ICS Cybersecurity

Maqueta 4 Tanques

The Supervisory Control ans Process Automation (SUPPRESS) research group of the University of León has designed a flexible and escalable test bed for the development of cybersecurity experiments in industrial control systems, which has been recently incorporated to the remote laboratory of automatic control (LRA-ULE). This environment provides the possibility to perform remote cybersecurity tests using a free vulnerability scanner on real equipment used for process control and monitoring.

The main target of this project is to train and educate students in the field of detection of vulnerabilities of the elements integrating Industrial Control Systems (ICS), for which, OpenVAS, which is one of the most extended vulnerability scanner, is used.

SUPPRESS research group © from University of León designed and developed this system.

For the design of the architecture of this test environment, equipment which is widely used in industrial environments for automation and control tasks and energy monitoring has been used. Moreover, with this design, the use of two of the most used communication protocols for industrial aplications and energy monitoring (Modbus and DNP3) are also guaranteed:
  • PLC Modicon M340: Industrial programmable logic controller connected to a module of buttons an lights to simulate two real systems ( sequential start-up of three engines and traffic light). It communicates with an HMI designed for this purpose using Modbus TCP protocol.
  • ION 7650 Advanced Meter: Network analyzer used for advanced metering of electrical consumptions which simulates the acquisition of electrical variables in an actual installation. The Protocols used for the communication with the SCADA system are Modbus TCP, DNP3 and ION.
  • EGX100 Gateway: Modbus TCP-RTU gateway that allows the communication between a SCADA system (VM1) and a electrical meter using Modbus RTU protocol on a RS-485 interface.
  • Cybersecurity Test Server: It is used to carry out the tasks of configuration of the control and acquisition equipment, design of HMI and SCADA, and installation of the vulnerability scanner. It has been virtualized for a better use of resources, dedicating each virtual machine to a specific task.
Fact Sheets
Interactive Zone