Ani, D;
Watson, J;
(2018)
Review of Open Source Simulators in ICS/IIoT Security Context.
(Technical Report
).
PETRAS Cyber Security Research Hub: London, UK.
Preview |
Text
Open-Source-Simulators-Review-ALIoTT-v.5_Final_Publishable.pdf - Published Version Download (1MB) | Preview |
Abstract
In industrial control systems (ICS), simulation has found widespread use during system design and in tuning process control parameters or exploring the effects of new control algorithms. Simulation enables the assessment of performance at scale and allows research to be conducted by those with limited access to real physical infrastructures. However, as ICSs are often no longer isolated from other networks and the internet, hence are subject to security and safety issues, simulation is also required to understand the issues and their solution. To foster transparent, collaborative and cost-effective studies, demonstrations, and solution development, and attract the broadest interest base, simulation is indeed critical and Open Source is a good way to go since simulators in this category are less expensive to access, install, and use, and can be run with general purpose (non-proprietary) computing equipment and setups. Findings This research presents the following key findings: 1. A lot of Open Source simulation tools exist and span applications areas such as communications and sensor networks (C&WSNs), ICS/SCADA, and IIoT. 2. The functional structures and characteristics that appear common in Open Source simulators include: supported licence types, programming languages, operating systems platforms, user interface types, and available documentation and types. 3. Typical research around Open Source simulators is built around modelling, analysis and optimisation of operations in relations to factors such as flexibility, mobility, scalability, and active user support. No single Open Source simulator addresses all conceivable characteristics. While some are strong in specific contexts relative to their development, they are often weak in other purpose-based research capabilities, especially in the context of IoT. 4. Most of the reviewed Open Source tools are not designed to address security contexts. The few that address security such as SCADASim only consider very limited contexts such as testing and evaluating Denial-of-Service (DoS), Man-in-the-middle (Mitm), Eavesdropping, and Spoofing attacks. Recommendations The following key recommendations are presented: 1. Future developments of Open Source simulators (especially for IIoT) should explore the potential for functionalities that can enable the integration of diverse simulators and platforms to achieve an encompassing setup. 2. Developers should explore the capabilities of generic simulators towards achieving architectures with expansible capabilities into multi-class domains, support easier and faster modelling of complex systems, and which can attract varied users and contributors. 3. Functional characteristics such as; ease of use, degree of community acceptance and use, and suitability for industrial applications, should also be considered as selection and development criteria, and to emphasise simulator effectiveness. This can support consistency, credibility, and simulation system relevance within a domain that is continually evolving. 4. Future Open Source simulation projects developments should consider and adopt the more common structural attributes including; Platform Type, Open Source Licence Type, Programming Language, User Interfaces, Documentation, and Communication Types. These should be further complemented by appropriate editorial controls spanning quality coding, revision control and effective project disseminations and management, to boost simulation tool credibility and wide acceptance. 5. The range of publication dates (earliest to latest) for: citations, code commits, and number of contributors associated to Open Source simulator projects can also support the decision for interests and adoption of specific Open Source projects. 6. Research objectives for ICS/IIoT Open Source simulators should also include security performance and optimisation with considerations towards enhancing confidentiality, integrity and availability. 7. Further studies should explore the evaluation of security topics which could be addressed by simulation – more specifically, proposing how this may be achieved and identifying what can't be addressed by simulation. Investigations into simulation frameworks that can allow multi-mode simulations to be configured and operated are also required. Research into Industry 4.0 System-of-Systems (SoS) security evaluations, dependency, and cascading impacts method or analysis is another area of importance
| Type: | Report |
|---|---|
| Title: | Review of Open Source Simulators in ICS/IIoT Security Context |
| Open access status: | An open access version is available from UCL Discovery |
| Publisher version: | https://www.petrashub.org/wp-content/uploads/2018/... |
| Language: | English |
| Additional information: | This version is the version of record. For information on re-use, please refer to the publisher’s terms and conditions. |
| Keywords: | open source simulators, ICS Simulation, Security Simulation |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Engineering Science Faculty Office UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > STEaPP |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10084939 |
Archive Staff Only
 |
View Item |
