Deriving a Cost-Effective Digital Twin of an ICS to Facilitate Security Evaluation

Industrial control systems (ICSs), and particularly supervisory control and data acquisition (SCADA) systems, are used in many critical infrastructures and are inherently insecure, making them desirable targets for attackers. ICS networks differ from typical enterprise networks in their characteristics and goals; therefore, security assessment methods that are common in enterprise networks (e.g., penetration testing) cannot be directly applied in ICSs. Thus, security experts recommend using an isolated environment that mimics the real one for assessing the security of ICSs. While the use of such environments solves the main challenge in ICS security analysis, it poses another one: the trade-off between budget and fidelity. In this paper we suggest a method for creating a digital twin that is network-specific, cost-efficient, highly reliable, and security test-oriented. The proposed method consists of two modules: a problem builder that takes facts about the system under test and converts them into a rules set that reflects the system’s topology and digital twin implementation constraints; and a solver that takes these inputs and uses 0–1 non-linear programming to find an optimal solution (i.e., a digital twin specification), which satisfies all of the constraints. We demonstrate the application of our method on a simple use case of a simplified ICS network.

[1]  Michail Maniatakos,et al.  The Cybersecurity Landscape in Industrial Control Systems , 2016, Proceedings of the IEEE.

[2]  Dilip Patel,et al.  Assessing and augmenting SCADA cyber security: A survey of techniques , 2017, Comput. Secur..

[3]  Izham Zainal Abidin,et al.  A Survey of SCADA Testbed Implementation Approaches , 2017 .

[4]  Béla Genge,et al.  Cyber-physical testbeds , 2014, CACM.

[5]  Michael W. Grieves,et al.  Digital Twin: Mitigating Unpredictable, Undesirable Emergent Behavior in Complex Systems , 2017 .

[6]  Ting Wang,et al.  The Design of ICS Testbed Based on Emulation, Physical, and Simulation (EPS-ICS Testbed) , 2013, 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[7]  José M. Fernandez,et al.  An isolated virtual cluster for SCADA network security research , 2013, ICS-CSR.

[8]  Erik Westring,et al.  A Survey of Industrial Control System Testbeds , 2015, NordSec.

[9]  Xiaoling Sun,et al.  Nonlinear Integer Programming , 2006 .

[10]  Ing-Ray Chen,et al.  A survey of intrusion detection techniques for cyber-physical systems , 2014, ACM Comput. Surv..

[11]  Kien Ming Ng,et al.  An algorithm for nonlinear optimization problems with binary variables , 2010, Comput. Optim. Appl..

[12]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[13]  David Hutchison,et al.  Pains, Gains and PLCs: Ten Lessons from Building an Industrial Control Systems Testbed for Security Research , 2017, CSET @ USENIX Security Symposium.

[14]  Béla Genge,et al.  A cyber-physical experimentation environment for the security analysis of networked industrial control systems , 2012, Comput. Electr. Eng..

[15]  Thiago Alves,et al.  Virtualization of Industrial Control System Testbeds for Cybersecurity , 2016, ICSS '16.