Joint experimentation with our industry partners plays an important role in our research – on both sides, for agile development AND for validating our results!Marc-Oliver Pahl
Operational Technology (OT) plays an essential role in modern societies. It is pivotal for applications such as water or power supply, healthcare, or transportation. At the same time, OT is often connected to the Internet for enabling remote-control and collaboration. Its societal impact makes OT an attractive attack target. Its connectivity to the Internet significantly increases the attack probability.
For protecting against attacks, it is important to identify and study them. Honeypots enable such studies. However, realistic honeypots are difficult and expensive to setup. They are also inflexible as their setting is typically static. In
Thy cyberCNI.fr piloting site is a semi-virtualized experimentation platform for reproducible experimentation. It consists of Operation Technology (OT) and Information Technology (IT) components that are physical and virtualized. The piloting site enables experimentation with reconfigurable scenarios from industry 4.0, smart buildings, data centers, and wired and wireless communication networks.
On the hardware side, the piloting site contains 4 miniaturized Fischertechnik factories that can be controlled by Siemens, Schneider, and Industrialshields Programmable Logic Controllers (PLC). 3 Diateam simulators are connected, enabling piloting diverse settings with the PLCs. 6 Schneider heating circuits enable experimenting with HVAC technology. Diverse additional sensors and actuators enable piloting diverse settings in hardware.
On the software side, several powerful servers enable running control processes such as SCADA. They also allow running entire data center settings up to small-scale cloud infrastructure.
The piloting site includes an Airbus Cyberrange that is connected to all components. It allows emulating IT and OT components. This allows complementing the hardware parts with virtualized software equivalents, resulting in vast possibilities for running evaluation scenarios. Components can be simulated on the machines allowing the integration of simulations or co-simulations to the tests.
Typical use cases running on the piloting site are industry 4.0, smart buildings, data centers, and smart mobility. The site is also equipped with immersive visualization hardware, enabling the visualization of properties of the running processes, of course including cybersecurity data.
For more details see:
Pahl, Marc-Oliver; Kabil, Alexandre; Bourget, Edwin; Gay, Matthieu; Brun, Paul-Emmanuel, A Mixed-Interaction Critical Infrastructure Honeypot Journal Article, European Cyber Week CAESAR, 2020, Rennes, France, 2020.