Skip to main content
SpringerLink
Log in

A Survey of Industrial Control System Testbeds

  • Conference paper
Secure IT Systems (NordSec 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9417))

Included in the following conference series:

Abstract

Conducting security tests such as vulnerability discovery within Industrial Control Systems (ICS) help reduce their vulnerability to cyber attacks. Unfortunately, the extreme availability requirements on ICS in operation make it difficult to conduct security tests in practice. For this reason, researchers and practitioners turn to testbeds that mimic real ICS. This study surveys ICS testbeds that have been proposed for scientific research. A total of 30 testbeds are identified. Most of these aim to facilitate vulnerability analysis, education and tests of defense mechanisms. Testbed components are typically implemented as simulation models. Testbed fidelity is rarely addressed, and at best briefly discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. (AGA), A.G.A.: Cryptographic protection of scada communications - retrofittingserial communications. Tech. rep., American Gas Association (AGA) (2006)

    Google Scholar 

  2. Almalawi, A., Tari, Z., Khalil, I., Fahad, A.: Scadavt-a framework for scada security testbed based on virtualization technology. In: 2013 IEEE 38th Conference on Local Computer Networks (LCN), pp. 639–646. IEEE (2013)

    Google Scholar 

  3. Åsberg, M., Forsberg, N., Nolte, T., Kato, S.: Towards real-time scheduling of virtual machines without kernel modifications. In: 2011 IEEE 16th Conference on Emerging Technologies & Factory Automation (ETFA), pp. 1–4. IEEE (2011)

    Google Scholar 

  4. Beach, R., Kimnach, G., Jett, T., Trash, L.: Evaluation of power control concepts using the pmad systems test bed. In: Proceedings of the 24th Intersociety Energy Conversion Engineering Conference, IECEC 1989, pp. 327–332. IEEE (1989)

    Google Scholar 

  5. Benzel, T.: The science of cyber security experimentation: the deter project. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 137–148. ACM (2011)

    Google Scholar 

  6. Bergman, D.C.: Power grid simulation, evaluation, and test framework (2010)

    Google Scholar 

  7. Bergman, D.C., Jin, D.K., Nicol, D.M., Yardley, T.: The virtual power system testbed and inter-testbed integration. In: CSET (2009)

    Google Scholar 

  8. Christiansson, H., Luiijf, E.: Creating a european scada security testbed. In: Goetz, E., Shenoi, S. (eds.) Critical Infrastructure Protecti. IFIP, vol. 253, pp. 237–247. Springer, Boston (2008)

    Chapter  Google Scholar 

  9. Chunlei, W., Lan, F., Yiqi, D.: A simulation environment for scada security analysis and assessment. In: 2010 International Conference on Measuring Technology and Mechatronics Automation (ICMTMA), vol. 1, pp. 342–347. IEEE (2010)

    Google Scholar 

  10. Cohen, J.: Weighted kappa: Nominal scale agreement provision for scaled disagreement or partial credit. Psychological Bulletin 70(4), 213 (1968)

    Article  Google Scholar 

  11. Darwish, K.W., Dhaouadi, R., et al.: Virtual scada simulation system for power substation. In: 4th International Conference on Innovations in Information Technology, IIT 2007, pp. 322–326. IEEE (2007)

    Google Scholar 

  12. Davis, C., Tate, J., Okhravi, H., Grier, C., Overbye, T., Nicol, D.: Scada cyber security testbed development. In: Proceedings of the 38th North American power symposium (NAPS 2006), pp. 483–488 (2006)

    Google Scholar 

  13. Davis, J., Magrath, S.: A survey of cyber ranges and testbeds. Tech. rep, DTIC Document (2013)

    Google Scholar 

  14. Dondossola, G., Garrone, F., Szanto, J.: Cyber risk assessment of power control systems-a metrics weighed by attack experiments. In: 2011 IEEE Power and Energy Society General Meeting, pp. 1–9. IEEE (2011)

    Google Scholar 

  15. Edgar, T., Manz, D., Carroll, T.: Towards an experimental testbed facility for cyber-physical security research. In: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, p. 53. ACM (2011)

