Virtual ICS test bed

Many organizations utilize Building Automation Systems (BAS) to ensure that all the systems in the building are functioning properly, for example their Heating, Ventilation and Air conditioning (HVAC) systems. More advanced versions of these systems, known as Supervisory Control and Data Acquisition (SCADA) systems have been architected to monitor intricate industrial processes and critical energy systems. While some security standards, such as NIST, have been developed, both BAS and SCADA systems are vulnerable to being compromised, especially if they have been networked through the Internet. Compounding the challenge, most of these Industrial Control Systems (ICS) are proprietary, which translates into organizations being unable to test their vulnerability for themselves. The objective of this project was to construct a high-fidelity model of a complex Industrial Control System based on the system currently in place at Iowa State University. This would allow Iowa State an opportunity to test the fortitude of their industrial systems. This project, therefore, was designed to create a functioning virtual model of the systems within two buildings at Iowa State University. Additional constraints on this effort included working within the existing ISERink environment and utilization of OpenPLC, the only known open source PLC tool available at this time. This project successfully created a fully functional virtual model, including: • Identification and selection of tools (Modbus Master Simulator and ScadaBR) • Configuration of tools • Integration of tools • Creation of a test data set • Connections among the data • Generation of alerts for centralized monitoring • System testin

Cyber Defense Remediation in Energy Delivery Systems

The integration of Information Technology (IT) and Operational Technology (OT) in Cyber-Physical Systems (CPS) has resulted in increased efficiency and facilitated real-time information acquisition, processing, and decision making. However, the increase in automation technology and the use of the internet for connecting, remote controlling, and supervising systems and facilities has also increased the likelihood of cybersecurity threats that can impact safety of humans and property. There is a need to assess cybersecurity risks in the power grid, nuclear plants, chemical factories, etc. to gain insight into the likelihood of safety hazards. Quantitative cybersecurity risk assessment will lead to informed cyber defense remediation and will ensure the presence of a mitigation plan to prevent safety hazards. In this dissertation, using Energy Delivery Systems (EDS) as a use case to contextualize a CPS, we address key research challenges in managing cyber risk for cyber defense remediation. First, we developed a platform for modeling and analyzing the effect of cyber threats and random system faults on EDS\u27s safety that could lead to catastrophic damages. We developed a data-driven attack graph and fault graph-based model to characterize the exploitability and impact of threats in EDS. We created an operational impact assessment to quantify the damages. Finally, we developed a strategic response decision capability that presents optimal mitigation actions and policies that balance the tradeoff between operational resilience (tactical risk) and strategic risk. Next, we addressed the challenge of management of tactical risk based on a prioritized cyber defense remediation plan. A prioritized cyber defense remediation plan is critical for effective risk management in EDS. Due to EDS\u27s complexity in terms of the heterogeneous nature of blending IT and OT and Industrial Control System (ICS), scale, and critical processes tasks, prioritized remediation should be applied gradually to protect critical assets. We proposed a methodology for prioritizing cyber risk remediation plans by detecting and evaluating critical EDS nodes\u27 paths. We conducted evaluation of critical nodes characteristics based on nodes\u27 architectural positions, measure of centrality based on nodes\u27 connectivity and frequency of network traffic, as well as the controlled amount of electrical power. The model also examines the relationship between cost models of budget allocation for removing vulnerabilities on critical nodes and their impact on gradual readiness. The proposed cost models were empirically validated in an existing network ICS test-bed computing nodes criticality. Two cost models were examined, and although varied, we concluded the lack of correlation between types of cost models to most damageable attack path and critical nodes readiness. Finally, we proposed a time-varying dynamical model for the cyber defense remediation in EDS. We utilize the stochastic evolutionary game model to simulate the dynamic adversary of cyber-attack-defense. We leveraged the Logit Quantal Response Dynamics (LQRD) model to quantify real-world players\u27 cognitive differences. We proposed the optimal decision making approach by calculating the stable evolutionary equilibrium and balancing defense costs and benefits. Case studies on EDS indicate that the proposed method can help the defender predict possible attack action, select the related optimal defense strategy over time, and gain the maximum defense payoffs. We also leveraged software-defined networking (SDN) in EDS for dynamical cyber defense remediation. We presented an approach to aid the selection security controls dynamically in an SDN-enabled EDS and achieve tradeoffs between providing security and Quality of Service (QoS). We modeled the security costs based on end-to-end packet delay and throughput. We proposed a non-dominated sorting based multi-objective optimization framework which can be implemented within an SDN controller to address the joint problem of optimizing between security and QoS parameters by alleviating time complexity at O(MN2). The M is the number of objective functions, and N is the population for each generation, respectively. We presented simulation results that illustrate how data availability and data integrity can be achieved while maintaining QoS constraints

