No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
EmuFlex: A Flexible OT Testbed for Security Experiments with OPC UA
ResearchGate has not been able to resolve any citations for this publication.
The war to technology and economic powers has been the driver for industrialization in most developed countries. The first industrial revolution (industry 1.0) earned millions for textile mill owners, while the second industrial revolution (industry 2.0) opened the way for tycoons and captains of industry such as Henry Ford, John D. Rockefeller, and J.P. Morgan. The third industrial revolution (industry 3.0) engendered technology giants such as Apple and Microsoft and made magnates of men such as Bill Gates and Steve Jobs. Now, the race for the fourth industrial revolution (industry 4.0) is on and there is no option, and every country whether developed or developing must participate. Many countries have positively responded to industry 4.0 by developing strategic initiatives to strengthen industry 4.0 implementation. Unlocking the country’s potential to industry 4.0 has been of interest to researchers in the recent past. However, the extent to which industry 4.0 initiatives are being launched globally has never been divulged. Therefore, the present study aimed at exploring industry 4.0 initiatives through a comprehensive electronic survey of the literature to estimate the extent of their launching in different regions. Inferences were drawn from industry 4.0 initiatives in developed nations to be used as the recommendations for the East African Community. Results of the survey revealed that 117 industry 4.0 initiatives have been launched in 56 countries worldwide consisting of five regions: Europe (37%), North America (28%), Asia and Oceania (17%), Latin America and the Caribbean (10%), and Middle East and Africa (8%). The worldwide percentage was estimated as 25%. This revealed that there is a big gap existing between countries in the race for industry 4.0.
While there has been a recent growth of interest in the Digital Twin, a variety of definitions employed across industry and academia remain. There is a need to consolidate research such to maintain a common understanding of the topic and ensure future research efforts are to be based on solid foundations. Through a systematic literature review and a thematic analysis of 92 Digital Twin publications from the last ten years, this paper provides a characterisation of the Digital Twin, identification of gaps in knowledge, and required areas of future research. In characterising the Digital Twin, the state of the concept, key terminology, and associated processes are identified, discussed, and consolidated to produce 13 characteristics (Physical Entity/Twin; Virtual Entity/Twin; Physical Environment; Virtual Environment; State; Realisation; Metrology; Twinning; Twinning Rate; Physical-to-Virtual Connection/Twinning; Virtual-to-Physical Connection/Twinning; Physical Processes; and Virtual Processes) and a complete framework of the Digital Twin and its process of operation. Following this characterisation, seven knowledge gaps and topics for future research focus are identified: Perceived Benefits; Digital Twin across the Product Life-Cycle; Use-Cases; Technical Implementations; Levels of Fidelity; Data Ownership; and Integration between Virtual Entities; each of which are required to realise the Digital Twin.
Objectives: SCADA systems are turning into the central nerve system of the electric power system critical infrastructure. With the increasing availability and use of computer networks and the Internet as well as the convenience of cloud computing, SCADA systems have increasingly adopted Internet-of-Things technologies to significantly reduce infrastructure costs and increase ease of maintenance and integration. However, SCADA systems are obvious targets for cyber attacks that would seek to disrupt the critical infrastructure systems thus are governed by a SCADA system. Methods/Statistical Analysis: Cyber attacks exploit SCADA security vulnerabilities in order to take control or disrupt the normal operation of the system. Analyzing security vulnerability and loopholes are critical in developing security solutions for such systems. It is also equally important to test security solutions developed to protect SCADA systems. Findings: Experimenting on live systems is generally not advisable and impractical as this may render the system unstable. Such situation calls for the need of an experimental setup equivalent or quite close to the real scenario for developing and testing security solutions. Application/Improvements: This paper reviews common SCADA implementation approaches utilized in previous related works.
Conducting security tests such as vulnerability discovery within Industrial Control Systems (ICS) help reduce their vulnerability to cyber attacks. Unfortunately, the extreme availability requirements on ICS in operation make it difficult to conduct security tests in practice. For this reason, researchers and practitioners turn to testbeds that mimic real ICS. This study surveys ICS testbeds that have been proposed for scientific research. A total of 30 testbeds are identified. Most of these aim to facilitate vulnerability analysis, education and tests of defense mechanisms. Testbed components are typically implemented as simulation models. Testbed fidelity is rarely addressed, and at best briefly discussed.
