A control system testbed to validate critical infrastructure protection concepts

This paper describes the Mississippi State University SCADA Security Laboratory and Power and Energy Research laboratory. This laboratory combines model control systems from multiple critical infrastructure industries to create a testbed with functional physical processes controlled by commercial hardware and software over common industrial control system routable and non-routable networks. Laboratory exercises, functional demonstrations, and lecture material from the testbed have been integrated into a newly developed industrial control system cybersecurity course, into multiple other engineering and computer science courses, and into a series of short courses targeted to industry. Integration into the classroom allows the testbed to provide a workforce development function, prepares graduate students for research activities, and raises the profile of this research area with students. The testbed enables a research process in which cybersecurity vulnerabilities are discovered, exploits are used to understand the implications of the vulnerability on controlled physical processes, identified problems are classified by criticality and similarities in type and effect, and finally cybersecurity mitigations are developed and validated against within the testbed. Overviews of research enabled by the testbed are provided, including descriptions of software and network vulnerability research, a description of forensic data logger capability developed using the testbed to retrofit existing serial port MODBUS and DNP3 devices, and a description of intrusion detection research which leverages unique characteristics of industrial control systems. (C) 2011 Elsevier B.V. All rights reserved.