793 research outputs found
MiniCPS: A toolkit for security research on CPS Networks
In recent years, tremendous effort has been spent to modernizing
communication infrastructure in Cyber-Physical Systems (CPS) such as Industrial
Control Systems (ICS) and related Supervisory Control and Data Acquisition
(SCADA) systems. While a great amount of research has been conducted on network
security of office and home networks, recently the security of CPS and related
systems has gained a lot of attention. Unfortunately, real-world CPS are often
not open to security researchers, and as a result very few reference systems
and topologies are available. In this work, we present MiniCPS, a CPS
simulation toolbox intended to alleviate this problem. The goal of MiniCPS is
to create an extensible, reproducible research environment targeted to
communications and physical-layer interactions in CPS. MiniCPS builds on
Mininet to provide lightweight real-time network emulation, and extends Mininet
with tools to simulate typical CPS components such as programmable logic
controllers, which use industrial protocols (Ethernet/IP, Modbus/TCP). In
addition, MiniCPS defines a simple API to enable physical-layer interaction
simulation. In this work, we demonstrate applications of MiniCPS in two example
scenarios, and show how MiniCPS can be used to develop attacks and defenses
that are directly applicable to real systems.Comment: 8 pages, 6 figures, 1 code listin
Recommended from our members
Faithful reproduction of network experiments
The proliferation of cloud computing has compelled the research community to rethink fundamental aspects of network systems and architectures. However, the tools commonly used to evaluate new ideas have not kept abreast of the latest developments. Common simulation and emulation frameworks fail to provide scalability, fidelity, reproducibility and execute unmodified code, all at the same time.
We present SELENA, a Xen-based network emulation framework that offers fully reproducible experiments via its automation interface and supports the use of unmodified guest operating systems. This allows out-of-the-box compatibility with common applications and OS components, such as network stacks and filesystems. In order to faithfully emulate faster and larger networks, SELENA adopts the technique of time-dilation and transparently slows down the passage of time for guest operating systems. This technique effectively virtualizes the availability of host’s hardware resources and allows the replication of scenarios with increased I/O and computational demands. Users can directly control the tradeoff between fidelity and running-times via intuitive tuning knobs. We evaluate the ability of SELENA to faithfully replicate the behaviour of real systems and compare it against existing popular experimentation platforms. Our results suggest that SELENA can accurately model networks with aggregate link speeds of 44 Gbps or more, while improving by four times the execution time in comparison to ns3 and exhibits near-linear scaling properties.This is the author accepted manuscript. The final version is available from ACM via http://dx.doi.org/10.1145/2658260.265827
What makes an industrial control system security testbed credible and acceptable? Towards a design consideration framework
The convergence of Industrial Control System (ICS) with Information Technologies (IT) coupled with the resulting and widely publicized cyber security incidents have made ICS security and resilience issues of critical concern to operators and governments. The inability to apply traditional IT security practice to ICSs further complicates the challenges of effectively securing critical industrial systems. To investigate these challenges without impacting upon live system operations, testbeds are being widely used as viable options to explore, develop and assess security risks and controls. However, how an ICS testbed is designed, and its attributes, can directly impact not only on its viability but also its credibility and acceptance for use as a whole. Through a systematic review and analysis of ICS security testbed design factors, a novel outline conceptual mapping of design factors for building credibility and acceptance is proposed. These design considerations include: design objectives, implementation approach, architectural component coverage, core operational characteristics, and evaluation approach
NEAT: Network Experiment Automation Tool
NEAT: Network Experiment Automation Too
Colosseum as a Digital Twin: Bridging Real-World Experimentation and Wireless Network Emulation
Wireless network emulators are being increasingly used for developing and
evaluating new solutions for Next Generation (NextG) wireless networks.
However, the reliability of the solutions tested on emulation platforms heavily
depends on the precision of the emulation process, model design, and parameter
settings. To address, obviate or minimize the impact of errors of emulation
models, in this work we apply the concept of Digital Twin (DT) to large-scale
wireless systems. Specifically, we demonstrate the use of Colosseum, the
world's largest wireless network emulator with hardware-in-the-loop, as a DT
for NextG experimental wireless research at scale. As proof of concept, we
leverage the Channel emulation scenario generator and Sounder Toolchain (CaST)
to create the DT of a publicly-available over-the-air indoor testbed for sub-6
GHz research, namely, Arena. Then, we validate the Colosseum DT through
experimental campaigns on emulated wireless environments, including scenarios
concerning cellular networks and jamming of Wi-Fi nodes, on both the real and
digital systems. Our experiments show that the DT is able to provide a faithful
representation of the real-world setup, obtaining an average accuracy of up to
92.5% in throughput and 80% in Signal to Interference plus Noise Ratio (SINR).Comment: 15 pages, 21 figures, 1 tabl
- …