CIC Utility Testbed | Canadian Institute for Cybersecurity | UNB

Global Site Navigation (use tab and down arrow)

Canadian Institute for Cybersecurity

CIC utility testbed

This project focuses on the creation of a substation utility testbed for attack detection and mitigation with different protocols such as Modbus, DNP3, and IEC61850.

Purpose

Cyberattack against Smart Grid can target both cyber and physical systems. Therefore, the following describes the main objectives of the CIC Utility Testbed project:

  • To configure various substation devices and analyze the behaviour exhibited.
  • To generate different scenarios and analyze the devices' behaviour in different situations.
  • To conduct manual and automated experiments of various scenarios
  • To analyze the network traffic when the devices are in normal and under attack scenarios.

The scenarios to be tested in CIC Utility Testbed are as follows:

  • Command injection: attacker will send incorrect commands to field devices such that it will produce false alarms, or it will modify valid alarms.
  • Data injection: attacker will manipulate readings from a controller and will inject incorrect data to SCADA.
  • Denial of Service (DoS: attacker will send messages to triggered DoS to systems/devices.

Architecture

The architecture is shown on Figure 1. We have a field device simulated by a Raspberry Pi 3B+ kit which is attached to a monitor. This device is controlled by a PLC and the PLC is connected to an HMI which is used to configure the PLC and to test the data transfer.

The PLC is a Siemens S7-1500 Starter Kit which has been set up with the HMI and operates on a TIA portal. The PLC is currently being configured to perform Modbus communication with Raspberry Pi(both as client and server). In the next stage, the PLC and Raspberry Pi will relate to SCADA system.

Both Raspberry Pi and the HMI are on the same wireless network. The attacker can access to this wireless network and will perform the various attack scenarios. The impact of the attacks will be observed on the level of software such as the HMI application, on the level of protocols such as network traffic of Modbus, DNP3, and IEC61850, and on the level of devices such as physical device ON/OFF status.

Figure 1. CIC utility testbed

Infrastructure and devices

Currently, the testbed has threedevices connected over a switch. The three devices are as follows: Raspberry Pi 3B+ kit attached to a monitor, PLC Siemens S7-1500 Starter Kit, and an HMI. The setup is still under testing and on the next stage the PLC will act as a DNP3 outstation. Furthermore, the PLC and Raspberry Pi will relate to the SCADA system.