Abstract
Integrating Operational technology (OT) systems with modern information technology (IT) environments has resulted in new cybersecurity challenges, particularly in defending critical infrastructure from increasing threats. This thesis shows how to virtualize an Android phone as an OT component inside a cyber-range platform to simulate and evaluate security challenges in OT communications. An Android app was developed to simulate an OT device by creating and transferring synthetic sensor data to a server application over an unsecured network connection. The server receives This data, which is built in Python and uses standard industrial communication protocols.Using network research tools like Wireshark, the project reveals a fundamental security flaw: the unencrypted transmission of critical operational data. The network traffic obtained reveals that sensor data is sent in plain text, making it subject to unauthorized observation and manipulation. This vulnerability highlights the risks associated with outdated OT systems without effective security measures, emphasizing the necessity for improved cybersecurity processes in industrial settings. Then secure the communication to capture the encrypted sensor value.
The virtualized Android device acts as a digital twin, simulating the capabilities and behaviors of a physical OT component, providing a realistic environment for cybersecurity experts to study and grasp potential dangers without disturbing real-world systems. The findings emphasize the critical need to safeguard data in transit inside OT networks from several cyber attacks that might threaten operational integrity and confidentiality.
| Date of Award | 18 Dec 2024 |
|---|---|
| Original language | American English |
| Supervisor | ERNESTO Damiani (Supervisor) |
Keywords
- operational technology security
- android virtualization
- cyber-range platform
- security vulnerability
- digital twin