Top

The Journal of Supercomputing

Published in:

18-12-2017

Design and implementation of cybersecurity testbed for industrial IoT systems

Authors: Seokcheol Lee, Seokjun Lee, Hyunguk Yoo, Sungmoon Kwon, Taeshik Shon

Published in: The Journal of Supercomputing | Issue 9/2018

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In the era of Industry 4.0, information and communication technology (ICT) has been applied to various critical infrastructures, such as power plants, smart factories, and financial networks, to ensure and automate industrial systems. In particular, in the field of power control systems, ICT technology such as industrial internet of things (IoT) is applied for efficient remote measurement. Therefore, legacy systems that were previously operated as standalone now have contact points with the external networks. In this trend, security vulnerabilities from legacy ICT have been inherited by power control systems. Therefore, various security technologies are being researched and developed to cope with cyber vulnerabilities and threats. However, it is risky to apply novel security technologies that are not verified as secure, to power control systems, the availability of which must be guaranteed to provide electricity consistently. Thus, verifying the effectiveness and stability of new security technologies is necessary to apply the technologies to power control systems. In this paper, we analyze the configuration and characteristics of the power control systems network, which is an area where industrial IoT technology is applied. We also build a testbed environment that can verify the security technology and conduct experiments to confirm the security technology for the power control system and the suitability of the testbed. The proposed testbed will be able to stably incorporate new security technologies into the critical industrial infrastructure. Further, it is also expected that the security and stability of the system will be enhanced.

previous article Enforcing high-level security policies for Internet of Things

next article Anonymous group key agreement protocol for multi-server and mobile environments based on Chebyshev chaotic maps

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Drias Z, Serhrouchni A, Vogel O (2015) Taxonomy of attacks on industrial control protocols. In: 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), Paris, pp 1–6

Yoo H, Shon T (2016) Challenges and research directions for heterogeneous cyber physical system based on IEC 61850: vulnerability, security requirement, and security architecture. Future Gener Comput Syst 61:128–136CrossRef

Lee S, Shon T (2016) User privacy-enhanced security architecture for home area network of smartgrid. Multimed Tools Appl 75(20):12749–12764CrossRef

Karnouskos S (2011) Stuxnet worm impact on industrial cyber-physical system security. In: IECON 2011–37th Annual Conference of the IEEE Industrial Electronics Society, Melbourne, VIC, pp 4490–4494

Liang G, Weller SR, Zhao J, Luo F, Dong ZY (2017) The 2015 ukraine blackout: implications for false data injection attacks. IEEE Trans Power Syst 32(4):3317–3318CrossRef

Messaoud BID, Guennoun K, Wahbi M, Sadik M (2016) Advanced persistent threat: new analysis driven by life cycle phases and their challenges. In: 2016 International Conference on Advanced Communication Systems and Information Security (ACOSIS), Marrakesh, pp 1–6

IEC 62351, Power system management and associated information exchange—data and communications security, IEC (2017)

NIST SP 800-82 Rev 2, Guide to industrial control systems (ICS) security (2015)

Mallouhi M, Al-Nashif Y, Cox D, Chadaga T, Hariri S (2011) A testbed for analyzing security of SCADA control systems (TASSCS). ISGT 2011, Hilton Anaheim, CA, pp 1–7

10.

Jarmakiewicz J, Maślanka K, Parobczak K (2015) Development of cyber security testbed for critical infrastructure. In: 2015 International Conference on Military Communications and Information Systems (ICMCIS), Cracow, pp 1–10

11.

Korkmaz E, Dolgikh A, Davis M, Skormin V (2016) ICS security testbed with delay attack case study. In: MILCOM 2016–2016 IEEE Military Communications Conference, Baltimore, MD, pp 283–288

12.

Kumar N, Madhuri J, ChanneGowda M (2017) Review on security and privacy concerns in internet of things. In: 2017 International Conference on IoT and Application (ICIOT), Nagapattinam, pp 1–5

13.

Yoo H, Shon T (2016) Grammar-based adaptive fuzzing: evaluation on SCADA modbus protocol. In: 2016 IEEE International Conference on Smart Grid Communications (SmartGridComm), Sydney, NSW, pp 557–563

14.

Niedermaier M, Fischer F, von Bodisco A (2017) PropFuzz-An IT-security fuzzing framework for proprietary ICS protocols. In: 2017 International Conference on Applied Electronics (AE), Pilsen, pp 1–4

15.

