minicps a toolkit for security research on cps networks
play

MiniCPS: A toolkit for security research on CPS Networks D ANIELE A - PowerPoint PPT Presentation

Oct 30, 2022 •656 likes •877 views

CPS-SPC 15 @ Denver CO MiniCPS: A toolkit for security research on CPS Networks D ANIELE A NTONIOLI (SUTD) N ILS O LE T IPPENHAUER (SUTD) October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 1 Hi! Personal: D

  1. CPS-SPC 15 @ Denver CO MiniCPS: A toolkit for security research on CPS Networks D ANIELE A NTONIOLI (SUTD) N ILS O LE T IPPENHAUER (SUTD) October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 1

  2. Hi! • Personal: ◮ D ANIELE A NTONIOLI ◮ SUTD’s ISTD PhD (Prof N.O. T IPPENHAUER ) • SCy-Phy group: ◮ Applied CPS security research October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 2

  3. Why MiniCPS: Cyber-Physical Systems • CPS are: ◮ Complex ◮ Critical ◮ Connected October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 3

  4. Why MiniCPS: Cyber-Physical Systems • CPS are: ◮ Complex ◮ Critical ◮ Connected • CPS information may be difficult to: ◮ Obtain ◮ Prove ◮ Share October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 3

  5. Why MiniCPS: Cyber-Physical Systems • CPS are: ◮ Complex ◮ Critical ◮ Connected • CPS information may be difficult to: ◮ Obtain ◮ Prove ◮ Share • CPS research requires different expertises: ◮ Electronics, Automation ◮ Networking, Computer Science ◮ Physics. . . October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 3

  6. Why MiniCPS: SWaT testbed • Pure Water: 5 US gallons/min, 6 . 0 − 7 . 0 pH, minimum conductivity of 10 µ S / cm 3 • Recovered Water: 70% processed water, 50% dirty recirculation October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 4

  7. Why MiniCPS: SWaT network SCADA Historian HMI HMI HMI Switch L1 Network Process 1 Process 2 Process n PLC PLC PLC PLC PLC PLC ... PLC1a PLC1b PLC2a PLC2b PLCna PLCnb L0 Network L0 Network L0 Network Remote IO Remote IO Remote IO RIO RIO ... RIO Sensor Sensor Sensor 42.42 42.42 42.42 Actuators Sensors Actuators Sensors Actuators Sensors • Wired and Wireless links. • Ethernet/IP , Common Industrial Protocol. October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 5

  8. MiniCPS: Vision • Research Environment: ◮ Reproducible ◮ Extensible ◮ Shareable October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 6

  9. MiniCPS: Vision • Research Environment: ◮ Reproducible ◮ Extensible ◮ Shareable • Targeted to Cyber-Physical Systems: ◮ Network communications ◮ Control logic ◮ Physical layer interaction October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 6

  10. MiniCPS: Vision • Research Environment: ◮ Reproducible ◮ Extensible ◮ Shareable • Targeted to Cyber-Physical Systems: ◮ Network communications ◮ Control logic ◮ Physical layer interaction • Don’t reinvent the wheels. . . ◮ But: " Stand on the Shoulders of Giants " ◮ Eg: linux , python , mininet , git October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 6

  11. MiniCPS: Diagram Network Component Component Logic Logic Physical Layer API Physical Layer Simulation • (C)yber → Network Emulator • (P)hysical → Process Simulation, State API • (S)ystem → Control Logic Simulation October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 7

  12. MiniCPS: What is Mininet Network Component Component Logic Logic Physical Layer API Physical Layer Simulation • Network-in-a-box emulator: ◮ Reproduce (complex) topologies ◮ Generating real packets using real protocols October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 8

  13. MiniCPS: What is Mininet Network Component Component Logic Logic Physical Layer API Physical Layer Simulation • Network-in-a-box emulator: ◮ Reproduce (complex) topologies ◮ Generating real packets using real protocols • One Linux kernel, multiple devices: ◮ Lightweight virtualization ◮ Each device is a container October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 8

