This project focuses on the creation of a substation utility testbed for attack detection and mitigation with different protocols such as Modbus, DNP3, and IEC61850.
Cyberattack against Smart Grid can target both cyber and physical systems. Therefore, the following describes the main objectives of the CIC Utility Testbed project:
The scenarios to be tested in CIC Utility Testbed are as follows:
The architecture is shown on Figure 1. We have a field device simulated by a Raspberry Pi 3B+ kit which is attached to a monitor. This device is controlled by a PLC and the PLC is connected to an HMI which is used to configure the PLC and to test the data transfer.
The PLC is a Siemens S7-1500 Starter Kit which has been set up with the HMI and operates on a TIA portal. The PLC is currently being configured to perform Modbus communication with Raspberry Pi(both as client and server). In the next stage, the PLC and Raspberry Pi will relate to SCADA system.
Both Raspberry Pi and the HMI are on the same wireless network. The attacker can access to this wireless network and will perform the various attack scenarios. The impact of the attacks will be observed on the level of software such as the HMI application, on the level of protocols such as network traffic of Modbus, DNP3, and IEC61850, and on the level of devices such as physical device ON/OFF status.
Currently, the testbed has threedevices connected over a switch. The three devices are as follows: Raspberry Pi 3B+ kit attached to a monitor, PLC Siemens S7-1500 Starter Kit, and an HMI. The setup is still under testing and on the next stage the PLC will act as a DNP3 outstation. Furthermore, the PLC and Raspberry Pi will relate to the SCADA system.