2017 atlanta regional user seminar - virtualizing industrial control systems testbeds for...
TRANSCRIPT
![Page 1: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/1.jpg)
Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research
OPAL-RT Regional Seminar
Rishabh DasThiago AlvesDr. Tommy Morris
![Page 2: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/2.jpg)
OverviewProblems:
• Industrial Control Systems are too big to fit in a lab
• ICS Cybersecurity researchers rely on small testbeds to collect data
• Small testbeds may not have all the data required for cybersecurity research
Accomplishments:
• Create a high fidelity virtual copy of a physical SCADA system
• Compare results between the physical and virtual testbeds during normal and attack conditions
• Scale up the virtual testbed to model a full-size ICS
![Page 3: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/3.jpg)
SCADA Components
Physical System (sensors and actuators)
Wire bridgeAnalog and digital I/O
Programmable Logic Controller (PLC)
Network / SCADA Protocol
Human-Machine Interface
![Page 4: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/4.jpg)
First ExampleGas Pipeline Testbed
![Page 5: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/5.jpg)
Physical System
Characteristics:
One inch diameter pipeline network
Four 90° pipe bends
Two T-joints.Positive displacement pump connected to a 0.5 Hp 1Φ120 Volts induction motor
Sensors:Analog pressure sensor
Actuators:Relay - Turn pump on and off
![Page 6: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/6.jpg)
Wire Bridge - Analog and Digital I/O
• Sends sensor signals to the controller
• Sends controller commands to the actuators
• Electrical communication between thecontroller and its physical interfaces
![Page 7: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/7.jpg)
PLC - Programmable Logic Controller• Digital computer used on automation
• Input modules read data from sensors
• User program decides what to do based on theinput data
• Output modules control actuators on theindustrial plant
![Page 8: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/8.jpg)
OpenPLC - An Open Source Industrial Controller
Valuable research tool since entire source code is available online
http://www.openplcproject.com
![Page 9: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/9.jpg)
OpenPLC - An Open Source Industrial Controller
![Page 10: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/10.jpg)
OpenPLC - An Open Source Industrial Controller
Supports all five IEC 61131-3 programming languages
![Page 11: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/11.jpg)
OpenPLC - An Open Source Industrial Controller
Compatible with Modbus/TCP SCADA
![Page 12: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/12.jpg)
OpenPLC - An Open Source Industrial ControllerSupported platforms
Raspberry Pi UniPi
Linux (soft-PLC)Windows (soft-PLC)
ESP8266
Arduino
PiXtend
![Page 13: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/13.jpg)
OpenPLC - Multiple platform support
Very easy to port to another platform
![Page 14: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/14.jpg)
HMI - Human Machine Interface
• Built in C# using the EasyModbusTCP library
• Uses Modbus/TCP to communicate with the PLC
• Queries PLC for data every 100ms
• Display status on the screen
![Page 15: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/15.jpg)
Virtualizing theGas Pipeline Testbed
![Page 16: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/16.jpg)
SCADA Components Virtualized
Physical System (sensors and actuators)
Wire bridgeAnalog and digital I/O
Programmable Logic Controller (PLC)
Network / SCADA Protocol
Human-Machine Interface
![Page 17: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/17.jpg)
SCADA Components Virtualized
Physical System (sensors and actuators)
Wire bridgeAnalog and digital I/O
Programmable Logic Controller (PLC)
Network / SCADA Protocol
Human-Machine Interface
Model with virtual sensors and actuators
(in OPAL-RT)UDP Packets OpenPLC
(on a Virtual Machine)Network /
SCADA ProtocolHuman-Machine
Interface
![Page 18: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/18.jpg)
SCADA Components Virtualized
Physical System (sensors and actuators)
Wire bridgeAnalog and digital I/O
Programmable Logic Controller (PLC)
Network / SCADA Protocol
Human-Machine Interface
Model with virtual sensors and actuators
(in OPAL-RT)
UDP Packets OpenPLC(on a Virtual Machine)
Network / SCADA Protocol
Human-Machine Interface
![Page 19: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/19.jpg)
Matlab Model
![Page 20: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/20.jpg)
Other ExamplesUsing the Same Approach
![Page 21: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/21.jpg)
Water Storage Tank Testbed
• Tower: 40cm height x 20cm diameter
• Total volume: 0.0126 m3
• Constant flow rate pump to fill the tower
• One outlet valve for water distribuition
![Page 22: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/22.jpg)
Power System
• 9 Bus Standard IEEE Power System
• 18 Simulated Relays with auto reclose
• Each relay can be controlled over Modbus
• 1 PMU Unit with C37-118 protocol support
![Page 23: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/23.jpg)
Virtual Gas PipelineTestbed Fidelity Evaluation
![Page 24: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/24.jpg)
Performed Tests • Real-time response
• Pressure rising curve
• Pressure discharge curve
• Man-in-the-middle attack
![Page 25: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/25.jpg)
Real-Time response of the OpenPLC
![Page 26: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/26.jpg)
Comparison Results - Pressure Characteristics
![Page 27: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/27.jpg)
Comparison Results - Attacks (MiTM Injection)
![Page 28: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/28.jpg)
Expansion of theVirtual Gas Pipeline
![Page 29: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/29.jpg)
Virtual 15km Pipeline Testbed
![Page 30: 2017 Atlanta Regional User Seminar - Virtualizing Industrial Control Systems Testbeds for Cybersecurity Research](https://reader030.vdocuments.us/reader030/viewer/2022032710/58b8a5991a28abc06d8b5e17/html5/thumbnails/30.jpg)
Questions
?