How can the increasing threat of cyber attacks on operational technologies (OT) be illustrated - especially with regard to critical infrastructures? To make the high risks and challenges in this sector more tangible and to demonstrate illustrative best practices for increasing OT Security, PwC Germany operates the Cyber Security Experience Center in Frankfurt. Here, security experts use an integrated cyber-kinetic ecosystem – starting with critical infrastructures, through mobility and production to building management systems – to show where operational technologies such as industrial robots, gas pressure regulators or control systems (ICS, Industrial Control Systems) are particularly vulnerable. For a realistic representation of possible security incidents and their consequences, the individual scenarios are connected to physical PLCs, ICS and SCADA networks. In this way, visitors can directly experience what cyber criminals can do if they manage to gain access to OT systems, for example via the IT network – and also learn how these systems can be protected.
“The increasing exposure of industry to cyber-attacks, especially in the area of critical infrastructure, is highly dangerous and can even endanger human lives in the worst case scenario. In order for affected companies and organisations to develop sufficient protection for such scenarios, they need to better understand common attack and defence mechanisms. This works best with direct practical relevance.”
The scenarios in the Cyber Security Experience Center not only make it possible to demonstrate various attacks, but also to learn about and experiment with concrete defence measures. The experts on site can illustrate the concrete effects on technologies in various sectors. For example, a gas pressure control and measurement system, a medical device for patient monitoring, or a model building including a digital building management system (BMS), were set up for demonstration purposes.
In addition to these physical exhibits, an individually configurable simulation environment is also available in the Cyber Security Experience Center, in which the experts can represent further industrial scenarios with a digital twin, connected to a physical ICS. Industrial infrastructures and their vulnerabilities become particularly tangible in this way.
According to the International Federation of Robotics (IFR), around three million industrial robots were in use worldwide in 2020. If hackers take over the control of such machines, this can not only disrupt production processes, but also endanger human lives. For this reason, the Cyber Security Experience Center has a fully functional example of the Fanuc LR Mate 200iD/7L robotic arm. This allows us to demonstrate potential vulnerabilities and attack scenarios as well as the detection options and defence measures that companies need to have in place to protect their infrastructures in order to increase security and resilience in the long term.
In order to make the distribution of natural gas via the supra-regional networks to the end consumer more efficient, the gas is highly compressed for transport. At the end of the journey, however, this pressure must also be reduced again. This requires the so-called pressure reducing and metering station (PRMS). In the Cyber Security Experience Center, the security experts use such a system to demonstrate where the technology has potential weaknesses and how attackers can exploit the lack of security if the required level of OT security is not in place.
In the course of progressive building automation, so-called building management systems are being used more and more frequently. With their help, parameters such as temperature, humidity or light can be controlled. In order to illustrate the attack surface of such systems, a model building was constructed in the Cyber Security Experience Center and equipped with this technology. Here, visitors can see at close quarters how attackers can penetrate such systems and manipulate the building control system.
To cover the energy sector as a relevant part of critical infrastructures a model of a hybrid power plant is built into the experience center. It uses photovoltaic cells and a wind turbine to generate energy. In the test scenario, the power plant supplies other downstream exhibits such as a medical device with the necessary energy. In this way, the security experts can illustrate not only the effects of cyber attacks on electricity suppliers, but also the corresponding knock on consequences for other critical infrastructures.