AJ-Labz
  • whoami
  • The Lab
    • Building the Lab
      • Physical Hardware
      • ESXi
        • Install ESXi without a keyboard
      • vCenter Server Installation
      • Configure vCenter Datacenter
      • Virtual Networking
      • Install Virtual Machine
      • Install Virtual Firewall
      • Increasing VM Harddrive size
    • Building the Windows Domain
    • Building a Local DNS Server
    • Installing Apache Guacamole
    • Installing WireGuard VPN
    • Industrial Control Systems (ICS)
  • Defensive Cyberz
  • Analytic Repo
    • Beacon Detection
  • Creating an SIEM
    • Installing Security Onion (SO)
    • Splunk
    • Getting the Windows Data You Need
  • Zeek || Bro
    • Bro/Zeek Script
    • Installing Protocol Analyzers
  • Offensive Cyberz
    • Cobalt Strike Red Team Cheat Sheet
    • Defense Evasion
      • Evading Defender with CobaltStrike
      • Disable AV
      • AMSI Bypass
      • Evade Heuristic Behaviors
        • Process Injection
        • Process Hollowing
        • Reflection
        • AppLocker Bypass
        • Powershell CLM Bypass
      • Linux Shellcode Encoders
    • AD Enumeration
      • AD Tools
      • PowerView
      • BloodHound
      • DAFT Commands
      • Enumeration Commands
    • AD Attack
      • Prompt for Credentials
      • LAPS Reader
      • Abusing ACLs
    • Command and Control
      • Covenant Framework
      • Simple HTTPS Server
    • Linux
      • Shells
      • Impacket
      • SSH
      • Kerberos Cache File
      • Ansible
      • Privilege Escalation
    • Phishing
      • LNK Script
    • Wireless Attacks
    • Create a Trojan
  • Cyber Readingz
    • Recommended Readings
Powered by GitBook
On this page
  • Industrial Processes Simulation
  • Process Logic
  • Grid Simulation
  • SEL Configuration
  • Splunking with ICS data...

Was this helpful?

  1. The Lab

Industrial Control Systems (ICS)

PreviousInstalling WireGuard VPNNextAnalytic Repo

Last updated 2 years ago

Was this helpful?

Industrial Processes Simulation

The main PLC is the Micro850 (the one with the sticker), however, we plan to interoperate the Micrologix1100 as a producer of a tag or two in a process we have yet to think of...

No wiring diagram was created but the Black and Green buttons are NO and the Red button is NC.

Process Logic

The processing logic on this PLC has changed many many times, but at the time of this photo, a simple four-rung ladder program was created to latch the light upon the push of the respective color button and unlatch by pushing the black.

As you can see we make use of Rockwell latching/unlatching (or set/reset in CCW) blocks. Since the red button is NC we need to XIO and the other two buttons are NO to we XIC. This can be done in 3 rungs if you are not a lazy copy and paster like us.

Grid Simulation

For this project, we mainly only want to simulate an over-current condition on the "grid" and then make sure the data from many cycles before and after the trip are recorded and streamed to Splunk.

SEL Configuration

We will get that as soon as we can get a working serial to USB cable lol.

Splunking with ICS data...

To generate the currents necessary to simulate fault conditions on an overcurrent relay like the SEL-501 we used a step-down transformer with a ratio of 120 Volts: 12 Volts to take wall-socket AC voltage and decrease it to a safer level while at the same time boosting current (since a 10:1 voltage step-down ratio also yields a 10:1 step-up current ratio). We made sure to choose a transformer with its low-voltage ("secondary") winding rated for the amount of current I intended to pass through the SEL relay's inputs. REF:

See the page

https://www.youtube.com/watch?v=Sf7fwSlcDAg&t=200s
SCADA Splunk
Transformers not shown.