Use and Utility of Open Source ICS/IIoT Simulators – ALIoTT Technical Report

There is a striking increase in the number of Open Source simulators. Their use for simulating functionalities such as security in the industrial domain is also increasing. This can be attributed to constraints attached to using commercial simulators that are making them unattractive, especially for research purposes. Since simulation is critical for effective security in the industrial domain, Open Source seems the way to go. Open Source simulation tools enable several capabilities and benefits including: less restriction for code access and modification, no vendor lock-in, adaptability to customised business requirements, increased scalability and modularity, open access to the community of user support, collaborative development, etc.

The UCL research team examined various Open Source Simulation tools with capabilities to simulate security functionalities and processes of Industrial Control Systems (ICS) or Industrial Internet of Things (IIoT). The resulting published Technical Report on the Review of Open Source Simulators in ICS/IIoT Security Context reports the following key findings:

  1. The functional structures and characteristics that appear common in Open Source simulators include: supported Open Source license distribution types, programming languages supported, operating systems platforms supported, user interface types, available documentation and communication types, level of usability by open source community of users.These characteristics provide valuable insights to the degree of effectiveness of an Open Source simulator. 
  1. NS-2, OMNET++, and NS-3 are the most commonly used simulators in the scientific community. These Open Source simulators typically support replicating functions and capabilities within the communication and sensor network domain. SCADASim is the most common tool that supports simulating ICS and SCADA system functionalities. Cooja is most common for replicating IoT/IIoT capabilities. However, the two latter Open Source simulators are not as popular as the common tools in the communications and sensor network group. 
  1. Typical research around Open Source simulators is built on modelling, analysis and optimisation of operations relative to factors such as flexibility, mobility, scalability, and active user support. No single Open Source simulator addresses all conceivable characteristics. While some are strong in specific contexts relative to the purpose for their development, they are often weak in other purpose-based research capabilities, especially in the context of IoT. 
  1. Most of the reviewed Open Source tools are not designed to address security contexts. The few that address security such as SCADASim only consider very limited contexts such as testing and evaluating Denial-of-Service (DoS), Man-in-the-middle (Mitm), Eavesdropping, and Spoofing attacks. Simulators in the communication and sensor class such as NS-2, NS-3, and OMNET++ typically evaluate security through packet creation or modifications to test impacts of security on performance.

The report makes key recommendations as follows:

  • Future developments of Open Source simulators especially for IIoT need to explore the potential for integrating functionalities provided by diverse simulators and platforms to achieve a broader and dynamically-relevant setup.
  • Developers should explore the capabilities of generic simulators with a view to achieving architectures with capabilities expansible into multi-class domains, support easier and faster modelling of complex systems, and which can attract varied users and contributors.
  • In determining the effectiveness of Open Source simulators, functional characteristics such as ease of use, degree of community acceptance and use, and suitability for industrial applications, should also be considered in both selection and development contexts. This can support consistency, credibility, and relevance of simulation systems within a domain that is continually evolving. The range of publication dates (earliest to latest) for citations, code commits, and number of contributors associated to Open Source simulator projects can also support the decision for interest and adoption of specific Open Source projects.
  • Future Open Source simulation project developments should consider and adopt more common attributes of characteristics related operating platform type, e.g. Open Source license type, programming language(s), user-friendly interfaces, accessible documentation and easy communication modes. These can be further complemented with appropriate editorial controls spanning quality coding, revision control and effective project dissemination and management; to boost simulation tool credibility and wide acceptance.
  • Research objectives for ICS/IIoT Open Source simulators should be extended to include security performance and optimisation with considerations towards enhancing confidentiality, integrity and availability.

The report is publicly available and can be downloaded here(PDF 1.91 MB).

The report is one the key outputs of the Analytical Lenses for Internet of Things Threats (ALIoTT) research project(https://www.petrashub.org/portfolio-item/analytical-lenses-for-iot-threats/). The project is part of the PETRAS Internet of Things Research Hub (https://www.petrashub.org), carried out by Professor Jeremy McKendrick Watson CBE and Dr. Uchenna D Ani atUCL STEaPP (https://www.ucl.ac.uk/steapp).

For enquiries, please contact:

Sam King

PETRAS Administrator

Email: sam.king@ucl.ac.uk