    Google Scholar 

  16. Fovino, I.N., Masera, M., Guidi, L., Carpi, G.: 2010 3rd Conference on An experimental platform for assessing scada vulnerabilities and countermeasures in power plants. In: Human System Interactions (HSI), pp. 679–686. IEEE (2010)

    Google Scholar 

  17. Gao, H., Peng, Y., Dai, Z., Wang, T., Jia, K.: The design of ics testbed based on emulation, physical, and simulation (eps-ics testbed). In: 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 420–423. IEEE (2013)

    Google Scholar 

  18. Giani, A., Karsai, G., Roosta, T., Shah, A., Sinopoli, B., Wiley, J.: A testbed for secure and robust scada systems. ACM SIGBED Review 5(2), 4 (2008)

    Article  Google Scholar 

  19. Gluhak, A., Krco, S., Nati, M., Pfisterer, D., Mitton, N., Razafindralambo, T.: A survey on facilities for experimental internet of things research. IEEE Communications Magazine 49(11), 58–67 (2011)

    Article  Google Scholar 

  20. Guglielmi, M., Nai, I., Perez-Garcia, A., Siaterlis, C.: A preliminary study of a wireless process control network using emulation testbeds. In: Chatzimisios, P., Verikoukis, C., Santamaría, I., Laddomada, M., Hoffmann, O. (eds.) MOBILIGHT 2010. LNICST, vol. 45, pp. 268–279. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  21. Guo, F., Herrera, L., Alsolami, M., Li, H., Xu, P., Lu, X., Lang, A., Wang, J., Long, Z.: Design and development of a reconfigurable hybrid microgrid testbed. In: 2013 IEEE Energy Conversion Congress and Exposition (ECCE), pp. 1350–1356. IEEE (2013)

    Google Scholar 

  22. Hahn, A., Govindarasu, M.: An evaluation of cybersecurity assessment tools on a scada environment. In: 2011 IEEE Power and Energy Society General Meeting, pp. 1–6. IEEE (2011)

    Google Scholar 

  23. Hahn, A., Kregel, B., Govindarasu, M., Fitzpatrick, J., Adnan, R., Sridhar, S., Higdon, M.: Development of the powercyber scada security testbed. In: Proceedings of the Sixth Annual Workshop on cyber Security and Information Intelligence Research, p. 21. ACM (2010)

    Google Scholar 

  24. Haney, M., Papa, M.: A framework for the design and deployment of a scada honeynet. In: Proceedings of the 9th Annual Cyber and Information Security Research Conference, pp. 121–124. ACM (2014)

    Google Scholar 

  25. Harwell, S.D., Gore, C.M.: Synthetic cyber environments for training and exercising cyberspace operations. M&S Journal, 36–48 (2013)

    Google Scholar 

  26. Hieb, J., Graham, J., Patel, S.: Security enhancements for distributed control systems. In: Goetz, E., Shenoi, S. (eds.) Critical Infrastructure Protection. IFIP, vol. 253, pp. 133–146. Springer, Boston (2008)

    Chapter  Google Scholar 

  27. (INL), I.N.L.: Control system automated vulnerability assessment study. Tech. rep., Idaho National Laboratory (INL) (2013)

    Google Scholar 

  28. Jurisic, B., Holjevac, N., Morvaj, B.: Framework for designing a smart grid testbed. In: 2013 36th International Convention on Information & Communication Technology Electronics & Microelectronics (MIPRO), pp. 1247–1252. IEEE (2013)

    Google Scholar 

  29. Kitchenham, B.: Procedures for performing systematic reviews. Keele, UK, Keele University 33(2004), 1–26 (2004)

    Google Scholar 

  30. Kush, N., Clark, A.J., Foo, E.: Smart grid test bed design and implementation (2010)

    Google Scholar 

  31. Leblanc, S.P., Partington, A., Chapman, I., Bernier, M.: An overview of cyber attack and computer network operations simulation. In: Proceedings of the 2011 Military Modeling & Simulation Symposium, pp. 92–100. Society for Computer Simulation International (2011)

    Google Scholar 

  32. Lüders, S.: Cern tests reveal security flaws with industrial network devices. The Industrial Ethernet Book 35(CERN-OPEN-2006-074), pp. 12–23 (2006)

