Attack demonstration took kits for Industry 4.0 using AI and cloud
Attack demonstration took kits for Industry 4.0 using AI and cloud
We introduce attack demonstration took kits for Industry 4.0 using actual machines (water supply pump system).
This tool kit is portable, and easy to prepare, so is useful for instructing the cyber-risks of ICS whenever and whenever we want. In aspects of Industry 4.0, we especially focus on the security risks of ICS in the following aspects:
- When computers and devices are connected interactively
- When AI on the cloud is used for controlling the ICS
Demo Tool detail
Our demonstration tool consists of the following.
- the water supply pump system
- Attack tools
The structure of the water supply pump system is as follows.
- Water pump: Provides water for consumers.
- Controller: Controls the water level of the cylinder.
- OPC / HMI Server (Windows Server 2008 R2): Relays communications among Controller using Modbus/TCP.
- AI Connection server (Windows 7): Stores the dataset of the past water level per time.
- AI server on the cloud (Cent OS 7): Instruct the desirable water level per time using AI.
Attack scenario
- Infects a PC in the Business zone
- A lateral movement to AI Connection Server
- Contaminate the AI dataset
- The contaminated dataset is sent to AI Server
- OPC Server queries the desirable water level to the AI Server
- AI Server returns incorrect value judged from the contaminated dataset
- OPC Server sends incorrect SetPoint to PLC
- The water rate is maliciously changed
