ICSSIM — A framework for building industrial control systems security testbedsShow others and affiliations
2023 (English)In: Computers in industry (Print), ISSN 0166-3615, E-ISSN 1872-6194, Vol. 148, article id 103906Article in journal (Refereed) Published
Abstract [en]
With the advent of the smart industry, Industrial Control Systems (ICS) moved from isolated environments to connected platforms to meet Industry 4.0 targets. The inherent connectivity in these services exposes such systems to increased cybersecurity risks. To protect ICSs against cyberattacks, intrusion detection systems (IDS) empowered by machine learning are used to detect abnormal behavior of the systems. Operational ICSs are not safe environments to research IDSs due to the possibility of catastrophic risks. Therefore, realistic ICS testbeds enable researchers to analyze and validate their IDSs in a controlled environment. Although various ICS testbeds have been developed, researchers’ access to a low-cost, extendable, and customizable testbed that can accurately simulate ICSs and suits security research is still an important issue. In this paper, we present ICSSIM, a framework for building customized virtual ICS security testbeds in which various cyber threats and network attacks can be effectively and efficiently investigated. This framework contains base classes to simulate control system components and communications. Simulated components are deployable on actual hardware such as Raspberry Pis, containerized environments like Docker, and simulation environments such as GNS-3. ICSSIM also offers physical process modeling using software and hardware in the loop simulation. This framework reduces the time for developing ICS components and aims to produce extendable, versatile, reproducible, low-cost, and comprehensive ICS testbeds with realistic details and high fidelity. We demonstrate ICSSIM by creating a testbed and validating its functionality by showing how different cyberattacks can be applied. © 2023 The Authors
Place, publisher, year, edition, pages
Elsevier B.V. , 2023. Vol. 148, article id 103906
Keywords [en]
Cyberattack, Cybersecurity, Industrial control system, Network emulation, Testbed, Computer crime, Control systems, Costs, Cyber attacks, Intrusion detection, Network security, Abnormal behavior, Control system security, Cyber security, Cyber-attacks, Industrial control systems, Intrusion Detection Systems, Low-costs, Machine-learning, System components, Testbeds
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:ri:diva-64314DOI: 10.1016/j.compind.2023.103906Scopus ID: 2-s2.0-85151016386OAI: oai:DiVA.org:ri-64314DiVA, id: diva2:1755172
Note
Correspondence Address: Dehlaghi-Ghadim, A.; RISE Research Institute of Sweden, Sweden; email: alireza.dehlaghi.ghadim@ri.se; Funding details: 876038; Funding details: Horizon 2020 Framework Programme, H2020; Funding details: Horizon 2020; Funding text 1: This work was supported by InSecTT (www.insectt.eu), which received funding from the KDT Joint Undertaking (JU) under grant agreement No 876038. The JU receives support from the European Union's Horizon 2020 research and innovation programme and Austria, Sweden, Spain, Italy, France, Portugal, Ireland, Finland, Slovenia, Poland, Netherlands, Turkey, Belgium, Germany, Czech Republic, Denmark, Norway. The document reflects only the authors’ views and the Commission is not responsible for any use that may be made of the information it contains. We would like to thank Westermo AB company for providing us with access to their test environment for conducting experiments on the physical setup.; Funding text 2: This work was supported by InSecTT ( www.insectt.eu ), which received funding from the KDT Joint Undertaking (JU) under grant agreement No 876038 . The JU receives support from the European Union’s Horizon 2020 research and innovation programme and Austria, Sweden, Spain, Italy, France, Portugal, Ireland, Finland, Slovenia, Poland, Netherlands, Turkey, Belgium, Germany, Czech Republic, Denmark, Norway. The document reflects only the authors’ views and the Commission is not responsible for any use that may be made of the information it contains.
2023-05-052023-05-052023-10-30Bibliographically approved