Industrial Control Systems (ICSs) are complex interconnected systems used to manage process control within industrial environments, such as chemical processing plants and water treatment facilities. As the modern industrial environment moves towards Internet-facing services, ICSs face an increased risk of attacks that necessitates ICS-specific Intrusion Detection Systems (IDS). The development of such IDS relies significantly on a simulated testbed as it is unrealistic and sometimes hazardous to utilize an operational control system. Whilst some testbeds have been proposed, they often use a limited selection of virtual ICS simulations to test and verify cyber security solutions. There is a lack of investigation done on developing systems that can efficiently simulate multiple ICS architectures. Currently, the trend within research involves developing security solutions on just one ICS simulation, which can result in bias to its specific architecture. We present ICS-SimLab, an end-to-end software suite that utilizes Docker containerization technology to create a highly configurable ICS simulation environment. This software framework enables researchers to rapidly build and customize different ICS environments, facilitating the development of security solutions across different systems that adhere to the Purdue Enterprise Reference Architecture. To demonstrate its capability, we present three virtual ICS simulations: a solar panel smart grid, a water bottle filling facility, and a system of intelligent electronic devices. Furthermore, we run cyber-attacks on these simulations and construct a dataset of recorded malicious and benign network traffic to be used for IDS development.

翻译：工业控制系统（ICS）是用于管理工业环境（如化学处理厂和水处理设施）中过程控制的复杂互连系统。随着现代工业环境向面向互联网的服务发展，ICS面临日益增加的攻击风险，这需要针对ICS的专用入侵检测系统（IDS）。此类IDS的开发在很大程度上依赖于仿真测试平台，因为使用运行中的控制系统既不现实，有时也存在危险。尽管已有一些测试平台被提出，但它们通常使用有限的虚拟ICS仿真来测试和验证网络安全解决方案。目前缺乏对开发能够高效仿真多种ICS架构的系统的深入研究。当前研究趋势仅涉及在单一ICS仿真上开发安全解决方案，这可能导致对其特定架构的偏向性。我们提出ICS-SimLab，一种利用Docker容器化技术创建高度可配置ICS仿真环境的端到端软件套件。该软件框架使研究人员能够快速构建和定制不同的ICS环境，促进跨不同系统（遵循普渡企业参考架构）的安全解决方案开发。为展示其能力，我们呈现了三种虚拟ICS仿真：太阳能电池板智能电网、水瓶灌装设施以及智能电子设备系统。此外，我们在这些仿真上运行网络攻击，并构建了包含恶意和良性网络流量的记录数据集，用于IDS开发。