Development of cyber security testbed for critical infrastructure

The paper describes a critical infrastructure testbed environment for SCADA (Supervisory Control and Data Acquisition) cyber security evaluation and assessment. This includes results of the performed analysis of important features of the critical infrastructure for determination of testbed architecture. As a result the ontology of security for critical infrastructure domain, ontology of protection elements and corresponding taxonomies of infrastructure elements and threats were proposed. A brief survey of the critical infrastructure threats and countermeasure tools was carried out. The proposed environment reflects the real control and supervision substation of electricity generation and distribution control system. SCADA system uses IEC 60870-5-104 and IEC 61850 protocols encapsulated in IPv4 datagrams. The structure of the built testbed environment was shown and its software and hardware components were described. Traffic samples collected from real power IP control and management network for use within testbed generators were analyzed and described.

[1]  Sujeet Shenoi,et al.  Critical Infrastructure Protection (IFIP International Federation for Information Processing) (IFIP International Federation for Information Processing) , 2007 .

[2]  Shane Cherry,et al.  Critical infrastructure modeling: An approach to characterizing interdependencies of complex networks & control systems , 2009, 2009 2nd Conference on Human System Interactions.

[3]  Giannopoulos Georgios,et al.  Risk assessment methodologies for Critical Infrastructure Protection. Part I: A state of the art , 2012 .

[4]  William Stallings Network and Internetwork Security: Principles and Practice , 1994 .

[5]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[6]  Mirko Čubrilo,et al.  Ontology in Information Security , 2015 .

[7]  Bryan Richardson,et al.  Supervisory Command and Data Acquisition (SCADA) system cyber security analysis using a live, virtual, and constructive (LVC) testbed , 2012, MILCOM 2012 - 2012 IEEE Military Communications Conference.

[8]  Mary C. Parmelee Toward an Ontology Architecture for Cyber-Security Standards , 2010, STIDS.

[9]  Gyula Mezey Critical information infrastructure , 2006 .

[10]  Sherali Zeadally,et al.  Critical infrastructure protection: Requirements and challenges for the 21st century , 2015, Int. J. Crit. Infrastructure Prot..

[11]  Dong-Joo Kang,et al.  Analysis on cyber threats to SCADA systems , 2009, 2009 Transmission & Distribution Conference & Exposition: Asia and Pacific.

[12]  Ian David Ellefsen Critical information infrastructure protection for developing countries , 2012 .

[13]  Van Nguyen,et al.  Ontologies and Information Systems: A Literature Survey , 2011 .

[14]  M. Amin,et al.  Security challenges for the electricity infrastructure , 2002 .

[15]  Simon Tjoa,et al.  A Generic Approach to Critical Infrastructure Modeling and Simulation , 2012, 2012 International Conference on Cyber Security.

[16]  Leo Obrst,et al.  Developing an Ontology of the Cyber Security Domain , 2012, STIDS.

[17]  Andrew Crapo,et al.  A Semantic Model for Cyber Security , 2011 .