Preliminaries of orthogonal layered defence using functional and assurance controls in industrial control systems

Industrial Control Systems (ICSs) are responsible for the automation of different processes and the overall control of systems that include highly sensitive potential targets such as nuclear facilities, energy-distribution, water-supply, and mass-transit systems. Given the increased complexity and rapid evolvement of their threat landscape, and the fact that these systems form part of the Critical National infrastructure (CNI), makes them an emerging domain of conflict, terrorist attacks, and a playground for cyberexploitation. Existing layered-defence approaches are increasingly criticised for their inability to adequately protect against resourceful and persistent adversaries. It is therefore essential that emerging techniques, such as orthogonality, be combined with existing security strategies to leverage defence advantages against adaptive and often asymmetrical attack vectors. The concept of orthogonality is relatively new and unexplored in an ICS environment and consists of having assurance control as well as functional control at each layer. Our work seeks to partially articulate a framework where multiple functional and assurance controls are introduced at each layer of ICS architectural design to further enhance security while maintaining critical real-time transfer of command and control traffic

On the assessment of cyber risks and attack surfaces in a real-time co-simulation cybersecurity testbed for inverter-based microgrids

The integration of variable distributed generations (DGs) and loads in microgrids (MGs) has made the reliance on communication systems inevitable for information exchange in both control and protection architectures to enhance the overall system reliability, resiliency and sustainability. This communication backbone in turn also exposes MGs to potential malicious cyber attacks. To study these vulnerabilities and impacts of various cyber attacks, testbeds play a crucial role in managing their complexity. This research work presents a detailed study of the development of a real-time co-simulation testbed for inverter-based MGs. It consists of a OP5700 real-time simulator, which is used to emulate both the physical and cyber layer of an AC MG in real time through HYPERSIM software; and SEL-3530 Real-Time Automation Controller (RTAC) hardware configured with ACSELERATOR RTAC SEL-5033 software. A human–machine interface (HMI) is used for local/remote monitoring and control. The creation and management of HMI is carried out in ACSELERATOR Diagram Builder SEL-5035 software. Furthermore, communication protocols such as Modbus, sampled measured values (SMVs), generic object-oriented substation event (GOOSE) and distributed network protocol 3 (DNP3) on an Ethernet-based interface were established, which map the interaction among the corresponding nodes of cyber-physical layers and also synchronizes data transmission between the systems. The testbed not only provides a real-time co-simulation environment for the validation of the control and protection algorithms but also extends to the verification of various detection and mitigation algorithms. Moreover, an attack scenario is also presented to demonstrate the ability of the testbed. Finally, challenges and future research directions are recognized and discussed

A Survey on Industrial Control System Testbeds and Datasets for Security Research

The increasing digitization and interconnection of legacy Industrial Control Systems (ICSs) open new vulnerability surfaces, exposing such systems to malicious attackers. Furthermore, since ICSs are often employed in critical infrastructures (e.g., nuclear plants) and manufacturing companies (e.g., chemical industries), attacks can lead to devastating physical damages. In dealing with this security requirement, the research community focuses on developing new security mechanisms such as Intrusion Detection Systems (IDSs), facilitated by leveraging modern machine learning techniques. However, these algorithms require a testing platform and a considerable amount of data to be trained and tested accurately. To satisfy this prerequisite, Academia, Industry, and Government are increasingly proposing testbed (i.e., scaled-down versions of ICSs or simulations) to test the performances of the IDSs. Furthermore, to enable researchers to cross-validate security systems (e.g., security-by-design concepts or anomaly detectors), several datasets have been collected from testbeds and shared with the community. In this paper, we provide a deep and comprehensive overview of ICSs, presenting the architecture design, the employed devices, and the security protocols implemented. We then collect, compare, and describe testbeds and datasets in the literature, highlighting key challenges and design guidelines to keep in mind in the design phases. Furthermore, we enrich our work by reporting the best performing IDS algorithms tested on every dataset to create a baseline in state of the art for this field. Finally, driven by knowledge accumulated during this survey's development, we report advice and good practices on the development, the choice, and the utilization of testbeds, datasets, and IDSs

