Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Information and Operational Technology Security Systems

International Workshop on Model-Driven Simulation and Training Environments for Cybersecurity

International Workshop on Security for Financial Critical Infrastructures and Services

IOSEC 2019, MSTEC 2019, FINSEC 2019: Computer Security pp 140–155Cite as

An Open and Flexible CyberSecurity Training Laboratory in IT/OT Infrastructures

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11981))

Abstract

There are significant concerns regarding the lack of proficient cybersecurity professionals with a background in both Information Technology (IT) and Operational Technology (OT). To alleviate this problem, we propose an open and flexible laboratory for experimenting with an IT/OT infrastructure and the related cybersecurity problems, such as emulating attacks and understanding how they work and how they could be identified and mitigated. We also report our experience in using the laboratory during a one-week training event with 24 students from 7 different high-schools at the mechatronics prototyping facility ProM in Rovereto (Italy).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    https://deter-project.org/about_deterlab.

  2. 2.

    All the material is available at https://sites.google.com/fbk.eu/itotlab.

  3. 3.

    The solution developed by students is available at: https://gitlab.fbk.eu/promcamp/promcamp-2019.

  4. 4.

    One of the author owns a company performing offensive security activities, especially on IT/OT infrastructures; another is the head of the Security&Trust Research Unit at Fondazione Bruno Kessler in Trento (Italy).

  5. 5.

    This misalignment derives from the original Modbus protocol (of which ModbusTCP is a direct evolution).

  6. 6.

    A search engine for Internet-connected devices at https://www.shodan.io.

  7. 7.

    https://www.mosquitto.org.

  8. 8.

    https://www.arduino.cc/en/Main/Education.

  9. 9.

    https://create.arduino.cc/projecthub.

  10. 10.

    http://wiki.seeedstudio.com/Grove_System.

  11. 11.

    https://openwrt.org.

  12. 12.

    https://jupyter.org.

  13. 13.

    In particular the program structure, data types, functions, waits and loops.

  14. 14.

    http://wiki.seeedstudio.com.

  15. 15.

    In particular the working voltage and if analog or digital.

  16. 16.

    https://www.eclipse.org/paho/clients/python.

  17. 17.

    That will either sample analog signals or provide digital measures.

  18. 18.

    https://opcfoundation.org.

  19. 19.

    A guide will help them in using AWS RDS or DocumentDB, and connect them to the VM via AWS VPN.

  20. 20.

    https://en.wikipedia.org/wiki/Port_mirroring.

  21. 21.

    http://www.modbus.org/docs/MB-TCP-Security-v21_2018-07-24.pdf.

  22. 22.

    https://security.radware.com/ddos-knowledge-center/ddospedia/arp-poisoning.

  23. 23.

    During the ProM 2019 event, an old version of Mosquitto was deployed to exploit a known vulnerability (CVE-2018-12543).

  24. 24.

    http://www.polomeccatronica.it/en.

  25. 25.

    https://fbkjunior.fbk.eu/prom-camp-2019-participants.

  26. 26.

    https://scikit-learn.org/stable/modules/generated/sklearn.neighbors.KNeighborsClassifier.html.

  27. 27.

    https://nmap.org.

  28. 28.

    https://www.wireshark.org.

  29. 29.

    https://scapy.net.

References

  1. Galadima, A.A.: Arduino as a learning tool. In: 2014 11th International Conference on Electronics, Computer and Computation (ICECCO), September 2014. https://doi.org/10.1109/ICECCO.2014.6997577

  2. Banks, A., Briggs, E., Borgendale, K., Gupta, R.: MQTT Version 5, March 2019. https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.pdf

  3. Banks, A., Gupta, R.: MQTT Version 3.1.1, December 2015. http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.pdf

  4. Hu, Y., Yang, A., Li, H., Sun, Y., Sun, L.: A survey of intrusion detection on industrial control systems. Int. J. Distrib. Sens. Netw. 14(8) (2018). https://doi.org/10.1177/1550147718794615

