cpppo. {Online; accessed 14-June-2015}.Google Scholar
- B. Lantz, B. Heller, and N. McKeown. A network in a laptop: Rapid prototyping for software-defined networks. In Proc. of the SIGCOMM Workshop on Hot Topics in Networks, pages 19:1--19:6, New York, NY, USA, 2010. ACM. Google ScholarDigital Library
- M. Liljenstam, J. Liu, D. Nicol, Y. Yuan, G. Yan, and C. Grier. RINSE: The real-time immersive network simulation environment for network security exercises. In Proceedings of Workshop on Principles of Advanced and Distributed Simulation (PADS), pages 119--128, 2005. Google ScholarDigital Library
- J. Lin, W. Yu, X. Yang, G. Xu, and W. Zhao. On false data injection attacks against distributed energy routing in smart grid. In Conference on Cyber-Physical Systems (ICCPS), 2012. Google ScholarDigital Library
- N. Mckeown, T. Anderson, H. Balakrishnan, G. M. Parulkar, L. L. Peterson, J. Rexford, S. Shenker, J. S. Turner, and S. Louis. OpenFlow: enabling innovation in campus networks. Computer Communication Review, 38(2):69--74, 2008. Google ScholarDigital Library
- J. R. Moyne and D. Tilbury. The emergence of industrial control networks for manufacturing control, diagnostics, and safety data. Proceedings of the IEEE, 95(1):29--47, Jan 2007.Google ScholarCross Ref
- NOXRepo.org. The pox controller. https://github.com/noxrepo/pox. {Online; accessed 14-June-2015}.Google Scholar
- ODVA. Ethernet/ip technology overview. https://www.odva.org/Home/ODVATECHNOLOGIES/EtherNetIP.aspx.Google Scholar
- Open Networking Foundation. Software-Defined Networking: The New Norm for Networks {white paper}. ONF White Paper, pages 1--12, 2012.Google Scholar
- T. Phinney. IEC 62443: Industrial network and system security. https://www.isa.org/pdfs/autowest/phinneydone/.Google Scholar
- A. Ruscito. Pycomm: a collection of modules used to communicate with plcs. https://github.com/ruscito/pycomm. {Online; accessed 14-June-2015}.Google Scholar
- Thenewstack.io. SDN Series, 2015.Google Scholar
- A. Varga et al. The OMNeT+discrete event simulation system. In Proc. of the European simulation multiconference (ESM), page 65. sn, 2001.Google Scholar
- E. Wang, Y. Ye, X. Xu, S. Yiu, L. Hui, and K. Chow. Security issues and challenges for cyber physical system. In Proceedings of Conference on Cyber, Physical and Social Computing (CPSCom), pages 733 --738, December 2010. Google ScholarDigital Library
- S. Whalen. An introduction to arp spoofing. machacking.net/kb/files/arpspoof.pdf, 2001.Google Scholar
- W. You and K. Qian. OpenFlow security threat detection and defense services. Int. J. Advanced Networking and Applications, 2351:2347--2351, 2014.Google Scholar
- A. Zaalouk, R. Khondoker, R. Marx, and K. Bayarou. Orchsec: An orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions. In Network Operations and Management Symposium (NOMS), pages 1--9, May 2014.Google ScholarCross Ref
- B. Zhu, A. Joseph, and S. Sastry. A taxonomy of cyber attacks on SCADA systems. In Proceedings of Conference on Cyber, Physical and Social Computing, pages 380--388, 2011. Google ScholarDigital Library
- S. Zonouz, K. Rogers, R. Berthier, R. Bobba, W. Sanders, and T. Overbye. SCPSE: Security-oriented cyber-physical state estimation for power grid critical infrastructures. Smart Grid, IEEE Transactions on, 3(4):1790--1799, Dec 2012.Google Scholar
Index Terms
- MiniCPS: A Toolkit for Security Research on CPS Networks
Recommendations
Comparing cyber physical systems with RFID applications: common attacks and countermeasure challenges
The RFID technology is widely used in industrial control systems (ICS) and cyber physical systems (CPS). However, the design of the current RFID protocol is optimal in performance but with less effort invested into security. As such, RIFD infrastructure ...
Intelligent and secure framework for critical infrastructure (CPS): Current trends, challenges, and future scope
AbstractCyber–Physical Systems (CPS) are developed by the integration of computational algorithms and physical components and they exist as a result of technological advancement in embedded systems, distributed systems, and sophisticated ...
Cyber-physical attack graphs (CPAGs): Composable and scalable attack graphs for cyber-physical systems
AbstractAttack graphs are a fundamental security tool focused on depicting how multi-stage attacks can be carried out through a network to compromise specific assets and systems. While attack graphs have been widely utilised in the IT cyber domain, their ...
Comments