Abstract
There are significant concerns regarding the lack of proficient cybersecurity professionals with a background in both Information Technology (IT) and Operational Technology (OT). To alleviate this problem, we propose an open and flexible laboratory for experimenting with an IT/OT infrastructure and the related cybersecurity problems, such as emulating attacks and understanding how they work and how they could be identified and mitigated. We also report our experience in using the laboratory during a one-week training event with 24 students from 7 different high-schools at the mechatronics prototyping facility ProM in Rovereto (Italy).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
All the material is available at https://sites.google.com/fbk.eu/itotlab.
- 3.
The solution developed by students is available at: https://gitlab.fbk.eu/promcamp/promcamp-2019.
- 4.
One of the author owns a company performing offensive security activities, especially on IT/OT infrastructures; another is the head of the Security&Trust Research Unit at Fondazione Bruno Kessler in Trento (Italy).
- 5.
This misalignment derives from the original Modbus protocol (of which ModbusTCP is a direct evolution).
- 6.
A search engine for Internet-connected devices at https://www.shodan.io.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
In particular the program structure, data types, functions, waits and loops.
- 14.
- 15.
In particular the working voltage and if analog or digital.
- 16.
- 17.
That will either sample analog signals or provide digital measures.
- 18.
- 19.
A guide will help them in using AWS RDS or DocumentDB, and connect them to the VM via AWS VPN.
- 20.
- 21.
- 22.
- 23.
During the ProM 2019 event, an old version of Mosquitto was deployed to exploit a known vulnerability (CVE-2018-12543).
- 24.
- 25.
- 26.
- 27.
- 28.
- 29.
References
Galadima, A.A.: Arduino as a learning tool. In: 2014 11th International Conference on Electronics, Computer and Computation (ICECCO), September 2014. https://doi.org/10.1109/ICECCO.2014.6997577
Banks, A., Briggs, E., Borgendale, K., Gupta, R.: MQTT Version 5, March 2019. https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.pdf
Banks, A., Gupta, R.: MQTT Version 3.1.1, December 2015. http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.pdf
Hu, Y., Yang, A., Li, H., Sun, Y., Sun, L.: A survey of intrusion detection on industrial control systems. Int. J. Distrib. Sens. Netw. 14(8) (2018). https://doi.org/10.1177/1550147718794615
Information Systems Audit and Control Association: State of cybersecurity 2018. Survey, ISACA, October 2017. https://cybersecurity.isaca.org/csx-resources/state-of-cybersecurity-2018
Information Systems Audit and Control Association: State of cybersecurity 2019. Survey, ISACA, November 2018. https://www.isaca.org/info/state-of-cybersecurity-2019/index.html
Kaspersky Lab ICS CERT: Industrial CTF. https://ics-cert.kaspersky.com/tag/industrial-ctf/. Accessed 30 June 2019
Lundgren, L., Hindocha, N.: Light Weight Protocol: Critical Implications. https://www.youtube.com/watch?v=o7qDVZr0t2c. Accessed 30 June 2019
Modbus-IDA: MODBUS TCP/IP Implementation Guide, October 2006. http://www.modbus.org/docs/Modbus_Messaging_Implementation_Guide_V1_0b.pdf
Palmieri, A., Prem, P., Ranise, S., Morelli, U., Ahmad, T.: MQTTSA: a tool for automatically assisting the secure deployments of MQTT brokers. In: 2019 IEEE World Congress on Services (SERVICES), vol. 2642–939X, pp. 47–53, July 2019. https://doi.org/10.1109/SERVICES.2019.00023
Ponemon Institute LLC: 2018 Cost of Insider Threats: Global. https://www.observeit.com/ponemon-report-cost-of-insider-threats
Spanish National Cybesecurity Institute: Protocols and Network Security in ICS Infrastructure, February 2017. https://www.incibe-cert.es/sites/default/files/contenidos/guias/doc/incibe_protocol_net_security_ics.pdf
Yassein, M.B., Shatnawi, M.Q., Aljwarneh, S., Al-Hatmi, R.: Internet of Things: survey and open issues of MQTT protocol. In: 2017 International Conference on Engineering MIS (ICEMIS), pp. 1–6, May 2017. https://doi.org/10.1109/ICEMIS.2017.8273112
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Morelli, U., Nicolodi, L., Ranise, S. (2020). An Open and Flexible CyberSecurity Training Laboratory in IT/OT Infrastructures. In: Fournaris, A., et al. Computer Security. IOSEC MSTEC FINSEC 2019 2019 2019. Lecture Notes in Computer Science(), vol 11981. Springer, Cham. https://doi.org/10.1007/978-3-030-42051-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-42051-2_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-42050-5
Online ISBN: 978-3-030-42051-2
eBook Packages: Computer ScienceComputer Science (R0)