An Open Framework for Deploying Experimental SCADA Testbed Networks - - PowerPoint PPT Presentation

an open framework for deploying experimental scada
SMART_READER_LITE
LIVE PREVIEW

An Open Framework for Deploying Experimental SCADA Testbed Networks - - PowerPoint PPT Presentation

Mar 30, 2024 112 likes •271 views

An Open Framework for Deploying Experimental SCADA Testbed Networks Peter Maynard, Kieran McLaughlin, and Sakir Sezer August, 2018 Queens University Belfast CSIT 1 / 14 Outline Background High-Level Overview of Framework

slide-1
SLIDE 1

An Open Framework for Deploying Experimental SCADA Testbed Networks

Peter Maynard, Kieran McLaughlin, and Sakir Sezer August, 2018 Queen’s University Belfast « CSIT

1 / 14

slide-2
SLIDE 2

Outline

▶ Background ▶ High-Level Overview of Framework ▶ Tooling ▶ Ongoing/Future Work

2 / 14

slide-3
SLIDE 3

About Myself

▶ Research Assistant, at Queen’s University Belfast, CSIT

▶ PhD 4 years ICS Network-IDS

▶ Research Engineer, at Southampton University, UK

▶ 5G Networks

▶ Computer Science BSc, at Aberystwyth University, UK

3 / 14

slide-4
SLIDE 4

Introduction

▶ Framework for creating virtualised SCADA networks ▶ Developed for packet generation for NIDS ▶ Open Source (GPLv3)

4 / 14

slide-5
SLIDE 5

Related Work

▶ IDS networking datasets (e.g. KDD’99) ▶ Lack of reproducible ICS/SCADA testbeds ▶ Lack of IEC 60870-5-104 protocol support

5 / 14

slide-6
SLIDE 6

Use Cases TestBed

▶ Packet Generation ▶ Attack Simulations ▶ Agent Benchmarking ▶ Extending Limited Hardware

6 / 14

slide-7
SLIDE 7

Requirements of a TestBed

▶ Reproducible ▶ Scalability ▶ Domain Fidelity ▶ Process Simulation ▶ Network Emulation ▶ Physical Network ▶ Physical Devices ▶ Multi-Protocol

7 / 14

slide-8
SLIDE 8

High-Level Overview of Framework

VM RTU/HMI/...

a) Compilation Stage

Node Image Build Provision SRC Configuration Profile 1) CreateBaseImage() 3.1) ConfigureBaseImage() 3.3) InstallPackages() 2) CompileSource() 3.2) LoadConfig()

b) Orchestration Stage

Deploy Operational Profile Provision Configure Start 4) BootUpVirtualMachine() 5.1) AsignIP() 5.2) LoadConfig() 5.3) StartServices()

c) Operation Stage

Control VM SSH/Console/Telnet Manage Shutdown Testbed 6) Monitor()

8 / 14

slide-9
SLIDE 9

Tooling

9 / 14

slide-10
SLIDE 10

Example Network

DNS DHCP RTU RTU RTU RTU RTU Switch Process Simulator HMI Historian DB IEC104 IEC104 IEC104 IEC104 STP DHCP DNS IEC104 OPC UA Sockets

Key

Virtual Physical

10 / 14

slide-11
SLIDE 11

Dataset

▶ Network Reconnaissance ▶ IEC104 Command Injection ▶ 192K Packet Dataset

11 / 14

slide-12
SLIDE 12

Ongoing Work

▶ Integration Process Simulators ▶ Implementing additional operation/configuration profiles ▶ Simplify deployment ▶ Expand documentation

12 / 14

slide-13
SLIDE 13

Future Work

▶ Testbed Federation ▶ Auto configuration of networking equipment ▶ Amazon Web Services (AWS) and Google Compute Engine ▶ Experimentation with alternative network paradigms

13 / 14

slide-14
SLIDE 14

End

▶ www: petermaynard.co.uk ▶ twitter: @pgmaynad ▶ email: p.maynard@qub.ac.uk ▶ git: https://github.com/PMaynard/ ICS-TestBed-Framework ▶ dataset: https://dx.doi.org/10.6084/ m9.figshare.6133457.v1

14 / 14