Irfan AhmedVassil Roussev

William Johnson Saranyan SenthivelSneha Sudhakaran

Greater New Orleans Center for Information Assurancegnocia.cs.uno.edu

1

A SCADA Testbed On-going Research Efforts Course on Industrial Control System (ICS)

Security

Historian

Power

Distribution

EtherNet/IP

HMI

Modbus

Ethernet

Switch

Field Site 1

Control Center

Gas Pipeline

Field Site 2

Wastewater

Treatment

Field Site 3

PROFINET

PLCPLCPLC

Cyber attacks and Vulnerabilities Cyber attacks on the testbed vs. similar SCADA

systems in industry Small scale physical model put limitations

does not offer a large set of parameters and variables from physical process

Limited data for network traffic analysis

Limited number of PLCs and ICS protocol support

Research Prototype Evaluation Testing on testbed enforces the constraints of a

typical SCADA system 24/7 availability requirement of SCADA services

Resource-constrained embedded devices

Interaction of cyber and physical worlds

ICS communication protocols Difficult to add security functionalities in PLCs proprietary firmware/OS

Limited tools/techniques to access and modify firmware/OS code in PLC

Useful for Digital Forensic research Tools and techniques to extract and analyze

digital artifacts from

HMI and other SCADA services

PLCs

ICS Network traffic

Demonstration of physical processes Varied programming software support PLCs of three vendors, each using different

programming software

Schneider Electric - SoMachine Basic

Allen-Bradley - Studio 5000

Siemens - SIMATIC STEP 7 Varied SCADA protocol support EtherNet/IP

Modbus

PROFINET

Topics Introduction to industrial control

systems (ICS)

PLC programming

ICS network protocols

ICS vulnerabilities and cyber attacks

ICS security solutions Hands-on PLC:Allen-Bradley’s Micrologix 1400 B

Program PLC to control Traffic Lights

Implement man-in the middle attack

PLC Vendors

GE, Mitsubishi, Allen Bradley, Omron, WAGO, Siemens, Automation Direct, and Schneider

PLCs

Micro820, ControlLogix, 1214 TIA, CJ1M, and Fanuc 90/30

Protocols

CC Link, PROFINET, DNP3, Modbus, EtherNet/IP, PCCC, BAC, FL-Net, MC, FINS, and CJ2,

No fieldbus I/O support No connectivity with the cloud No IoT appliances in the testbed

So called industrial internet of things

Irfan Ahmedirfan@cs.uno.edu504 - 280 - 4409

Contact me