  14. MiniCPS: What is Mininet Network Component Component Logic Logic Physical Layer API Physical Layer Simulation • Network-in-a-box emulator: ◮ Reproduce (complex) topologies ◮ Generating real packets using real protocols • One Linux kernel, multiple devices: ◮ Lightweight virtualization ◮ Each device is a container • SDN/OpenFlow development October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 8

  15. MiniCPS: Physical Layer API Network Component Component Logic Logic Physical Layer API Physical Layer Simulation • Database to represent the (physical) state: ◮ Abstract low-level details (SQL query) ◮ Use high level semantic functions: get , set October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 9

  16. MiniCPS: Physical Layer API Network Component Component Logic Logic Physical Layer API Physical Layer Simulation • Database to represent the (physical) state: ◮ Abstract low-level details (SQL query) ◮ Use high level semantic functions: get , set • Compatibility layer: ◮ Programming Language agnostic ◮ Support different storage back-ends October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 9

  17. MiniCPS: SWaT example L1 network emulation plc1.py plc2.py plc3.py PLC PLC PLC LIT301 LIT101 Grid FIT101 MV101 Sensor Sensor 42.42 42.42 P_101 FIT201 Sensor 42.42 Sensor 42.42 Physical process Simulation script • Control strategy: ◮ Sensors: level (LIT), flow (FIT) ◮ Actuators: motorized valve (MV) and pump (P) ◮ PLC1 takes decision with the aid of PLC2 and PLC3 ◮ Physical process simulation updates the state • Network: ◮ Realistic addresses (CIDR, MAC, ports) ◮ Replicate services: web-servers, ENIP client/server ◮ Optional Attacker and SDN Controller October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 10

  18. MiniCPS: SWaT example II SCADA Historian HMI HMI HMI L1 Network Process 1 1a. Write '0' to 1b. Write '1' to PLC PLC PLC valve tag PLC valve tag PLC1a PLC1b L0 Network 2. Write '1' to Remote IO RIO valve tag RIO Attacker Sensor 42.42 3. High current analog signal Actuators Sensors • Passive and Active ARP poisoning MITM attacks • SDN Controller for ARP poisoning Detection and Mitigation October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 11

  19. MiniCPS: Conclusions • MiniCPS is a CPS research platform: ◮ Reproducible ◮ Extensible ◮ Shareable • MiniCPS is used to investigate issues in real testbeds: ◮ MITM attacks ( ettercap ) ◮ Ethernet/IP reverse-engineering ( scapy ) ◮ SDN controllers development ( pox ) October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 12

  20. MiniCPS: Conclusions • MiniCPS is a CPS research platform: ◮ Reproducible ◮ Extensible ◮ Shareable • MiniCPS is used to investigate issues in real testbeds: ◮ MITM attacks ( ettercap ) ◮ Ethernet/IP reverse-engineering ( scapy ) ◮ SDN controllers development ( pox ) • Contribute: ◮ http://scy-phy.github.io/index.html ◮ https://github.com/scy-phy/minicps • Thank You! Q & A October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 12

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On the security of security extensions for IP-based KNX networks Aljosha Judmayer

On the security of security extensions for IP-based KNX networks Aljosha Judmayer

On the security of security extensions for IP-based KNX networks Aljosha Judmayer ajudmayer@sba-research.org ajudmayer@auto.tuwien.ac.at On the security of security extensions for IP-based KNX networks 1 SBA Research P1.1: Risk Management

1.06k views • 51 slides
CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer

CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer

CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer Security Studies in what ways security mechanisms may fail Can we gain access to a computer system without authorizaDon? Can we compromise

986 views • 84 slides
S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks

S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks

FAKULTT FR !NFORMATIK Faculty of Informatics S & P SECURITY & PRIVACY GROUP Security and Privacy for Payment Channel Networks Pedro Moreno-Sanchez Blockchain Summer School BDLT19 Vienna, Sep 2nd 2019 Blockchain Research

1.41k views • 73 slides
The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs

The security of existing wireless networks Cellular networks GSM o UMTS o WiFi LANs Bluetooth Security and Cooperation in Wireless Networks Georg-August University Gttingen Security in Wireless Networks Wireless networks are

519 views • 48 slides
A Generic Programming A Generic Programming Toolkit Toolkit for PADS/ML for PADS/ML Mary