A Prototype Lisp-Based Soft Real-Time Object-Oriented Graphical User Interface for Control System Development

A prototype Lisp-based soft real-time object-oriented Graphical User Interface for control system development is presented. The Graphical User Interface executes alongside a test system in laboratory conditions to permit observation of the closed loop operation through animation, graphics, and text. Since it must perform interactive graphics while updating the screen in real time, techniques are discussed which allow quick, efficient data processing and animation. Examples from an implementation are included to demonstrate some typical functionalities which allow the user to follow the control system's operation

Software survey for the avionics test bed

A survey was conducted to itemize software programs that could possibly be used in the development of an avionics test bed for shuttle attached or autonomous large space structures. The results of this survey are presented. Each program is described on a standard form

Recommended Practice for Patch Management of Control Systems

A key component in protecting a nation’s critical infrastructure and key resources is the security of control systems. The term industrial control system refers to supervisory control and data acquisition, process control, distributed control, and any other systems that control, monitor, and manage the nation’s critical infrastructure. Critical Infrastructure and Key Resources (CIKR) consists of electric power generators, transmission systems, transportation systems, dam and water systems, communication systems, chemical and petroleum systems, and other critical systems that cannot tolerate sudden interruptions in service. Simply stated, a control system gathers information and then performs a function based on its established parameters and the information it receives. The patch management of industrial control systems software used in CIKR is inconsistent at best and nonexistent at worst. Patches are important to resolve security vulnerabilities and functional issues. This report recommends patch management practices for consideration and deployment by industrial control systems owners

The UK Programmable Fixed and Mobile Internet Infrastructure:Overview, capabilities and use cases deployment

Leading state-of-the-art research facilities at the Universities of Edinburgh (UoE), Bristol (UoB), Lancaster (UoLan), King's College London (KCL) and Digital Catapult (DCAT) are interconnected through a dedicated JISC/JANET network infrastructure. Using Software Defined Networking (SDN) and Network Function Virtualisation (NFV) technologies, these distributed test-beds are integrated using a multi-domain NFV Orchestrator. This paper introduces a novel specialist distributed test-bed developed for facilitating the increasingly large and complex experimentation of future Internet system architectures, technologies, services and applications between the geographically dispersed laboratories across the UK. The aim is to enable students, researchers and enterprises to interconnect with and carry out remote experiments using these test-beds. Each one contributes a range of key capabilities for Internet research including optical networks, optical wireless and radio frequency communications, Internet of Things (IoT), SDN, NFV, as well as cloud computing technologies and services

Virtual ICS test bed

Many organizations utilize Building Automation Systems (BAS) to ensure that all the systems in the building are functioning properly, for example their Heating, Ventilation and Air conditioning (HVAC) systems. More advanced versions of these systems, known as Supervisory Control and Data Acquisition (SCADA) systems have been architected to monitor intricate industrial processes and critical energy systems. While some security standards, such as NIST, have been developed, both BAS and SCADA systems are vulnerable to being compromised, especially if they have been networked through the Internet. Compounding the challenge, most of these Industrial Control Systems (ICS) are proprietary, which translates into organizations being unable to test their vulnerability for themselves. The objective of this project was to construct a high-fidelity model of a complex Industrial Control System based on the system currently in place at Iowa State University. This would allow Iowa State an opportunity to test the fortitude of their industrial systems. This project, therefore, was designed to create a functioning virtual model of the systems within two buildings at Iowa State University. Additional constraints on this effort included working within the existing ISERink environment and utilization of OpenPLC, the only known open source PLC tool available at this time. This project successfully created a fully functional virtual model, including: • Identification and selection of tools (Modbus Master Simulator and ScadaBR) • Configuration of tools • Integration of tools • Creation of a test data set • Connections among the data • Generation of alerts for centralized monitoring • System testing</p