A cyber-physical experimentation environment for the security analysis of networked industrial control systems

[Display omitted] ► We propose a novel approach for security experiments with cyber-physical systems. ► We combine advantages of cyber emulation testbeds with physical systems simulators. ► Wide applicability proven through case studies in the power and chemical sectors. ► Suitable for studying effects of real malware on industrial systems in a safe way. ► Advantages: cost efficiency, scalability, fidelity, safety. Although many studies address the security of Networked Industrial Control Systems (NICSs), today we still lack an efficient way to conduct scientific experiments that measure the impact of attacks against both the physical and the cyber parts of these systems. This paper presents an innovative framework for an experimentation environment that can reproduce concurrently physical and cyber systems. The proposed approach uses an emulation testbed based on Emulab to recreate cyber components and a real-time simulator, based on Simulink, to recreate physical processes. The main novelty of the proposed framework is that it provides a set of experimental capabilities that are missing from other approaches, e.g. safe experimentation with real malware, flexibility to use different physical processes. The feasibility of the approach is confirmed by the development of a fully functional prototype, while its applicability is proven through two case studies of industrial systems from the electrical and chemical domain.