New research paper on industrial control systems cyber threat simulation

Created on April 28, 2025

2025

As the Easter holiday draws to a close and I gear up back for work tomorrow, it is a nice return to see this publication that was presented last year at Cyber Science finally appear in print!

Well done to Lok Yi Lo and Jack Christie who led the research, supported by Thu Yein Win, PhD, Zeinab Rezaeifar, Zaheer Khan and myself, to develop container -based testbeds for modelling ICS security issues.

“TRIST: Towards a Container-Based ICS Testbed for Cyber Threat Simulation and Anomaly Detection”

Cyber-attacks on Industrial Control Systems (ICS), as exemplified by the incidents at the Maroochy water treatment plant and the Ukraine’s electric power grid, have demonstrated that cyber threats can inflict significant physical impacts. These incidents caused widespread service disruptions and substantial economic losses, underscoring the urgent need for an in-depth understanding of cyber threats in industrial environments. Industrial security research is usually conducted on physical testbeds to avoid safety issues, production interruptions and other operational constraints in industrial processes. Nevertheless, security defenders often encounter obstacles in developing or accessing physical testbeds due to associated costs and complexities. These factors hinder research progress to devise early detection mechanisms for cyber threats—essential for effective incident response. To overcome these obstacles, this paper presents a container-based virtual testbed. Its lightweight architecture enables replicable and efficient deployment of testbeds at low cost for simulating cyber threats on Cyber-Physical Systems (CPS)—the cornerstone of industrial automation and control systems. Also, the container-based virtual testbed provides a cost-effective option for producing datasets for training, testing and optimization of unsupervised anomaly detection models. Besides, an evaluation on resource consumption is conducted. The paper also discusses the benefits and limitations of proposed container-based ICS testbeds and suggests future research areas.

Full paper available from https://lnkd.in/e6kNSkt3 (pre-print available on request).