Researchers from the SECAN-Lab group put continuous efforts to make industry control systems more secure and resilient against wide range of networks attacks. They search for weaknesses within contemporary Supervisory Control And Data Acquisition (SCADA) deployments using emulation - a method to analyze real-world systems with a high level of details. To conduct such analysis, they use the facilities available in the SCADA-Lab. The laboratory incorporates a fleet of small computers and intelligent switches providing both wired and wireless network connectivity, allowing real-time simulation of complex network topologies and the threats they face, both in SCADA and in Internet of Things (IoT) scenario. The SCADA-Lab has been set up in collaboration with the Luxembourgish company CREOS, and includes three racks:
- Emulab hardware
It includes a control network and a pool of experimental resources employed to emulate various network topologies and settings using the Emulab software provided by the Flux Group, part of the School of Computing at the University of Utah. The control network consists of one IP based control switch from CISCO Catalyst 3850-48T-S and one control server Dell PowerEdge R320. The experimental side consists of 2 experimental switches CISCO Catalyst 2960-48TS-L, 1 Operations Server Dell PowerEdge R220, as well as 20 Alix2d13 nodes (8G flash memory). More recently, the worker node pool was extended with 4 Dell PowerEdge R430 servers (128 GB RAM, 2x Intel Xeon E5-2630) for performance-intensive experiments.
- CREOS IP/MPLS network segment
It consists in an IP/MPLS network of three Routers Alcatel Lucent 7705 SAR-8 (Service Aggregation Router), 3 breakout panels, network connectivity, power supplies. As a base functionality, the network has VPLS, VLL, VPRN configured.
- CREOS SCADA segment
It includes 3 Sun Fire V240 servers with PSI software (Leitplatzrechner, Datenbankrechner, Koppelrechner) connected via switches representing one SCADA segment.
The SECAN-Lab team also owns the AS28 server room on the Kirchberg campus, which hosts server-class computers to which researchers have physical access to perform experiments. These computers provide the resources needed to perform research, or are themselves a target for experimentation. Currently, in addition to a variety of individual computers dedicated to particular projects, configurations include two OpenStack virtual compute clusters, a Hadoop “big data” processing cluster, a specialized cluster for vehicle simulation, and a fleet of computers used to perform experiments in a private Tor network.