Development of cyber security testbed for critical infrastructure

The paper describes a critical infrastructure testbed environment for SCADA (Supervisory Control and Data Acquisition) cyber security evaluation and assessment. This includes results of the performed analysis of important features of the critical infrastructure for determination of testbed architecture. As a result the ontology of security for critical infrastructure domain, ontology of protection elements and corresponding taxonomies of infrastructure elements and threats were proposed. A brief survey of the critical infrastructure threats and countermeasure tools was carried out. The proposed environment reflects the real control and supervision substation of electricity generation and distribution control system. SCADA system uses IEC 60870-5-104 and IEC 61850 protocols encapsulated in IPv4 datagrams. The structure of the built testbed environment was shown and its software and hardware components were described. Traffic samples collected from real power IP control and management network for use within testbed generators were analyzed and described.