Skip to content

Releases: Critical-Infrastructure-Systems-Lab/DHALSIM

Learning-based attack concealment module included

25 Nov 17:20
Compare
Choose a tag to compare

This version of DHALSIM provides the learning-based attack concelment module that was developed by Alessandro Erba and presented in "Constrained Concealment Attacks against Reconstruction-based Anomaly Detectors in Industrial Control Systems" https://dl.acm.org/doi/abs/10.1145/3427228.3427660

What's Changed

  • Latest version for dataset presented in CCS - RICSS'24 Workshop by @afmurillo in #52
  • Update synced_event.py by @Tuto96 in #53

New Contributors

Full Changelog: v0.6.0...v0.6.1

Learning-based attack concealment module included

10 Jul 23:20
3bdc4f4
Compare
Choose a tag to compare

This version of DHALSIM provides the learning-based attack concelment module that was developed by Alessandro Erba and presented in "Constrained Concealment Attacks against Reconstruction-based Anomaly Detectors in Industrial Control Systems" https://dl.acm.org/doi/abs/10.1145/3427228.3427660

What's Changed

New Contributors

Full Changelog: v0.5.0...v0.6.0

DHALSIM Prototype with additional attacks and concealment

08 Mar 14:28
3bb74b1
Compare
Choose a tag to compare

This version of DHALSIM provides a set of new attacks and concealment mechanisms for the Man in the Middle attacks.

DHALSIM Prototype with new synchronization mechanism

10 Mar 03:45
Compare
Choose a tag to compare

This version of DHALSIM provides a new synchronization mechanism for the co-simulation environment between the physical simulators and MiniCPS network. Results should now be repeatable across multiple runs.

In addition, some basic network events are now supported: network delays and network packet loss. These events use the same configuration structure as network attacks and also follow a similar syntax. In the back end, the events are implemented using Linux tc tool

DHALSIM Prototype with enhanced features and experimental Epynet support

25 Jun 08:34
Compare
Choose a tag to compare

This new version of the Digital Twin for Water Distribution Systems provides more example topologies and adds additional information handled by the SCADA nodes in the topologies. In addition, DHALSIM-epynet is used for one example topology instead of WNTR.

This software is developed by the Singaporean National Satellite of Excellence Project "Learning from Network and Process data to secure Water Distribution Systems" from the SUTD Resilient Water Systems Group and iTrust. In addition, Davide Salaorni, Master's student from Politecnico de Milano has developed DHALSIM-epynet as an experimental hydraulics simulator. DHALSIM-epynet is a wrapper around EPANET 2.2 fully supported in Python.

This version introduces some changes from the August version:

  • DHALSIM uses now .yaml files to describe network and device attacks. Some basic attacks are supported.
  • The beginning and ending of attacks is controlled by the physical process module, that contains the "master clock" of a DHALSIM experiment
  • SCADA nodes now receive not only the tank levels, but also pump/valves flows, and some junctions pressure
  • The enhanced_ctown_topology uses epynet instead of WNTR to simulate the hydraulic process. Epynet follows more closely a step-by-step simulation in EPANET 2.2

This is the last release before DHALSIM1.0 is released. DHALSIM 1.0 is a major change for DHALSIM and will fully support an automatic parser for epanet INP file, better documentation, and an installation script that automatically deploys the digital twin.

DISCLAIMER: This version requires an upgraded version of MiniCPS that still is pending merging with the main MiniCPS repository, this version can be found here: https://github.com/afmurillo/minicps This version extends the devices class to provide to new methods for the ENIP protocol: send_multiple and receive_multiple. These methods enable a PLC to send/receive multiple tags at the same time

Proof of concept of the Digital Twin for Water Distribution Systems

06 Nov 11:16
Compare
Choose a tag to compare

This is still a beta version of the Digital Twin for Water Distribution Systems. This software uses Mininet, MiniCPS, and the EPANET WNTR simulator to emulate the behavior of different water distribution topologies. To our knowledge, this is the first digital twin that provides network information for such systems. This is because by using MiniCPS we are able to emulate a virtual network in which processes representing PLCs with their own virtual network interfaces exchange communication messages using a standard industrial protocol such as ENIP.
For each experiment two types of data are generated: i) physical data: the state of the system in time for the pland, ii) network data, each of the devices starts a tcpdump capture that creates a .pcap file with the messages sent/received during the experiment. In addition, In addition, attacks of the PLCs and communication between devices are performed generating network and physical results of such attacks.
This software is developed by the Singaporean National Satellite of Excellence Project "Learning from Network and Process data to secure Water Distribution Systems" from the SUTD Resilient Water Systems Group and iTrust.

This version introduces some changes from the August version:

  1. PLCs now extend from a class called basePLC. basePLC implements all the functions that are common among any PLC or SCADA device. In addition, basePLC uses a thread to send the PLC state (sensor or actuator data).
  2. This version starts using config .yaml files to start generalizing DHALSIM

These two changes are done in preparation for a fully automatic DHALSIM version that can parse an epanet INP file, automatically generate a DHALSIM topology, and run an experiment with such file

DISCLAIMER: This version requires an upgraded version of MiniCPS that still is pending merging with the main MiniCPS repository, this version can be found here: https://github.com/afmurillo/minicps This version extends the devices class to provide to new methods for the ENIP protocol: send_multiple and receive_multiple. These methods enable a PLC to send/receive multiple tags at the same time

Proof of concept of the Digital Twin for Water Distribution Systems

14 Aug 10:02
Compare
Choose a tag to compare

This is the beta version of the Digital Twin for Water Distribution Systems. This software uses Mininet, MiniCPS, and the EPANET WNTR simulator to emulate the behavior of different water distribution topologies. To our knowledge, this is the first digital twin that provides network information for such systems. This is because by using MiniCPS we are able to emulate a virtual network in which processes representing PLCs with their own virtual network interfaces exchange communication messages using a standard industrial protocol such as ENIP.
For each experiment two types of data are generated: i) physical data: the state of the system in time for the pland, ii) network data, each of the devices starts a tcpdump capture that creates a .pcap file with the messages sent/received during the experiment. In addition, In addition, attacks of the PLCs and communication between devices are performed generating network and physical results of such attacks.
This software is developed by the Singaporean National Satellite of Excellence Project "Learning from Network and Process data to secure Water Distribution Systems" from the SUTD Resilient Water Systems Group and iTrust.

Proof of concept of the Digital Twin for Water Distribution Systems

16 Jul 16:13
Compare
Choose a tag to compare

This is the beta version of the Digital Twin for Water Distribution Systems. This software uses Mininet, MiniCPS, and the EPANET WNTR simulator to emulate the behavior of different water distribution topologies. To our knowledge, this is the first digital twin that provides network information for such systems. This is because by using MiniCPS we are able to emulate a virtual network in which processes representing PLCs with their own virtual network interfaces exchange communication messages using a standard industrial protocol such as ENIP.
For each experiment two types of data are generated: i) physical data: the state of the system in time for the pland, ii) network data, each of the devices starts a tcpdump capture that creates a .pcap file with the messages sent/received during the experiment. In addition, In addition, attacks of the PLCs and communication between devices are performed generating network and physical results of such attacks.
This software is developed by the Singaporean National Satellite of Excellence Project "Learning from Network and Process data to secure Water Distribution Systems" from the SUTD Resilient Water Systems Group and iTrust.