Understanding industrial Cybersecurity.
CybICS (Cybersecurity for Industrial Control Systems) is an open-source training platform designed to help cybersecurity professionals, students, and researchers understand the unique challenges of securing industrial control systems (ICS) and SCADA environments.
The platform simulates a realistic industrial gas pressure control system complete with:
- PLC (Programmable Logic Controller) - OpenPLC
- HMI (Human-Machine Interface) - FUXA
- Physical Process Simulation - Gas pressure control system
- Multiple Industrial Protocols - Modbus TCP, OPC-UA, S7comm, DNP3, EtherNet/IP
- ✅ Hands-on Learning: Practice real-world ICS security techniques in a safe environment
- ✅ Cost-Effective: Free and open-source
- ✅ Flexible: Choose between virtual (Docker) or physical (Raspberry Pi + STM32) deployment
- ✅ Comprehensive: Covers reconnaissance, exploitation, and defense
- ✅ CTF-Ready: Built-in capture-the-flag challenges for training exercises
- What is CybICS?
- Deployment Options
- Quick Start - Virtual Testbed
- Physical Process Description
- Hardware
- Software Components
- Training Modules
- Troubleshooting
- Documentation
- Abbreviations
- Contributing
- License
CybICS offers two deployment modes to suit different learning needs and budgets:
|
Docker-based deployment for easy setup 
|
Hardware-based deployment with Raspberry Pi 
|
|
Advantages:
|
Advantages:
|
|
Requirements:
|
Requirements:
|
|
Use Cases:
|
Use Cases:
|
Get CybICS running in under 5 minutes using the virtual environment!
- Docker and Docker Compose installed
- Git for cloning the repository
- At least 4GB of free RAM
- Linux, macOS, or Windows with WSL2
-
Clone the repository:
git clone https://github.com/mniedermaier/CybICS.git --recursive cd CybICS -
Start the virtual environment:
./cybics.sh start
-
Access the services:
Once started, open your browser and navigate to:
Service URL Default Credentials Landing Page http://localhost -
# Check status of all services
./cybics.sh status
# View logs from all containers
./cybics.sh logs
# Stop the environment
./cybics.sh stop
# Restart the environment
./cybics.sh restart
# Update Docker images to latest version
./cybics.sh updateCybICS simulates a gas pressure control system commonly found in industrial environments. This simple yet realistic process provides an excellent foundation for learning ICS cybersecurity concepts.
The system maintains gas pressure in a High Pressure Tank (HPT) using gas from a Gas Storage Tank (GST). A PLC controls a compressor that transfers gas between tanks while monitoring pressure levels and safety conditions.
Buffer tank for the external gas supply. The PLC maintains GST pressure between 60-240 bar.
| Pressure | Status | Range (bar) | Color Indicator |
|---|---|---|---|
| <50 | Low | 0-49 | Red |
| 50-149 | Normal | 50-149 | Green |
| 150+ | Full | 150-255 | Blue |
Control Loop:
- When GST < 60 bar → Start filling from external supply
- Continue until GST ≥ 240 bar → Stop filling
- Prevents compressor operation when GST is too low
Main buffer tank providing pressure to the system. Target range: 60-90 bar.
| Pressure | Status | Range (bar) | Meaning |
|---|---|---|---|
| 0 | Empty | 0 | System offline |
| 1-49 | Low | 1-49 | Below operating range |
| 50-99 | Normal | 50-99 | Safe operating range |
| 100-149 | High | 100-149 | Above target, but safe |
| 150+ | Critical | 150+ | Dangerous overpressure |
Control Loop:
- When HPT < 60 bar AND GST > 50 bar → Start compressor
- Continue until HPT ≥ 90 bar → Stop compressor
- Compressor disabled if GST < 50 bar (safety interlock)
The system can operate normally when HPT is between 50-100 bar:
- HPT < 50 bar → System cannot operate (insufficient pressure)
- HPT > 100 bar → System at risk of damage
Mechanical safety valve (not PLC-controlled) that prevents catastrophic failure:
- Opens when HPT > 220 bar
- Vents toxic gas to atmosphere
- Closes when HPT < 200 bar
- Security implication: Triggering the blowout releases toxic gas
For those choosing the physical deployment, CybICS uses affordable, off-the-shelf components.
Detailed instructions: Hardware Guide | PCB Ordering Guide
CybICS includes 13+ hands-on training modules covering the full ICS security lifecycle:
Each module includes:
- 📖 Background theory
- 🎯 Hands-on exercises
- 🚩 CTF-style flags
- 💡 Hints and solutions
Start training: Training Overview
Comprehensive documentation is available for all components:
- 📘 Quick Start Guide - Detailed installation instructions
- 🎓 Training Overview - All training modules
- 🧪 Testing Guide - Automated testing
- 🔧 Hardware Overview - BOM, assembly, specifications
- 📟 PCB Ordering Guide - Step-by-step JLCPCB ordering
- 📦 3D Case Files - Printable enclosure
- 💾 Software Overview - Setup and configuration
- 🎛️ OpenPLC Integration - PLC programming and configuration
- 🖥️ FUXA HMI - HMI configuration
- 🔌 Virtual Hardware I/O - Virtual process simulation
- 🍓 Raspberry Pi I/O - Physical hardware interface
- 🔬 STM32 Firmware - Embedded firmware (Zephyr RTOS)
| Abbreviation | Full Name | Description |
|---|---|---|
| BO | Blowout | Safety valve that vents gas at critical pressure |
| CTF | Capture The Flag | Security training challenge format |
| DNP3 | Distributed Network Protocol 3 | SCADA communication protocol |
| GST | Gas Storage Tank | Buffer tank for external gas supply |
| HMI | Human-Machine Interface | Operator control and monitoring interface |
| HPT | High Pressure Tank | Main system pressure buffer |
| I2C | Inter-Integrated Circuit | Serial communication protocol |
| ICS | Industrial Control System | Systems controlling industrial processes |
| LED | Light-Emitting Diode | Visual indicator on hardware |
| OPC-UA | OPC Unified Architecture | Industry 4.0 communication standard |
| PCB | Printed Circuit Board | CybICS custom hardware board |
| PLC | Programmable Logic Controller | Industrial controller (OpenPLC) |
| RTOS | Real-Time Operating System | Zephyr (on STM32) |
| SCADA | Supervisory Control and Data Acquisition | Industrial monitoring system |
| STM32 | STMicroelectronics 32-bit MCU | Microcontroller on CybICS PCB |
| SWD | Serial Wire Debug | Programming/debugging interface for STM32 |
| UART | Universal Asynchronous Receiver-Transmitter | Serial communication |
We welcome contributions from the community! Here's how you can help:
- 🐛 Report bugs via GitHub Issues
- 💡 Suggest features or improvements
- 📝 Improve documentation (typos, clarity, examples)
- 🎓 Create training modules for new attack/defense techniques
- 🔧 Submit code improvements via Pull Requests
- 🌍 Translate documentation to other languages
- Fork the repository
- Clone your fork:
git clone --recursive https://github.com/YOUR_USERNAME/CybICS.git - Create a branch:
git checkout -b feature/your-feature-name - Make changes and test thoroughly
- Commit:
git commit -m "Description of changes" - Push:
git push origin feature/your-feature-name - Open a Pull Request
CybICS is released under the MIT License. See LICENSE for details.
- OpenPLC: GPL-3.0 License
- FUXA: MIT License
- Zephyr RTOS: Apache-2.0 License
CybICS is developed for educational purposes to improve ICS cybersecurity awareness. Special thanks to the open-source community and all contributors.
Disclaimer: This platform is designed for authorized training and education only. Unauthorized use against production systems is illegal and unethical.
Ready to start?
./cybics.sh start
📘 Detailed Setup Guide • 🎓 Training Modules • 🐛 Report Issues