International Journal of Information Security

, Volume 11, Issue 4, pp 215–229 | Cite as

An open virtual testbed for industrial control system security research

  • Bradley Reaves
  • Thomas Morris
Regular Contribution


Industrial control system security has been a topic of scrutiny and research for several years, and many security issues are well known. However, research efforts are impeded by a lack of an open virtual industrial control system testbed for security research. This paper describes a virtual testbed framework using Python to create discrete testbed components including virtual devices and process simulators. The virtual testbed is designed such that the testbeds are inter-operable with real industrial control system devices and such that the virtual testbeds can provide comparable industrial control system network behavior to a laboratory testbed. Two virtual testbeds modeled upon actual laboratory testbeds have been developed and have been shown to be inter-operable with real industrial control system equipment and vulnerable to attacks in the same manner as a real system. Additionally, these testbeds have been quantitatively shown to produce traffic close to laboratory systems.


Virtual testbed Industrial control system SCADA Cybersecurity 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Brugger, S.T.: KDD Cup ’99 dataset considered harmful.
  2. 2.
    Das K.: Attack Development for Intrusion Detection Evaluation. Bachelor, MIT (2000)Google Scholar
  3. 3.
    Kendall K.: A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems. Master, MIT (1999)Google Scholar
  4. 4.
    Kennedy, T., Hunt, R.: A review of WPAN security: attacks and prevention. The International Conference on Mobile Technology, Applications & Systems, Ilan, Taiwan (2008)Google Scholar
  5. 5.
  6. 6.
    McHugh J.: Testing intrusion detection system: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262–294 (2000)CrossRefGoogle Scholar
  7. 7.
    Giani, A., Karsai, G., Roosta, T., Shah, A., Sinopoli, B., Wiley, J.: A testbed for secure and robust SCADA systems. 14th IEEE Real-time and Embedded Technology and Applications Symposium (RTAS’08) WIP session (2008)Google Scholar
  8. 8.
    Bergman, D.C.: Power grid simulation, evaluation, and test framework. Master’s thesis, University of Illinois, Urbana-Champaign, IL (2010)Google Scholar
  9. 9.
    Fovino, I., Masera, M., Guidi, L., Carpi, G.: An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants. Human System Interactions (HSI), 2010 3rd Conference on, pp. 679–686 (2010)Google Scholar
  10. 10.
    Morris, T., Srivastava, A., Reaves, B., Gao, W., Pavurapu, K., Reddi, R.: A control system testbed to validate critical infrastructure protection concepts. Int. J. Crit. Infrastruct. Prot. Elseiver. (2011). doi: 10.1016/j.ijcip.2011.06.00
  11. 11.
    Reddi R., Srivastava A.: Real time test bed development for power system operation, control and cyber security. N. Am. Power Symp. (NAPS) 2010, 1–6 (2010)CrossRefGoogle Scholar
  12. 12.
    Brugger, S.T.: The Quantitative Comparison of Computer Networks. Doctoral dissertation, University of California, Davis, Davis, CA (2009)Google Scholar
  13. 13.
    Cheung, S., Dutertre, B., Fong, M., Lindqvist, U., Skinner, K., Valdes, A.: Using model-based intrusion detection for SCADA networks. Proceedings of the SCADA Security Scientific Symposium. Miami, FL, Digital Bond (2007)Google Scholar
  14. 14.
    Valdes, A., Cheung, S.: Communication pattern anomaly detection in process control systems. 2009 IEEE Conference on Technologies for Homeland Security, Waltham, MA, USA, pp. 22–29 (2009)Google Scholar
  15. 15.
    East S., Butts J., Papa M., Shenoi S.: A taxonomy of attacks on the DNP3 protocol. Crit. Infrastruct. Prot. III 311, 67 (2009)CrossRefGoogle Scholar
  16. 16.
    Fleury, T., Khurana, H., Welch, V.: Towards a taxonomy of attacks against energy control systems. In: Papa, M., Shenoi, S. (eds.) Critical Infrastructure Protection II, IFIP International Federation for Information Processing. Springer, Boston, vol. 290, pp. 71–85 (2009). doi: 10.1007/978-0-387-88523-0_6
  17. 17.
    Huitsing P., Chandia R., Papa M., Shenoi S.: Attack taxonomies for the modbus protocols. Int. J. Crit. Infrastruct. Prot. I, 37–44 (2008)CrossRefGoogle Scholar
  18. 18.
    Igure, V.: Security Assessment of SCADA Protocols: A Taxonomy Based Methodology for the Identification of Security Vulnerabilities in SCADA Protocols. VDM Verlag Dr. Muller, Saarbrucken (2008)Google Scholar

Copyright information

© Springer-Verlag 2012

Authors and Affiliations

  1. 1.Georgia Institute of TechnologyAtlantaUSA
  2. 2.Mississippi State UniversityMississippi StateUSA

Personalised recommendations