Emulation of Industrial Control Field Device Protocols
AIR FORCE INST OF TECH WRIGHT-PATTERSON AFB OH GRADUATE SCHOOL OF ENGINEERING AND MANAGEMENT
Pagination or Media Count:
It has been shown that thousands of industrial control devices are exposed to the Internet, however, the extent and nature of attacks on such devices remains unknown. The first step to understanding security problems that face modern supervisory control and data acquisition SCADA and industrial controls networks is to understand the various attacks launched on Internet-connected eld devices. This thesis describes the design and implementation of an industrial control emulator on a Gumstix single-board computer as a solution. This emulator acts as a decoy eld device, or honeypot, intended to be probed and attacked via an Internet connection. Evaluation techniques are developed to assess the accuracy of the emulation implemented on the Gumstix and are compared against the implementation on a standard PC and the emulation target, a Koyo DirectLogic 405 programmable logic controller. The results show that both the Gumstix and PC emulator platforms are very accurate to the workloads presented. This suggests that a honeypot implemented on a Gumstix emulator and a standard PC are both suitable for applications in SCADA attack-landscape research.
- Computer Systems Management and Standards
- Human Factors Engineering and Man Machine Systems