A Generic Programming A Generic Programming Toolkit Toolkit for PADS/ML for PADS/ML Mary

A Generic Programming A Generic Programming Toolkit Toolkit for PADS/ML for PADS/ML Mary Fernndez, Kathleen Fisher, Yitzhak Mandelbaum AT&T Labs Research J. Nathan Foster, Michael Greenberg University of Pennsylvania PADL 2008 Data,

763 views • 51 slides
Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov SNE

Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov SNE

Introduction Research Questions Proof of Concept Results Conclusions Questions? Implementing Security Control Loops in Security Autonomous Response Networks Hristo Dimitrov SNE University of Amsterdam & TNO Supervisors: Marc X. Makkes

408 views • 25 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Cuckoo Hashing for Security Awerbuch, Scheideler, Towards Scalable and Robust Overlay Networks Problem: -

329 views • 19 slides
Attacking Machine Learning: On the Security and Privacy of Neural Networks Nicholas Carlini

Attacking Machine Learning: On the Security and Privacy of Neural Networks Nicholas Carlini

SESSION ID: MLAI-W03 Attacking Machine Learning: On the Security and Privacy of Neural Networks Nicholas Carlini Research Scientist, Google Brain #RSAC Act I: On the Security and Privacy of Neural Networks #RSAC Let's play a game

1.07k views • 103 slides
Technology Toolkit 4 Key Pillars Security Training Maximize Your Technology Impact Web Site

Technology Toolkit 4 Key Pillars Security Training Maximize Your Technology Impact Web Site

Technology Toolkit 4 Key Pillars Security Training Maximize Your Technology Impact Web Site Anti-Virus Administrators Desktops/Tablets Email Telephone (VOIP-Land Lines) Firewall Daily Staff Wireless Business Cards Web Policy

210 views • 8 slides
Viproy VoIP Penetration and Exploitation Toolkit Fatih zavc Security Consultant @ Sense of

Viproy VoIP Penetration and Exploitation Toolkit Fatih zavc Security Consultant @ Sense of

Viproy VoIP Penetration and Exploitation Toolkit Fatih zavc Security Consultant @ Sense of Security (Australia) # whois Security Consultant @ Sense of Security (Australia) 10+ Years Experience in Penetration Testing 800+

494 views • 21 slides
Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS

Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS

Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 18 Page 1 CS 236 Online Outline Routing security DNS security Lecture 18 Page 2

556 views • 31 slides
Title I, Part A Directors Toolkit Title I, Part A Directors Toolkit Toolkit Format:

Title I, Part A Directors Toolkit Title I, Part A Directors Toolkit Toolkit Format:

Title I, Part A Directors Toolkit Title I, Part A Directors Toolkit Toolkit Format: Title I-A Directors Handbook Webinars Concise, informational, 5-10 minutes Covering critical topics in ESSA Viewers select the topic,

636 views • 25 slides
Hopping On the CAN Bus Automotive Security and the CANard Toolkit Eric Evenchick Black Hat Asia

Hopping On the CAN Bus Automotive Security and the CANard Toolkit Eric Evenchick Black Hat Asia

Hopping On the CAN Bus Automotive Security and the CANard Toolkit Eric Evenchick Black Hat Asia 2015 What is CAN? Controller Area Network Low cost, integrated controllers Types: High speed (differential) Low speed (single

326 views • 31 slides
networks research Bob Briscoe & Ben Bappu Dec 2004 networks research centre - themes

networks research Bob Briscoe & Ben Bappu Dec 2004 networks research centre - themes

networks research Bob Briscoe & Ben Bappu Dec 2004 networks research centre - themes networks of x x: computers, devices, people, physical phenomena new science framework for reasoning, proof, architecture, language,

620 views • 14 slides
Sta ff Diversity Hiring Toolkit Sta ff Diversity Hiring Toolkit Toolkit accessible

Sta ff Diversity Hiring Toolkit Sta ff Diversity Hiring Toolkit Toolkit accessible

Sta ff Diversity Hiring Toolkit Sta ff Diversity Hiring Toolkit Toolkit accessible online: www.washington.edu/diversity/staffdiv/hiringtoolkit/ A resource for HR Directors and

