On Developing a Hybrid Cyber-Physical Testbed for Cyber-Secure Industrial Control System

With the rapid advancement of internet technology, access to the internet has become more widespread, offering improved quality, increased availability, and reduced costs in today's era. This has paved the way for numerous devices to connect and be managed remotely via the internet, forming what is known as the Internet of Things (IoT). Similarly, industrial control systems (ICS) have also benefited from these technological advancements, enabling remote access to entire processes from anywhere in the world. Additionally, Cyber Physical Systems (CPS) have emerged, integrating smart sensing, computing, and control devices through robust and secure networks. However, this interconnectedness presents various security challenges, particularly concerning critical infrastructure (CI). We hereby investigate such security attacks in CPS, IoT and ICS and describe techniques to build resilience against them with the help of testbeds. A cost-effective prototype testbed is developed to mimic the chemical process-automation plant. The proposed testbed incorporates Virtual-Factory environment to achieve a true Hardware-In-Loop (HIL) emulation of real-world factories in cost effective manner. The entire system is controlled using the Codesys based Raspberry-pi which act as pseudo-PLC. The Modbus-TCP protocol is used to communicate between the operator Human Machine Interface (HMI) and the control system. Furthermore, we've conducted several cyber-attacks on the testbed to gather real-world data for the development of an Intrusion Detection System (IDS). These attacks include MITM-based data modification attacks utilizing the Metasploit V6 framework, and de-authentication attacks employing the aircrack-ng tool. Subsequently, the dataset obtained is utilized to train a Random Forest-based IDS model using supervised machine learning techniques.