Saved in:
Bibliographic Details
Main Authors: Brown, Jaxson, Pham, Duc-Son, Soh, Sie-Teng, Motalebi, Foad, Eswaran, Sivaraman, Almashor, Mahathir
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2509.23305
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908562768265216
author Brown, Jaxson
Pham, Duc-Son
Soh, Sie-Teng
Motalebi, Foad
Eswaran, Sivaraman
Almashor, Mahathir
author_facet Brown, Jaxson
Pham, Duc-Son
Soh, Sie-Teng
Motalebi, Foad
Eswaran, Sivaraman
Almashor, Mahathir
contents Industrial Control Systems (ICSs) are complex interconnected systems used to manage process control within industrial environments, such as chemical processing plants and water treatment facilities. As the modern industrial environment moves towards Internet-facing services, ICSs face an increased risk of attacks that necessitates ICS-specific Intrusion Detection Systems (IDS). The development of such IDS relies significantly on a simulated testbed as it is unrealistic and sometimes hazardous to utilize an operational control system. Whilst some testbeds have been proposed, they often use a limited selection of virtual ICS simulations to test and verify cyber security solutions. There is a lack of investigation done on developing systems that can efficiently simulate multiple ICS architectures. Currently, the trend within research involves developing security solutions on just one ICS simulation, which can result in bias to its specific architecture. We present ICS-SimLab, an end-to-end software suite that utilizes Docker containerization technology to create a highly configurable ICS simulation environment. This software framework enables researchers to rapidly build and customize different ICS environments, facilitating the development of security solutions across different systems that adhere to the Purdue Enterprise Reference Architecture. To demonstrate its capability, we present three virtual ICS simulations: a solar panel smart grid, a water bottle filling facility, and a system of intelligent electronic devices. Furthermore, we run cyber-attacks on these simulations and construct a dataset of recorded malicious and benign network traffic to be used for IDS development.
format Preprint
id arxiv_https___arxiv_org_abs_2509_23305
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle ICS-SimLab: A Containerized Approach for Simulating Industrial Control Systems for Cyber Security Research
Brown, Jaxson
Pham, Duc-Son
Soh, Sie-Teng
Motalebi, Foad
Eswaran, Sivaraman
Almashor, Mahathir
Cryptography and Security
93C95
I.6.5
Industrial Control Systems (ICSs) are complex interconnected systems used to manage process control within industrial environments, such as chemical processing plants and water treatment facilities. As the modern industrial environment moves towards Internet-facing services, ICSs face an increased risk of attacks that necessitates ICS-specific Intrusion Detection Systems (IDS). The development of such IDS relies significantly on a simulated testbed as it is unrealistic and sometimes hazardous to utilize an operational control system. Whilst some testbeds have been proposed, they often use a limited selection of virtual ICS simulations to test and verify cyber security solutions. There is a lack of investigation done on developing systems that can efficiently simulate multiple ICS architectures. Currently, the trend within research involves developing security solutions on just one ICS simulation, which can result in bias to its specific architecture. We present ICS-SimLab, an end-to-end software suite that utilizes Docker containerization technology to create a highly configurable ICS simulation environment. This software framework enables researchers to rapidly build and customize different ICS environments, facilitating the development of security solutions across different systems that adhere to the Purdue Enterprise Reference Architecture. To demonstrate its capability, we present three virtual ICS simulations: a solar panel smart grid, a water bottle filling facility, and a system of intelligent electronic devices. Furthermore, we run cyber-attacks on these simulations and construct a dataset of recorded malicious and benign network traffic to be used for IDS development.
title ICS-SimLab: A Containerized Approach for Simulating Industrial Control Systems for Cyber Security Research
topic Cryptography and Security
93C95
I.6.5
url https://arxiv.org/abs/2509.23305