A Testbed for SCADA Control System Cybersecurity Research and Pedagogy
Morris, T., Vaughn, R., & Dandass, Y. (2011). A Testbed for SCADA Control System Cybersecurity Research and Pedagogy. Proceedings of The 7th Annual ACM Cyber Secruity and Information Intelligence Research Workshop (CSIIRW).. The 7th Annual ACM Cyber Secruity and Information Intelligence Research Workshop (CSIIRW)/Oak Ridge, TN: ACM.
This paper describes the Mississippi State University Supervisory Control and Data Acquisition (SCADA) security laboratory and Power and Energy Research laboratory. This laboratory combines process control systems from multiple critical infrastructure industries to create a testbed with functional physical processes controlled by commercial hardware and software over common industrial control system routable and non-routable networks. The testbed enables a research process in which cybersecurity vulnerabilities are discovered, exploits are used to understand the implications of the vulnerability on controlled physical processes, identified problems are classified by criticality and similarities in type and effect, and finally cybersecurity mitigations are developed and validated against the testbed. The testbed also enables control system security workforce development through integration into the classroom of laboratory exercises, functional demonstrations, and research outcomes.