LICSTER -- A Low-cost ICS Security Testbed for Education and Research

Unnoticed by most people, Industrial Control Systems (ICSs) control entire productions and critical infrastructures such as water distribution, smart grid and automotive manufacturing. Due to the ongoing digitalization, these systems are becoming more and more connected in order to enable remote control and monitoring. However, this shift bears significant risks, namely a larger attack surface, which can be exploited by attackers. In order to make these systems more secure, it takes research, which is, however, difficult to conduct on productive systems, since these often have to operate twenty-four-seven. Testbeds are mostly very expensive or based on simulation with no real-world physical process. In this paper, we introduce LICSTER, an open-source low-cost ICS testbed, which enables researchers and students to get hands-on experience with industrial security for about 500 Euro. We provide all necessary material to quickly start ICS hacking, with the focus on low-cost and open-source for education and research

Determining end-to-end delays using network calculus

The a priori determination of temporal behavior is an essential requirement on the design of distributed real-time systems. It is shown how the analytical method Network Calculus can be applied to find hard upper bounds for transaction times in switched Ethernet networks. The analytical results are validated by simulation for an example scenario and the differences are discussed

A proposal to integrate process data communication to IEEE 802.1 Audio Video Bridging (AVB)

This paper investigates prospects of the emerging IEEE 802.1 Audio Video Bridging (AVB) Ethernet standard in industrial automation applications. The notion of a small and predictable latency is common for both industrial and multimedia (audio, video) applications. The inbuilt characteristics of 802.1 AVB that includes synchronization, real-time traffic scheduling & shaping and resource reservation makes it a real-time capable Ethernet solution, which can be used for the process control applications as well. This paper presents a way to integrate the industrial process data communication to the lower layer services of IEEE 802.1 AVB, and describes a demonstrator implemented for a proof of concept

Wandlungsfähige Informationstechnik in der Fabrik

Produktionsanlagen befinden sich heute im ständigen Wandel, und dieser Trend wird sich in Zukunft deutlich verstärken. Die Vielfalt der Einflussfaktoren, die auf Unternehmen einwirkt, kann bezogen auf die Produktionstechnik nicht mehr vorgedacht werden. Eine Strategie produzierender Unternehmen sowie des Maschinen- und Anlagenbaus, um diesen Herausforderungen künftig zu begegnen, ist Wandlungsfähigkeit. Hierunter wird in Abgrenzung zur Flexibilität das Vermögen einer Fabrik verstanden, "ausgehend von externen oder internen Auslösern aktiv strukturelle Veränderungen auf allen Ebenen bei geringem Aufwand durchführen zu können" [5], d.h. auf Änderungsbedarf selbständig zu reagieren

A field level architecture for reconfigurable real-time automation systems

Rapidly changing customer demands lead to a paradigm shift from mass production to mass customization within the manufacturing industry. However, todays production systems are of a very static nature. Changing the manufacturing process requires a high amount of expensive human resources and is quite error prone. Hence, reconfigurability will become a key factor in the manufacturing industry and industrial automation systems must provide suitable solutions to support this new paradigm. Service-oriented architectures (SOAs) are a potential technology which can provide the requested capability of automatic reconfiguration. Originating from the IT world, the adaptation of SOAs to industrial automation systems has to face several difficulties - especially real-time requirements must be met. This paper proposes an innovative solution approach for the integration of a SOA into real-time systems for industrial automation

Towards an isochronous wireless communication system for industrial automation

Deploying wireless technologies in industrial automation becomes more and more common. It is an enabler for many innovative applications where moving system components are involved, e. g. rotating parts of machines. However, many of such applications impose high temporal requirements on the wireless system, for instance isochronous data communication. Today, these requirements can not be met by existing solutions, such as IEEE802.11 Wireless Local Area Networks (WLANs). In this paper, an isochronous wireless communication system is investigated. It mainly consists of a deterministic medium access control, based on IEEE 802.11, which is extended with additional features for isochronous communication. The presented preliminary analysis shows the system's feasibility for the targeted industrial applications and presents promising performance improvements in comparison with standard mechanisms

Communications for AnyPLACE: A smart metering platform with management and control functionalities

Recent developments under the term Smart Grid change how users consume electricity and interact with the power grid. Smart metering and energy management are developments that transform the yet passive energy consumer to a participant that is actively involved in the energy market by using variable energy tariffs or by demand-response services. But such functionality demands a platform that integrates all smart devices in the users property, connects to external services and electricity providers, and has interfaces that provide information and control to the user. AnyPLACE will develop such platform. Based on the latest legislation in the European member states, it will incorporate smart meters and create links to external service providers. Furthermore, it connects the devices in the property of the end-user in order to be able to fully monitor and control the energy consumption. This paper presents the AnyPLACE idea and the problems that are solved on the communications aspect. It provides an in-depth analysis of current European legislation in the context of smart metering and provides the requirements that need to be realized by the platform. Additionally, it proposes a strategy to create a solution that can be used in any place of Europe. The paper also incorporates the security and privacy requirements in different domains and sketches a solution and architecture to fulfill these by incorporating existing open source implementations as provided by the openHAB project