Abstract
Industrial systems (IS), including critical ones, swiftly move towards integrating elements of modern Information Technology (IT) into their formerly air-gapped Operational Technology (OT) architectures. And, naturally, the more such systems become interconnected, the more alluring they pose to attackers. Concurrently, the twenty-four-seven availability of these systems renders it harder for defenders to promptly apply contemporary security controls. In this context, cyber ranges have emerged as a proper complementary solution for better comprehending and subsequently tackling the relevant risks without endangering the operation of the real systems. This work aspires to contribute a reference architecture for designing and developing cross-sector critical infrastructure (CI) cyber-physical ranges and security testbeds. A second key goal is to demonstrate the soundness of the proposed reference architecture through the implementation and evaluation of a number of cyber range instances specifically tailored for CIs of interest, including manufacturing, energy, and healthcare.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Agrawal, N., Kumar, R.: Security perspective analysis of industrial cyber physical systems: a decade-wide survey. ISA Trans. 130, 10–24 (2022)
Bécue, A., et al.: 1-securing the industry 4.0 with cyber-ranges and digital twins. In: Proceedings of the 2018 14th IEEE International Workshop on Factory Communication Systems (WFCS), Imperia, Italy, pp. 13–15 (2018)
International Electrotechnical Commission: IEC 62443 security for industrial automation and control systems standard (2018)
Geng, Y., Wang, Y., Liu, W., Wei, Q., Liu, K., Wu, H.: A survey of industrial control system testbeds. In: IOP Conference Series: Materials Science and Engineering, vol. 569, p. 042030. IOP Publishing (2019)
Habib, M.K., Chimsom, C., et al.: CPS: role, characteristics, architectures and future potentials. Procedia Comput. Sci. 200, 1347–1358 (2022)
Holm, H., Karresand, M., Vidström, A., Westring, E.: A survey of industrial control system testbeds. In: Buchegger, S., Dam, M. (eds.) NordSec 2015. LNCS, vol. 9417, pp. 11–26. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26502-5_2
Kavallieratos, G., Katsikas, S.K., Gkioulos, V.: Towards a cyber-physical range. In: Proceedings of the 5th Workshop on Cyber-Physical System Security, pp. 25–34 (2019)
Kayan, H., Nunes, M., Rana, O., Burnap, P., Perera, C.: Cybersecurity of industrial cyber-physical systems: a review. ACM Comput. Surv. 54(11s), 1–35 (2022)
Lydia, M., Kumar, P.E.G., Selvakumar, A.I.: Securing the cyber-physical system: a review. Cyber-Phys. Syst. 1–31 (2022)
Makrakis, G.M., Kolias, C., Kambourakis, G., Rieger, C., Benjamin, J.: Industrial and critical infrastructure security: technical analysis of real-life security incidents. IEEE Access 9, 165295–165325 (2021)
NIST: Cyber ranges. https://www.nist.gov/system/files/documents/2018/02/13/cyber_ranges.pdf. Accessed 27 Mar 2023
Peffers, K., Tuunanen, T., Rothenberger, M.A., Chatterjee, S.: A design science research methodology for information systems research. J. Manag. Inf. Syst. 24(3), 45–77 (2007)
Ross, R., Victoria, P., Gary, G., Ryan, W., Richard, G., Deborah, B.: Enhanced security requirements for protecting controlled unclassified information (2021). https://doi.org/10.6028/NIST.SP.800-172
Yamin, M.M., Katt, B., Gkioulos, V.: Cyber ranges and security testbeds: scenarios, functions, tools and architecture. Comput. Secur. 88, 101636 (2020)
Acknowledgements
This Ph.D. is carried out under the supervision of Profs. Vasileios Gkioulos and Sokratis Katsikas of Norwegian University of Science and Technology, Gjøvik, Norway and Dr. Habtamu Abie of the Norwegian Computing Centre.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Kampourakis, V. (2023). Secure Infrastructure for Cyber-Physical Ranges. In: Nurcan, S., Opdahl, A.L., Mouratidis, H., Tsohou, A. (eds) Research Challenges in Information Science: Information Science and the Connected World. RCIS 2023. Lecture Notes in Business Information Processing, vol 476. Springer, Cham. https://doi.org/10.1007/978-3-031-33080-3_45
Download citation
DOI: https://doi.org/10.1007/978-3-031-33080-3_45
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-33079-7
Online ISBN: 978-3-031-33080-3
eBook Packages: Computer ScienceComputer Science (R0)