Abstract
In the era of Industry 4.0, information and communication technology (ICT) has been applied to various critical infrastructures, such as power plants, smart factories, and financial networks, to ensure and automate industrial systems. In particular, in the field of power control systems, ICT technology such as industrial internet of things (IoT) is applied for efficient remote measurement. Therefore, legacy systems that were previously operated as standalone now have contact points with the external networks. In this trend, security vulnerabilities from legacy ICT have been inherited by power control systems. Therefore, various security technologies are being researched and developed to cope with cyber vulnerabilities and threats. However, it is risky to apply novel security technologies that are not verified as secure, to power control systems, the availability of which must be guaranteed to provide electricity consistently. Thus, verifying the effectiveness and stability of new security technologies is necessary to apply the technologies to power control systems. In this paper, we analyze the configuration and characteristics of the power control systems network, which is an area where industrial IoT technology is applied. We also build a testbed environment that can verify the security technology and conduct experiments to confirm the security technology for the power control system and the suitability of the testbed. The proposed testbed will be able to stably incorporate new security technologies into the critical industrial infrastructure. Further, it is also expected that the security and stability of the system will be enhanced.
Similar content being viewed by others
References
Drias Z, Serhrouchni A, Vogel O (2015) Taxonomy of attacks on industrial control protocols. In: 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), Paris, pp 1–6
Yoo H, Shon T (2016) Challenges and research directions for heterogeneous cyber physical system based on IEC 61850: vulnerability, security requirement, and security architecture. Future Gener Comput Syst 61:128–136
Lee S, Shon T (2016) User privacy-enhanced security architecture for home area network of smartgrid. Multimed Tools Appl 75(20):12749–12764
Karnouskos S (2011) Stuxnet worm impact on industrial cyber-physical system security. In: IECON 2011–37th Annual Conference of the IEEE Industrial Electronics Society, Melbourne, VIC, pp 4490–4494
Liang G, Weller SR, Zhao J, Luo F, Dong ZY (2017) The 2015 ukraine blackout: implications for false data injection attacks. IEEE Trans Power Syst 32(4):3317–3318
Messaoud BID, Guennoun K, Wahbi M, Sadik M (2016) Advanced persistent threat: new analysis driven by life cycle phases and their challenges. In: 2016 International Conference on Advanced Communication Systems and Information Security (ACOSIS), Marrakesh, pp 1–6
IEC 62351, Power system management and associated information exchange—data and communications security, IEC (2017)
NIST SP 800-82 Rev 2, Guide to industrial control systems (ICS) security (2015)
Mallouhi M, Al-Nashif Y, Cox D, Chadaga T, Hariri S (2011) A testbed for analyzing security of SCADA control systems (TASSCS). ISGT 2011, Hilton Anaheim, CA, pp 1–7
Jarmakiewicz J, Maślanka K, Parobczak K (2015) Development of cyber security testbed for critical infrastructure. In: 2015 International Conference on Military Communications and Information Systems (ICMCIS), Cracow, pp 1–10
Korkmaz E, Dolgikh A, Davis M, Skormin V (2016) ICS security testbed with delay attack case study. In: MILCOM 2016–2016 IEEE Military Communications Conference, Baltimore, MD, pp 283–288
Kumar N, Madhuri J, ChanneGowda M (2017) Review on security and privacy concerns in internet of things. In: 2017 International Conference on IoT and Application (ICIOT), Nagapattinam, pp 1–5
Yoo H, Shon T (2016) Grammar-based adaptive fuzzing: evaluation on SCADA modbus protocol. In: 2016 IEEE International Conference on Smart Grid Communications (SmartGridComm), Sydney, NSW, pp 557–563
