Abstract
Considerable research has focused on securing SCADA systems and protocols, but an efficient approach for conducting experiments that measure the impact of attacks on the cyber and physical components of the critical infrastructure is not yet available. This paper attempts to address the issue by presenting an innovative experimental framework that incorporates cyber and physical systems. An emulation testbed based on Emulab is used to model cyber components while a soft real-time simulator based on Simulink is used to model physical processes. The feasibility and performance of the prototype is evaluated through a series of experiments. The prototype supports experimentation with networked industrial control systems and helps understand and measure the consequences of cyber attacks on physical processes.
Chapter PDF
Similar content being viewed by others
References
A. Abdennour and K. Lee, An autonomous control system for boiler-turbine units, IEEE Transactions on Energy Conversion, vol. 11(2), pp. 401–406, 1996.
R. Bell and K. Astrom, Dynamic Models for Boiler-Turbine Alternator Units: Data Logs and Parameter Estimation for a 160Â MW Unit, Technical Report TFRT-3192, Department of Automatic Control, Lund Institute of Technology, Lund, Sweden, 1987.
J. Calvin and R. Weatherly, An introduction to the high level architecture (HLA) runtime infrastructure (RTI), Proceedings of the Fourteenth Workshop on Standards for the Interoperability of Defense Simulations, pp. 705–715, 1996.
R. Chabukswar, B. Sinopoli, G. Karsai, A. Giani, H. Neema and A. Davis, Simulation of network attacks on SCADA systems, presented at the First Workshop on Secure Control Systems, 2010.
P. Chawdhry and B. Hogg, Identification of boiler models, IEE Proceedings on Control Theory and Applications, vol. 136(5), pp. 261–271, 1989.
C. Davis, J. Tate, H. Okhravi, C. Grier, T. Overbye and D. Nicol, SCADA cyber security testbed development, Proceedings of the Thirty-Eighth North American Power Symposium, pp. 483–488, 2006.
S. East, J. Butts, M. Papa and S. Shenoi, A taxonomy of attacks on the DNP3 protocol, in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 67–81, 2009.
N. Falliere, L. O’Murchu and E. Chien, W32.Stuxnet Dossier, Symantec, Mountain View, California (www.symantec.com/content/en/us/enterprise /media/security_response/whitepapers/w32_stuxnet_dossier.pdf), 2011.
M. Guglielmi, I. Nai Fovino, A. Perez-Garcia and C. Siaterlis, A preliminary study of a wireless process control network using emulation testbeds, Proceedings of the Second International Conference on Mobile Lightweight Wireless Systems, pp. 268–279, 2010.
T. Hiyama and A. Ueno, Development of a real time power system simulator in Matlab/Simulink environment, Proceedings of the IEEE Power Engineering Society Summer Meeting, vol. 4, pp. 2096–2100, 2000.
Y. Kim, M. Chung, J. Park and M. Chun, An experimental investigation of direct condensation of steam jet in subcooled water, Journal of the Korean Nuclear Society, vol. 29(1), pp. 45–57, 1997.
A. Kumar, K. Sandhu, S. Jain and P. Kumar, Modeling and control of a micro-turbine-based distributed generation system, International Journal of Circuits, Systems and Signal Processing, vol. 3(2), pp. 65–72, 2009.
J. McDonald and H. Kwatny, Design and analysis of boiler-turbine-generator controls using optimal linear regulator theory, IEEE Transactions on Automatic Control, vol. 18(3), pp. 202–209, 1973.
I. Nai Fovino, A. Carcano, M. Masera and A. Trombetta, An experimental investigation of malware attacks on SCADA systems, International Journal of Critical Infrastructure Protection, vol. 2(4), pp. 139–145, 2009.
I. Nai Fovino, M. Masera, L. Guidi and G. Carpi, An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants, Proceedings of the Third Conference on Human System Interaction, pp. 679–686, 2010.
S. Neema, T. Bapty, X. Koutsoukos, H. Neema, J. Sztipanovits and G. Karsai, Model-based integration and experimentation of information fusion and C2 systems, Proceedings of the Twelfth International Conference on Information Fusion, pp. 1958–1965, 2009.
PowerWorld Corporation, Champaign, Illinois (www.powerworld.com).
C. Queiroz, A. Mahmood, J. Hu, Z. Tari and X. Yu, Building a SCADA security testbed, Proceedings of the Third International Conference on Network and System Security, pp. 357–364, 2009.
H. Seifi and A. Seifi, An intelligent tutoring system for a power plant simulator, Electric Power Systems Research, vol. 62(3), pp. 161–171, 2002.
W. Tan, H. Marquez, T. Chen and J. Liu, Analysis and control of a nonlinear boiler-turbine unit, Journal of Process Control, vol. 15(8), pp. 883–891, 2005.
C. Wang, L. Fang and Y. Dai, A simulation environment for SCADA security analysis and assessment, Proceedings of the International Conference on Measuring Technology and Mechatronics Automation, vol. 1, pp. 342–347, 2010.
B. White, J. Lepreau, L. Stoller, R. Ricci, S. Guruprasad, M. Newbold, M. Hibler, C. Barb and A. Joglekar, An integrated experimental environment for distributed systems and networks, Proceedings of the Fifth Symposium on Operating Systems Design and Implementation, pp. 255–270, 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Genge, B., Nai Fovino, I., Siaterlis, C., Masera, M. (2011). Analyzing Cyber-Physical Attacks on Networked Industrial Control Systems. In: Butts, J., Shenoi, S. (eds) Critical Infrastructure Protection V. ICCIP 2011. IFIP Advances in Information and Communication Technology, vol 367. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24864-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-24864-1_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24863-4
Online ISBN: 978-3-642-24864-1
eBook Packages: Computer ScienceComputer Science (R0)