{"610291":{"#nid":"610291","#data":{"type":"news","title":"Control System Simulator Helps Operators Learn to Fight Hackers","body":[{"value":"\u003Cp\u003EA simulator that comes complete with a virtual explosion could help the operators of chemical processing plants \u0026ndash; and other industrial facilities \u0026ndash; learn to detect attacks by hackers bent on causing mayhem. The simulator will also help students and researchers understand better the security issues of industrial control systems.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EFacilities such as electric power networks, manufacturing operations and water purification plants are among the potential targets for malicious actors because they use programmable logic controllers (PLCs) to open and close valves, redirect electricity flows and manage large pieces of machinery. Efforts are underway to secure these facilities, and helping operators become more skilled at detecting potential attacks is a key part of improving security.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;The goal is to give operators, researchers and students experience with attacking systems, detecting attacks and also seeing the consequences of manipulating the physical processes in these systems,\u0026rdquo; said \u003Ca href=\u0022https:\/\/www.ece.gatech.edu\/faculty-staff-directory\/raheem-a-beyah\u0022\u003ERaheem Beyah\u003C\/a\u003E, the Motorola Foundation Professor in the \u003Ca href=\u0022http:\/\/www.ece.gatech.edu\u0022\u003ESchool of Electrical and Computer Engineering\u003C\/a\u003E at the Georgia Institute of Technology. \u0026ldquo;This system allows operators to learn what kinds of things will happen. Our goal is to make sure the good guys get this experience so they can respond appropriately.\u0026rdquo;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDetails of the simulator were presented August 8 at Black Hat USA 2018, and August 13 at the 2018 USENIX Workshop on Advances in Security Education. The simulator was developed in part by Atlanta security startup company Fortiphyd Logic, and supported by the Georgia Research Alliance.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe simulated chemical processing plant, known as the Graphical Realism Framework for Industrial Control Simulations (GRFICS), allows users to play the roles of both attackers and defenders \u0026ndash; with separate views provided. The attackers might take control of valves in the plant to build up pressure in a reaction vessel to cause an explosion. The defenders have to watch for signs of attack and make sure security systems remain operational.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EOf great concern is the \u0026ldquo;man-in-the-middle\u0026rdquo; attack in which a bad actor breaks into the facility\u0026rsquo;s control system \u0026ndash; and also takes control of the sensors and instruments that provide feedback to the operators. By gaining control of sensors and valve position indicators, the attacker could send false readings that would reassure the operators \u0026ndash; while the damage proceeded.\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;The pressure and reactant levels could be made to seem normal to the operators, while the pressure is building toward a dangerous point,\u0026rdquo; Beyah said. Though the readings may appear normal, however, a knowledgeable operator might still detect clues that the system has been attacked. \u0026ldquo;The more the operators know the process, the harder it will be to fool them,\u0026rdquo; he said.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe GRFICS system was built using an existing chemical processing plant simulator, as well as a 3D video gaming engine running on Linux virtual machines. At its heart is the software that runs PLCs, which can be changed out to represent different types of controllers appropriate to a range of facilities. The human-machine interface can also be altered as needed to show a realistic operator control panel monitoring reaction parameters and valve controller positions.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;This is a complete virtual network, so you can set up your own entry detection rules and play on the defensive side to see whether or not your defenses are detecting the attacks,\u0026rdquo; said David Formby, a Georgia Tech postdoctoral researcher who has launched Fortiphyd Logic with Beyah to develop industrial control security products. \u0026ldquo;We provide access to simulated physical systems that allow students and operators to repeatedly study different parameters and scenarios.\u0026rdquo;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EGRFICS is currently available as an open source, free download for use by classes or individuals. It runs on a laptop, but because of heavy use of graphics, requires considerable processing power and memory. An online version is planned, and future versions will simulate the electric power grid, water and wastewater treatment facilities, manufacturing facilities and other users of PLCs.