https://www.mdu.se/

mdu.sePublications
System disruptions
We are currently experiencing disruptions on the search portals due to high traffic. We are working to resolve the issue, you may temporarily encounter an error message.
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
ICSSIM — A framework for building industrial control systems security testbeds
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. RISE Research Institute of Sweden, Västerås, Sweden.ORCID iD: 0000-0001-5332-1033
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-4473-7763
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0003-3354-1463
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. RISE Research Institute of Sweden, Västerås, Sweden.ORCID iD: 0000-0002-7235-6888
Show others and affiliations
2023 (English)In: Computers in industry (Print), ISSN 0166-3615, E-ISSN 1872-6194, Vol. 148, article id 103906Article in journal (Refereed) Published
Abstract [en]

With the advent of the smart industry, Industrial Control Systems (ICS) moved from isolated environments to connected platforms to meet Industry 4.0 targets. The inherent connectivity in these services exposes such systems to increased cybersecurity risks. To protect ICSs against cyberattacks, intrusion detection systems (IDS) empowered by machine learning are used to detect abnormal behavior of the systems. Operational ICSs are not safe environments to research IDSs due to the possibility of catastrophic risks. Therefore, realistic ICS testbeds enable researchers to analyze and validate their IDSs in a controlled environment. Although various ICS testbeds have been developed, researchers' access to a low-cost, extendable, and customizable testbed that can accurately simulate ICSs and suits security research is still an important issue.

In this paper, we present ICSSIM, a framework for building customized virtual ICS security testbeds in which various cyber threats and network attacks can be effectively and efficiently investigated. This framework contains base classes to simulate control system components and communications. Simulated components are deployable on actual hardware such as Raspberry Pis, containerized environments like Docker, and simulation environments such as GNS-3. ICSSIM also offers physical process modeling using software and hardware in the loop simulation. This framework reduces the time for developing ICS components and aims to produce extendable, versatile, reproducible, low-cost, and comprehensive ICS testbeds with realistic details and high fidelity. We demonstrate ICSSIM by creating a testbed and validating its functionality by showing how different cyberattacks can be applied.
Place, publisher, year, edition, pages
2023. Vol. 148, article id 103906
Keywords [en]
Cybersecurity, Industrial Control System, Testbed, Network Emulation, Cyberattack
National Category
Engineering and Technology Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:mdh:diva-62321DOI: 10.1016/j.compind.2023.103906ISI: 000966310200001Scopus ID: 2-s2.0-85151016386OAI: oai:DiVA.org:mdh-62321DiVA, id: diva2:1752834
Available from: 2023-04-24 Created: 2023-04-24 Last updated: 2023-11-06Bibliographically approved
In thesis
1. Identification of Cyberattacks in Industrial Control Systems
Open this publication in new window or tab >>Identification of Cyberattacks in Industrial Control Systems
2023 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

As critical infrastructure increasingly relies on Industrial Control Systems (ICS), these systems have become a prime target for cyberattacks. As a result of the move towards Industry 4.0 targets, ICSs are increasingly being connected to the outside world, which makes them even more vulnerable to attacks. To enhance the ICS's security, Intrusion Detection Systems (IDS) are used in detecting and mitigating attacks. However, using real ICS installations for testing IDS can be challenging, as any interference with the ICS could have serious consequences, such as production downtime or compromised safety. Alternatively, ICS testbeds and cybersecurity datasets can be used to analyze, validate, and evaluate the IDS capabilities in a controlled environment. In addition, the complexity of ICSs, combined with the unpredictable and intricate nature of attacks, present a challenge in achieving high detection precision using traditional rule-based models. To tackle this challenge, Machine Learning (ML) have become increasingly attractive for identifying a broader range of attacks.

 

This thesis aims to enhance ICS cybersecurity by addressing the mentioned challenges. We introduce a framework for simulation of virtual ICS security testbeds that can be customized to create extensible, versatile, reproducible, and low-cost ICS testbeds. Using this framework, we create a factory simulation and its ICS to generate an ICS security dataset. We present this dataset as a validation benchmark for intrusion detection methods in ICSs. Finally, we investigate the efficiency and effectiveness of the intrusion detection capabilities of a range of Machine Learning techniques. Our findings show (1) that relying solely on intrusion evidence at a specific moment for intrusion detection can lead to misclassification, as various cyber-attacks may have similar effects at a specific moment, and (2) that AI models that consider the temporal relationship between events are effective in improving the ability to detect attack types.
Place, publisher, year, edition, pages
Västerås: Mälardalen University, 2023
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 341
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Computer Science
Identifiers
urn:nbn:se:mdh:diva-62403 (URN)978-91-7485-598-2 (ISBN)
Presentation
2023-06-16, Beta, Mälardalens universitet, Västerås, 13:15 (English)
Opponent
Supervisors
Available from: 2023-05-09 Created: 2023-05-05 Last updated: 2023-11-06Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Dehlaghi-Ghadim, AlirezaBalador, AliHelali Moghadam, MahshidHansson, Hans

Search in DiVA

By author/editor
Dehlaghi-Ghadim, AlirezaBalador, AliHelali Moghadam, MahshidHansson, Hans
By organisation
Embedded Systems
In the same journal
Computers in industry (Print)
Engineering and TechnologyComputer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 267 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.45.0
|
WCAG
|
Mälardalen University Library
|
DiVA Log in