Abstract
Testbeds that realistically mimic the operation of critical infrastructure are of significant value to researchers. One such testbed, named Electrical Power and Intelligent Control (EPIC), is described in this paper together with examples of its use for research in the design of secure smart-grids. EPIC includes generation, transmission, smart home, and micro-grid. EPIC enables researchers to conduct research in an active and realistic environment. It can also be used to understand the cascading effects of failures in one Industrial Control System (ICS) on another, and to assess the effectiveness of novel attack detection algorithms. Four feasible attack scenarios on EPIC are described. Two of these scenarios, demonstrated on EPIC, namely a power supply interruption attack and a physical damage attack, and possible mitigation, are also described.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
CoDeSys is an integrated development environment for programming controllers such as WAGO PLCs.
References
Wago Programmable Logic Controllers (2009). http://www.wago.us
Adepu, S., Mathur, A.: An investigation into the response of a water treatment system to cyber attacks. In: Proceedings of the 17th IEEE High Assurance Systems Engineering Symposium, Orlando, January 2016
Adepu, S., Mathur, A.: Distributed attack detection in a water treatment plant: method and case study. In: IEEE Transactions on Dependable and Secure Computing (2018, to appear)
Adepu, S., Mathur, A.: Distributed detection of single-stage multipoint cyber attacks in a water treatment plant. In: Proceedings of the 11th ACM Asia Conference on Computer and Communications Security, pp. 449–460. ACM, New York, May 2016
Adepu, S., Mathur, A.: Generalized attacker and attack models for cyber-physical systems. In: Proceedings of the 40th Annual International Computers, Software and Applications Conference, Atlanta, USA, pp. 283–292. IEEE, June 2016
Adepu, S., Shrivastava, S., Mathur, A.: Argus: an orthogonal defense framework to protect public infrastructure against cyber-physical attacks. IEEE Internet Comput. 20(5), 38–45 (2016)
Adepu, S., Mathur, A.: Assessing the effectiveness of attack detection at a hackfest on industrial control systems. arXiv preprint arXiv:1809.04786 (2018)
Ahmed, C.M., Palleti, V.R., Mathur, A.: WADI: a water distribution testbed for research in the design of secure cyber physical systems. In: The 3rd International Workshop on Cyber-Physical Systems for Smart Water Networks, April 2017
Biswas, S.S., Kim, J.H., Srivastava, A.K.: Development of a smart grid test bed and applications in PMU and PDC testing. In: 2012 North American Power Symposium (NAPS), pp. 1–6 (2012)
Caulfield, T., Ioannidis, C., Pym, D.: The U.S. vulnerabilities equities process: an economic perspective. In: Rass, S., An, B., Kiekintveld, C., Fang, F., Schauer, S. (eds.) GameSec 2017. LNCS, vol. 10575, pp. 131–150. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68711-7_8
Cintuglu, M.H., Mohammed, O.A., Akkaya, K., Uluagac, A.S.: A survey on smart grid cyber-physical system testbeds. IEEE Commun. Surv. Tutor. 19(1), 446–464 (2017)
CODESYS: Codesys-industrial IEC 61131–3 PLC programming (2018). https://www.codesys.com/
CVE-2017-0144: Windows SMB remote code execution vulnerability (2017). https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144
ICS-CERT Advisories (2018). https://ics-cert.us-cert.gov/advisories
Du, L., Liu, Q.Y.: The design of communication system on the real-time relay protection based on goose. In: 2012 Asia-Pacific Power and Energy Engineering Conference, pp. 1–5 (2012)
Dumitrache, I., Dogaru, D.I.: Smart grid overview: infrastructure, cyber-physical security and challenges. In: 2015 20th International Conference on Control Systems and Computer Science, pp. 693–699 (2015)
EMA: Pulau ubin micro-grid test bed (2013). https://www.ema.gov.sg/Pulau_Ubin_Micro-grid_Test_Bed.aspx
Formby, D., Walid, A., Beyah, R.: A case study in power substation network dynamics. Proc. ACM Meas. Anal. Comput. Syst. 1, 19 (2017)
Giraldo, J., Cárdenas, A., Quijano, N.: Integrity attacks on real-time pricing in smart grids: impact and countermeasures. IEEE Trans. Smart Grid 8, 2249–2257 (2017)
Gunathilaka, P., Mashima, D., Chen, B.: SoftGrid: a software-based smart grid testbed for evaluating substation cybersecurity solutions. In: Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy. CPS-SPC 2016 (2016)
He, Y., Mendis, G.J., Wei, J.: Real-time detection of false data injection attacks in smart grid: a deep learning-based intelligent mechanism. IEEE Trans. Smart Grid 8(5), 2505–2516 (2017)
