Cyber Wargaming on SCADA Systems

We present general strategies for cyber wargaming of SCADA (Supervisory Control and Data Acquisition) systems that are used for cyber security research at the US Army Research Laboratory (ARL). Since SCADA and other Industrial Control Systems (ICSs) are operational systems, it is difficult or impossible to perform security experiments on actual systems. We use a hardware SCADA/ICS test bed to configure various live systems for the purpose of cyber wargaming and cyber-defense research and development experiments. The hardware testbed is part of the Army Cyber-research and Analytics Laboratory (ACAL) that is hosted at the Adelphi, Maryland site. We describe how table-top strategy sessions and live wargames on real SCADA systems can be conducted between red (attack) and blue (defense) teams. We also describe how the recoded actions of the wargame activity can be used to test and validate cyber-defense models. We describe a game theoretic SCADA security model that includes three distinct simultaneous games at the physical, cyber, and management layer.