Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Safe, Remote-Access Swarm Robotics Research on the Robotarium

This paper describes the development of the Robotarium -- a remotely accessible, multi-robot research facility. The impetus behind the Robotarium is that multi-robot testbeds constitute an integral and essential part of the multi-agent research cycle, yet they are expensive, complex, and time-consuming to develop, operate, and maintain. These resource constraints, in turn, limit access for large groups of researchers and students, which is what the Robotarium is remedying by providing users with remote access to a state-of-the-art multi-robot test facility. This paper details the design and operation of the Robotarium as well as connects these to the particular considerations one must take when making complex hardware remotely accessible. In particular, safety must be built in already at the design phase without overly constraining which coordinated control programs the users can upload and execute, which calls for minimally invasive safety routines with provable performance guarantees.Comment: 13 pages, 7 figures, 3 code samples, 72 reference

Towards a Versatile Cyber Physical Power System Testbed: Design and Operation Experience

The present trends in the area of smartgrids indicate that future transmission and distribution systems will heavily rely on digital and on communication technologies to operate. Indeed, the power systems are evolving progressively towards what is denoted as a cyber-physical system. This transition challenges the classical approaches for experimental testing and requires the development of testing platforms for cyber-physical systems able to capture the interactions between physical components, control and monitoring software and the communication infrastructure. This paper presents general considerations and requirements for a cyber-physical testing platform for power systems. The paper provides also examples of a testing platform specifying the characteristics of the major components and a summary of the experience matured in its setup and configuration. Finally, an example of an experiment on a notional smartgrid and the related results are reported.acceptedVersio

Addressing the Security Gap in IoT: Towards an IoT Cyber Range.

The paradigm of Internet of Things has now reached a maturity level where the pertinent research goal is the successful application of IoT technologies in systems of high technological readiness level. However, while basic aspects of IoT connectivity and networking have been well studied and adequately addressed, this has not been the case for cyber security aspects of IoT. This is nicely demonstrated by the number of IoT testbeds focusing on networking aspects and the lack of IoT testbeds focusing on security aspects. Towards addressing the existing and growing skills-shortage in IoT cyber security, we present an IoT Cyber Range (IoT-CR); an IoT testbed designed for research and training in IoT security. The IoT-CR allows the user to specify and work on customisable IoT networks, both virtual and physical, and supports the concurrent execution of multiple scenarios in a scalable way following a modular architecture. We first provide an overview of existing, state of the art IoT testbeds and cyber security related initiatives. We then present the design and architecture of the IoT Cyber Range, also detailing the corresponding RESTful APIs that help de-associate the IoT-CR tiers and obfuscate underlying complexities. The design is focused around the end-user and is based on the four design principles for Cyber Range development discussed in the introduction. Finally, we demonstrate the use of the facility via a red/blue team scenario involving a variant of man-in-the-middle attack using IoT devices. Future work includes the use of the IoT-CR by cohorts of trainees in order to evaluate the effectiveness of specific scenarios in acquiring IoT-related cyber-security knowledge and skills, as well as the IoT-CR integration with a pan-European cyber-security competence network

Towards a Cybersecurity Testbed for Agricultural Vehicles and Environments

In today’s modern farm, an increasing number of agricultural systems and vehicles are connected to the Internet. While the benefits of networked agricultural machinery are attractive, this technological shift is also creating an environment that is conducive to cyberattacks. While previous research has focused on general cybersecurity concerns in the farming and agricultural industries, minimal research has focused on techniques for identifying security vulnerabilities within actual agricultural systems that could be exploited by cybercriminals. Hence, this paper presents STAVE – a Security Testbed for Agricultural Vehicles and Environments – as a potential solution to assist with the identification of cybersecurity vulnerabilities within commercially available off-the-shelf components used in certain agricultural systems. This paper reports ongoing research efforts to develop and refine the STAVE testbed, along with describing initial cybersecurity experimentation which aims to identify security vulnerabilities within wireless and CAN Bus agricultural vehicle components

Towards Resilient Cyber-Physical Energy Systems

In this paper, we develop a system-of-systems framework to address cyber-physical resilience, the ability to withstand the combined presence of both cyber attacks and physi-cal faults. This framework incorporates a definition of re-silience, a resilience metric as well as a resilient control de-sign methodology. The resilient control architecture utilizes a hybrid optimal control methodology combined with a dy-namic regulation market mechanism (DRMM), and is evalu-ated in the context of frequency regulation at a transmission grid. The framework enables the evaluation of both the clas-sical robust control properties and emerging resilient control properties under both cyber attacks and physical faults. The proposed framework is used to assess resilience of a Cyber-Physical Energy System (CPES) when subjected to both cyber and physical faults via DETERLab. DETERLab, a testbed capable of emulating high fidelity, cybersecure, net-worked systems, is used to construct critical scenarios with physical faults emulated in the form of generator outages and cyber faults emulated in the form of Denial of Service (DoS) attacks. Under these scenarios, the resilience and per-formance of a CPES that is comprised of 56 generators and 99 consumers is evaluated using the hybrid-DRMM control methodology