Home / Laboratories / Industrial Cybersecurity ICS OT by Logitek Competence Center

Industrial Cybersecurity ICS OT by Logitek Competence Center

Contact person → See organization →
Imagen: 
Laboratory
Description

Logitek is a company with more than 35 years of experience in the market. Their mission is to advise the industrial and infrastructure sectors on the optimum management of the generation and use of information in real time, selecting and providing the best solutions and services. 

Present in Spain and Portugal, Logitek responds to the current challenges associated with these sectors through five Areas: High Availability, Industrial Communications, Industrial M2M, Real time Management and Industrial Cybersecurity. Their clients include companies linked to the energy, water, transport, infrastructure, food, drink and pharmaceutical sectors.

Industrial Cybersecurity by Logitek was created as a new consultancy Area within Logitek in order to help their clients to improve the security levels of their processes, systems and infrastructures within the OT (Operation Technology) environments. In addition, internally it offers its services transversally to the other Areas. 

The Industrial Cybersecurity by Logitek Competence Center was set up within this Area with the mission to provide support to the research, development and demonstration of technological solutions linked to industrial cyber-security.

The ICYCC is divided into three areas:

  • OT Network CyberLab simulates an industrial network into which different devices and systems are integrated and in which pentesting is possible.
  • High Availability CyberLab demonstrates the most appropriate technologies for increasing the availability of the industrial systems.
  • Profibus/Profinet CyberLab provides the compression of the PROFIBUS and PROFINET technologies.

The OT Network CyberLab simulates an industrial network into which different devices and systems are integrated and in which pentesting is possible.

This demo environment includes levels 1 and 2 of the automation pyramid described in the ISA-95 standard (level 1, field devices and level 2, HMI/SCADA systems). In addition, it has included communication servers based on the OPC and OPC UA specification in order to permit secure integration between both levels.

Different technologies have been included in the same space, related to industrial cyber-security, and which help to increase the security of these environments. These include the DPI (Deep Packet Inspection) industrial firewalls, data diodes, antimalware off-line solutions, performance-based industrial IDS and VPN servers.

Basic components:

  • Field devices: Siemens S7-1200, Omron CP1L-EL20DR-D, LKRemote, Moxa NPort.
  • Industrial protocols used: Modbus OPC Server, DNP3 OPC Server, SNMP OPC Server, OPC UAthrough the KepserverEx platform by Kepware.
  • HMI/SCADA systems: InTouch by Wonderware.
  • Pentesting systems: 
    • Visibility of devices and networks: PLC Scanner, ModScan, Software 232Analyzer, Wireshark (OT Protocols), NMAP
    • Software vulnerabilities: OpenVAS, Industrial IDS
    • Attacks on credentials: THC Hydra
    • WiFi penetration: AirCrack-ng, Kismet
  • Industrial network fortification systems: Tofino DPI Firewall Industrial by Hirschmann.
  • Industrial network protection systems: Data diode by FOX IT.
  • Antimalware off-line solutions: PortableSecurity and SafeLock by TrendMicro.
  • IDS industrial solutions: ICSSilent by SecMatters.
  • VPN solutions: Eagle Device by Hirschmann and Fortigate 40C by Fortinet.

What can the laboratory user do?

  • Programme logic models in the field devices.
  • Develop and interact with the SCADA systems.
  • Configure an OPC server and create OPC tunnels on the UA (Unified Architecture) specification providing security to the OPC communications.
  • Test the efficiency of the DPI industrial firewalls in blocking unauthorised requests on devices and/or industrial protocols.
  • Study the working of data diodes and their ease of configuration.
  • Make denial-of-service attacks, spoofing, poisoning, hijacking, etc. on the control devices and HMI /SCADA systems.
  • Confirm the efficiency of the antimalware offline solutions on infected virtual machines.
  • Scan the industrial network in order to analyse the types of vulnerabilities in existence and how these can be detected using non-invasive intrusion detection solutions.
  • Access control devices via VPN (locally).
  • Encapsulate insecure protocols such as Modbus, using typical IT technologies such as the VPN.

Availability is a key factor in industrial environments. To increase the availability of the systems supporting the industrial processes there are different solutions which adapt to the idiosyncrasy of the operation environments.

