On the third floor of Benton Hall, in the Nelms Institute for the Connected World labspace, Dr. Yier Jin and his students have built a massive, interconnected virtual city out of Lego bricks, complete with a miniature Swamp, factory, Ferris wheel, and train system. While the city looks and feels like a toy, its purpose is actually much more complex.
The city is called the LEGO ICS Demo and it models a real-world Industrial Control System, or ICS. An ICS traditionally monitors and controls the behavior of numerous devices connected across large industrial areas, such as factories. The Lego city’s simulated ICS platform mainly functions as an Internet-of-Things (IoT) demonstration, showing how devices can be connected remotely to form a smart system. But it also serves as a platform for graduate students’ research—exposing industrial controls to the internet (via wifi) brings up many security concerns.
The platform has two layers of control. There is a wireless network (wifi) layer and a programmable logic controller (PLC) layer.
The Network
Each area of the city has various elements (such as motors, switches, lights, sensors, etc.) that need to be monitored and controlled by the ICS. These devices are all interconnected via a wireless network. The wireless network layer is comprised of microcontrollers that communicate with a central dashboard hosted on a local computer. The devices communicate using the MQTT protocol, a lightweight, publish-subscribe protocol. Controls from the dashboard are sent to the microcontrollers which in turn update their outputs to adjust the system. The controllers also communicate the status of certain devices back to the dashboard to be displayed. The entire system can be viewed on a tablet computer such as an iPad.
The city itself is connected to the internet and can be accessed remotely from other networks. At various times, the city’s activities is live-streamed over the internet.
The PLC Layer
Operating in tandem with the wireless network is the programmable logic controller, or PLC. The PLC layer is comprised of microcontrollers communicating with OpenPLC, a program which emulates an actual PLC. A factory-style control panel with push buttons and selectors sends controls to the microcontrollers, which then update their outputs accordingly.
Despite their widespread use in factory settings, devices such as PLCs were not designed to be integrated into wireless systems connected to the internet and therefore have many security vulnerabilities. If the network is compromised, components in the system can be made to perform actions outside of safe operation by malicious commands. The network itself may also be attacked, preventing proper functioning of the control system. These are security concerns that graduate students aim to mitigate.
As the platform develops, research will move into the area of cyber defense. Researchers will use the platform to simulate attacks to the network and the controllers, devising ways to defend against them and to build a more robust system which will be less susceptible to attacks.
But the ICS demo is still a cool toy—Dr. Jin and his team also use the platform as way of educating K-12 students and undergrads about the magic of IoT and how the various devices can be connected and communicate with each other, all with a swipe on the iPad.