Traditionally, industrial control systems (ICS) were designed without security in mind, prioritizing availability and real-time communication. As these systems increasingly become targets of powerful adversaries, security can no longer be neglected. Driven by flexibility and automation needs, ICS are transitioning from wired to 5G communication, introducing new attack surfaces and a less reliable communication medium, thereby exacerbating existing security challenges. Given their critical role in society, a comprehensive evaluation of their security is imperative. To this end, we introduce SWICS, a fully virtual testbed simulating an ICS in a realistic 5G environment, and study how this transition affects security under varying channel conditions. Our results show three key findings: under optimal channel conditions, industrial 5G networks can achieve resilience comparable to wired systems, while degraded channel conditions can amplify traditional attacks, threaten system stability, and undermine detection mechanisms based on predictable traffic patterns. We further demonstrate the inherent limits of securing 5G channels for ICS through eavesdropping and jamming on the open-air interface. Our work highlights the interplay between security and 5G channel conditions, showing that traditional security controls may no longer be sufficient and motivating further research.

翻译：传统上，工业控制系统在设计时未考虑安全性，而是优先保障可用性与实时通信。随着这些系统日益成为强大攻击者的目标，安全问题已不容忽视。受灵活性与自动化需求驱动，工业控制系统正从有线通信向5G通信过渡，这引入了新的攻击面及可靠性较低的通信媒介，从而加剧了现有安全挑战。鉴于其在社会中的关键作用，对其安全性进行全面评估势在必行。为此，我们提出SWICS——一个在真实5G环境中模拟工业控制系统的全虚拟测试平台，并研究了不同信道条件下这一过渡如何影响安全性。我们的结果揭示了三个关键发现：在最优信道条件下，工业5G网络可达到与有线系统相当的弹性；而劣化的信道条件则会放大传统攻击、威胁系统稳定性并削弱基于可预测流量模式的检测机制。我们进一步通过开放空口上的窃听与干扰展示了在工业控制系统中保障5G信道安全的固有局限性。我们的工作强调了安全性与5G信道条件之间的相互作用，表明传统安全措施可能已不再足够，并激励了进一步研究。