Abstract
Cybersecurity is playing a key role in industrial control systems’ scenario because they are one of the targets of cyber-attacks. In order to mitigate the impact in industrial scenarios, it is necessary to train people not only in IT breaches, but also in OT breaches in industrial settings. Training is one of the weaknesses identified within the industry especially by practitioners, and the use of cyber ranges is motivated. In this sense, this paper deals with the deployment of Industrial Control Systems scenarios based on honeypots for training purposes. An example illustrates the deployment of a scenario within a cyber range.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Thames, L., Schaefer, D. (eds.): Cybersecurity for Industry 4.0. Springer Series in Advanced Manufacturing. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-50660-9
Lezzi, M., Lazoi, M., Corallo, A.: Cybersecurity for Industry 4.0 in the current literature: a reference framework. Comput. Ind. 103, 97–110 (2018). https://doi.org/10.1016/j.compind.2018.09.004
CCN-CERT. Cyber threats and Trends 2019 (2019). https://www.ccn-cert.cni.es/informes/informes-ccn-cert-publicos/4041-ccn-cert-ia-13-19-threats-and-trends-report-executive-summary/file.html. Accedido 02 July 2020
Make UK. Cyber security and manufacturing: a briefing manufactureres. https://www.makeuk.org/-/media/cyber-security-and-manufacturing-a-briefing-for-manufacturers.pdf
Thames, L., Schaefer, D.: Industry 4.0: an overview of key benefits, technologies, and challenges. In: Thames, L., Schaefer, D. (eds.) Cybersecurity for Industry 4.0. SSAM, pp. 1–33. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-50660-9_1
Baines, T., Lightfoot, H.W.: Servitization of the manufacturing firm. Int. J. Oper. Prod. Manag. 34, 2–35 (2014)
Tropina, T.: Public–private collaboration: cybercrime, cybersecurity and national security. Self- and Co-regulation in Cybercrime, Cybersecurity and National Security. SC, pp. 1–41. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16447-2_1
Fenton, D., Traylor, T., Hokanson, G., Straub, J.: Integrating cyber range technologies and certification programs to improve cybersecurity training programs. In: Auer, M.E., Tsiatsos, T. (eds.) ICL 2018. AISC, vol. 917, pp. 632–643. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-11935-5_60
Larrucea, X.: Modelling and certifying safety for cyber-physical systems: an educational experiment. In: 2016 42th Euromicro Conference on Software Engineering and Advanced Applications (SEAA), Limassol, Cyprus, pp. 198–205 (2016). https://doi.org/10.1109/seaa.2016.28
Korwin, A.R., Jones, R.E., et al.: Do hands-on, technology-based activities enhance learning by reinforcing cognitive knowledge and retention? 1(2) (1990). (Spring 1990)
Cuppens-Boulahia, N., Lambrinoudakis, C., Cuppens, F., Katsikas, S. (eds.): CyberICPS 2016. LNCS, vol. 10166. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61437-3
Lee, S., Lee, S., Yoo, H., Kwon, S., Shon, T.: Design and implementation of cybersecurity testbed for industrial IoT systems. J. Supercomput. 74(9), 4506–4520 (2017). https://doi.org/10.1007/s11227-017-2219-z
National Institute of Standards and Technology. Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1, 05 dic 2017. https://csrc.nist.gov/publications/detail/white-paper/2017/12/05/cybersecurity-framework-v11/draft
Salah, K., Hammoud, M., Zeadally, S.: Teaching cybersecurity using the cloud. IEEE Trans. Learn. Technol. 8(4), 383–392 (2015). https://doi.org/10.1109/tlt.2015.2424692
Network Emulation Testbed https://www.emulab.net/
Cyber-Defense Technology Experimental Research Laboratory Testbed. http://deter-project.org/
Morelli, U., Nicolodi, L., Ranise, S.: An open and flexible cybersecurity training laboratory in IT/OT Infrastructures. In: Fournaris, A.P., et al. (eds.) IOSEC/MSTEC/FINSEC 2019. LNCS, vol. 11981, pp. 140–155. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-42051-2_10
Scaffidi, C.: What training is needed by practicing engineers who create cyberphysical systems? 298–305 (2015). https://doi.org/10.1109/SEAA.2015.19
Corallo, A., Lazoi, M., Lezzi, M.: Cybersecurity in the context of industry 4.0: a structured classification of critical assets and business impacts. Comput. Ind. 114, 103165 (2020). https://doi.org/10.1016/j.compind.2019.103165