This paper presents and analyzes a selection of 21 “myths” identified from the authors' experience as being the most common in power utilities and the most harmful to their cybersecurity posture. For each one, tangible and referenced elements, typically sparse and dispersed, are presented in this single and up-to-date reference to support their rationalization. This paper also provides generic recommendations supporting power utilities on the ongoing and challenging process of dispelling the identified myths.
Public key infrastructures (PKIs) are a cornerstone for the security of modern information systems. They also offer a wide range of security mechanisms to industrial automation and control systems (IACS) and can represent an important building block for concepts like zero trust architectures and defense in depth. Hence, the ISA/IEC 62443 series of standards addresses the PKI paradigm, but there is little practical guidance on how to actually apply it to an IACS. This paper analyzes ISA/IEC 62443 for explicit and implicit requirements regarding PKI deployment to provide a guideline for developing and operating a standard-conform PKI. For this purpose, the analyzed requirements and IACS-specific constraints are combined with current research and best practices. To assess its viability, a tangible PKI use case is implemented in a test environment. The evaluation of this use case shows that common IACS components are capable of supporting PKI, but that important features are missing. For instance, the handling of PKI turns out to be time-consuming and involves many manual operations, a potential factor to render large-scale operations impractical at this point in time.KeywordsPKIISA/IEC 62443IACSSecurity EngineeringZero Trust
Big data continues to grow in the manufacturing domain due to increasing interconnectivity on the shop floor in the course of the fourth industrial revolution. The optimization of machines based on either real-time or historical machine data provides benefits to both machine producers and operators. In order to be able to make use of these opportunities, it is necessary to access the machine data, which can include sensitive information such as intellectual property. Employing the use case of machine tools, this paper presents a solution enabling industrial data sharing and cloud collaboration while protecting sensitive information. It employs the edge computing paradigm to apply differential privacy to machine data in order to protect sensitive information and simultaneously allow machine producers to perform the necessary calculations and analyses using this data.
This paper presents a mapping framework for design factors and an implementation process for building credible Industrial Control Systems (ICS) security testbeds. The security and resilience of ICSs has become a critical concern to operators and governments following widely publicised cyber security events. The inability to apply conventional Information Technology security practice to ICSs further compounds challenges in adequately securing critical systems. To overcome these challenges, and do so without impacting live environments, testbeds are widely used for the exploration, development, and evaluation of security controls. However, how a testbed is designed and its attributes, can directly impact not only its viability but also its credibility. Combining systematic and thematic analysis, and the mapping of identified ICS security testbed design attributes, we propose a novel relationship map of credibility-supporting design factors (and their associated attributes) and a process implementation flow structure for ICS security testbeds. The framework and implementation process highlight the significance of demonstrating some design factors such as user/experimenter expertise, clearly defined testbed design objectives, simulation implementation approach, covered architectural components, core structural and functional characteristics covered, and evaluations to enhance confidence, trustworthiness and acceptance of ICS security testbeds as credible. These can streamline testbed requirement definition, improve design consistency and quality while reducing implementation costs.
In a context of greater complexity of Smart Factories, the commissioning time for automated systems needs to be shortened. The use of virtual commissioning tools is a good contribution to achieve this goal. Ideally, those tools should be part of a virtual engineering environment sharing same virtual model, the digital twin, through the complete lifecycle of the automated system, namely the project, simulation, implementation and execution/monitoring/supervision and, eventually decommissioning phases. Such vision includes a digital twin with a broader use, which is consistent with the real system and one that can be used after the early design and commissioning phases. Finding a complete set of tools able to comply with the above requirements can be extremely challenging. In this paper we explore the use of the ABB RobotStudio software combined with the OPC UA standard with this vision in mind. Methodologies were defined to integrate both new generation and legacy equipment, as well as robot controllers and guidelines for equipment development. A key result of this work is the development of a set of virtual engineering tools and methodologies based on OPC UA and implemented using RobotStudio in order to accomplish the complete lifecycle support of an automated system, from the project and simulation phases, to the monitoring and supervision phases, suitable for integration in Industry 4.0 factories. Results are described for a test scenario with different devices.
