Developing a Security Testbed for Industrial Internet of Things

TL;DR

This paper presents a new standardized security testbed tailored for brownfield Industrial IoT systems, enabling realistic security testing and threat analysis of legacy and heterogeneous devices and protocols.

Contribution

The paper introduces a comprehensive, reproducible, and reconfigurable end-to-end IIoT security testbed specifically designed for legacy brownfield systems, with detailed architecture and implementation.

Findings

Testbed effectively supports security testing of diverse devices and protocols.

Demonstrated successful operation on multiple connected devices and communication protocols.

Provides a comparative analysis showing advantages over existing testbeds.

Abstract

While achieving security for Industrial Internet of Things (IIoT) is a critical and non-trivial task, more attention is required for brownfield IIoT systems. This is a consequence of long life cycles of their legacy devices which were initially designed without considering security and IoT connectivity, but they are now becoming more connected and integrated with emerging IoT technologies and messaging communication protocols. Deploying today's methodologies and solutions in brownfield IIoT systems is not viable, as security solutions must co-exist and fit these systems requirements. This necessitates a realistic standardized IIoT testbed that can be used as an optimal format to measure the credibility of security solutions of IIoT networks, analyze IIoT attack landscapes and extract threat intelligence. Developing a testbed for brownfield IIoT systems is considered a significant challenge as these systems are comprised of legacy, heterogeneous devices, communication layers and applications that need to be implemented holistically to achieve high fidelity. In this paper, we propose a new generic end-to-end IIoT security testbed, with a particular focus on the brownfield system and provide details of the testbed's architectural design and the implementation process. The proposed testbed can be easily reproduced and reconfigured to support the testing activities of new processes and various security scenarios. The proposed testbed operation is demonstrated on different connected devices, communication protocols and applications. The experiments demonstrate that this testbed is effective in terms of its operation and security testing. A comparison with existing testbeds, including a table of features is provided.