Brief Description

Industrial Control Systems (ICS) such as Supervisory Control And Data Acquisition System (SCADA), Distributed Control System (DCS) etc. are key elements of critical infrastructure of a nation. In order to ensure the security of ICS, a fool-proof and trust worthy information technology security testing platform is necessary.

C-DAC under the sponsorship from Ministry of Electronics and Information Technology (MeitY), Govt. of India had designed and established a security test bed (ICSSTB) for assessing the vulnerabilities in various components of industrial control systems.

ICSSTB can be used for securing & protecting ICS/SCADA systems against wide range of cyber-attacks. Various utilities can make use of this facility by testing their control system using ICSSTB. Control systems comprising Industrial automation controllers and SCADA software can be tested using ICSSTB. ICSSTB operates as complete sandboxed testing environment for control systems simulating field signals in real time with cyber security analysis capability.

ICSSTB developed by CDAC has the capability to define plant process model, simulate plant model and security analysis on hardware, software and communication facilities of the control system used to operate the defined plant process.

The major components of the ICSSTB are:

• Plant Process Simulation Environment for simulation of plant equipments, related sensors & actuators and process for ICS under test.

• ICS Security Analyser used to carry out vulnerability tests and exploits on the ICS under test.

• ICS Test platform consists of facilities to install and configure control system as in a real process plant environment.
  ICS test platform consists of :

• Test Jig for providing mechanical support to install and configure various ICS devices like automation controllers under test

• Virtualized ICS environment for ICS computers and network - sandboxed virtual machines for creating ICS networks and computers such as server, engineering workstation, operator console etc. loaded with various ICS software.

• Facility for visualization of the architecture of ICS under test is possible using a Centralized viewing facility called ICS Dashboard.
   

Main uses and domain

Industrial Control Systems (ICS) such as SCADA and DCS , Process Industries, Power Plant etc
Domain : Industrial Automation Control system Security
 

Features and Technical Specifications

• Complete sand-boxed Test environment for ICS

• Secure networking infrastructure inside ICSSTB with multiple levels of ICS networks

• Specialized ICS Testbed Dashboard software to manage, configure and operate the cluster of virtual computers to set up the ICS under test

Virtual Plant Process Simulation Platform

• Software for Modeling , Simulation and Visualization of plant process

• Controller for generation of Field signals for the ICS controllers under Test (4-20 mA, 1-5 VDC and 24 VDC)

• Test jig Facility to connect Field input/ output signals (DI/DO/AI/AO) of Industrial Controllers under test such as RTU/PLC/IED

ICS Under Test Platform

• Sandboxed ICS environment on a cluster of computers with Virtualization software having ready to use baseline Windows / Linux operating system for installing ICS software under test

• Facility to install, configure and run complete ICS software systems on a virtualized hardware environment

ICS Security Analyser Platform

• Facility for Cyber Security Analysis of Industrial Control Systems (ICS)

• Cyber Security Test Manual to carry out testing of vulnerability in ICS to analyze ICS configurations, Process Logic, Firmware and Communication

• Vulnerability analysis of Industrial Controllers using in house developed Penetration Testing tool (RTUPenTester) and generation of Cyber Security Test Reports for the device under test

• Facility to carry out ICS cyber security analysis using virtualized windows Operating systems loaded with Exploit tools

• Facility to analyze the Firmware and Electronic circuit of the device under test

• Capturing and Analysis of ICS communication packets
   

Platform required(if any)

NA