Experimental Methods for Control System Security Research

Urias, Vincent; Van Leeuwen, Brian

doi:10.1007/978-3-319-32125-7_13

Experimental Methods for Control System Security Research

Vincent Urias⁴ &
Brian Van Leeuwen⁴

Chapter
First Online: 24 August 2016

3792 Accesses
1 Citations

Part of the book series: Advances in Information Security ((ADIS,volume 66))

Abstract

The need for experimental approaches is particularly acute with respect to ICS cyber security. The ability to assess cyber posture, effectiveness, and impact for predictive analysis is predicated on the assumption that operators, users, and others have prior and complete understanding of the effects and impacts caused by cyber adversaries. Obviously, this is often not the case. When compared to the physical world, cyber is quite different, in that it does not follow physical scientific laws; rather, cyber is unbounded because it is a human-made science. As a result, understanding and quantifying effects are still an immature science. Many systems do not lend themselves to closed form mathematical solutions. Thus experimentation becomes a key method of performing analysis of these systems. In order to develop a foundation for identifying and bounding the issues, one approach to this problem is empirically through experimentation, much like physical sciences such as chemistry and physics.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Hardcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

Armstrong, R., & Rinaldi, S. (2010). Emulytics: Concepts for cyber emulation, modeling, and simulation. In Sandia National Laboratories Report—SAND2010-1639C.
Google Scholar
Chavez, A., Hamlet, J., Lee, E., Martin, M., & Stout, W. (2015). Network randomization and dynamic defense for critical infrastructure systems. In Sandia National Laboratories Report—SAND2015-3324 (April 2015).
Google Scholar
Idaho National Laboratory. (2015). Real time digital simulator. Retrieved from http://inl.gov/nationalsecurity/factsheets/docs/rtds.pdf.
Idaho National Laboratory. (2015). INL Research Programs in National and Homeland Security. Retrieved from https://www.inl.gov/research-programs/.
McDonald, M., & Richardson, B. (2009). Position paper: Modeling and simulation for process control system cyber security research, development and applications. In Center for Information Management, Integration and Connectivity—Position Papers, 2009.
Google Scholar
McDonald, M., Conrad, G., Service, T., & Cassidy, R. (2008). Cyber effects analysis using VCSE: Promoting control system reliability. In Sandia National Laboratories Report—SAND Report.
Google Scholar
Nicol, D., & Okhravi, H. (2009). Application of trusted network technology to industrial control networks. International Journal of Critical Infrastructure Protection, 2(3), 84–94.
Article Google Scholar
Parker, E., Miner, N., Van Leeuwen, B., & Rigdon, J. (2009). Testing unmanned autonomous system communications in a Live/Virtual/Constructive environment. International Test and Evaluation Association Journal (ITEA), 2009(30), 513–522.
Google Scholar
RTDS Technologies Inc. (2015). RTDS simulator description. Retrieved from http://www.rtds.com.
Urias, V., Van Leeuwen, B., & Richardson, B. (2012). Supervisory command and data acquisition (SCADA) system cyber security analysis using a live, virtual, and constructive (LVC) testbed. In IEEE Military Communications Conference—MILCOM 2012 (pp. 1–8).
Google Scholar
Van Leeuwen, B., Urias, V., Eldridge, J., Villamarin, C., & Olsberg, R. (2010). Performing cyber security analysis using a live, virtual, and constructive (LVC) testbed. In IEEE Military Communications Conference, 2010—MILCOM 2010 (pp. 1806–1811), 31 October 2010–3 November 2010.
Google Scholar
Van Leeuwen, B., Burton, D., Onunkwo, U., & McDonald, M. (2009). Simulated, emulated, and physical investigative analysis (SEPIA) of networked systems. In 2009 IEEE MILCOM Conference, October 2009.
Google Scholar

Download references

Author information

Authors and Affiliations

Sandia National Laboratories, Albuquerque, NM, USA
Vincent Urias & Brian Van Leeuwen

Authors

Vincent Urias
View author publications
You can also search for this author in PubMed Google Scholar
Brian Van Leeuwen
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Brian Van Leeuwen .

Editor information

Editors and Affiliations

US Army Research Laboratory, Adelphi, Maryland, USA
Edward J. M. Colbert
US Army Research Laboratory, Adelphi, Maryland, USA
Alexander Kott

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Urias, V., Van Leeuwen, B. (2016). Experimental Methods for Control System Security Research. In: Colbert, E., Kott, A. (eds) Cyber-security of SCADA and Other Industrial Control Systems. Advances in Information Security, vol 66. Springer, Cham. https://doi.org/10.1007/978-3-319-32125-7_13

Download citation

DOI: https://doi.org/10.1007/978-3-319-32125-7_13
Published: 24 August 2016
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-32123-3
Online ISBN: 978-3-319-32125-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics