To implement the Cyber-Physical Systems (CPS) security in ns3 comprises simulating both the cyber (network) and physical (control systems) modules to learn and develop the security mechanisms protecting the systems. Now we see a step-by-step notes to suggesting CPS security in ns3
Step-by-Step Implementations:
Step 1: Set Up the ns3 Environment
To make sure ns3 is installed. Else, we follow the approved installation guide.
Step 2: Define the Network Topology
To make a network topology and it includes the numerous nodes expressive the cyber components like controllers, sensors, actuators.
#include “ns3/core-module.h”
#include “ns3/network-module.h”
#include “ns3/internet-module.h”
#include “ns3/point-to-point-module.h”
#include “ns3/applications-module.h”
using namespace ns3;
NS_LOG_COMPONENT_DEFINE (“CpsSecurityExample”);
int main (int argc, char *argv[]) {
CommandLine cmd;
cmd.Parse (argc, argv);
// Create nodes
NodeContainer nodes;
nodes.Create (6); // Nodes for controller, sensors, and actuators
// Create point-to-point links
PointToPointHelper pointToPoint;
pointToPoint.SetDeviceAttribute (“DataRate”, StringValue (“5Mbps”));
pointToPoint.SetChannelAttribute (“Delay”, StringValue (“2ms”));
NetDeviceContainer devices;
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (1))));
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (2))));
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (3))));
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (4))));
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (5))));
// Install Internet stack
InternetStackHelper stack;
stack.Install (nodes);
// Assign IP addresses
Ipv4AddressHelper address;
address.SetBase (“10.1.1.0”, “255.255.255.0”);
address.Assign (devices);
// Create and configure applications…
Simulator::Run ();
Simulator::Destroy ();
return 0;
}
Step 3: Simulate Sensor and Actuator Communication
For simulate communication among the sensors, the controller and actuators to make an applications.
Sensor Application:
class SensorApplication : public Application {
public:
SensorApplication () : m_socket (0) {}
virtual ~SensorApplication () {}
protected:
virtual void StartApplication () {
m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());
InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 8080);
m_socket->Bind (local);
m_socket->SetRecvCallback (MakeCallback (&SensorApplication::HandleRead, this));
Simulator::Schedule (Seconds (2.0), &SensorApplication::SendSensorData, this);
}
virtual void StopApplication () {
if (m_socket) {
m_socket->Close ();
m_socket = 0;
}
}
private:
void SendSensorData () {
Ptr<Packet> packet = Create<Packet> ((uint8_t*)”sensor-data”, 11);
m_socket->SendTo (packet, 0, InetSocketAddress (Ipv4Address (“10.1.1.1”), 8080)); // Controller’s address
Simulator::Schedule (Seconds (5.0), &SensorApplication::SendSensorData, this);
}
void HandleRead (Ptr<Socket> socket) {
Ptr<Packet> packet;
Address from;
while ((packet = socket->RecvFrom (from))) {
NS_LOG_INFO (“Sensor received: ” << packet->GetSize ());
}
}
Ptr<Socket> m_socket;
};
Actuator Application:
class ActuatorApplication : public Application {
public:
ActuatorApplication () : m_socket (0) {}
virtual ~ActuatorApplication () {}
protected:
virtual void StartApplication () {
m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());
InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 9090);
m_socket->Bind (local);
m_socket->SetRecvCallback (MakeCallback (&ActuatorApplication::HandleRead, this));
}
virtual void StopApplication () {
if (m_socket) {
m_socket->Close ();
m_socket = 0;
}
}
private:
void HandleRead (Ptr<Socket> socket) {
Ptr<Packet> packet;
Address from;
while ((packet = socket->RecvFrom (from))) {
NS_LOG_INFO (“Actuator received: ” << packet->GetSize ());
}
}
Ptr<Socket> m_socket;
};
Step 4: Implement Security Mechanisms
To suggest security mechanisms like anomaly detection, authentication, and encryption.