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EFormby hopes GRFICS will expand the number of people who have experience with the security of industrial control systems.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;We want to open this space up to more people,\u0026rdquo; he said. \u0026ldquo;It\u0026rsquo;s very difficult now to find people who have the right experience. We haven\u0026rsquo;t seen many attacks on these systems yet, but that\u0026rsquo;s not because they are secure. The barrier for people who want to work in the cyber-physical security space is high right now, and we want to lower that.\u0026rdquo;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EBeyah and Formby have been working for several years to increase awareness of the vulnerabilities inherent in industrial control systems. While the community still has more to do, Beyah is encouraged.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;Several years ago, we talked to a lot of process control engineers as part of the NSF\u0026rsquo;s I-Corps program,\u0026rdquo; he said. \u0026ldquo;It was clear that for many of these folks then, security was not a major concern. But we\u0026rsquo;ve seen changes, and lots of people are now taking system security seriously.\u0026rdquo;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EResearch News\u003Cbr \/\u003E\r\nGeorgia Institute of Technology\u003Cbr \/\u003E\r\n177 North Avenue\u003Cbr \/\u003E\r\nAtlanta, Georgia\u0026nbsp; 30332-0181\u0026nbsp; USA\u003C\/strong\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EMedia Relations Assistance\u003C\/strong\u003E: John Toon (404-894-6986) (jtoon@gatech.edu)\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003EWriter\u003C\/strong\u003E: John Toon\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003EA simulator that comes complete with a virtual explosion could help the operators of chemical processing plants \u0026ndash; and other industrial facilities \u0026ndash; learn to detect attacks by hackers bent on causing mayhem. The simulator will also help students and researchers understand better the security issues of industrial control systems.\u003C\/p\u003E\r\n","format":"limited_html"}],"field_summary_sentence":[{"value":"A control system simulator for a chemical processing plant could help train operators on security measures."}],"uid":"27303","created_gmt":"2018-08-23 20:32:59","changed_gmt":"2018-08-23 20:37:46","author":"John Toon","boilerplate_text":"","field_publication":"","field_article_url":"","dateline":{"date":"2018-08-23T00:00:00-04:00","iso_date":"2018-08-23T00:00:00-04:00","tz":"America\/New_York"},"extras":[],"hg_media":{"610289":{"id":"610289","type":"image","title":"Chemical processing plant simulator","body":null,"created":"1535055819","gmt_created":"2018-08-23 20:23:39","changed":"1535055819","gmt_changed":"2018-08-23 20:23:39","alt":"Simulated chemical processing plant","file":{"fid":"232395","name":"industrial-controls2.png","image_path":"\/sites\/default\/files\/images\/industrial-controls2.png","image_full_path":"http:\/\/hg.gatech.edu\/\/sites\/default\/files\/images\/industrial-controls2.png","mime":"image\/png","size":458934,"path_740":"http:\/\/hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/industrial-controls2.png?itok=d2L3PaGo"}},"610290":{"id":"610290","type":"image","title":"Industrial control schematic","body":null,"created":"1535055915","gmt_created":"2018-08-23 20:25:15","changed":"1535055915","gmt_changed":"2018-08-23 20:25:15","alt":"Flow charge of data in chemical processing","file":{"fid":"232396","name":"industrial-controls-schematic.png","image_path":"\/sites\/default\/files\/images\/industrial-controls-schematic.png","image_full_path":"http:\/\/hg.gatech.edu\/\/sites\/default\/files\/images\/industrial-controls-schematic.png","mime":"image\/png","size":100797,"path_740":"http:\/\/hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/industrial-controls-schematic.png?itok=DJHh-3Dp"}}},"media_ids":["610289","610290"],"groups":[{"id":"1188","name":"Research Horizons"}],"categories":[{"id":"135","name":"Research"},{"id":"141","name":"Chemistry and Chemical Engineering"},{"id":"153","name":"Computer Science\/Information Technology and Security"}],"keywords":[{"id":"1404","name":"Cybersecurity"},{"id":"2678","name":"information security"},{"id":"215","name":"manufacturing"},{"id":"168299","name":"chemical processing"},{"id":"178842","name":"Raheem Bayah"}],"core_research_areas":[{"id":"145171","name":"Cybersecurity"},{"id":"39461","name":"Manufacturing, Trade, and Logistics"}],"news_room_topics":[{"id":"71881","name":"Science and Technology"}],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003EJohn Toon\u003C\/p\u003E\r\n\r\n\u003Cp\u003EResearch News\u003C\/p\u003E\r\n\r\n\u003Cp\u003E(404) 894-6986\u003C\/p\u003E\r\n","format":"limited_html"}],"email":["jtoon@gatech.edu"],"slides":[],"orientation":[],"userdata":""}}}