Green, Benjamin and Frey, Sylvain Andre Francis and Rashid, Awais and Hutchison, David (2016) Testbed diversity as a fundamental principle for effective ICS security research. In: SERECIN, 2016-04-06 - 2016-04-06, Royal Holloway.
New_Submitted_Version.pdf - Published Version
Available under License None.
Download (583kB)
Abstract
The implementation of diversity in testbeds is essential to understanding and improving the security and resilience of Industrial Control Systems (ICS). Employing a wide spec- trum of equipment, diverse networks, and business processes, as deployed in real-life infrastructures, is particularly diffi- cult in experimental conditions. However, this level of di- versity is key from a security perspective, as attackers can exploit system particularities and process intricacies to their advantage. This paper presents an ICS testbed with specific focus on infrastructure diversity, and end-to-end business process replication. These qualities are illustrated through a case study mapping data flow/processing, user interactions, and two example attack scenarios.