1. This work was supported by the TRUST Center (NSF award number CCF-0424422) Introduction Since public utilities must rely on the internet, they are vulnerable to cyber attacks. We test mitigation of network control system attacks by using the DETER testbed, which simulates & emulates vulnerabilities. We create a network topology, put plants & controllers on endpoints, attack them, and defend them by changing plant behavior. We examine developing, deploying, and modifying the plant & controller software, which is a major challenge of the project. Project Goals Plant Behavior plants are physical systems designed to facilitate automation [1]. computers that behave like networked plants will: a.hold a state.: e.g., temperature or electrical load. b.update state at regular times. c.send updated state to its controller. Plants update state through one of two ways: 1.scheduled orders from controllers. 2.regular time intervals. d.be influenced by external input from its controller. e.update state when its controller requests it. Controller Behavior A controller is a mechanism that regulates plants. Computers that behave like networked controllers will: a.Always accept updated plant states. b.Find plant future state from the plants updated state. c.Use the future state to calculate a control value. d.Send the control value to the plant as plant input. Methods To create credible experiments, we take these steps, in this order: 1.Model the Abilene topology on DETER. 2.Add nodes to the endpoints to be plants & controllers. 3.Install plant & controller software on selected nodes. 4.Make plants & controllers look for initial values at startup, to facilitate testing various network control system behaviors. 5.Make the plant handshake with its controller. 6.Start normal plant & controller behavior. 7.Allow multiple plants to connect to one controller simultaneously 8.If the state is too large, have the plant quit. Implementation of Methods Simulation We simulate a system by imitating its functions [2]. We started by finding and using simulated plant & control software. Simulated software runs on one node. It simulates one controller & several plants. Generated traffic is logged by ns-2, a simulation platform. Goal : make a plant connect to a controller on another DETER node Problem : After installation, the plant & controller simulation runs correctly, but cannot communicate outside of ns-2. Solution : Emulate the plant & controller software. Emulation We emulate by mixing real components with simulated components [3]. Emulated Plant and Controller We test emulating plants & controllers by porting the simulation software to python [3], which is on all the nodes. The result: an emulated version that fulfills the methods criteria. Bonus: the emulation exceeds experimentation requirements by being easy to customize and having real network traffic communication. Result : tests on network control systems could begin. Improved Emulated Plant and Controller We find software customization speeds up research significantly We add a way to run lists of custom plants for specific durations. We improve logging for easier data filtering. These improvements also allow researching plant behavioral aspects. Conclusions Over the course of this research, we find that it is possible to create a simulation and an emulation of a network control system on DETER. We also find that the software is customizable to facilitate speedy and proper experimentation. As a result of using emulation, we are able to conduct a larger variety of experiments faster. Future Work The network control system can be improved. Below are recommendations 1.Compare the simulation software’s behavior, which is proven to be like a scalar plant & controller, to the emulated plant & controller 2.Find a way to integrate the simulation software to the emulated. 3.Integrate the emulated plant & controller with a DETER OS image 4.Find more plant software and add it for alternative experiments References [1] Liberatore, V. (2002, December 9). Network control Systems. Cleveland, Ohio, United States. [2] Merriam-Webster. (n.d.). simulation definition. Retrieved July 28, 2010, from http://www.merriam-webster.com/netdict/simulation [3] Shashi Guruprasad, R. R. (n.d.). Integrated Network Experimentation using Simulation and Emulation. Logan, Utah, United States. [4] Zappala, D. a. (n.d.). Python Network Programming. Provo, Utah, United States Simulating and Emulating network control systems on DETER Darrel Brower – Humboldt State University Graduate mentors: Saurabh Amin, Blaine Nelson, Suzanna Schmeelk Figure 1. A schematic of a network control system [1] Fig 2. Plant and controller software emulated on DETER using Python [1] Figure 3. emulation improvements. Shown here is the ability to run plants for limited time intervals before changing plant settings and restarting [1]