Analys av Purduemodellen förnätverkssäkerhet i industriellastyrsystem inom Industri 4.0 / Analysis of the Purdue model fornetwork security in industrialcontrol systems within Industry 4.0

Blom, Oskar, Cildavil, Antonia

January 2024

I detta examensarbete analyseras Purduemodellen och dess tillämplighet inomnätverkssäkerhet för industriella styrsystem inom ramarna för Industri 4.0. Genomen litteraturstudie granskas modellens struktur och funktion i relation till de nyautmaningarna som uppkommit genom ökad digitalisering och integrering av IIoTteknologier. Studien identifierar både styrkor och svagheter i den traditionellaPurduemodellen. I resultatavsnittet introduceras en modifierad version avPurduemodellen, utformad för att förstärka nätverkssäkerheten och öka systemensförmåga att hantera cyberhot samt anpassa sig till teknologiska förändringar i denindustriella sektorn. Denna anpassning har genomförts genom införandet avytterligare säkerhetsstandarder och verktyg i syfte att förbättra modellenseffektivitet och relevans. / In this thesis, the Purdue model and its applicability within network security forindustrial control systems under the framework of Industry 4.0 are analyzed.Through a literature review, the model's structure and function are examined inrelation to the new challenges that have emerged due to increased digitization andintegration of IIoT technologies. The study identifies both strengths and weaknessesin the traditional Purdue model. In the results section, a modified version of thePurdue model is introduced, designed to enhance network security and increase thesystems' ability to handle cyber threats and adapt to technological changes in theindustrial sector. This adaptation has been achieved by incorporating additionalsecurity standards and tools aimed at improving the model's efficiency andrelevance.

Purdue model

network security

industrial control systems (ICS)

Industry 4.0

Industrial Internet of Things (IIoT)

cybersecurity

Purduemodellen

nätverkssäkerhet

industriella styrsystem

Industri 4.0

Industrial Internet of Things (IIoT)

cybersäkerhet

Annan elektroteknik och elektronik

Probing-based testing for SCADA systems : A novel method for hardware-in-the-loop integration testing of SCADA systems / Probbaserad testning av SCADAsystem : En ny metodik för integrationstestning av SCADAsystem på verklig hårdvara

Heddini, August

January 2024

Integration testing in software refers to a type of tests where system components are tested as a group for the purpose of verifying their interfaces. It is an important phase in system testing which aims at verifying the compliance of the system with specified functional requirements and the elimination of errors in the interaction of system components. Often integration testing is performed on complex systems with additional requirements for the testing approaches wherein the hardware limitations and time delays need to be taken into account. The testing of such systems is commonly performed through hardware-in-the-loop (HIL) tests. Despite the advances in both integration testing and HIL testing, combining the two for complex systems is still a challenging issue requiring a new set of potential solutions. In this thesis work we propose a new solution approach for HIL integration testing of Supervisory Control and Data Acquisition (SCADA) systems which does not require any simulation of the system under test. The solution presented in this thesis is based on the utilization of probes which are deployed to select component interfaces and through which real-time, inter-component communication can be observed without interference. The feasibility of the proposed approach is evaluated by applying it to a proof-of-concept test of the SCADA control system for a wave-energy converter in development by the thesis host company CorPower Ocean. In the results chapter we further discuss the architectural solution of the probing-based approach and provide further implementation details. Our conclusion is that the proposed approach corresponds to a promising, light-weight, and modular testing solution that can be used to perform live software integration tests of a fully connected system with little to no interference on its operation. / Inom mjukvarubranschen är integrationstester en typ av testning där grupper av systemkomponenter testas tillsammans för att säkerställa funktionaliteten av deras gränssnitt. Det är en viktig fas inom systemtestning som försäkrar att systemet som helhet uppfyller designkraven samt som minimerar felrisken i interaktioner mellan delkomponenter. Integrationstester utförs ofta på komplexa system där testningen i sig har ytterligare krav som inskränker metodvalet, till exempel då hänsyn behöver tas till hårdvarubegränsningar eller timing. Ofta genomförs testningen av sådana system med så kallade hardware-in-the-loop-tester (HIL). Trots modern utveckling inom både integrations- och HIL-testning är det fortfarande mycket utmanande att kombinera båda metoderna för komplexa system och nya lösningar behöver utvecklas och utvärderas. I denna avhandling föreslås en ny sådan lösning för HIL-testning av Supervisory Control and Data Acquisition (SCADA) -kontrollsystem som inte kräver att någon del av systemet simuleras under testernas utförande. Lösningen är baseras på användandet av mjukvarusonder som sätts in vid utvalda komponentgränssnitt och som i realtid kan observera interkomponentkommunikation utan störningspåverkan på komponenterna i sig. Den beskrivna lösningen utvärderades genom att utföra en praktisk konceptvalidering mot SCADAkontrollsystemet för avhandlingens värdbolag CorPower Oceans vågenergigenerator. I avhandlingen beskrivs även den arkitekturella lösning som krävdes för att genomföra sonderingsbaserad testning på ett reellt system samt implementationsdetaljer för konceptvalideringen. Slutsatsen är att den föreslagna lösningen beskriver en lovande och modulär testningsmetodik som kan användas för att genomföra mjukvaruintegrationstester av komplexa, sammankopplade system i realtid, utan simuleringar och utan betydande störningspåverkan på systemets operation

