Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Service Virtualisation of Internet-of-Things Devices: Techniques and Challenges

Service virtualization is an approach that uses virtualized environments to automatically test enterprise services in production-like conditions. Many techniques have been proposed to provide such a realistic environment for enterprise services. The Internet-of-Things (IoT) is an emerging field which connects a diverse set of devices over different transport layers, using a variety of protocols. Provisioning a virtual testbed of IoT devices can accelerate IoT application development by enabling automated testing without requiring a continuous connection to the physical devices. One solution is to expand existing enterprise service virtualization to IoT environments. There are various structural differences between the two environments that should be considered to implement appropriate service virtualization for IoT. This paper examines the structural differences between various IoT protocols and enterprise protocols and identifies key technical challenges that need to be addressed to implement service virtualization in IoT environments.Comment: 4 page

Towards Emulation of Intelligent IoT Networks on EU-US Testbeds

This paper introduces our project on experimental validation of intelligent Internet of Things (IoT) networks. The project is a part of the NGIAtlantic H2020 third open call to perform experiments on EU and US wireless testbeds. The project proposes five different experiments to be performed on EU/US testbeds: (1) automatic configuration/discovery of Software Defined Networking (SDN) in wireless IoT sensor networks, (2) Machine Learning (ML) assisted control and data traffic path discovery experiments, (3) GPU and Hadoop cluster assisted experiments for ML algorithms, (4) Inter-testbed experiments, and (5) Failure recovery intercity experiments. Further, initial experimentation on EU/US testbeds is explored and presented. The results show the feasibility of performing the above experiments on the proposed testbeds

Gotham Testbed: a Reproducible IoT Testbed for Security Experiments and Dataset Generation

The scarcity of available Internet of Things (IoT) datasets remains a limiting factor in developing machine learning based security systems. Static datasets get outdated due to evolving IoT threat landscape. Meanwhile, the testbeds used to generate them are rarely published. This paper presents the Gotham testbed, a reproducible and flexible network security testbed, implemented as a middleware over the GNS3 emulator, that is extendable to accommodate new emulated devices, services or attackers. The testbed is used to build an IoT scenario composed of 100 emulated devices communicating via MQTT, CoAP and RTSP protocols in a topology composed of 30 switches and 10 routers. The scenario presents three threat actors, including the entire Mirai botnet lifecycle and additional red-teaming tools performing DoS, scanning and various attacks targeting the MQTT and CoAP protocols. The generated network traffic and application logs can be used to capture datasets containing legitimate and attacking traces. We hope that researchers can leverage the testbed and adapt it to include other types of devices and state-of-the-art attacks to generate new datasets that reflect the current threat landscape and IoT protocols. The source code to reproduce the scenario is publicly accessible

A Comprehensive Survey of In-Band Control in SDN: Challenges and Opportunities

Software-Defined Networking (SDN) is a thriving networking architecture that has gained popularity in recent years, particularly as an enabling technology to foster paradigms like edge computing. SDN separates the control and data planes, which are later on synchronised via a control protocol such as OpenFlow. In-band control is a type of SDN control plane deployment in which the control and data planes share the same physical network. It poses several challenges, such as security vulnerabilities, network congestion, or data loss. Nevertheless, despite these challenges, in-band control also presents significant opportunities, including improved network flexibility and programmability, reduced costs, and increased reliability. Benefiting from the previous advantages, diverse in-band control designs exist in the literature, with the objective of improving the operation of SDN networks. This paper surveys the different approaches that have been proposed so far towards the advance in in-band SDN control, based on four main categories: automatic routing, fast failure recovery, network bootstrapping, and distributed control. Across these categories, detailed summary tables and comparisons are presented, followed by a discussion on current trends a challenges in the field. Our conclusion is that the use of in-band control in SDN networks is expected to drive innovation and growth in the networking industry, but efforts for holistic and full-fledged proposals are still needed