Demonstration of Supervisory Control and Data Acquisition (SCADA) Virtualization Capability in the US Army Research Laboratory (ARL)/Sustaining Base Network Assurance Branch (SBNAB) US Army Cyber Analytics Laboratory (ACAL) SCADA Hardware Testbed

Report No. ARL-CR-0773
Authors: Daniel T Sullivan and Edward J Colbert, Ph.D
Date/Pages: May 2015; 32 pages
Abstract: In support of the US Army Research Laboratory (ARL) mission to conduct cybersecurity research to protect Industrial Control Systems (ICS), the ARL Sustaining Base Network Assurance Branch (SBNAB) constructed a Supervisory Control and Data Acquisition (SCADA) hardware testbed to simulate the network traffic between human machine interface (HMI) and programmable logic controller (PLC) components. The HMI and PLC components were instantiated with software and installed in multiple virtual machines (VMs) to emulate 6 conceptual manufacturing plant processes. Two experiments were conducted: · Validate the virtualized network performance by creating and capturing HMIPLC network traffic over a 24-h period in the virtualized network and inspect the packets for errors. · Test the interoperability of physical network elements with the virtualized network. In this test, a simulated threat actor used a laptop computer to connect to the virtualized production network and send malicious Modbus network commands to create a manipulation of view attack. The results of both experiments are PASS. The experiments validated the capability to establish a SCADA hardware testbed using virtualization and this infrastructure is now part of the ARL SBNAB US Army Cyber Analytics Laboratory (ACAL).
Distribution: Approved for public release
  Download Report ( 0.788 MBytes )
If you are visually impaired or need a physical copy of this report, please visit and contact DTIC.
 

Last Update / Reviewed: May 1, 2015