Feature Requirements

Based on our knowledge of industrial network applications, products, and protocols, we identified the following requirements:

Individual Device Simulation
To simulate individual devices, the following functionality is needed:

* Stack level: To simulate the TCP/IP stack of a Ethernet-based device device to a script kiddie type attacker who is scanning the network with OS detection tools such as Nmap and Xprobe.
* Protocol level: To simulate industrial protocols for skilled attackers who have the tools which interrogate protocols and want to do something meaningful using the protocol features
* Application level: To simulate various applications on a SCADA device such as web servers and management applications such as SNMP and Telnet.
* Hardware level:Many of the SCADA devices use serial interfaces such as modems and RS232 interfaces for both SCADA protocol communication and for management purposes. An attacker who either "logs into" a SCADA device or has access to the serial network, needs to be presented with a serial device and/or a protocol communication over a serial device.