Hernandez, M., Ramos, G., Lwin, M., Siratarnsophon, P., Santoso, S.: Embedded real-time simulation platform for power distribution systems. IEEE Access 6, 6243–6256 (2017)
Kandasamy, N.K., Badrinarayanan, R., Kanamarlapudi, V.R.K., Tseng, K.J., Soong, B.H.: Performance analysis of machine-learning approaches for modeling the charging/discharging profiles of stationary battery systems with non-uniform cell aging. Batteries 3(2), 18 (2017)
Kharraz, A.: Techniques and solutions for addressing ransomware attacks (2017)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49–51 (2011)
Lee, E.A.: Cyber-physical systems: design challenges. Technical Report UCB/EECS-2008-8, EECS Department, University of California, Berkeley, January 2008. http://www.eecs.berkeley.edu/Pubs/TechRpts/2008/EECS-2008-8.html
Lopez, J., Rubio, J.E., Alcaraz, C.: A resilient architecture for the smart grid. IEEE Trans. Industr. Inf. 14, 3745–3753 (2018)
Mackiewicz, R.: Overview of IEC 61850 and benefits. In: Power Systems Conference and Exposition, 2006. PSCE 2006. 2006 IEEE PES, pp. 623–630. IEEE (2006)
Mascarella, D., Chlela, M., Joos, G., Venne, P.: Real-time testing of power control implemented with IEC 61850 GOOSE messaging in wind farms featuring energy storage. In: 2015 IEEE Energy Conversion Congress and Exposition (ECCE), pp. 6710–6715 (2015)
Mathur, A.P., Tippenhauer, N.O.: SWaT: a water treatment testbed for research and training on ICS security. In: International Workshop on Cyber-Physical Systems for Smart Water Networks (CySWater), USA, pp. 31–36. IEEE, April 2016
McDaniel, P., McLaughlin, S.: Security and privacy challenges in the smart grid. IEEE Secur. Priv. 7, 75–77 (2009)
MITRE: CVE-2012-6068 (2012). https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6068
Nakashima, E., Timberg, C.: NSA officials worried about the day its potent hacking tool would get loose. Then it did. Washington Post (2017). https://www.washingtonpost.com/business/technology/nsa-officials-worried-about-the-day-its-potent-hacking-tool-would-get-loosethen-it-did/2017/05/16/50670b16-3978-11e7-a058-ddbb23c75d82_story.html
Paithankar, Y.G., Bhide, S.: Fundamentals of Power System Protection. PHI Learning Pvt. Ltd., New Delhi (2011)
PcVue: PcVue: versatile HMI-SCADA software (2018). https://www.pcvuesolutions.com/index.php/products-a-technology/pcvue-hmiscada-48583
Qi, J., Hahn, A., Lu, X., Wang, J., Liu, C.C.: Cybersecurity for distributed energy resources and smart inverters. IET Cyber-Phys. Syst.: Theory Appl. 1(1), 28–39 (2016)
Rocchetto, M., Tippenhauer, N.O.: On attacker models and profiles for cyber-physical systems. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 427–449. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45741-3_22
Shelar, D., Sun, P., Amin, S., Zonouz, S.: Compromising security of economic dispatch in power system operations. In: 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (2017)
Siddiqi, A., Tippenhauer, N.O., Mashima, D., Chen, B.: On practical threat scenario testing in an electric power ICS testbed. In: Proceedings of the 4th ACM Workshop on Cyber-Physical System Security, pp. 15–21 (2018)
Sørensen, J.T., Jaatun, M.G.: An analysis of the manufacturing messaging specification protocol. In: Sandnes, F.E., Zhang, Y., Rong, C., Yang, L.T., Ma, J. (eds.) UIC 2008. LNCS, vol. 5061, pp. 602–615. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-69293-5_47
Tudor, V., Almgren, M., Papatriantafilou, M.: The influence of dataset characteristics on privacy preserving methods in the advanced metering infrastructure. Comput. Secur. 76, 178–196 (2018)
Tunaboylu, N.S., Shehu, G., Argin, M., Yalcinoz, T.: Development of smart grid test-bed for electric power distribution system. In: 2016 IEEE Conference on Technologies for Sustainability (SusTech), pp. 184–187 (2016)
Weinberger, S.: Computer security: is this the start of cyberwarfare? Nature 174, 142–145 (2011)
Zeller, M.: Myth or reality? Does the aurora vulnerability pose a risk to my generator? In: 2011 64th Annual Conference for Protective Relay Engineers, pp. 130–136 (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Adepu, S., Kandasamy, N.K., Mathur, A. (2019). EPIC: An Electric Power Testbed for Research and Training in Cyber Physical Systems Security. In: Katsikas, S., et al. Computer Security. SECPRE CyberICPS 2018 2018. Lecture Notes in Computer Science(), vol 11387. Springer, Cham. https://doi.org/10.1007/978-3-030-12786-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-12786-2_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12785-5
Online ISBN: 978-3-030-12786-2
eBook Packages: Computer ScienceComputer Science (R0)