    Google Scholar 

  33. Mallouhi, M., Al-Nashif, Y., Cox, D., Chadaga, T., Hariri, S.: A testbed for analyzing security of scada control systems (tasscs). In: 2011 IEEE PES Innovative Smart Grid Technologies (ISGT), pp. 1–7. IEEE (2011)

    Google Scholar 

  34. Moore, D., Murray, J., Maturana, F., Wendel, T., Loparo, K., et al.: Agent-based control of a dc microgrid. In: 2013 IEEE Energytech, pp. 1–6. IEEE (2013)

    Google Scholar 

  35. Morris, T., Srivastava, A., Reaves, B., Gao, W., Pavurapu, K., Reddi, R.: A control system testbed to validate critical infrastructure protection concepts. International Journal of Critical Infrastructure Protection 4(2), 88–103 (2011)

    Article  Google Scholar 

  36. Morris, T., Vaughn, R., Dandass, Y.S.: A testbed for scada control system cybersecurity research and pedagogy. In: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, p. 27. ACM (2011)

    Google Scholar 

  37. Mossberg Sonnek, K., Holm, H., Lindgren, J., Lindgren, F., Westring, E.: Foi-r-4029-se, ncs3 - informations- och styrsystem inom spårbunden trafik, en kartläggning. Tech. rep., Swedish Defence Research Agency (FOI) (2014)

    Google Scholar 

  38. Nanda, T.C., Chiueh, S.: A survey on virtualization technologies. RPE Report, pp. 1–42 (2005)

    Google Scholar 

  39. Pegden, C.D., Sadowski, R.P., Shannon, R.E.: Introduction to simulation using SIMAN. McGraw-Hill, Inc. (1995)

    Google Scholar 

  40. Queiroz, C., Mahmood, A., Tari, Z.: Scadasim-a framework for building scada simulations. IEEE Transactions on Smart Grid 2(4), 589–597 (2011)

    Article  Google Scholar 

  41. Reaves, B., Morris, T.: An open virtual testbed for industrial control system security research. International Journal of Information Security 11(4), 215–229 (2012)

    Article  Google Scholar 

  42. Reddi, R.M., Srivastava, A.K.: Real time test bed development for power system operation, control and cyber security. In: 2010 North American Power Symposium (NAPS), pp. 1–6. IEEE (2010)

    Google Scholar 

  43. Salazar, E., Macías, M.E., et al.: Virtual 3d controllable machine models for implementation of automations laboratories. In: 39th IEEE Frontiers in Education Conference, FIE 2009, pp. 1–5. IEEE (2009)

    Google Scholar 

  44. Sayegh, N., Chehab, A., Elhajj, I.H., Kayssi, A.: Internal security attacks on scada systems. In: 2013 Third International Conference on Communications and Information Technology (ICCIT), pp. 22–27. IEEE (2013)

    Google Scholar 

  45. Scarfone, K.A., Souppaya, M.P., Cody, A., Orebaugh, A.D.: Sp 800–115. technical guide to information security testing and assessment (2008)

    Google Scholar 

  46. Schriber, T.J.: Introduction to simulation. In: Proceedings of the 9th Conference on Winter Simulation, vol. 1, p. 23. Winter Simulation Conference (1977)

    Google Scholar 

  47. Shahzad, A., Musa, S., Aborujilah, A., Irfan, M.: A new cloud based supervisory control and data acquisition implementation to enhance the level of security using testbed. Journal of Computer Science 10(4), 652 (2014)

    Article  Google Scholar 

  48. Shahzad, A., Musa, S., Aborujilah, A., Irfan, M.: Secure cryptography testbed implementation for scada protocols security. In: 2013 International Conference on Advanced Computer Science Applications and Technologies (ACSAT), pp. 315–320. IEEE (2013)

    Google Scholar 

  49. Siaterlis, C., Garcia, A.P., Genge, B.: On the use of emulab testbeds for scientifically rigorous experiments. IEEE Communications Surveys & Tutorials 15(2), 929–942 (2013)

    Article  Google Scholar 

  50. Siaterlis, C., Genge, B.: Cyber-physical testbeds. Communications of the ACM 57(6), 64–73 (2014)

    Article  Google Scholar 

  51. Stefanov, A., Liu, C.C.: Cyber-power system security in a smart grid environment. In: 2012 IEEE PES Innovative Smart Grid Technologies (ISGT), pp. 1–3. IEEE (2012)