In the laboratory the user can interact with change management systems that permit the tracking of users who develop and/or modify an industrial system (PLC, RTU, HMI, SCADA, Controller, etc…), management of the versions of the configuration files of these devices, automation of the backup & restore policies and documentary management.

They can also check the operation of management solutions for architectures based on Thin Clients. These technologies permit instant failover between RDS servers, the management of network redundancy (Thin Clients two network cards), the quick replacement of Thin Clients from console and the management of IAAA diagrams in light applications.

Lastly, it is possible to analyse the working of fault tolerant servers. These servers offer the highest existing availability in the protection of critical mission applications whose service level must be 24/7. While traditional high availability solutions offer recovery times that may be too long, fault tolerant servers operate in “Lockstep” mode, permitting zero recovery time in the event of a hardware or applications fault.

Basic components:

  • Change management system and automation of backup copies of industrial devices (PLC, RTU, controller, SCADA, HMI): Autosave SW by MDT.
  • Thin Clients safe architecture management solutions: ACP Thin Manager.
  • High availability solutions for hardware equipment: FTServer and EverRun by Stratus.

What can the laboratory user do?

  • Check the efficiency of the change management systems by accessing an environment formed of a Siemens PLC and a Wonderware SCADA system.
  • Verify the facility and advantages of using the Thin Clients architecture integral management platforms .
  • Configure the FTServer by running redundancy tests on the systems.

This laboratory offers technical support to professionals linked to PROFIBUS and PROFINET devices and systems. 

There is a demo area with more than 40 devices from 15 different manufacturers, which can be used to provide support, training or demonstrations. 

Basic components:

  • Profibus/Profinet devices by Siemens, Brad, Procentec, SMC, ABB, Hitachi, Phoenix Contact, Beckhoff, Deutschmann Automation, B&R, Woodhead, etc…
  • ProfiTrace 2 (Profibus Troubleshooting Kit Ultra Pro), used to analyse Profibus networks.
  • Netilities (Profinet Analyzer), used to analyse Profinet networks.
  • COMBricks Std, used for remote online monitoring of Profibus networks.
  • ProfiTap, connector to Ethernet networks.
  • PN1 TESTER, used to analyse interference of Profinet cables.
  • B1 REPEATER, Profibus repeater.

What can the laboratory user do?

  • Understand and configure the Profibus and Profinet technologies.
  • Run noise and interruption analysis of the Profibus and Profinet networks.
  • Configure devices that permit the remote analysis of the status of the Profibus/Profinet networks.
  • Analyse the status of the physical medium on which the Profibus and Profinet devices communicate.
Legal Status: 
Private
Economic condition: 
Payment service
District: 
Barcelona
Sector: 
Nuclear Industry, Chemical Industry, Water, Energy, Transport, Space, Food
Google map: 

Consultancy

Expert advice on implementing industrial environments, technological platforms giving access to industrial environments, securing industrial environments, etc.

Cybersecurity assessments

Component security and/or industrial systems assessments: audits, vulnerability scanning, intrusion testing, etc.

Development and implementation of cybersecurity solutions

Research, development and implementation of new cybersecurity solutions specialised in industrial environments.

Specialised training

Training services in Industrial environment, IT environments, securing of industrial environments, etc.

Access for research and tests at pilot plant

Remote and/or physical access to pilot plants and industrial process models, in order to carry out research tasks and tests.

Automation and control technologies

Physical components involved in process control. For example: Controllers, PLCs, RTUs, PC Industrial, Robots, Drivers, etc.

Field technologies - Models and pilot plants

Pilot plants, models and elements which implement real processes in the laboratory.

Monitoring technologies

Physical components involved in process supervision and data concentration and cleaning so they can then be sent to the next levels. For example: SCADA systems, storage servers, HMIs, etc.

Other

Other physical components

Monitoring tools

Software tools used to monitor processes carried out in the laboratory. For example: WinCC, Vijeo Citect, and the laboratory´s own monitoring tools.

Other

Other software components.

Software for the management an use of the physical component

Software tools used to manage, programme and configure the laboratory´s physical components. For example: Simatic-S7, Unity Pro, LabVIEW, etc.

Tools for communications management

Software tools used for managing laboratory communications (VPNs,...).