JoWUA

Abstract

This article deals with SCADA cybersecurity awareness and teaching. We present two twin demonstrators based on the same technology: (i)WonderICS, an Advanced Persistent Threat (APT) demonstrator used for awareness demonstrations and (ii) G-ICS, a flexible lab used for students training and pentesting. Both are based on a common Hardware-In-the-Loop (HIL) technology which combines simulation, emulation and real devices to reproduce realistic industrial environments. Our solution simulates the physical process alongside real sensors and actuators, which are then connected with real industrial control devices using open-source electronic interface boards. Moreover, an innovative firmware emulation platform allows to run real devices’ firmwares taken from vendors’ websites without the need of the actual physical devices. After describing the architecture and implementation inner workings of our HIL platform, we explain what are the attack scenarios implemented on both platforms. These attacks scenarios allow us to conduct both demonstrations and teaching. We show how they are carried out and the feedback they get.