Laboratório de Segurança Cibernética para Análise de Malwares Reais em Infraestruturas Críticas

  • Otavio Augusto Maciel Camargo Escola de Aperfeiçoamento de Oficiais, Rio de Janeiro, RJ
  • Elson Costa Gomes Fundação Parque Tecnológico Itaipu – Brasil, Foz do Iguaçu, PR
  • Antônio Nascimento Filho Instituto Militar de Engenharia, Rio de Janeiro, RJ
  • Anderson Fernandes Pereira dos Santos Instituto Militar de Engenharia, Rio de Janeiro, RJ
  • Antonio Eduardo Carrilho da Cunha Instituto Militar de Engenharia, Rio de Janeiro, RJ
  • Paulo César Pellanda Instituto Militar de Engenharia, Rio de Janeiro, RJ
Keywords: Cyber attacks, Real-time simulations, ICS, SCADA, Cyber-physical systems


Industrial Control Systems (ICS) are responsible for controlling critical infrastructures that often are targets of cyber attacks motivated by political, military, or financial interests. Supervisory Control and Data Acquisition (SCADA) systems are among the main components of ICS, are highly interconnected systems, and employ solutions common to conventional computer systems. Malware is among the top cyber threats to these systems. However, testing the cyber resilience of a real ICS requires testbeds and simulations to verify the harmful behavior of these threats without putting the original system at risk. This paper presents the results of an experiment that analyzed the impact of attacks with real malware on a SCADA system connected to a real-time simulated electrical system model in a hardware-in-the-loop testbed. The results show that even generic malware can impact the Modbus/TCP communication, causing interruptions and delays that can harm the SCADA system operation. This effect may affect the electrical system controls and protection actions, which require low latency reactions.