Representative Traffic Light HMI/OPC and Logic

CybatiWorks^TM Mini Kit with the Expandable Traffic Control PCB

• Software defined network of hosts, switches, and routers
• Pre-configured HMI, OPC and historian server populated with a GUI, tags and communications parameters
• Engineering logic to operate the traffic
• Printed circuit board with traffic light poles operated with a Raspberry PI microcontroller
• Scripted attack and defense scenarios to education the participant about attacks such as network, process and personnel MitM

Representative Power Grid HMI/OPC and Logic

CybatiWorks Mini Kit with the Power Grid PCB

• Software defined network of hosts, switches, and routers
• Pre-configured HMI, OPC and historian server populated with a GUI, tags and communications parameters
• Engineering logic to operate the the miniature Power Grid
• Printed circuit board with Generation, Transmission, Distribution and Customer Load operated with a Raspberry PI microcontroller
• Scripted attack and defense scenarios to education the participant about attacks such as network, process and personnel MitM

Representative Power Grid HMI/OPC

Expandable Power Grid SnapCircuits IO Board

• Pre-configured HMI, OPC and historian server populated with a GUI, tags and communications parameters
• Engineering logic to operate generation, transmission, distribution and a customer smart meter
• Elenco® SnapCircuit board operated with a Rockwell / Allen-Bradley MicroLogix 1400 controller
• Scripted attack and defense scenarios to education the participant about attacks such as network, process and personnel MitM, MicroLogix 1400 password extraction, overrides, and logic manipulation

Another example tool in the current platform is the CybatiWorks™ Blackbox, as shown in Figure 5. The cybersecurity education wizard builds a 40 node software-defined network coupled with up to 7 other real physical devices. The cyber assets and their applications reside in 3 distinguished zones – Industrial Control Systems, Corporate and the Internet. The scenario builds an ICS/IT/Internet architecture complete with IPv4 and IPv6 routing protocols and includes two attacks and associative defenses. The current educational scenario includes two simple models including a virtualized bottling facility and the printed circuit board traffic light. Using protocol libraries the model generates simulated devices using DNP3, AB PCCC and Modbus protocols. The simulation includes several IT services, engineering documents and traditional business technology as well as an active attacker with a unique command and control channel. The participant is stepped through a series of wizards to baseline the environment, and is expected to identify the attack and respond appropriately using techniques provided in the curricula. The current wizard is resettable to the original scenario allowing easy set up. 

The Blackbox generator uses a series of wizard-based steps, as shown in Figure 6, to lead the participant through the exercise. The steps include notifications about active discovery precautions within cyber-physical systems, such as the impact any changes may have on operations. Even the addition of a configured network switch span or physical tap port may have on operations. Later steps have the participant enable the attacker and use tools to identify the attacker source and engineering logic.