PICSEL: Portable ICS Extensible Lab
| Autor(a) principal: | |
|---|---|
| Data de Publicação: | 2020 |
| Tipo de documento: | Dissertação |
| Idioma: | eng |
| Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| Texto Completo: | http://hdl.handle.net/10451/48330 |
Resumo: | Trabalho de projeto de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2020 |
| id |
RCAP_a81a57240e1b150e6abfd292fa0fbd72 |
|---|---|
| oai_identifier_str |
oai:repositorio.ul.pt:10451/48330 |
| network_acronym_str |
RCAP |
| network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| repository_id_str |
7160 |
| spelling |
PICSEL: Portable ICS Extensible LabPICSELModularSCADAICSSecurityTrabalhos de projeto de mestrado - 2020Departamento de InformáticaTrabalho de projeto de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2020Critical infrastructures such as electric power grids, nuclear plants, oil and gas refineries, transportations systems or pharmaceutical industries, play an increasingly important role in our lives due to technological advancement and the precision industry. Traditionally, most of these infrastructures, also called industrial control systems (ICS), are large-scale cyber-physical systems (CPS) which all use supervisory control and data acquisition (SCADA). Over recent years, malicious actors have realized the importance and impact of these infrastructures. Combining this with the deprivation of security features in ICS resulted in a large quantity of high value targets just waiting to be exploited. Since these systems are based on equipment with a really long lifetime and, in most of the cases, have an extremely high availability requirement, its important to, somehow, gather information and perform security tests in order to protect these infrastructures, without compromising a live operation. Normally these infrastructures are very complex and often have a remarkable diversity of equipment, communication protocols and transmission technologies. This thesis presents a portable testbed, PICSEL, which was designed and developed to achieve the following goals: to be a portable testbed testing existing exploits and new security solutions whilst exploring new vulnerabilities within the equipment or the environment. Several requirements were considered in the design of the testbed: for instance, choosing the equipment that allowed for more environment configurations; choosing power supplies that support additional equipment; and designing a static electrical diagram based on each device’s requirements. With these requirements, the testbed must be able to support different types of equipment and architectures, allowing for applications in multiple industries, inside which it can be easily reconfigured. The thesis describes the testbed architecture and discusses the design decisions, presenting two test scenarios that were studied and implemented using PICSEL. In each of these test scenarios, different attacks were performed validating each of the PICSEL goals. Testing known vulnerabilities, testing exploits in the wild and exporting information from PICSEL equipment to an external tool were very important steps to validate the results. Therefore, this thesis provides proof of concept confirming the key value of a modular and reconfigurable testbed, PICSEL.Costa, António Casimiro Ferreira da, 1968-Repositório da Universidade de LisboaVieira, Marco Manuel Santos2021-06-04T12:42:33Z202020202020-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10451/48330TID:202605736enginfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-08T16:51:40Zoai:repositorio.ul.pt:10451/48330Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T22:00:14.440940Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
| dc.title.none.fl_str_mv |
PICSEL: Portable ICS Extensible Lab |
| title |
PICSEL: Portable ICS Extensible Lab |
| spellingShingle |
PICSEL: Portable ICS Extensible Lab Vieira, Marco Manuel Santos PICSEL Modular SCADA ICS Security Trabalhos de projeto de mestrado - 2020 Departamento de Informática |
| title_short |
PICSEL: Portable ICS Extensible Lab |
| title_full |
PICSEL: Portable ICS Extensible Lab |
| title_fullStr |
PICSEL: Portable ICS Extensible Lab |
| title_full_unstemmed |
PICSEL: Portable ICS Extensible Lab |
| title_sort |
PICSEL: Portable ICS Extensible Lab |
| author |
Vieira, Marco Manuel Santos |
| author_facet |
Vieira, Marco Manuel Santos |
| author_role |
author |
| dc.contributor.none.fl_str_mv |
Costa, António Casimiro Ferreira da, 1968- Repositório da Universidade de Lisboa |
| dc.contributor.author.fl_str_mv |
Vieira, Marco Manuel Santos |
| dc.subject.por.fl_str_mv |
PICSEL Modular SCADA ICS Security Trabalhos de projeto de mestrado - 2020 Departamento de Informática |
| topic |
PICSEL Modular SCADA ICS Security Trabalhos de projeto de mestrado - 2020 Departamento de Informática |
| description |
Trabalho de projeto de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2020 |
| publishDate |
2020 |
| dc.date.none.fl_str_mv |
2020 2020 2020-01-01T00:00:00Z 2021-06-04T12:42:33Z |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
| format |
masterThesis |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10451/48330 TID:202605736 |
| url |
http://hdl.handle.net/10451/48330 |
| identifier_str_mv |
TID:202605736 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
| instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
| instacron_str |
RCAAP |
| institution |
RCAAP |
| reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
| repository.mail.fl_str_mv |
|
| _version_ |
1799134549041479680 |