Visible to the public Design and Implementation of Full-Scale Industrial Control System Test Bed for Assessing Cyber-Security Defenses

TitleDesign and Implementation of Full-Scale Industrial Control System Test Bed for Assessing Cyber-Security Defenses
Publication TypeConference Paper
Year of Publication2020
AuthorsGillen, R. E., Anderson, L. A., Craig, C., Johnson, J., Columbia, A., Anderson, R., Craig, A., Scott, S. L.
Conference Name2020 IEEE 21st International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM)
Date Publishedaug
Keywordscomputer network security, computer security, control engineering computing, cyber security, cyber-security defenses, cybersecurity defenses, Ethernet-based threat surface, full-scale industrial control system test bed, Hardware, ICS test beds, ICS-specific security solutions, industrial control, industrial control systems, Integrated circuit modeling, Local area networks, Production, production engineering computing, production environments, pubcrawl, resilience, Resiliency, Safety, Scalability, test beds
AbstractIn response to the increasing awareness of the Ethernet-based threat surface of industrial control systems (ICS), both the research and commercial communities are responding with ICS-specific security solutions. Unfortunately, many of the properties of ICS environments that contribute to the extent of this threat surface (e.g. age of devices, inability or unwillingness to patch, criticality of the system) similarly prevent the proper testing and evaluation of these security solutions. Production environments are often too fragile to introduce unvetted technology and most organizations lack test environments that are sufficiently consistent with production to yield actionable results. Cost and space requirements prevent the creation of mirrored physical environments leading many to look towards simulation or virtualization. Examples in literature provide various approaches to building ICS test beds, though most of these suffer from a lack of realism due to contrived scenarios, synthetic data and other compromises. In this paper, we provide a design methodology for building highly realistic ICS test beds for validating cybersecurity defenses. We then apply that methodology to the design and building of a specific test bed and describe the results and experimental use cases.
DOI10.1109/WoWMoM49955.2020.00064
Citation Keygillen_design_2020