CybICS

<p align="center"> <img alt="CybICS Logo" src="doc/pics/CybICS_logo.png" height="120" /> <p align="center">Understanding industrial Cybersecurity.</p> </p>

---

<div align="center">

</div>

---

What is CybICS?

CybICS (Cybersecurity for Industrial Control Systems) is an open-source training platform designed to help cybersecurity professionals, students, and researchers understand the unique challenges of securing industrial control systems (ICS) and SCADA environments.

The platform simulates a realistic industrial gas pressure control system complete with:

• PLC (Programmable Logic Controller) - OpenPLC
• HMI (Human-Machine Interface) - FUXA
• Physical Process Simulation - Gas pressure control system
• Multiple Industrial Protocols - Modbus TCP, OPC-UA, S7comm, DNP3, EtherNet/IP

Why CybICS?

• ✅ Hands-on Learning: Practice real-world ICS security techniques in a safe environment
• ✅ Cost-Effective: Free and open-source
• ✅ Flexible: Choose between virtual (Docker) or physical (Raspberry Pi + STM32) deployment
• ✅ Comprehensive: Covers reconnaissance, exploitation, and defense
• ✅ CTF-Ready: Built-in capture-the-flag challenges for training exercises

---

Table of Contents

• What is CybICS?
• Deployment Options
• Quick Start - Virtual Testbed
• Physical Process Description
• Hardware
• Software Components
• Training Modules
• Troubleshooting
• Documentation
• Abbreviations
• Contributing
• License

---

Deployment Options

CybICS offers two deployment modes to suit different learning needs and budgets:

<table> <tr> <td width="50%" valign="top">

💻 Virtual (Recommended for Beginners)

Docker-based deployment for easy setup

<img src="doc/pics/landing.png" width="100%"> </td> <td width="50%" valign="top">

🔧 Physical (Advanced)

Hardware-based deployment with Raspberry Pi

<img src="doc/pics/cybics.png" width="100%"> </td> </tr> <tr> <td width="50%" valign="top">

Advantages:

• ✅ No hardware required
• ✅ Quick setup (5 minutes)
• ✅ Easy to reset and reproduce
• ✅ Perfect for classroom/online training
• ✅ Runs on Windows, Linux, macOS

</td> <td width="50%" valign="top">

Advantages:

• ✅ Realistic physical hardware
• ✅ Learn embedded systems security
• ✅ Practice hardware attacks (UART, SWD)
• ✅ Portable standalone device
• ✅ Visual LED indicators

</td> </tr> <tr> <td width="50%" valign="top">

Requirements:

• Docker & Docker Compose
• 4GB RAM minimum
• 10GB disk space

</td> <td width="50%" valign="top">

Requirements:

• Raspberry Pi Zero 2 W
• Custom CybICS PCB (~50 EUR)
• LCD display
• MicroSD card

</td> </tr> <tr> <td width="50%" valign="top">

Use Cases:

• Learning ICS security fundamentals
• Developing attack/defense techniques
• Classroom training sessions
• CTF competitions

</td> <td width="50%" valign="top">

Use Cases:

• Advanced ICS security training
• Hardware hacking workshops
• Demonstrations at conferences
• Permanent lab installations

</td> </tr> </table>

---

🚀 Quick Start - Virtual Testbed

Get CybICS running in under 5 minutes using the virtual environment!

Prerequisites

• Docker and Docker Compose installed
• Git for cloning the repository
• At least 4GB of free RAM
• Linux, macOS, or Windows with WSL2

Installation

1. Clone the repository:

   git clone https://github.com/mniedermaier/CybICS.git --recursive
   cd CybICS
   

2. Start the virtual environment:

   ./cybics.sh start
   

3. Access the services:

   Once started, open your browser and navigate to:

   | Service | URL | Default Credentials | |---------|-----|---------------------| | Landing Page | http://localhost | - |

Managing the Environment

# Check status of all services
./cybics.sh status

# View logs from all containers
./cybics.sh logs

# Stop the environment
./cybics.sh stop

# Restart the environment
./cybics.sh restart

# Update Docker images to latest version
./cybics.sh update

---

Physical Process Description

CybICS simulates a gas pressure control system commonly found in industrial environments. This simple yet realistic process provides an excellent foundation for learning ICS cybersecurity concepts.

