Back to all updates

almost 3 years ago

NARI Building Control Systems test and data set.

Nebraska Applied Research Institute (NARI)
Industrial Control System Data Captures

Each dataset mimics a ICS network on a small office network, so there is ICS traffic alongside other items you would find within an office network which include network shares, file transfers and engineer workstation commands. The attack datasets additionally include malicious traffic that the students will need to identify the effect each attack has on the ICS network. So, the lighting attack for example focuses on the lighting control, thermal attack focuses on the HVAC controls and the camera attack focuses on the security side. Each dataset also includes serial network traffic from the ICS side, so the students can see what normal traffic is and what malicious traffic looks like from the serial side vs. the TCP/IP side.

NARI recommends the use Wireshark version 2.2.14 or newer for these datasets

Click here to get to the data

The data was generated using NARI’s Building Control Systems (BCS) testbed with complex Operational Technology (OT) control systems communicating over IP and serial-based networks. Participants will witness various network-based OT cyber attacks against critical building control systems across a variety of networking protocols to include BACNet, LonTalk, IPv4 and RS-485.  Data sets covering normal BCS network activity and hostile attacker network activity will be provided to participants with the top teams being invited to demonstrate their solutions on NARI’s physical testbed. Additionally, NARI Cybersecurity subject matter experts will be in hand to answer questions, demonstrate OT technologies, and mentor teams.


NARI test bed


If you have any questions about the hackathon, please post on the discussion forum.