Public key infrastructures (PKIs) build the foundation for secure communication of a vast majority of cloud services. In the recent past, there has been a series of security incidents leading to increasing concern regarding the trust model currently employed by PKIs. One of the key criticisms is the architecture's implicit assumption that certificate authorities (CAs) are trustworthy a priori.
This work proposes a holistic metric to compensate this assumption by a differentiating assessment of a CA's individual trustworthiness based on objective criteria. The metric utilizes a wide range of technical and non-technical factors derived from existing policies, technical guidelines, and research. It consists of self-contained submetrics allowing the simple extension of the existing set of criteria. The focus is thereby on aspects which can be assessed by employing practically applicable methods of independent data collection.
The metric is meant to help organizations, individuals, and service providers deciding which CAs to trust or distrust. For this, the modularized submetrics are clustered into coherent submetric groups covering a CA's different properties and responsibilities. By applying individually chosen weightings to these submetric groups, the metric's outcomes can be adapted to tailored protection requirements according to an exemplifying attacker model.
With the rise of advanced persistent threats to cyber-physical facilities, new methods for anomaly detection are required. However, research on anomaly detection systems for industrial networks suffers from the lack of suitable training data to verify the methods at early stages. This paper presents a framework and workflow to generate meaningful training and test data for anomaly detection systems in industrial settings. Using process-model based simulations data can be generated on a large scale. We evaluate the data in regard to its usability for state-of-the-art anomaly detection systems. With adequate simulation configurations, it is even possible to simulate a sensor manipulation attack on the model and to derive labeled data.
SCADA systems were made robust to sustain tough industrial environments, but little care was taken to raise defenses against potential cyber threats. With time, the threats started pouring in and eliciting major concerns in the research community. The extremely high cost and critical nature of SCADA Systems has made it nearly impossible for researchers to perform experiments with live cyber-attacks. Hence, replicating the behavior of these complicated systems by developing high-fidelity testbeds and testing the vulnerabilities on them provides researchers with the necessary workspace to combat the threats currently haunting these legacy systems. However, high-fidelity testbeds like Deter and NSTB are not portable and are hard to replicate. Even though it was possible to identify some portable testbeds, they all have poor support on the virtualization of the SCADA controller or use hardware-in-the-loop, which affects portability. In this research, a novel-modular framework is proposed to replicate complex SCADA Systems entirely on a virtual simulation, which makes them very low cost and portable. The process of virtualizing each major component is discussed. Finally, the success of this methodology is demonstrated by replicating real world critical infrastructures, which are presented as case studies as well as cyberattacks to demonstrate the use of the framework for cybersecurity research.
Customer-individual production in manufacturing is a current trend related to the Industrie 4.0 paradigm. Creation of design files by the customers is becoming more frequent. These design files are typically generated outside the company boundaries and then transferred to the organization where they are eventually processed and scheduled for production. From a security perspective, this introduces new attack vectors targeting producing companies. Design files with malicious configuration parameters can threaten the availability of the manufacturing plant resulting in financial risks and can even cause harm to humans. Human verification of design files is error-prone why an automated solution is required. A graph-theoretic modeling framework for machine tools capable of verifying the security of product designs is proposed. This framework is used to model an exemplary production process implemented in a wood processing plant based on the experiences of a real-world case study. Simulation of the modeled scenario shows the feasibility of the framework. Apart from security verification, the approach can be adopted to decide if a product design can be manufactured with a given set of machine tools.
Since the early 1960, industrial process control has been applied by electric systems. In the mid 1970's, the term SCADA emerged, describing the automated control and data acquisition. Since most industrial and automation networks were physically isolated, security was not an issue. This changed, when in the early 2000's industrial networks were opened to the public internet. The reasons were manifold. Increased interconnectivity led to more productivity, simplicity and ease of use. It decreased the configuration overhead and downtimes for system adjustments. However, it also led to an abundance of new attack vectors. In recent time, there has been a remarkable amount of attacks on industrial companies and infrastructures. In this paper, known attacks on industrial systems are analysed. This is done by investigating the exploits that are available on public sources. The different types of attacks and their points of entry are reviewed in this paper. Trends in exploitation as well as targeted attack campaigns against industrial enterprises are introduced.