System Overview

The system maintains gas pressure in a High Pressure Tank (HPT) using gas from a Gas Storage Tank (GST). A PLC controls a compressor that transfers gas between tanks while monitoring pressure levels and safety conditions.

Components

Gas Storage Tank (GST)

Buffer tank for the external gas supply. The PLC maintains GST pressure between 60-240 bar.

| Pressure | Status | Range (bar) | Color Indicator | |----------|--------|-------------|-----------------| | <50 | Low | 0-49 | Red | | 50-149 | Normal | 50-149 | Green | | 150+ | Full | 150-255 | Blue |

Control Loop:

• When GST < 60 bar → Start filling from external supply
• Continue until GST ≥ 240 bar → Stop filling
• Prevents compressor operation when GST is too low

High Pressure Tank (HPT)

Main buffer tank providing pressure to the system. Target range: 60-90 bar.

| Pressure | Status | Range (bar) | Meaning | |----------|--------|-------------|---------| | 0 | Empty | 0 | System offline | | 1-49 | Low | 1-49 | Below operating range | | 50-99 | Normal | 50-99 | Safe operating range | | 100-149 | High | 100-149 | Above target, but safe | | 150+ | Critical | 150+ | Dangerous overpressure |

Control Loop:

• When HPT < 60 bar AND GST > 50 bar → Start compressor
• Continue until HPT ≥ 90 bar → Stop compressor
• Compressor disabled if GST < 50 bar (safety interlock)

System Operation

The system can operate normally when HPT is between 50-100 bar:

• HPT < 50 bar → System cannot operate (insufficient pressure)
• HPT > 100 bar → System at risk of damage

Safety: Blowout Valve (BO)

Mechanical safety valve (not PLC-controlled) that prevents catastrophic failure:

• Opens when HPT > 220 bar
• Vents toxic gas to atmosphere
• Closes when HPT < 200 bar
• Security implication: Triggering the blowout releases toxic gas

---

Hardware

For those choosing the physical deployment, CybICS uses affordable, off-the-shelf components.

Detailed instructions: Hardware Guide | PCB Ordering Guide

---

Training Modules

CybICS includes 13+ hands-on training modules covering the full ICS security lifecycle:

Each module includes:

• 📖 Background theory
• 🎯 Hands-on exercises
• 🚩 CTF-style flags
• 💡 Hints and solutions

Start training: Training Overview

---

Documentation

Comprehensive documentation is available for all components:

Getting Started

• 📘 Quick Start Guide - Detailed installation instructions
• 🎓 Training Overview - All training modules
• 🧪 Testing Guide - Automated testing

Hardware

• 🔧 Hardware Overview - BOM, assembly, specifications
• 📟 PCB Ordering Guide - Step-by-step JLCPCB ordering
• 📦 3D Case Files - Printable enclosure

Software

• 💾 Software Overview - Setup and configuration
• 🎛️ OpenPLC Integration - PLC programming and configuration
• 🖥️ FUXA HMI - HMI configuration
• 🔌 Virtual Hardware I/O - Virtual process simulation
• 🍓 Raspberry Pi I/O - Physical hardware interface
• 🔬 STM32 Firmware - Embedded firmware (Zephyr RTOS)

---

Abbreviations

| Abbreviation | Full Name | Description | | ------------ | --------- | ----------- | | BO | Blowout | Safety valve that vents gas at critical pressure | | CTF | Capture The Flag | Security training challenge format | | DNP3 | Distributed Network Protocol 3 | SCADA communication protocol | | GST | Gas Storage Tank | Buffer tank for external gas supply | | HMI | Human-Machine Interface | Operator control and monitoring interface | | HPT | High Pressure Tank | Main system pressure buffer | | I2C | Inter-Integrated Circuit | Serial communication protocol | | ICS | Industrial Control System | Systems controlling industrial processes | | LED | Light-Emitting Diode | Visual indicator on hardware | | OPC-UA | OPC Unified Architect