5,082
views
0
recommends
+1 Recommend
2 collections
    7
    shares

      Studying business & IT? Drive your professional career forwards with BCS books - for a 20% discount click here: shop.bcs.org

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      LICSTER – A Low-cost ICS Security Testbed for Education and Research

      Published
      proceedings-article
      , , ,
      6th International Symposium for ICS & SCADA Cyber Security Research 2019 (ICS-CSR)
      Cyber Security Research
      10th-12th September 2019
      Industrial Internet of Things, Testbed, Open-source, Low-cost, Security, Education, Research
      Bookmark

            Abstract

            Unnoticed by most people, Industrial Control Systems (ICSs) control entire productions and critical infrastructures such as water distribution, smart grid and automotive manufacturing. Due to the ongoing digitalization, these systems are becoming more and more connected in order to enable remote control and monitoring. However, this shift bears significant risks, namely a larger attack surface, which can be exploited by attackers. In order to make these systems more secure, it takes research, which is, however, difficult to conduct on productive systems, since these often have to operate twenty-four-seven. Testbeds are mostly very expensive or based on simulation with no real-world physical process. In this paper, we introduce LICSTER, an open-source low-cost ICS testbed, which enables researchers and students to get hands-on experience with industrial security for about 500 Euro. We provide all necessary material to quickly start ICS hacking, with the focus on low-cost and open-source for education and research.

            Content

            Author and article information

            Contributors
            Conference
            September 2019
            September 2019
            : 1-10
            Affiliations
            [0001]Hochschule Augsburg, Germany

            www.hsainnos.de
            Article
            10.14236/ewic/icscsr19.1
            4fa78131-80f5-4fca-b45a-bfd6a04ae2cc
            © Felix Sauer et al. Published by BCS Learning and Development Ltd. 6th International Symposium for ICS & SCADA Cyber Security Research 2019

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            6th International Symposium for ICS & SCADA Cyber Security Research 2019
            ICS-CSR
            6
            Athens, Greece
            10th-12th September 2019
            Electronic Workshops in Computing (eWiC)
            Cyber Security Research
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/icscsr19.1
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Industrial Internet of Things,Education,Low-cost,Open-source,Research,Security,Testbed

            REFERENCES

            1. 2014 Openplc: An Open Source Alternative to Automation IEEE Global Humanitarian Technology Conference (GHTC 2014) IEEE 585 589

            2. 2015 MiniCPS: A Toolkit for Security Research on CPS Networks Proceedings of the First ACM workshop on cyber-physical systems-security and/or privacy ACM 91 100

            3. 2011 Scapy

            4. 2008 Research Challenges for the Security of Control Systems HotSec

            5. 2008 Wireshark-network Protocol Analyzer Version 0.99 5

            6. 1983 The OSI Reference Model Proceedings of the IEEE 71 12 1334 1340

            7. 2015 A Search Engine Backed by Internet-wide Scanning Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security ACM 542 553

            8. 2018 Science Hackathons for Cyberphysical System Security Research: Putting CPS testbed platforms to good use Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy ACM 102 107

            9. 2018 Lowering the Barriers to Industrial Control System Security with {GRFICS} 2018 {USENIX} Workshop on Advances in Security Education ({ASE} 18)

            10. 2014 Control-as-a-Service from the Cloud: A Case Study for using Virtualized PLCs 2014 10th IEEE Workshop on Factory Communication Systems (WFCS 2014) IEEE 1 4

            11. 2018 Protecting Water Utility Networks from Advanced Persistent Threats: A Case Study Game Theory for Security and Risk Management Springer 313 333

            12. 2017 Pains, Gains and PLCs: Ten Lessons from Building an Industrial Control Systems Testbed for Security Research 10th {USENIX} Workshop on Cyber Security Experimentation and Test ({CSET} 17)

            13. 2015 A Survey of Industrial Control System Testbeds Secure IT Systems Springer 11 26

            14. International Electrotechnical Commission and others 2003 IEC 62264-1 Enterprise-control System Integration–Part 1: Models and Terminology IEC, Genf

            15. 1989 The Tcpdump Manual Page Lawrence Berkeley Laboratory Berkeley, CA

            16. 1999 The threats to our products Microsoft Interface, Microsoft Corporation 33

            17. 2009 Nmap–Free Security Scanner for Network Exploration & Security Audits

            18. 2018 An Open Framework for Deploying Experimental SCADA Testbed Networks Proceedings of Proceedings of ICS & SCADA 92

            19. 2016 The Cybersecurity Landscape in Industrial Control Systems Proceedings of the IEEE 104 5 1039 1057

            20. 2013 Industrial Control System Cyber Attacks Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 22 29

            21. 2017 PropFuzz - An IT-security Fuzzing Framework for Proprietary ICS Protocols 2017 International Conference on Applied Electronics (AE), Pilsen 1 4

            22. 2018 You Snooze, You Lose: Measuring PLC Cycle Times under Attacks 12th USENIX Workshop on Offensive Technologies (WOOT 18)

            23. 2009 Building a SCADA Security Testbed 2009 Third International Conference on Network and System Security IEEE 357 364

            24. 2010 Research on OPC UA Security 2010 5th IEEE Conference on Industrial Electronics and Applications

            25. 2005 Hping3 (8)-linux man page Online: https://linux.die.net/man/8/hping3

            26. 2010 SCADA-specific Intrusion Detection/Prevention Systems: A Survey and Taxonomy Proceedings of the 1st workshop on secure control systems (SCS) 11 7

            Comments

            Comment on this article