skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Cybersecurity threats and experimental testbed for a generator system
In this work, a high-fidelity virtual testbed modeling a networked diesel generator, similar to those used commercially and by the military, is described. This testbed consists of a physical system model of a generator, a digital control system, a remote monitoring system, and physical and networked connections. The virtual testbed allows researchers to emulate a cyber-physical system and perform cyber attacks against the system without the monetary and safety risks associated with a testbed created from physical components. The testbed was used to feasibly simulate network, hardware Trojan, and software Trojan attacks against the diesel generator, and to observe the cyber and physical outcomes.  more » « less
Award ID(s):
1753900
PAR ID:
10642703
Author(s) / Creator(s):
 ;  ;  ;  
Publisher / Repository:
SAGE
Date Published:
Journal Name:
The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology
Volume:
19
Issue:
1
ISSN:
1548-5129
Page Range / eLocation ID:
23 to 35
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; ; ; ; ; (, IEEE Journal of Emerging and Selected Topics in Power Electronics)
    In this paper, we present the design and implementation of a cyber-physical security testbed for networked electric drive systems, aimed at conducting real-world security demonstrations. To our knowledge, this is one of the first security testbeds for networked electric drives, seamlessly integrating the domains of power electronics and computer science, and cybersecurity. By doing so, the testbed offers a comprehensive platform to explore and understand the intricate and often complex interactions between cyber and physical systems. The core of our testbed consists of four electric machine drives, meticulously configured to emulate small-scale but realistic information technology (IT) and operational technology (OT) networks. This setup both provides a controlled environment for simulating a wide array of cyber attacks, and mirrors potential real-world attack scenarios with a high degree of fidelity. The testbed serves as an invaluable resource for the study of cyber-physical security, offering a practical and dynamic platform for testing and validating cybersecurity measures in the context of networked electric drive systems. As a concrete example of the testbed’s capabilities, we have developed and implemented a Python-based script designed to execute step-stone attacks over a wireless local area network (WLAN). This script leverages a sequence of target IP addresses, simulating a real-world attack vector that could be exploited by adversaries. To counteract such threats, we demonstrate the efficacy of our developed cyber-attack detection algorithms, which are integral to our testbed’s security framework. Furthermore, the testbed incorporates a real-time visualization system using InfluxDB and Grafana, providing a dynamic and interactive representation of networked electric drives and their associated security monitoring mechanisms. 
    more » « less
  2. ; ; ; ; ; (, Proceedings of the 33rd Annual ACM Symposium on Applied Computing)
    Owing1 to an immense growth of internet-connected and learning-enabled cyber-physical systems (CPSs) [1], several new types of attack vectors have emerged. Analyzing security and resilience of these complex CPSs is difficult as it requires evaluating many subsystems and factors in an integrated manner. Integrated simulation of physical systems and communication network can provide an underlying framework for creating a reusable and configurable testbed for such analyses. Using a model-based integration approach and the IEEE High-Level Architecture (HLA) [2] based distributed simulation software; we have created a testbed for integrated evaluation of large-scale CPS systems. Our tested supports web-based collaborative metamodeling and modeling of CPS system and experiments and a cloud computing environment for executing integrated networked co-simulations. A modular and extensible cyber-attack library enables validating the CPS under a variety of configurable cyber-attacks, such as DDoS and integrity attacks. Hardware-in-the-loop simulation is also supported along with several hardware attacks. Further, a scenario modeling language allows modeling of alternative paths (Courses of Actions) that enables validating CPS under different what-if scenarios as well as conducting cyber-gaming experiments. These capabilities make our testbed well suited for analyzing security and resilience of CPS. In addition, the web-based modeling and cloud-hosted execution infrastructure enables one to exercise the entire testbed using simply a web-browser, with integrated live experimental results display. 
    more » « less
  3. ; ; ; ; (, IEEE)
    Most proposals for securing control systems are heuristic in nature, and while they increase the protection of their target, the security guarantees they provide are unclear. This paper proposes a new way of modeling the security guarantees of a Cyber-Physical System (CPS) against arbitrary false command attacks. As our main case study, we use the most popular testbed for control systems security. We first propose a detailed formal model of this testbed and then show how the original configuration is vulnerable to a single-actuator attack. We then propose modifications to the control system and prove that our modified system is secure against arbitrary, single-actuator attacks. 
    more » « less
  4. ; ; ; (, Network and Distributed Systems Security (NDSS) Symposium 2020)
    Reconnaissance is critical for adversaries to prepare attacks causing physical damage in industrial control systems (ICS) like smart power grids. Disrupting the reconnaissance is challenging. The state-of-the-art moving target defense (MTD) techniques based on mimicking and simulating system behaviors do not consider the physical infrastructure of power grids and can be easily identified. To overcome those challenges, we propose physical function virtualization (PFV) that ``hooks'' network interactions with real physical devices and uses them to build lightweight virtual nodes following the actual implementation of network stacks, system invariants, and physical state variations of real devices. On top of PFV, we propose DefRec, a defense mechanism that significantly increases the reconnaissance efforts for adversaries to obtain the knowledge of power grids' cyber-physical infrastructures. By randomizing communications and crafting decoy data for the virtual physical nodes, DefRec can mislead adversaries into designing damage-free attacks. We implement PFV and DefRec in the ONOS network operating system and evaluate them in a cyber-physical testbed, which uses real devices from different vendors and HP physical switches to simulate six power grids. The experiment results show that with negligible overhead, PFV can accurately follow the behavior of real devices. DefRec can significantly delay passive attacks for at least five months and isolate proactive attacks with less than $$10^{-30}$$ false negatives. 
    more » « less
  5. ; ; ; (, The Proceedings of 2020 Network and Distributed System Security Symposium (NDSS))
    Reconnaissance is critical for adversaries to prepare attacks causing physical damage in industrial control systems (ICS) like smart power grids. Disrupting reconnaissance is challenging. The state-of-the-art moving target defense (MTD) techniques based on mimicking and simulating system behaviors do not consider the physical infrastructure of power grids and can be easily identified. To overcome these challenges, we propose physical function virtualization (PFV) that “hooks” network interactions with real physical devices and uses these real devices to build lightweight virtual nodes that follow the actual implementation of network stacks, system invariants, and physical state variations in the real devices. On top of PFV, we propose DefRec, a defense mechanism that significantly increases the effort required for an adversary to infer the knowledge of power grids’ cyber-physical infrastructures. By randomizing communications and crafting decoy data for virtual nodes, DefRec can mislead adversaries into designing damage-free attacks. We implement PFV and DefRec in the ONOS network operating system and evaluate them in a cyber-physical testbed, using real devices from different vendors and HP physical switches to simulate six power grids. The experimental results show that with negligible overhead, PFV can accurately follow the behavior of real devices. DefRec can delay adversaries’ reconnaissance for more than 100 years by adding a number of virtual nodes less than or equal to 20% of the number of real devices. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email