Lowering the Barriers to Industrial Control System Security

Providing hands-on cybersecurity simulation for the digital age

October 19, 2020 | By Raheem Beyah
Raheem Beyah looking at camera thoughtfully as he sits in an additive manufacturing lab at Georgia Tech

The COVID-19 pandemic has made it clear that the future of work is digital. Businesses across the nation have made the transition online, and even after the pandemic is over, they are likely to retain much of their digital structure. Remote work has become the new normal, and with that comes increasing cybersecurity risks, making the cybersecurity field all the more relevant. One important subfield of cybersecurity is Industrial Control System (ICS) security.

Industrial Control System is a broad term that refers to any system of controllers that continuously read process measurements from sensors, report the measurements to a human machine interface, then use the data to update a physical actuator. In short, it is a safeguard for any network of industrial machinery.

Despite its relevance, for years the ICS security field has been facing a skills gap due to the high cost and low effectiveness of available training programs. Currently, it costs thousands of dollars to obtain and practice hands-on training in attacking and defending ICS networks, and even then, the trainee cannot get a “real” experience of responding to an ICS cyberattack because it is too costly to damage a physical system over and over again. Simulations for these attacks exist, but they are not realistic and do little to prepare the trainee for the real issues and challenges of ICS security.

Understanding and ensuring ICS security is imperative in an age of increased digital reliance in industrial systems. Because current training options are either too expensive or not realistic, training and preparation particularly for emergency situations is limited. This can have dire consequences.

A chemical reactor, for example, is controlled and managed by a complex regulatory system consisting of many digital elements. If this system were attacked and compromised, a chemical reactor could explode, putting lives in danger.

This skills gap indicated the need for a program that could demonstrate the real, physical consequences of cyber-attacks, as well as provide wide-spread access and potential customization. This lack of hands-on training can leave organizations vulnerable and with diminished capacity to manage a failure or attack.

In response, my team and I developed GRFICS, a graphical realism framework for industrial control simulations, the first free and completely virtual ICS network. Inspired by successful flight simulators and military training simulators, GRFICS simulates a realistic ICS challenge through real-time 3D visualization which compels the user to practice balancing and controlling chemical reactions, pressures, and temperatures with minimum cost and maximum efficiency.

The user has continuous data insight into the current state of the process through a programmable logic controller (PLC) and may respond to that state by issuing commands through the human machine interface (HMI), which controls the running of the entire system.

To date, GRFICS is the most effective and the most affordable training system for ICS security, expertly preparing trainees for the challenges and complexities of ICS security at little cost. The accessible design and delivery of GRFICS considerably lowers the barrier to entry into the ICS security field, providing aspiring professionals the opportunity to upskill and minimize the current gap.

Additionally, GRFICS’s detailed virtualization of ICS networks allows for a better training experience, with more realistic practice and no damage to any physical network. It also allows training to cross teams, organizations, and even borders, which is essential for sustainability and growth in a modern economy and supports the needs of a digital and global workforce.

With change and technology moving at an ever-increasing pace, access to training that has real-world application is now needed more than ever to ensure ICS professionals gain the competencies required to keep us and the companies they represent safe.

About the Author

Raheem Beyah, Ph.D., Motorola Foundation Professor in the School of Electrical and Computer Engineering and vice president for interdisciplinary research at Georgia Tech, is well-aware of cybersecurity’s growing importance in today’s workplace. A native of Atlanta, Beyah earned both his master’s and doctoral degrees in Electrical and Computer Engineering from Georgia Tech in 1999 and 2003. He served as a research faculty member for Georgia Tech Communications Systems Center (CSC) before joining the faculty at the School of Electrical and Computer Engineering. As the leader of the Georgia Tech Communications Assurance and Performance Group (CAP), Beyah conducts research at the intersection of networking and security, in pursuit of strategies to protect computer systems against cyberthreats. Recently, Beyah collaborated with a team of fellow innovators at Georgia Tech and Fortiphyd Logic, David Formby and Milad Rad, to develop a simulation training system called a “graphical realism framework for industrial control simulations” (GRFICS), which aims to bolster one of the most important fields in cybersecurity: Industrial Control System (ICS) Security.