Kweon, E., Lee, H., Chai, S., Yoo, K.: The utility of information security training and education on cybersecurity incidents: an empirical evidence. Inf. Syst. Front. (2019). https://doi.org/10.1007/s10796-019-09977-z
Asghar, M.R., Hu, Q., Zeadally, S.: Cybersecurity in industrial control systems: issues, technologies, and challenges. Comput. Netw. 165, 106946 (2019). https://doi.org/10.1016/j.comnet.2019.106946
Baykara, M., Das, R.: A novel honeypot based security approach for real-time intrusion detection and prevention systems. J. Inf. Secur. Appl. 41, 103–116 (2018). https://doi.org/10.1016/j.jisa.2018.06.004
Naruoka, H., et al.: ICS honeypot system (CamouflageNet) based on attacker’s human factors. Procedia Manuf. 3, 1074–1081 (2015). https://doi.org/10.1016/j.promfg.2015.07.175
Conpot. http://conpot.org/. Accessed 17 Mar 2020
Yamin, M.M., Katt, B., Gkioulos, V.: Cyber ranges and security testbeds: scenarios, functions, tools and architecture. Comput. Secur. 88, 101636 (2020). https://doi.org/10.1016/j.cose.2019.101636
Ferrag, M.A., Ahmim, A.: Security Solutions and Applied Cryptography in Smart Grid Communications. IGI Global, Hershey (2016)
Yao, W.-M., Fahmy, S.: Flow-based partitioning of network testbed experiments. Comput. Netw. 58, 141–157 (2014). https://doi.org/10.1016/j.comnet.2013.08.029
Fang, B.: Positions of states toward cyberspace and cyber-relating regulations. Cyberspace Sovereignty, pp. 243–320. Springer, Singapore (2018). https://doi.org/10.1007/978-981-13-0320-3_8
Beuran, R., Tang, D., Pham, C., Chinen, K., Tan, Y., Shinoda, Y.: Integrated framework for hands-on cybersecurity training: CyTrONE. Comput. Secur. 78, 43–59 (2018). https://doi.org/10.1016/j.cose.2018.06.001
Spitzner, L.: Honeypots: catching the insider threat. In: 19th Annual Computer Security Applications Conference, 2003. Proceedings, pp. 170–179 (2003)
Dionaea Project. https://github.com/rep/dionaea. Accessed 17 Mar 2020
SNARE. https://github.com/mushorg/snare. Accessed 17 Mar 2020
HonSSH Project. https://github.com/tnich/honssh/wiki. Accessed 17 Mar 2020
Sebek Project. https://projects.honeynet.org/sebek/. Accessed 17 Mar 2020
Redwood, O., Lawrence, J., Burmester, M.: A symbolic honeynet framework for SCADA system threat intelligence. In: Rice, M., Shenoi, S. (eds.) ICCIP 2015. IAICT, vol. 466, pp. 103–118. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26567-4_7
Lopez, J., Setola, R., Wolthusen, S.D. (eds.): Critical Infrastructure Protection 2011. LNCS, vol. 7130. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28920-0
Sokol, P., Míšek, J., Husák, M.: Honeypots and honeynets: issues of privacy. EURASIP J. Inf. Secur. 2017(1), 1–9 (2017). https://doi.org/10.1186/s13635-017-0057-4
Hui, H., McLaughlin, K.: Investigating current PLC Security Issues Regarding Siemens S7 Communications and TIA Portal. In: presentado en 5th International Symposium for ICS & SCADA Cyber Security Research 2018 (2018). https://doi.org/10.14236/ewic/ics2018.8
ENISA. Introduction to Network Forensics ICS/SCADA Environment Toolset, Document for students (2019). https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/documents/introduction-to-network-forensics-ex1-toolset.pdf
Lei, C., Donghong, L., Liang, M.: The spear to break the security wall of S7CommPlus. https://www.blackhat.com/docs/eu-17/materials/eu-17-Lei-The-Spear-To-Break%20-The-Security-Wall-Of-S7CommPlus-wp.pdf
Schuster, S., van den Berg, M., Larrucea, X., Slewe, T., Ide-Kostic, P.: Mass surveillance and technological policy options: improving security of private communications. Comput. Stand. Interfaces 50, 76–82 (2017). https://doi.org/10.1016/j.csi.2016.09.011
Acknowledgements
This work has been partially funded by the Sendai - Segurtasun Integrala Industria Adimentsurako (KK-2019/00072) Elkartek framework programme from the Basque Government, and partially funded by the SPEAR project (787011) H2020.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Larrucea, X., Molinuevo, A. (2020). An ICS Based Scenario Generator for Cyber Ranges. In: Yilmaz, M., Niemann, J., Clarke, P., Messnarz, R. (eds) Systems, Software and Services Process Improvement. EuroSPI 2020. Communications in Computer and Information Science, vol 1251. Springer, Cham. https://doi.org/10.1007/978-3-030-56441-4_41
Download citation
DOI: https://doi.org/10.1007/978-3-030-56441-4_41
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-56440-7
Online ISBN: 978-3-030-56441-4
eBook Packages: Computer ScienceComputer Science (R0)