    Article  Google Scholar 

  5. Information Systems Audit and Control Association: State of cybersecurity 2018. Survey, ISACA, October 2017. https://cybersecurity.isaca.org/csx-resources/state-of-cybersecurity-2018

  6. Information Systems Audit and Control Association: State of cybersecurity 2019. Survey, ISACA, November 2018. https://www.isaca.org/info/state-of-cybersecurity-2019/index.html

  7. Kaspersky Lab ICS CERT: Industrial CTF. https://ics-cert.kaspersky.com/tag/industrial-ctf/. Accessed 30 June 2019

  8. Lundgren, L., Hindocha, N.: Light Weight Protocol: Critical Implications. https://www.youtube.com/watch?v=o7qDVZr0t2c. Accessed 30 June 2019

  9. Modbus-IDA: MODBUS TCP/IP Implementation Guide, October 2006. http://www.modbus.org/docs/Modbus_Messaging_Implementation_Guide_V1_0b.pdf

  10. Palmieri, A., Prem, P., Ranise, S., Morelli, U., Ahmad, T.: MQTTSA: a tool for automatically assisting the secure deployments of MQTT brokers. In: 2019 IEEE World Congress on Services (SERVICES), vol. 2642–939X, pp. 47–53, July 2019. https://doi.org/10.1109/SERVICES.2019.00023

  11. Ponemon Institute LLC: 2018 Cost of Insider Threats: Global. https://www.observeit.com/ponemon-report-cost-of-insider-threats

  12. Spanish National Cybesecurity Institute: Protocols and Network Security in ICS Infrastructure, February 2017. https://www.incibe-cert.es/sites/default/files/contenidos/guias/doc/incibe_protocol_net_security_ics.pdf

  13. Yassein, M.B., Shatnawi, M.Q., Aljwarneh, S., Al-Hatmi, R.: Internet of Things: survey and open issues of MQTT protocol. In: 2017 International Conference on Engineering MIS (ICEMIS), pp. 1–6, May 2017. https://doi.org/10.1109/ICEMIS.2017.8273112

Download references

Author information

Authors and Affiliations

  1. Security & Trust, Fondazione Bruno Kessler, Via Sommarive 18, 38123, Trento, Italy

    Umberto Morelli, Lorenzo Nicolodi & Silvio Ranise

Authors
  1. Umberto Morelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lorenzo Nicolodi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Silvio Ranise
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Umberto Morelli , Lorenzo Nicolodi or Silvio Ranise .

Editor information

Editors and Affiliations

  1. Industrial Systems Institute/Research Center ATHENA, Patras, Greece

    Apostolos P. Fournaris

  2. Foundation for Research and Technology - Hellas (FORTH), Heraklion, Greece

    Manos Athanatos

  3. University of Patras, Patras, Greece

    Konstantinos Lampropoulos

  4. Foundation for Research and Technology - Hellas (FORTH), Heraklion, Greece

    Sotiris Ioannidis

  5. Foundation for Research and Technology - Hellas (FORTH), Heraklion, Greece

    George Hatzivasilis

  6. University of Milan, Milan, Italy

    Ernesto Damiani

  7. Norwegian Computing Center, Oslo, Norway

    Habtamu Abie

  8. Fondazione Bruno Kessler, Trento, Italy

    Silvio Ranise

  9. University of Genoa, Genoa, Italy

    Luca Verderame

  10. Fondazione Bruno Kessler, Trento, Italy

    Alberto Siena

  11. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Morelli, U., Nicolodi, L., Ranise, S. (2020). An Open and Flexible CyberSecurity Training Laboratory in IT/OT Infrastructures. In: Fournaris, A., et al. Computer Security. IOSEC MSTEC FINSEC 2019 2019 2019. Lecture Notes in Computer Science(), vol 11981. Springer, Cham. https://doi.org/10.1007/978-3-030-42051-2_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42051-2_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42050-5

  • Online ISBN: 978-3-030-42051-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation