A Low-Cost Environment for Teaching Fundamental Cybersecurity Concepts in CPS

Abstract

Cyberattacks targeting Cyber-Physical Systems (CPS) are becoming increasingly concerning since the well-known Stuxnet attack. These systems are mostly based on Programmable Logic Controllers (PLCs), which have low cybersecurity protection levels that make them vulnerable to the next generation of cyberattacks. Therefore, building resilience to such attacks through cybersecurity has become a significant concern for Industry 4.0. Due to the lack of published research papers on effective methods to train for cyberattacks on manufacturing systems, this experimental paper proposes a low-cost platform for cyberattack scenarios, to demonstrate some possibilities to attack CPS. Attacks on critical CPS assets may have severe consequences in the physical world (e.g. accidents). An experimental environment used to train students and operators in such attacks and related prevention and mitigation measures can be used to sensitize and train staff in CPS cyber-security related challenges and mitigation strategies. This paper proposes such an experimental setup, and some fundamental and accessible training scenarios.