Other References and Auxiliary Stuff
This project aims at emulating OT setup of a lab and simulate various cyber attacks.
Other References and Auxiliary Stuff
Detailed Documentation for Softwares and Protocols Used
- Docker Documentation: https://docs.docker.com/
- OpenPLC Runtime & Editor: https://autonomylogic.com/
- OPC UA Specifications: https://www.opcfoundation.org/about/opc-technologies/opc-ua/
- Modbus Protocol: https://modbus.org/
- Siemens S7 Protocol: https://support.industry.siemens.com/cs/document/109746613
Research Papers
- OPC UA Security
- PLC Network Security
- OpenPLC for Cyber Attack (Case Studies) on Smart Substation Systems
- Digital Twin Based Cyber Attack Detection Framework for Cyber Physical Manufacturing Systems
- Evaluation of OPC UA Secure Communication in Web Browser Applications
- Investigating the Security of OpenPLC Vulnerabilities Attacks and Mitigation Solutions
- On PLC Network Security
- OpenPLC based control system testbed for PLC whitelisting system
- OPC UA Based on Electronic Device Description
- Research on OPC UA Security
- Security Challenges in Industry 4.0
- MITM Attack Research Paper
- ARP and ARP Cache Poisoning
Articles & Documents
- Detailed blog on OPC UA Protocol Cyber Threats
- Docker networking explained
- Rogue Certificate
- Idea behind SSL Certificate
- Structure of OPC UA message
- Publisher Subscriber model for OPC UA
- Stuxnet - Real life worm attack on Iran Nuclear Base by USA
- OPC UA (OPC Day) Based Communication (PubSub & Server-Client)
- DEFCON 2025 - S7 Communication Breaking
- Understanding Linux real-time with PREEMPT_RT training
Data Visualisation and Logging Software
- Prometheus - Open source metrics and monitoring for your systems and services
- Grafana - Monitoring system (seems to be advanced and famous)
- Kibana
GitHub Links
Primary Usage
- AsyncIO Library for OPC UA
- Installed using
pip. Command:pip install asyncuaorpip3 install asyncua
- Installed using
- OpenPLC v3 Library
- OPC UA GUI Based Client
- Installed using
pip. Command:pip install opcua-clientorpip3 install opcua-clientOPC UA Libraries
- Installed using
- C# Language Based Library
- Python Language Based Library - this is what we are using in the project
- A few of the examples are not working for the given repository.
- The structure of the code is not correct for some updated libraries like UTC time etc.
- C Language Based Library
- Java Based Library
Future Prospects
- Emulates exploits and attacks on OPC UA based systems
- Reinforcement Learning Based Attacker and Defender system on IT Infrastructure | (Previous Intern developments based on CSLE: link)
Auxilliary/Derived Libraries
- Runs OPC UA emulation on 2 Raspberry Pi - Rudimentary
- Docker container for OpenPLC Server
- Previous Documentation by Ashutosh on Notion
- OPCUA as a base communication protocol - not supported
Tools Used | Explore them
- Wireshark: For network traffic analysis during attack simulations.
- Metasploit: For simulating cyberattacks.
- Ghidra: For analyzing and debugging security vulnerabilities in the system.
Glossary
- MITM (Man-in-the-Middle): An attack where an attacker intercepts and potentially alters communication between two parties.
- OPC UA: Open Platform Communications Unified Architecture, a protocol used for secure data exchange in industrial control systems.
- PLC: Programmable Logic Controller, used in industrial automation for controlling machines and processes.