Ransomware is a malware category that exploits security mechanisms such as cryptography in order to hijack user files and related resources and demands money in exchange for the locked data. Therefore, ransomware has become a lucrative business that has gained increasing popularity among attackers. Unlike traditional malware, even after removal, ransomware's effect is irreversible and difficult to mitigate without the help of its creator. In addition to the downtime costs and the money that individuals and business entities could pay as a ransom, those victims could incur other damage such as loss of data, reputation, and life. To date, several studies have been conducted to address this unique, challenging threat and have tried to provide detection and prevention solutions. However, there is a lack of survey articles that explore the research endeavors in ransomware and highlight the challenges and issues faced by existing solutions. This survey fills the gap and provides a holistic state-of-the-art review of the research on ransomware and its detection and prevention techniques. The survey puts forward a novel ransomware taxonomy, from several perspectives. It then elaborates on the factors that lead to a successful ransomware attacks before discussing in detail the research into counteracting ransomware, including analysis, prevention, detection and prediction solutions. The survey concludes with a brief discussion on the open issues and potential research directions in the near future.
Context: Cyber-physical systems (CPSs) have emerged to be the next generation of engineered systems driving the so-called fourth industrial revolution. CPSs are becoming more complex, open and more prone to security threats, which urges security to be engineered systematically into CPSs. Model-Based Security Engineering (MBSE) could be a key means to tackle this challenge via security by design, abstraction and automation.
Objective: We aim at providing an initial assessment on the state of the art in MBSE for CPSs (MBSE4CPS). Specifically, this work focuses on finding out 1) the publication statistics of MBSE4CPS studies; 2) the characteristics of MBSE4CPS studies; and 3) the open issues of MBSE4CPS research.
Method: We conducted a systematic mapping study (SMS) following a rigorous protocol that was developed based on the state-of-the-art SMS and systematic review guidelines. From thousands of relevant publications, we systematically identified 34 primary MBSE4CPS studies for data extraction and synthesis to answer predefined research questions.
Results: SMS results show that for two recent years (2014-2015) the number of primary MBSE4CPS studies has increased significantly. Within the primary studies, the popularity of using Domain-Specific Languages (DSLs) is comparable with the use of the standardized UML modeling notation. Most primary studies do not explicitly address specific security concerns (e.g., confidentiality, integrity) but rather focus on security analyses in general on threats, attacks or vulnerabilities. Few primary studies propose to engineer security solutions for CPSs. Many focus on the early stages of development lifecycle such as security requirement engineering or analysis.
Conclusion: The SMS does not only provide the state of the art in MBSE4CPS, but also points out several open issues that would deserve more investigation, e.g., the lack of engineering security solutions for CPSs, limited tool support, too few industrial case studies, and the challenge of bridging DSLs in engineering secure CPSs.
Internet is considered a Critical Infrastructure (CI) that is vital for both the economy and the society. Disruptions caused by natural disasters, malicious human actions and even hardware failure pose serious risks. Emulation testbeds are increasingly used to study the Internet in order to improve protection and response mechanisms. These are frequently considered more adequate than software simulators to realistically recreate the complex behavior of networks. In this paper we study how testbeds based on the Emulab software can be used to conduct scientifically rigorous experiments, specifically in terms of: a) experiment fidelity, b) repeatability, c) measurement accuracy, and d) interference. Our study, which is based on extensive experimentation on different testbeds, indicates that the current trend of using emulation testbeds is justified as both realistic and efficient. We show that Emulab-based experiments are representative of real systems in terms of emerging behavior (qualitative) and that repeatable experiments are possible. The main contribution of this tutorial article is that based on experimental results we identified caveats and provided insights to significant configuration parameters and limitations that are further elaborated into a set of guidelines that any Emulab user should be aware of. Then, he/she can decide about the importance of each guideline in the context of a specific study and experiment.
Lowering the barriers to industrial control system security with GRFICS
- David Formby
- Milad Rad
- Raheem Beyah
- Formby David