An isolated virtual cluster for SCADA network security research
作者:
Antoine Lemay, José Fernandez, Scott Knight
所属专业方向:
网络安全,电力电子,实时仿真
摘要:
Research aimed at securing the SCADA and ICS networks has taken off in the wake of Stuxnet. Unfortunately, it is difficult for researchers to fully capture the integration between cyber and
physical components that is intrinsic to these systems. To enable researchers to perform network
security experiments while taking into account the physical component of ICS networks, we
propose the use of the ICS sandbox. The ICS sandbox uses the proven virtualized cluster approach
to emulate SCADA networks with high fidelity. The virtualized cluster is interfaced with an
electrical power flow simulator to integrate the physical component of an ICS network controlling
electrical grid critical infrastructure without imposing scale constraints. Parts of the proposed
sandbox were validated in a training session offered to industry professionals where a satisfaction
survey indicated that hands-on session with the ICS sandbox provided significant training value to
the participants that could not have been obtained in traditional training.
An isolated virtual cluster for SCADA network security research; i, u# s8 k! k
Research aimed at securing the SCADA and ICS networks has taken off in the wake of Stuxnet. Unfortunately, it is difficult for researchers to fully capture the integration between cyber and" C( U% W, _, p% d) x- _& P) O% Y
physical components that is intrinsic to these systems. To enable researchers to perform network security experiments while taking into account the physical component of ICS networks, we propose the use of the ICS sandbox. The ICS sandbox uses the proven virtualized cluster approach to emulate SCADA networks with high fidelity. The virtualized cluster is interfaced with an electrical power flow simulator to integrate the physical component of an ICS network controlling electrical grid critical infrastructure without imposing scale constraints. Parts of the proposed sandbox were validated in a training session offered to industry professionals where a satisfaction survey indicated that hands-on session with the ICS sandbox provided significant training value to the participants that could not have been obtained in traditional training. 7 L8 u; m6 T# z, A- r/ h, D/ B: j6 z用于SCADA网络安全研究的孤立虚拟集群 $ _/ v A+ `4 y, }/ m该研究旨在确保Stuxnet病毒发生后SCADA和ICS网络系统的安全性。然而,研究者很难充分抓住这些系统内在的网络与真实组件间的集成。为了让研究者们能够在考虑ICS网络真实组件的同时实施网络安全实验,我们提出了ICS sandbox。ICS sandbox利用经验证的虚拟集群法以高精确精度模拟SCADA网络。虚拟集群与一个电力系统流仿真器相连,并与ICS网络物理组件集成,从而在没有规模限制下控制电网关键设施。在提供给业内专业人士的培训环节中,部分sandbox得到验证,满意度调查表明与传统培训相比,利用ICS sandbox的实践环节为参与者提供了显著有效的培训。 ; |3 l$ ]* {! c) N. @) JSCADA network.rar(800.93 KB, 下载次数: 0)
赣公网安备36040302000210号 )|网站地图
狗仔卡
发表于 2014-12-16 12:02:57
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