    Google Scholar 

  52. Stites, J., Siraj, A., Brown, E.L.: Smart grid security educational trainingwith thundercloud: A virtual security test bed. In: Proceedings of the 2013 on InfoSecCD 2013: Information Security Curriculum Development Conference, p. 105. ACM (2013)

    Google Scholar 

  53. Stouffer, K., Falco, J., Scarfone, K.: Guide to industrial control systems (ics) security. NIST Special Publication 800(82), 16–16 (2007)

    Google Scholar 

  54. Suh, J., Oh, J., Choi, J., Goff, J., Tao, J., Song, E., Fu, P., Lee, G., Eom, K.: Korean r&d on the converter controller for iter ac/dc converters. In: 2011 IEEE/NPSS 24th Symposium on Fusion Engineering (SOFE), pp. 1–5. IEEE (2011)

    Google Scholar 

  55. Sun, Y., Ma, T., Huang, B., Xu, W., Yu, B., Zhu, Y.: Risk assessment of power system secondary devices for power grid operation. In: 2012 China International Conference on Electricity Distribution (CICED), pp. 1–5. IEEE (2012)

    Google Scholar 

  56. Urias, V., Van Leeuwen, B., Richardson, B.: Supervisory command and data acquisition (scada) system cyber security analysis using a live, virtual, and constructive (lvc) testbed. In: Military Communications Conference, MILCOM 2012, pp. 1–8. IEEE (2012)

    Google Scholar 

  57. Vaughn, R.B., Morris, T., Sitnikova, E.: Development & expansion of an industrial control system security laboratory and an international research collaboration. In: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop, p. 18. ACM (2013)

    Google Scholar 

  58. Wang, Y.F., Zhang, T., Ma, Y.Y., Zhang, B.: An information security assessments framework for power control systems. In: Advanced Materials Research, vol. 805, pp. 980–984. Trans. Tech. Publ. (2013)

    Google Scholar 

  59. Widström, A.: Foi-r-4029-se, möjligheter och problem vid analys av fientlig kod riktad mot siemens s7-serie. Tech. rep, Swedish Defence Research Agency (FOI) (2012)

    Google Scholar 

  60. Xi, S., Xu, M., Lu, C., Phan, L.T., Gill, C., Sokolsky, O., Lee, I.: Real-time multi-core virtual machine scheduling in xen. In: 2014 International Conference on Embedded Software (EMSOFT), pp. 1–10. IEEE (2014)

    Google Scholar 

  61. Yang, Y., McLaughlin, K., Sezer, S., Littler, T., Im, E.G., Pranggono, B., Wang, H.: Multiattribute scada-specific intrusion detection system for power networks. IEEE Transactions on Power Delivery 29(3), 1092–1102 (2014)

    Article  Google Scholar 

  62. Yoo, S., Park, M., Yoo, C.: A step to support real-time in virtual machine. In: 6th IEEE Consumer Communications and Networking Conference, CCNC 2009, pp. 1–7. IEEE (2009)

    Google Scholar 

  63. Zamorano, J., De La Puente, J., et al.: Design and implementation of real-time distributed systems with the assert virtual machine. In: 2010 IEEE Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1–7. IEEE (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Swedish Defence Research Agency (FOI), Olaus Magnus väg 42, Linköping, Sweden

    Hannes Holm, Martin Karresand, Arne Vidström & Erik Westring

Authors
  1. Hannes Holm
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Karresand
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arne Vidström
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Erik Westring
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. KTH Royal Institute of Technology , Stockholm, Sweden

    Sonja Buchegger  & Mads Dam  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Holm, H., Karresand, M., Vidström, A., Westring, E. (2015). A Survey of Industrial Control System Testbeds. In: Buchegger, S., Dam, M. (eds) Secure IT Systems. NordSec 2015. Lecture Notes in Computer Science, vol 9417. Springer, Cham. https://doi.org/10.1007/978-3-319-26502-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-26502-5_2

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-26501-8

  • Online ISBN: 978-3-319-26502-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation