Scribd
Upload
305 views20 pages

Mini Cps

The document introduces MiniCPS, a toolkit for security research on cyber-physical systems (CPS). MiniCPS aims to provide a reproducible, extensible, and shareable research environment. It utilizes Mininet for network emulation and includes an API to model the physical layer and interactions. The goal of MiniCPS is to help researchers study security issues across the cyber, physical, and system layers of complex, critical CPS infrastructures.

Uploaded by

pfalencar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
305 views20 pages

Mini Cps

The document introduces MiniCPS, a toolkit for security research on cyber-physical systems (CPS). MiniCPS aims to provide a reproducible, extensible, and shareable research environment. It utilizes Mininet for network emulation and includes an API to model the physical layer and interactions. The goal of MiniCPS is to help researchers study security issues across the cyber, physical, and system layers of complex, critical CPS infrastructures.

Uploaded by

pfalencar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 20

CPS-SPC 15 @ Denver CO

MiniCPS: A toolkit for security research


on CPS Networks
DANIELE A NTONIOLI (SUTD) N ILS O LE T IPPENHAUER (SUTD)

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 1
Hi!

Personal:
I DANIELE A NTONIOLI
I SUTDs ISTD PhD (Prof N.O. T IPPENHAUER)
SCy-Phy group:
I Applied CPS security research

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 2
Why MiniCPS: Cyber-Physical Systems

CPS are:
I Complex
I Critical
I Connected

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 3
Why MiniCPS: Cyber-Physical Systems

CPS are:
I Complex
I Critical
I Connected
CPS information may be difficult to:
I Obtain
I Prove
I Share

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 3
Why MiniCPS: Cyber-Physical Systems

CPS are:
I Complex
I Critical
I Connected
CPS information may be difficult to:
I Obtain
I Prove
I Share
CPS research requires different expertises:
I Electronics, Automation
I Networking, Computer Science
I Physics. . .

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 3
Why MiniCPS: SWaT testbed

Pure Water: 5 US gallons/min, 6.0 7.0 pH, minimum


conductivity of 10 S/cm3
Recovered Water: 70% processed water, 50% dirty recirculation
October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 4
Why MiniCPS: SWaT network

SCADA Historian

HMI

HMI
HMI

Switch L1 Network

Process 1 Process 2 Process n


PLC PLC PLC PLC PLC PLC

PLC1a PLC1b

L0 Network
PLC2a PLC2b

L0 Network
... PLCna PLCnb

L0 Network
Remote IO Remote IO Remote IO

...
RIO RIO RIO
Sensor Sensor
Sensor
42.42 42.42 42.42

Actuators Sensors Actuators Sensors Actuators Sensors

Wired and Wireless links.


Ethernet/IP, Common Industrial Protocol.
October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 5
MiniCPS: Vision

Research Environment:
I Reproducible
I Extensible
I Shareable

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 6
MiniCPS: Vision

Research Environment:
I Reproducible
I Extensible
I Shareable
Targeted to Cyber-Physical Systems:
I Network communications
I Control logic
I Physical layer interaction

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 6
MiniCPS: Vision

Research Environment:
I Reproducible
I Extensible
I Shareable
Targeted to Cyber-Physical Systems:
I Network communications
I Control logic
I Physical layer interaction
Dont reinvent the wheels. . .
I But: "Stand on the Shoulders of Giants"
I Eg: linux, python, mininet, git

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 6
MiniCPS: Diagram

Network
Component Component
Logic Logic
Physical Layer
API
Physical Layer
Simulation

(C)yber Network Emulator


(P)hysical Process Simulation, State API
(S)ystem Control Logic Simulation

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 7
MiniCPS: What is Mininet

Network
Component Component
Logic Logic
Physical Layer
API
Physical Layer
Simulation

Network-in-a-box emulator:
I Reproduce (complex) topologies
I Generating real packets using real protocols

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 8
MiniCPS: What is Mininet

Network
Component Component
Logic Logic
Physical Layer
API
Physical Layer
Simulation

Network-in-a-box emulator:
I Reproduce (complex) topologies
I Generating real packets using real protocols
One Linux kernel, multiple devices:
I Lightweight virtualization
I Each device is a container

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 8
MiniCPS: What is Mininet

Network
Component Component
Logic Logic
Physical Layer
API
Physical Layer
Simulation

Network-in-a-box emulator:
I Reproduce (complex) topologies
I Generating real packets using real protocols
One Linux kernel, multiple devices:
I Lightweight virtualization
I Each device is a container
SDN/OpenFlow development

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 8
MiniCPS: Physical Layer API

Network
Component Component
Logic Logic
Physical Layer
API
Physical Layer
Simulation

Database to represent the (physical) state:


I Abstract low-level details (SQL query)
I Use high level semantic functions: get, set

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 9
MiniCPS: Physical Layer API

Network
Component Component
Logic Logic
Physical Layer
API
Physical Layer
Simulation

Database to represent the (physical) state:


I Abstract low-level details (SQL query)
I Use high level semantic functions: get, set
Compatibility layer:
I Programming Language agnostic
I Support different storage back-ends

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 9
MiniCPS: SWaT example

L1 network emulation
plc1.py plc2.py plc3.py
PLC PLC PLC

LIT101 LIT301
Grid FIT101 MV101
Sensor Sensor

42.42 42.42

P_101 FIT201
Sensor

42.42

Sensor

42.42

Physical process
Simulation script

Control strategy:
I Sensors: level (LIT), flow (FIT)
I Actuators: motorized valve (MV) and pump (P)
I PLC1 takes decision with the aid of PLC2 and PLC3
I Physical process simulation updates the state
Network:
I Realistic addresses (CIDR, MAC, ports)
I Replicate services: web-servers, ENIP client/server
I Optional Attacker and SDN Controller
October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 10
MiniCPS: SWaT example II

SCADA Historian

HMI

HMI
HMI

L1 Network

Process 1
1a. Write '0' to 1b. Write '1' to PLC PLC

PLC valve tag PLC valve tag


PLC1a PLC1b

L0 Network
2. Write '1' to Remote IO

RIO valve tag


RIO
Attacker
Sensor

42.42

3. High current analog signal


Actuators Sensors

Passive and Active ARP poisoning MITM attacks


SDN Controller for ARP poisoning Detection and Mitigation
October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 11
MiniCPS: Conclusions

MiniCPS is a CPS research platform:


I Reproducible
I Extensible
I Shareable
MiniCPS is used to investigate issues in real testbeds:
I MITM attacks (ettercap)
I Ethernet/IP reverse-engineering (scapy)
I SDN controllers development (pox)

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 12
MiniCPS: Conclusions

MiniCPS is a CPS research platform:


I Reproducible
I Extensible
I Shareable
MiniCPS is used to investigate issues in real testbeds:
I MITM attacks (ettercap)
I Ethernet/IP reverse-engineering (scapy)
I SDN controllers development (pox)
Contribute:
I http://scy-phy.github.io/index.html
I https://github.com/scy-phy/minicps

Thank You!
Q&A

October 26, 2015 MiniCPS: A toolkit for security research on CPS Networks 12

You might also like