SCADA Testbed for Vulnerability Assessments, Penetration Testing and Incident Forensics

摘要

Industrial control systems are critical assets as they interact with real-life aspects of our daily life. These systems often run 24/7 to control and monitor critical industrial and infrastructure processes. The demand to integrate them with the Internet has opened them up for cyber-attacks. The need for skilled expertise starting at the academic level in defending and investigating these critical assets is ever growing. In this paper, the authors design and deploy a Supervisory Control and Data Acquisition (SCADA) lab at Sam Houston State University (SHSU) with a limited budget. The lab is designed to stimulate a near-world industrial setting specifically for Industrial cyber-security research (penetration testing, vulnerability analysis and incident forensics) as an accompaniment to the digital forensics education curriculum at the University.