ICS-CTM2: Industrial Control System Cybersecurity Testbed Maturity Model

TL;DR

This paper introduces a standardized maturity model for analyzing and comparing Industrial Control System cybersecurity testbeds, providing a structured framework to assess their capabilities and identify areas for improvement.

Contribution

It presents the ICS-CTM2, a novel maturity model inspired by C2M2, for systematic evaluation and comparison of ICS testbeds across various industrial sectors.

Findings

Case study analysis of multiple ICS testbeds

Identified strengths and limitations of existing testbeds

Provided insights for future testbed enhancements

Abstract

Industrial Control System (ICS) testbeds serve as a platform for evaluating and validating control system performances, cybersecurity tools and technologies. In order to build or enhance an ICS testbed, it is vital to have a deeper understanding of its design specifications and characteristic attributes. Satisfying this prerequisite involves examination and assessment of these attributes for existing testbeds. To further increase confidence in a testbed's functionality, it is important to perform a comparative analysis of its specifications with other ICS testbeds. However, at present, there is no standardized methodology available to provide a comparative assessment of different testbeds. In this paper, we propose a methodology for analyzing ICS testbeds, inspired by the Cybersecurity Capability Maturity Model (C2M2). In particular, we then define a ICS Cybersecurity Testbed Maturity Model, its domains, and the associated maturity indicator levels. To demonstrate the benefit of the model, we have conducted a case study analysis for several ICS testbeds, representing different industrial sectors. Our analysis provides deeper insights into the relative strengths and limitations of these testbeds, together with scope for future enhancements, with respect to the domains defined by the model.