322 views • 8 slides
Security in IP networks Markus Peuhkuri 2005-03-15 Lecture topics Reminder: levels Security in

Security in IP networks Markus Peuhkuri 2005-03-15 Lecture topics Reminder: levels Security in

Security in IP networks Markus Peuhkuri 2005-03-15 Lecture topics Reminder: levels Security in IP networks WLAN security Mobile IP security Because IPsec is (still, after more than 10 years)

205 views • 9 slides
Distributed Snapshots 1 Goals of the lecture Consistent State Algo rithm

Distributed Snapshots 1 Goals of the lecture Consistent State Algo rithm

Distributed Snapshots 1 Goals of the lecture Consistent State Algo rithm Co rrectness Stable Prop erties Reference: Chandy and Lamp ort Vija c y K. Ga rg Distributed Systems Sp ring 96

216 views • 17 slides
AoC / Ofsted KIT webinar Richard Beynon, Specialist Advisor, FES, Ofsted David Corke, Policy

AoC / Ofsted KIT webinar Richard Beynon, Specialist Advisor, FES, Ofsted David Corke, Policy

AoC / Ofsted KIT webinar Richard Beynon, Specialist Advisor, FES, Ofsted David Corke, Policy Director, AoC AoC - Ofsted webinar 23 July 2020 Slide 1 AoC Ofsted KIT webinar Todays session will: be the last of a series of KIT

575 views • 9 slides
Big ig Flar Flare e Hunt Hunting ing Manuel Pichardo (Utah State University) and Scott

Big ig Flar Flare e Hunt Hunting ing Manuel Pichardo (Utah State University) and Scott

Big ig Flar Flare e Hunt Hunting ing Manuel Pichardo (Utah State University) and Scott McIntosh, PhD (HAO/NCAR) High Altitude Observatory (HAO) National Center for Atmospheric Research (NCAR) The National Center for Atmospheric

416 views • 20 slides
An Open Framework for Deploying Experimental SCADA Testbed Networks Peter Maynard, Kieran

An Open Framework for Deploying Experimental SCADA Testbed Networks Peter Maynard, Kieran

An Open Framework for Deploying Experimental SCADA Testbed Networks Peter Maynard, Kieran McLaughlin, and Sakir Sezer August, 2018 Queens University Belfast CSIT 1 / 14 Outline Background High-Level Overview of Framework

268 views • 14 slides
Automated Reasoning Petros Papapanagiotou October 4, 2013 1 / 26 Extra Lecture Program

Automated Reasoning Petros Papapanagiotou October 4, 2013 1 / 26 Extra Lecture Program

Automated Reasoning Petros Papapanagiotou October 4, 2013 1 / 26 Extra Lecture Program verification using Hoare Logic 1 Petros Papapanagiotou 1 Partially adapted from Mike Gordons slides on Hoare Logic:

382 views • 27 slides
Hoare Logic Andreas Podelski November 8, 2011 Hoare logic introduced by Hoare in 1969

Hoare Logic Andreas Podelski November 8, 2011 Hoare logic introduced by Hoare in 1969

Hoare Logic Andreas Podelski November 8, 2011 Hoare logic introduced by Hoare in 1969 builds on first-order logic Hoare logic introduced by Hoare in 1969 builds on first-order logic correctness specification = pre- and

401 views • 37 slides
INF4140 - Models of concurrency Hsten 2015 September 28, 2015 Abstract This is the

INF4140 - Models of concurrency Hsten 2015 September 28, 2015 Abstract This is the

INF4140 - Models of concurrency Hsten 2015 September 28, 2015 Abstract This is the handout version of the slides for the lecture (i.e., its a rendering of the content of the slides in a way that does not waste so much paper when

108 views • 10 slides
Floyd-Hoare Logic for Quantum Programs Mingsheng Ying University of Technology, Sydney and

Floyd-Hoare Logic for Quantum Programs Mingsheng Ying University of Technology, Sydney and

Floyd-Hoare Logic for Quantum Programs Mingsheng Ying University of Technology, Sydney and Tsinghua University Outline Introduction Syntax of Quantum Programs Operational Semantics Denotational Semantics Correctness Formulas Proof System

1.02k views • 79 slides

More recommend