Skip to content

Oops I Did it Again: Further Adventures in the Land of ICS Security Testbeds

Research output: Chapter in Book/Report/Conference proceedingChapter in a book

Original languageEnglish
Title of host publicationACM Workshop on ACM Workshop on Cyber-Physical Systems Security & Privacy (CPS-SPC)
Subtitle of host publicationIn Conjunction with the ACM Conference on Computer and Communications Security (CCS) November 11 2019, London, UK
Publisher or commissioning bodyACM Press / Sheridan
Number of pages12
ISBN (Electronic)978-1-4503-6831-5
DateAccepted/In press - 8 Aug 2019
DatePublished (current) - 1 Nov 2019


Research efforts in the security of Industrial Control Systems (ICS) have dramatically increased over the past few years. However, there is a limiting factor when work cannot be evaluated on real-world systems due to safety and operational reasons. This has led to multiple deployments of ICS testbeds covering multiple sectors including water treatment, power distribution and transportation networks.
Over the last five years, we have designed and constructed ICS testbeds to support cyber security research. Our prior work in building testbeds culminated in a set of design principles and lessons learnt, formulated to support other researchers in designing and building their own ICS testbeds. In the last two years we have taken these lessons and used them to guide our own greenfield large- scale, complex and process-diverse security testbed affording a rare opportunity to design and build from the ground up – one in which we have been able to look back and validate those past lessons and principles.
In this work we describe the process of building our new ICS and Industrial Internet of Things (IIoT) testbed, and give an overview of its architecture. We then reflect on our past lessons, and con- tribute five previously unrecognised additional lessons based on this experience.

    Research areas

  • Industrial Control Systems, ICS, SCADA, Operational Technology, OT, IIoT, CPS, Cyber Security, Testbeds

    Structured keywords

  • Cyber Security

Download statistics

No data available



  • Full-text PDF (accepted author manuscript)

    Rights statement: This is the author accepted manuscript (AAM). The final published version (version of record) is available online via ACM at Please refer to any applicable terms of use of the publisher.

    Accepted author manuscript, 6.46 MB, PDF document


View research connections

Related faculties, schools or groups