Niedermaier M, Fischer F, von Bodisco A (2017) PropFuzz-An IT-security fuzzing framework for proprietary ICS protocols. In: 2017 International Conference on Applied Electronics (AE), Pilsen, pp 1–4
Karati A, Islam SH, Biswas GP, Bhuiyan MZA, Vijayakumar P, Karuppiah M (2017) Provably secure identity-based signcryption scheme for crowdsourced industrial internet of things environments. In: IEEE Internet of Things Journal
Heo Y, Kim B, Kang D, Na J (2016) A design of unidirectional security gateway for enforcement reliability and security of transmission data in industrial control systems. In: 2016 18th International Conference on Advanced Communication Technology (ICACT), Pyeongchang, pp 310–313
Bere M, Muyingi H (2015) Initial investigation of Industrial Control System (ICS) security using artificial immune system (AIS). In: 2015 International Conference on Emerging Trends in Networks and Computer Communications (ETNCC), Windhoek, pp 79–84
Evesti A, Frantti T (2015) Situational awareness for security adaptation in industrial control systems. In: 2015 Seventh International Conference on Ubiquitous and Future Networks, Sapporo, pp 1–6
Barbosa RRR, Sadre R, Pras A (2012) Towards periodicity based anomaly detection in SCADA networks. In: Proceedings of 2012 IEEE 17th International Conference on Emerging Technologies and Factory Automation (ETFA 2012), Krakow, pp 1–4
Hong J, Liu CC, Govindarasu M (2014) Detection of cyber intrusions using network-based multicast messages for substation automation. In: ISGT 2014, Washington, DC, pp 1–5
Gao W, Morris T, Reaves B, Richey D (2010) On SCADA control system command and response injection and intrusion detection. In: 2010 eCrime Researchers Summit. Dallas, TX, pp 1–9
Yun J, Jeon S, Kim K, Kim W (2013) Burst-based anomaly detection on the DNP3 protocol. Int J Control Autom 6(2):313–324
Robinson D, Kim C (2017) A cyber-defensive industrial control system with redundancy and intrusion detection. In: 2017 North American Power Symposium (NAPS). Morgantown, WV, USA, pp 1–6
Singh P, Garg S, Kumar V, Saquib Z (2015) A testbed for SCADA cyber security and intrusion detection. In: 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), Shanghai, pp 1–6
EPRI, DNP3 (IEEE Std 1815TM) Secure authentication: implementation and migration guide and demonstration report, 2014.12
IEC 60870-6-503, Telecontrol equipment and systems—Part 6-503: Telecontrol protocols compatible with ISO standards and ITU-T recommendations—TASE.2 Services and protocol, IEC (2014)
IEC 61850-8-1, Communication networks and systems for power utility automation—Part 8–1: specific communication service mapping (SCSM)—mappings to MMS (ISO 9506-1 and ISO 9506-2) and to ISO/IEC 8802-3, IEC (2011)
US-CERT Vulnerability Notes, http://www.kb.cert.org/vuls
Distributed Test Manger, http://trianglemicroworks.com/products/testing-and-configuration-tools/dtm-pages
Iron, http://www.trianglemicroworks.com/products/testing-and-configuration-tools/iron-pages/
Lee S, Yoo H, Seo J, Shon T (2016) Packet diversity-based anomaly detection system with OCSVM and representative model. In: 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Chengdu, pp 498–503
Acknowledgements
This research was supported by the MSIP (Ministry of Science, ICT and Future Planning), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2017-2016-0-00304) supervised by the IITP (Institute for Information and communications Technology Promotion) and Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science, ICT and Future Planning (2015R1A1A1A05001238). This work was supported by the Power Generation and Electricity Delivery Core Technology Program of Korea Institute of Energy Technology Evaluation and Planning (KETEP) granted financial resource from the Ministry of Trade, Industry and Energy, Republic of Korea (No. 20131020402090).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lee, S., Lee, S., Yoo, H. et al. Design and implementation of cybersecurity testbed for industrial IoT systems. J Supercomput 74, 4506–4520 (2018). https://doi.org/10.1007/s11227-017-2219-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-017-2219-z