Abstract

Abstract The digital transformation of industries implies the need of new training efforts. In this context, cybersecurity of industrial control systems (ICS) poses specific challenges. The current practice of ICS cybersecurity training is generally restricted to the isolated management of industrial and network devices or extensive use of network traffic emulation/simulation, providing the students a limited understanding of the problem. For that reason, in this paper, we present an approach based on the replication of a simple industrial control system. For that purpose, a control cabinet, which covers the lowest levels of the automation pyramid, and a set of virtual machines (VMs) are used. The aim is to provide a flexible experimentation environment where all elements can be reconfigured. Through the deployment of the appropriate network structure, students can carry out device configurations or assume different roles in the industrial control system, from the points of view of automation or security. The experimentation environment is also designed to provide a comprehensive remote access to hardware, software and communication networks in a reliable way (flexibility), without posing a threat to the security and safety of the environment (isolation) or requiring time-consuming maintenance (easy recovery of VMs and equipment). Through the architecture defined, students can reach the VMs used in each task, which are isolated from the outer network and can be easily managed and maintained. Finally, some educational activities are presented, where the proposed approach is used for training of students with different backgrounds.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.