Safe, Remote-Access Swarm Robotics Research on the Robotarium

This paper describes the development of the Robotarium -- a remotely accessible, multi-robot research facility. The impetus behind the Robotarium is that multi-robot testbeds constitute an integral and essential part of the multi-agent research cycle, yet they are expensive, complex, and time-consuming to develop, operate, and maintain. These resource constraints, in turn, limit access for large groups of researchers and students, which is what the Robotarium is remedying by providing users with remote access to a state-of-the-art multi-robot test facility. This paper details the design and operation of the Robotarium as well as connects these to the particular considerations one must take when making complex hardware remotely accessible. In particular, safety must be built in already at the design phase without overly constraining which coordinated control programs the users can upload and execute, which calls for minimally invasive safety routines with provable performance guarantees.Comment: 13 pages, 7 figures, 3 code samples, 72 reference

PhyNetLab: An IoT-Based Warehouse Testbed

Future warehouses will be made of modular embedded entities with communication ability and energy aware operation attached to the traditional materials handling and warehousing objects. This advancement is mainly to fulfill the flexibility and scalability needs of the emerging warehouses. However, it leads to a new layer of complexity during development and evaluation of such systems due to the multidisciplinarity in logistics, embedded systems, and wireless communications. Although each discipline provides theoretical approaches and simulations for these tasks, many issues are often discovered in a real deployment of the full system. In this paper we introduce PhyNetLab as a real scale warehouse testbed made of cyber physical objects (PhyNodes) developed for this type of application. The presented platform provides a possibility to check the industrial requirement of an IoT-based warehouse in addition to the typical wireless sensor networks tests. We describe the hardware and software components of the nodes in addition to the overall structure of the testbed. Finally, we will demonstrate the advantages of the testbed by evaluating the performance of the ETSI compliant radio channel access procedure for an IoT warehouse

Design and development considerations of a cyber physical testbed for operational technology research and education

Cyber-physical systems (CPS) are vital in automating complex tasks across various sectors, yet they face significant vulnerabilities due to the rising threats of cybersecurity attacks. The recent surge in cyber-attacks on critical infrastructure (CI) and industrial control systems (ICSs), with a 150% increase in 2022 affecting over 150 industrial operations, underscores the urgent need for advanced cybersecurity strategies and education. To meet this requirement, we develop a specialised cyber-physical testbed (CPT) tailored for transportation CI, featuring a simplified yet effective automated level-crossing system. This hybrid CPT serves as a cost-effective, high-fidelity, and safe platform to facilitate cybersecurity education and research. High-fidelity networking and low-cost development are achieved by emulating the essential ICS components using single-board computers (SBC) and open-source solutions. The physical implementation of an automated level-crossing visualised the tangible consequences on real-world systems while emphasising their potential impact. The meticulous selection of sensors enhances the CPT, allowing for the demonstration of analogue transduction attacks on this physical implementation. Incorporating wireless access points into the CPT facilitates multi-user engagement and an infrared remote control streamlines the reinitialization effort and time after an attack. The SBCs overwhelm as traffic surges to 12 Mbps, demonstrating the consequences of denial-of-service attacks. Overall, the design offers a cost-effective, open-source, and modular solution that is simple to maintain, provides ample challenges for users, and supports future expansion.</p

230501

Cooperative Vehicular Platooning (Co-VP) is a paradigmatic example of a Cooperative Cyber-Physical System (Co-CPS), which holds the potential to vastly improve road safety by partially removing humans from the driving task. However, the challenges are substantial, as the domain involves several topics, such as control theory, communications, vehicle dynamics, security, and traffic engineering, that must be coupled to describe, develop and validate these systems of systems accurately. This work presents a comprehensive survey of significant and recent advances in Co-VP relevant fields. We start by overviewing the work on control strategies and underlying communication infrastructures, focusing on their interplay. We also address a fundamental concern by presenting a cyber-security overview regarding these systems. Furthermore, we present and compare the primary initiatives to test and validate those systems, including simulation tools, hardware-in-the-loop setups, and vehicular testbeds. Finally, we highlight a few open challenges in the Co-VP domain. This work aims to provide a fundamental overview of highly relevant works on Co-VP topics, particularly by exposing their inter-dependencies, facilitating a guide that will support further developments in this challenging field.info:eu-repo/semantics/publishedVersio

