Advertisement

Deriving a Cost-Effective Digital Twin of an ICS to Facilitate Security Evaluation

  • Ron Bitton
  • Tomer Gluck
  • Orly Stan
  • Masaki Inokuchi
  • Yoshinobu Ohta
  • Yoshiyuki Yamada
  • Tomohiko Yagyu
  • Yuval Elovici
  • Asaf Shabtai
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11098)

Abstract

Industrial control systems (ICSs), and particularly supervisory control and data acquisition (SCADA) systems, are used in many critical infrastructures and are inherently insecure, making them desirable targets for attackers. ICS networks differ from typical enterprise networks in their characteristics and goals; therefore, security assessment methods that are common in enterprise networks (e.g., penetration testing) cannot be directly applied in ICSs. Thus, security experts recommend using an isolated environment that mimics the real one for assessing the security of ICSs. While the use of such environments solves the main challenge in ICS security analysis, it poses another one: the trade-off between budget and fidelity. In this paper we suggest a method for creating a digital twin that is network-specific, cost-efficient, highly reliable, and security test-oriented. The proposed method consists of two modules: a problem builder that takes facts about the system under test and converts them into a rules set that reflects the system’s topology and digital twin implementation constraints; and a solver that takes these inputs and uses 0–1 non-linear programming to find an optimal solution (i.e., a digital twin specification), which satisfies all of the constraints. We demonstrate the application of our method on a simple use case of a simplified ICS network.

Keywords

Industrial control systems Supervisory control and data acquisition Penetration test Non linear integer programming 

Supplementary material

References

  1. 1.
    Cyber security assessment of industrial control systems - a good practice guide. Technical report, Centre for the Protection of National Infrastructure, April 2011Google Scholar
  2. 2.
    Alves, T., Das, R., Morris, T.: Virtualization of industrial control system testbeds for cybersecurity, pp. 10–14. ACMGoogle Scholar
  3. 3.
    Gao, H., Peng, Y., Dai, Z., Wang, T., Jia, K.: The design of ICS testbed based on emulation, physical, and simulation (EPS-ICS testbed). In: 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 420–423. IEEE (2013)Google Scholar
  4. 4.
    Genge, B., Siaterlis, C., Fovino, I.N., Masera, M.: A cyber-physical experimentation environment for the security analysis of networked industrial control systems. Comput. Electr. Eng. 38(5), 1146–1161 (2012)CrossRefGoogle Scholar
  5. 5.
    Green, B., Lee, A., Antrobus, R., Roedig, U., Hutchison, D., Rashid, A.: Pains, gains and PLCs: ten lessons from building an industrial control systems testbed for security research. In: 10th USENIX Workshop on Cyber Security Experimentation and Test (CSET 2017). USENIX Association, Vancouver (2017)Google Scholar
  6. 6.
    Grieves, M., Vickers, J.: Digital twin: mitigating unpredictable, undesirable emergent behavior in complex systems. In: Kahlen, F.-J., Flumerfelt, S., Alves, A. (eds.) Transdisciplinary Perspectives on Complex Systems, pp. 85–113. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-38756-7_4CrossRefGoogle Scholar
  7. 7.
    Holm, H., Karresand, M., Vidström, A., Westring, E.: A Survey of Industrial Control System Testbeds. Springer, Cham (2015)CrossRefGoogle Scholar
  8. 8.
    Lemay, A., Fernandez, J., Knight, S.: An isolated virtual cluster for SCADA network security research. In: Proceedings of the 1st International Symposium for ICS & SCADA Cyber Security Research, p. 88 (2013)Google Scholar
  9. 9.
    Leszczyna, R., Egozcue, E., Tarrafeta, L., Villar, V.F., Estremera, R., Alonso, J.: Protecting industrial control systems-recommendations for Europe and member states. Technical report (2011)Google Scholar
  10. 10.
    Li, D., Sun, X.: Nonlinear Integer Programming, vol. 84. Springer, Cham (2006)MATHGoogle Scholar
  11. 11.
    McLaughlin, S., Konstantinou, C., Wang, X., Davi, L., Sadeghi, A.-R., Maniatakos, M., Karri, R.: The cybersecurity landscape in industrial control systems. Proc. IEEE 104(5), 1039–1057 (2016)CrossRefGoogle Scholar
  12. 12.
    Mitchell, R., Chen, I.-R.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. (CSUR) 46(4), 55 (2014)CrossRefGoogle Scholar
  13. 13.
    Murray, W., Ng, K.-M.: An algorithm for nonlinear optimization problems with binary variables. Comput. Optim. Appl. 47(2), 257–288 (2010)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Nazir, S., Patel, S., Patel, D.: Assessing and augmenting SCADA cyber security: a survey of techniques. Comput. Secur. 70, 436–454 (2017)CrossRefGoogle Scholar
  15. 15.
    Qassim, Q., et al.: A survey of SCADA testbed implementation approaches. Indian J. Sci. Technol. 10, 26 (2017)CrossRefGoogle Scholar
  16. 16.
    Searle, J.: NESCOR guide to penetration testing for electric utilities. Technical report, National Electric Sector Cybersecurity Organization Resource (NESCOR)Google Scholar
  17. 17.
    Siaterlis, C., Genge, B.: Cyber-physical testbeds. Commun. ACM 57(6), 64–73 (2014)CrossRefGoogle Scholar
  18. 18.
    Stouffer, K., Falco, J., Scarfone, K.: Guide to industrial control systems (ICS) security. NIST Spec. Publ. 800(82), 16 (2011)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Ron Bitton
    • 1
  • Tomer Gluck
    • 1
  • Orly Stan
    • 1
  • Masaki Inokuchi
    • 2
  • Yoshinobu Ohta
    • 2
  • Yoshiyuki Yamada
    • 2
  • Tomohiko Yagyu
    • 2
  • Yuval Elovici
    • 1
  • Asaf Shabtai
    • 1
  1. 1.Department of Software and Information Systems EngineeringBen-Gurion University of the NegevBeershebaIsrael
  2. 2.Security Research LaboratoriesNEC CorporationMinatoJapan

Personalised recommendations