MiniCPS: A Toolkit for Security Research on CPS Networks

In recent years, tremendous effort has been spent to modernizing communication infrastructure in Cyber-Physical Systems (CPS) such as Industrial Control Systems (ICS) and related Supervisory Control and Data Acquisition (SCADA) systems. While a great amount of research has been conducted on network security of office and home networks, recently the security of CPS and related systems has gained increased attention. Unfortunately, real-world CPS are often not open to security researchers, and as a result very few reference physical-layer processes, control systems and communication topologies are available. In this work, we present MiniCPS, a toolkit intended to alleviate this problem. The goal of MiniCPS is to create an extensible, reproducible research environment for network communications, control systems, and physical-layer interactions in CPS. Instead of focusing on a customized simulation settings for specific subsystems, the main goal is to establish a framework to connect together real CPS soft- and hardware, simulation scripts for such components, and physical-layer simulation engines. MiniCPS builds on Mininet to provide lightweight real-time network emulation, and extends Mininet with tools to simulate typical CPS components such as programmable logic controllers, which use industrial protocols (eg. EtherNet/IP, Modbus/TCP). To capture physical-layer interactions, MiniCPS defines a simple API to connect to physical-layer simulations. We demonstrate applications of MiniCPS in two example scenarios, and show how MiniCPS can be used to develop attacks and defenses that are directly applicable to real systems.

[1]  Kpatcha M. Bayarou,et al.  OrchSec: An orchestrator-based architecture for enhancing network-security using Network Monitoring and SDN Control functions , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[2]  Sophie Engle,et al.  AN INTRODUCTION TO ARP SPOOFING , 2001 .

[3]  B. Sinopoli,et al.  Simulation of Network Attacks on SCADA Systems , 2010 .

[4]  Nick McKeown,et al.  A network in a laptop: rapid prototyping for software-defined networks , 2010, Hotnets-IX.

[5]  A. Varga,et al.  THE OMNET++ DISCRETE EVENT SIMULATION SYSTEM , 2003 .

[6]  Nick McKeown,et al.  Reproducible network experiments using container-based emulation , 2012, CoNEXT '12.

[7]  Ravishankar K. Iyer,et al.  Software-Defined Networking for Smart Grid Resilience: Opportunities and Challenges , 2015, CPSS@ASIACSS.

[8]  Siu-Ming Yiu,et al.  Security Issues and Challenges for Cyber Physical System , 2010, 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing.

[9]  Gerhard P Hancke,et al.  Introduction to Industrial Control Networks , 2013, IEEE Communications Surveys & Tutorials.

[10]  Teerawat Issariyakul,et al.  Introduction to Network Simulator NS2 , 2008 .

[11]  David M. Nicol,et al.  RINSE: the real-time immersive network simulation environment for network security exercises , 2005, Workshop on Principles of Advanced and Distributed Simulation (PADS'05).

[12]  Nachiappan Nagappan,et al.  Evaluating the efficacy of test-driven development: industrial case studies , 2006, ISESE '06.

[13]  Dawn M. Tilbury,et al.  The Emergence of Industrial Control Networks for Manufacturing Control, Diagnostics, and Safety Data , 2007, Proceedings of the IEEE.

[14]  Tal Garfinkel,et al.  SANE: A Protection Architecture for Enterprise Networks , 2006, USENIX Security Symposium.

[15]  Ailton Akira Shinoda,et al.  Using Mininet for emulation and prototyping Software-Defined Networks , 2014, 2014 IEEE Colombian Conference on Communications and Computing (COLCOM).

[16]  William H. Sanders,et al.  SCPSE: Security-Oriented Cyber-Physical State Estimation for Power Grid Critical Infrastructures , 2012, IEEE Transactions on Smart Grid.

[17]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[18]  Xinyu Yang,et al.  On False Data Injection Attacks against Distributed Energy Routing in Smart Grid , 2012, 2012 IEEE/ACM Third International Conference on Cyber-Physical Systems.

[19]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[20]  David M. Nicol,et al.  Test bed for evaluation of power grid cyber-infrastructure , 2017 .

[21]  Xi He,et al.  OpenFlow Security Threat Detection and Defense Services , 2014 .