Building the Hyperconnected Society- Internet of Things Research and Innovation Value Chains, Ecosystems and Markets

This book aims to provide a broad overview of various topics of Internet of Things (IoT), ranging from research, innovation and development priorities to enabling technologies, nanoelectronics, cyber-physical systems, architecture, interoperability and industrial applications. All this is happening in a global context, building towards intelligent, interconnected decision making as an essential driver for new growth and co-competition across a wider set of markets. It is intended to be a standalone book in a series that covers the Internet of Things activities of the IERC – Internet of Things European Research Cluster from research to technological innovation, validation and deployment.The book builds on the ideas put forward by the European Research Cluster on the Internet of Things Strategic Research and Innovation Agenda, and presents global views and state of the art results on the challenges facing the research, innovation, development and deployment of IoT in future years. The concept of IoT could disrupt consumer and industrial product markets generating new revenues and serving as a growth driver for semiconductor, networking equipment, and service provider end-markets globally. This will create new application and product end-markets, change the value chain of companies that creates the IoT technology and deploy it in various end sectors, while impacting the business models of semiconductor, software, device, communication and service provider stakeholders. The proliferation of intelligent devices at the edge of the network with the introduction of embedded software and app-driven hardware into manufactured devices, and the ability, through embedded software/hardware developments, to monetize those device functions and features by offering novel solutions, could generate completely new types of revenue streams. Intelligent and IoT devices leverage software, software licensing, entitlement management, and Internet connectivity in ways that address many of the societal challenges that we will face in the next decade

Design Considerations for Building Credible Security Testbeds: Perspectives from Industrial Control System Use Cases

This paper presents a mapping framework for design factors and an implementation process for building credible Industrial Control Systems (ICS) security testbeds. The security and resilience of ICSs has become a critical concern to operators and governments following widely publicised cyber security events. The inability to apply conventional Information Technology security practice to ICSs further compounds challenges in adequately securing critical systems. To overcome these challenges, and do so without impacting live environments, testbeds are widely used for the exploration, development, and evaluation of security controls. However, how a testbed is designed and its attributes, can directly impact not only its viability but also its credibility. Combining systematic and thematic analysis, and the mapping of identified ICS security testbed design attributes, we propose a novel relationship map of credibility-supporting design factors (and their associated attributes) and a process implementation flow structure for ICS security testbeds. The framework and implementation process highlight the significance of demonstrating some design factors such as user/experimenter expertise, clearly defined testbed design objectives, simulation implementation approach, covered architectural components, core structural and functional characteristics covered, and evaluations to enhance confidence, trustworthiness and acceptance of ICS security testbeds as credible. These can streamline testbed requirement definition, improve design consistency and quality while reducing implementation costs

Cyber security of the smart grid: Attack exposure analysis, detection algorithms, and testbed evaluation

While smart grid technologies are deployed to help achieve improved grid resiliency and efficiency, they also present an increased dependency on cyber resources which may be vulnerable to attack. This dissertation introduces three components that provide new methods to enhancing the cyber security of the smart grid. First, a quantitative exposure analysis model is presented to assess risks inherited from the communication and computation of critical information. An attack exposure metric is then presented to provide a quantitative means to analyze the model. The metric\u27s utility is then demonstrated by analyzing smart grid environments to contrast the effectiveness of various protection mechanisms and to evaluate the impact of new cyber vulnerabilities. Second, a model-based intrusion detection system is introduced to identify attacks against electric grid substations. The system expands previous research to incorporate temporal and spatial analysis of substation control events in order to differentiate attacks from normal communications. This method also incorporates a hierarchical detection approach to improve correlation of physical system events and identify sophisticated coordinated attacks. Finally, the PowerCyber testbed is introduced as an accurate cyber-physical envi- ronment to help facilitate future smart grid cyber security research needs. The testbed implements a layered approach of control, communication, and power system layers while incorporating both industry standard components along with simulation and emulation techniques. The testbed\u27s efficacy is then evaluated by performing various cyber attacks and exploring their impact on physical grid simulations