Analyzing cyber-physical attacks on networked industrial control systems

Abstract

The fact that modern Critical Infrastructures (CI) depend on Information and Communication Technologies (ICT), is well known. Although many studies have focused on the security of SCADA systems and protocols, today we still lack an efficient way to conduct experiments that measure the implications of attacks against both the physical and the cyber parts of CI. In this paper we present an innovative framework for an experimentation environment that incorporates both physical and cyber systems. We propose the use of an emulation testbed (based on Emulab) to recreate ICT components along with a soft real-time simulator of the physical processes (based on Simulink). The feasibility of our approach has been confirmed by the development of a fully working prototype. Its performance has been evaluated through a series of experiments. Our work aims to advance the experimentation capabilities in the field of Networked Industrial Control Systems (NICS) and allow us to measure and understand the consequences of cyber attacks to physical processes.JRC.G.6 - Security technology assessmen