Speaker: Paul Pfister
Title: The Design and Implementation of a CPS-CDC for ISEAGE
Abstract: It’s no secret that the world is becoming more networked. The swarm of devices that compose the Internet has matured into a vastly diverse arrangement of machines that serve just as diverse a collective of purposes. The landscape of cyberspace is considered hostile terrain and to train survival skills for those making careers in the territory, Cyber Defense Competitions have become an important tool for participants to practice network defense and attack skills in a controlled environment. However, there is another set of Internet connected devices, ones which bridge the digital and physical, that have not been traditionally simulated at these events. These systems, called cyber-physical systems, form the backbone of the nations critical infrastructure and are under increasing threat as our nations adversaries become more sophisticated.
The following document describes the work of adding a CPS-CDC component to Iowa State University’s ISEAGE test bed. The core of the CPS-CDC is the creation of a virtual SCADA system via the use of chained OPC servers and clients. The proposed architecture includes a virtual world that simulates the influence of the virtual control systems, an interface for physical hardware control systems and an HMI front end for the network operators. A scenario is developed including both water and power utilities where participants of the CPS-CDC are tasked with defending the two cyber-physical systems. To enhance the experience for spectators, a 3D model of the city is produced which reflects the state of the competition via LEDs that report the availability of services to the observers. The CPS-CDC scenario is expanded to include both physical and virtual elements, so that participants must guard their actual surroundings as well as protect their assets in cyber-space.
Central to the design of the CPS-CDC is devising a means to simulate SCADA and still appeal to a generic audience. Using OPC-XML, the CPS-CDC environment is constructed such that it is both defensible by the uninitiated and attackable by classically trained security professionals while still maintaining a high degree of authenticity of an actual SCADA system. The design is highly modular, supporting any number of different control systems and can be adapted to wide a set of possible cyber-physical environments.