Karati A, Islam SH, Biswas GP, Bhuiyan MZA, Vijayakumar P, Karuppiah M (2017) Provably secure identity-based signcryption scheme for crowdsourced industrial internet of things environments. In: IEEE Internet of Things Journal

16.

Heo Y, Kim B, Kang D, Na J (2016) A design of unidirectional security gateway for enforcement reliability and security of transmission data in industrial control systems. In: 2016 18th International Conference on Advanced Communication Technology (ICACT), Pyeongchang, pp 310–313

17.

Bere M, Muyingi H (2015) Initial investigation of Industrial Control System (ICS) security using artificial immune system (AIS). In: 2015 International Conference on Emerging Trends in Networks and Computer Communications (ETNCC), Windhoek, pp 79–84

18.

Evesti A, Frantti T (2015) Situational awareness for security adaptation in industrial control systems. In: 2015 Seventh International Conference on Ubiquitous and Future Networks, Sapporo, pp 1–6

19.

Barbosa RRR, Sadre R, Pras A (2012) Towards periodicity based anomaly detection in SCADA networks. In: Proceedings of 2012 IEEE 17th International Conference on Emerging Technologies and Factory Automation (ETFA 2012), Krakow, pp 1–4

20.

Hong J, Liu CC, Govindarasu M (2014) Detection of cyber intrusions using network-based multicast messages for substation automation. In: ISGT 2014, Washington, DC, pp 1–5

21.

Gao W, Morris T, Reaves B, Richey D (2010) On SCADA control system command and response injection and intrusion detection. In: 2010 eCrime Researchers Summit. Dallas, TX, pp 1–9

22.

Yun J, Jeon S, Kim K, Kim W (2013) Burst-based anomaly detection on the DNP3 protocol. Int J Control Autom 6(2):313–324

23.

Robinson D, Kim C (2017) A cyber-defensive industrial control system with redundancy and intrusion detection. In: 2017 North American Power Symposium (NAPS). Morgantown, WV, USA, pp 1–6

24.

Singh P, Garg S, Kumar V, Saquib Z (2015) A testbed for SCADA cyber security and intrusion detection. In: 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), Shanghai, pp 1–6

25.

EPRI, DNP3 (IEEE Std 1815TM) Secure authentication: implementation and migration guide and demonstration report, 2014.12

26.

IEC 60870-6-503, Telecontrol equipment and systems—Part 6-503: Telecontrol protocols compatible with ISO standards and ITU-T recommendations—TASE.2 Services and protocol, IEC (2014)

27.

IEC 61850-8-1, Communication networks and systems for power utility automation—Part 8–1: specific communication service mapping (SCSM)—mappings to MMS (ISO 9506-1 and ISO 9506-2) and to ISO/IEC 8802-3, IEC (2011)

28.

US-CERT Vulnerability Notes, http://www.kb.cert.org/vuls

29.

Distributed Test Manger, http://trianglemicroworks.com/products/testing-and-configuration-tools/dtm-pages

30.

Iron, http://www.trianglemicroworks.com/products/testing-and-configuration-tools/iron-pages/

31.

Lee S, Yoo H, Seo J, Shon T (2016) Packet diversity-based anomaly detection system with OCSVM and representative model. In: 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Chengdu, pp 498–503

Title: Design and implementation of cybersecurity testbed for industrial IoT systems
Authors: Seokcheol Lee
Seokjun Lee
Hyunguk Yoo
Sungmoon Kwon
Taeshik Shon
Publication date: 18-12-2017
Publisher: Springer US
Published in: The Journal of Supercomputing / Issue 9/2018
Print ISSN: 0920-8542
Electronic ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-017-2219-z

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Other articles of this Issue 9/2018

AnyNoC: new network on a chip switching using the shared-memory and output-queue techniques for complex Internet of things systems

Performance evaluation framework design for smart sensor business

VQ-based data hiding in IoT networks using two-level encoding with adaptive pixel replacements

Energy-aware partitioning of fault-tolerant irregular topologies for 3D network-on-chips

A dimensionality reduction-based efficient software fault prediction using Fisher linear discriminant analysis (FLDA)

Adaptive correlated prefetch with large-scale hybrid memory system for stream processing

Premium Partner