Software Testing

Integration Testing

Hardware-in-the-Loop testing

HIL

Industrial Control System

SCADA

Probing-based testing

TestingMethodology

Mjukvarutestning

Integrationstestning

HIL

Idustriella Kontrollsystem

SCADA

Sonderingsbaserad testning

Testningsmetodik

Computer Sciences

Datavetenskap (datalogi)

Generická analýza toků v počítačových sítích / Generic Flow Analysis in Computer Networks

Jančová, Markéta

January 2020

Tato práce se zabývá problematikou popisu síťového provozu pomocí automaticky vytvořeného modelu komunikace. Hlavním zaměřením jsou komunikace v řídicích systémech , které využívají speciální protokoly, jako je například IEC 60870-5-104 . V této práci představujeme metodu charakteristiky síťového provozu z pohledu obsahu komunikace i chování v čase. Tato metoda k popisu využívá deterministické konečné automaty , prefixové stromy  a analýzu opakovatelnosti. Ve druhé části této diplomové práce se zaměřujeme na implementaci programu, který je schopný na základě takového modelu komunikace verifikovat síťový provoz v reálném čase.

DESIGN AND DEVELOPMENT OF A REAL-TIME CYBER-PHYSICAL TESTBED FOR CYBERSECURITY RESEARCH

Vasileios Theos (16615761)

03 August 2023

<p>Modern reactors promise enhanced capabilities not previously possible including integration with the smart grid, remote monitoring, reduced operation and maintenance costs, and more efficient operation. . Modern reactors are designed for installation to remote areas and integration to the electric smart grid, which would require the need for secure undisturbed remote control and the implementation of two-way communications and advanced digital technologies. However, two-way communications between the reactor facility, the enterprise network and the grid would require continuous operation data transmission. This would necessitate a deep understanding of cybersecurity and the development of a robust cybersecurity management plan in all reactor communication networks. Currently, there is a limited number of testbeds, mostly virtual, to perform cybersecurity research and investigate and demonstrate cybersecurity implementations in a nuclear environment. To fill this gap, the goal of this thesis is the development of a real-time cyber-physical testbed with real operational and information technology data to allow for cybersecurity research in a representative nuclear environment. In this thesis, a prototypic cyber-physical testbed was designed, built, tested, and installed in PUR-1. The cyber-physical testbed consists of an Auxiliary Moderator Displacement Rod (AMDR) that experimentally simulates a regulating rod, several sensors, and digital controllers mirroring Purdue University Reactor One (PUR-1) operation. The cyber-physical testbed is monitored and controlled remotely from the Remote Monitoring and Simulation Station (RMSS), located in another building with no line of sight to the reactor room. The design, construction and testing of the cyber-physical testbed are presented along with its capabilities and limitations. The cyber-physical testbed network architecture enables the performance of simulated cyberattacks including false data injection and denial of service. Utilizing the RMSS setup, collected information from the cyber-physical testbed is compared with real-time operational PUR-1 data in order to evaluate system response under simulated cyber events. Furthermore, a physics-based model is developed and benchmarked to simulate physical phenomena in PUR-1 reactor pool and provide information about reactor parameters that cannot be collected from reactor instrumentation system.</p>

advanced nuclear reactors

I&C Architecture

Cybersecurity

Digital Twin (DT)

Penetration Testing

Cyberattack

Nuclear Reactor

PUR-1

Industrial Control System (ICS)