Authentication:
class AuthApplication : public Application {
public:
AuthApplication () : m_socket (0) {}
virtual ~AuthApplication () {}
protected:
virtual void StartApplication () {
m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());
InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 7070);
m_socket->Bind (local);
m_socket->SetRecvCallback (MakeCallback (&AuthApplication::HandleRead, this));
}
virtual void StopApplication () {
if (m_socket) {
m_socket->Close ();
m_socket = 0;
}
}
private:
void HandleRead (Ptr<Socket> socket) {
Ptr<Packet> packet;
Address from;
while ((packet = socket->RecvFrom (from))) {
std::string data = std::string ((char*) packet->PeekData ());
if (Authenticate (data)) {
NS_LOG_INFO (“Authentication successful from ” << InetSocketAddress::ConvertFrom (from).GetIpv4 ());
ForwardPacket (packet);
} else {
NS_LOG_WARN (“Authentication failed from ” << InetSocketAddress::ConvertFrom (from).GetIpv4 ());
}
}
}
bool Authenticate (const std::string& data) {
// Simplified authentication logic
return data == “valid-credentials”;
}
void ForwardPacket (Ptr<Packet> packet) {
Ptr<Socket> socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());
InetSocketAddress remote = InetSocketAddress (Ipv4Address (“10.1.1.2”), 8080); // Forward to sensor node
socket->Connect (remote);
socket->Send (packet);
socket->Close ();
}
Ptr<Socket> m_socket;
};
Encryption:
class EncryptionApplication : public Application {
public:
EncryptionApplication () : m_socket (0) {}
virtual ~EncryptionApplication () {}
protected:
virtual void StartApplication () {
m_socket = Socket::CreateSocket (GetNode (), UdpSocketFactory::GetTypeId ());
InetSocketAddress local = InetSocketAddress (Ipv4Address::GetAny (), 6060);
m_socket->Bind (local);
m_socket->SetRecvCallback (MakeCallback (&EncryptionApplication::HandleRead, this));
}
virtual void StopApplication () {
if (m_socket) {
m_socket->Close ();
m_socket = 0;
}
}
private:
void HandleRead (Ptr<Socket> socket) {
Ptr<Packet> packet;
Address from;
while ((packet = socket->RecvFrom (from))) {
std::string data = std::string ((char*) packet->PeekData ());
std::string decryptedData = Decrypt (data);
NS_LOG_INFO (“Received encrypted data: ” << data << “, decrypted data: ” << decryptedData);
}
}
std::string Decrypt (const std::string& data) {
// Simplified decryption logic
return data; // Assume data is already decrypted for simplicity
}
Ptr<Socket> m_socket;
};
Step 5: Deploy Applications
In the network appropriate nodes to the instantiate and deploy the applications on the
int main (int argc, char *argv[]) {
CommandLine cmd;
cmd.Parse (argc, argv);
// Create nodes
NodeContainer nodes;
nodes.Create (6); // Nodes for controller, sensors, and actuators
// Create point-to-point links
PointToPointHelper pointToPoint;
pointToPoint.SetDeviceAttribute (“DataRate”, StringValue (“5Mbps”));
pointToPoint.SetChannelAttribute (“Delay”, StringValue (“2ms”));
NetDeviceContainer devices;
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (1))));
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (2))));
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (3))));
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (4))));
devices.Add (pointToPoint.Install (NodeContainer (nodes.Get (0), nodes.Get (5))));
// Install Internet stack
InternetStackHelper stack;
stack.Install (nodes);
// Assign IP addresses
Ipv4AddressHelper address;
address.SetBase (“10.1.1.0”, “255.255.255.0”);
address.Assign (devices);
// Create and configure the Sensor application
Ptr<SensorApplication> sensorApp = CreateObject<SensorApplication> ();
nodes.Get (1)->AddApplication (sensorApp);
sensorApp->SetStartTime (Seconds (1.0));
sensorApp->SetStopTime (Seconds (20.0));
// Create and configure the Actuator application
Ptr<ActuatorApplication> actuatorApp = CreateObject<ActuatorApplication> ();
nodes.Get (2)->AddApplication (actuatorApp);
actuatorApp->SetStartTime (Seconds (1.0));
actuatorApp->SetStopTime (Seconds (20.0));
// Create and configure the Auth application
Ptr<AuthApplication> authApp = CreateObject<AuthApplication> ();
nodes.Get (3)->AddApplication (authApp);
authApp->SetStartTime (Seconds (1.0));
authApp->SetStopTime (Seconds (20.0));
// Create and configure the Encryption application
Ptr<EncryptionApplication> encryptionApp = CreateObject<EncryptionApplication> ();
nodes.Get (4)->AddApplication (encryptionApp);
encryptionApp->SetStartTime (Seconds (1.0));
encryptionApp->SetStopTime (Seconds (20.0));
Simulator::Run ();
Simulator::Destroy ();
return 0;
}
Now we demonstrate about how to enhance the Cyber Physical Security in ns3 tool and we show how to define the network topology and their development. We are involved to provide the more data and concepts about the Cyber Physical Systems Security in ns3.
Need help with implementing Cyber Physical Systems Security in your ns3 simulation? Our developers are here to support your project performance, so just share your project details with us for extra assistance. We specialize in simulating both cyber (network) and physical (control systems) modules. If you’re having trouble coming up with project ideas, feel free to give us a call for some guidance!