On December 20, the Zhejiang Lab Cup Global Challenge on Endogenous Security for Industrial Internet kicked off. Sponsored by the Chinese Academy of Engineering and the Zhejiang Provincial Government, the Challenge was co-organized by Zhejiang Lab, the China Academy of Information and Communications Technology, the Zhejiang Provincial Department of Economy and Information Technology, the Zhejiang Provincial Department of Science and Technology, the Zhejiang Cyberspace Administration, the Zhejiang Communications Administration, and the China Cyberspace Endogenous Safety and Security Technology and Industry Alliance. It aimed to promote the communication between cybersecurity professionals and facilitate the development of Industrial Internet security technology.
Forty teams of top-level white hat hackers joined the competition, including well-known overseas teams from the countries such as US, Russia, Germany, UK, Japan, Singapore, and South Korea, as well as Chinese teams from the universities and companies such as Tsinghua University, Peking University, and EversecLab. They gathered online and launched a three-day intense attack against a mimic Industrial Internet Facility built on endogenous security theories and technologies.
In cyberspace, human society is a community with a shared future. Internet security is therefore a common challenge for all mankind. Currently, human society is accelerating into an intelligent era, during which, everything will be interconnected, and cyber, physical, and social systems will be integrated. In the process of upgrading industrial manufacturing to intelligent manufacturing, the Industrial Internet is facing increasing security threats. For an integrated circuit chip composed of thousands or even billions of transistors, a software version containing thousands or even millions of lines of code, or a complex information system or control device, a high-risk vulnerability or back door may lead to damage of the entire information system, or all facilities of the same kind, potentially causing a huge loss of major equipment and human life.
"Based on the endogenous security theories developed by Professor Wu Jiangxing, Zhejiang Lab has been making breakthroughs and has formed integrated research strength in terms of theories, technologies, equipment, and platforms. Today, when we hold the Zhejiang Lab Cup Global Challenge on Endogenous Security for the Industrial Internet, we also launch the public testing platform for Industrial Internet endogenous security. Our goal is to gather cybersecurity professionals from all over the world to enhance the safety and security of industrial networks through real-life confrontations and public testing,” said Zhejiang Lab President Zhu Shiqiang at the opening ceremony of the competition (which was also the opening ceremony of the Industrial Internet Security Summit).
"We should pay attention to new security issues brought by new infrastructure projects. This is the reason why this competition focuses on online attack-defense confrontations in the field of Industrial Internet security," said Professor Wu Jiangxing at the summit. He is a member of the Chinese Academy of Engineering, and Chief Scientist in cybersecurity at Zhejiang Lab. "The target of this hacking competition is China’s first Industrial Internet endogenous security system, developed independently by Zhejiang Lab. Containing modules such as cloud data centers, gateways, DCS (distributed control system), and MCU (micro unit control), it is able to solve functional security and network security problems together," said Wu. "We have upgraded the system’s key equipment for industrial control by implanting the genes of endogenous security and mimic defense into it. Through this competition, we will conduct the world’s first real-life test on a mimic industrial control facility. It can be said that this competition is a milestone for the development of Industrial Internet endogenous security theories and technologies."
According to Zhang Ruyun, deputy secretary-general of the competition’s organizing committee and deputy director of Zhejiang Lab Research Center for Industrial Internet, one of the highlights of the competition was the focus on a scenario that integrated mimic defense and Industrial Internet. “We built a miniature device with reference to a 1000MW supercritical coal-fired power plant, and reconstructed the key control system using mimic defense technology. The cloud-network-terminal security model effectively enhanced the power system’s capacity to protect its industrial information,” said Zhang.
During the competition, contestants will attack eight sets of mimic devices and three sets of commercial DCS included in these miniature devices. Their online attacks and the system’s defenses will be displayed in real time in an Industrial Internet scenario. It is worth noting that for the first time in the field of Industrial Internet security, the competition included white-box tests. “We will provide a more comprehensive and convenient environment for the contestants to openly and confidently tackle the intense and uninterrupted attacks from top teams, thereby verifying the security, reliability, and trustworthiness of our mimic defense facility," said Zhang.
"Structure determines security and variable structure produces endogenous security effects. Mimic defense uses a dynamic heterogeneous redundancy structure and mimic camouflage mechanism to make a network unbreakable and unmeasurable for hackers. It provides an effective solution to endogenous security issues of industrial networks, thereby efficiently defending against classic cyberspace attacks targeting internal loopholes and backdoors in hardware and software, such as digging loopholes, setting backdoors, planting viruses, and hiding Trojan horses. It can effectively suppress and control identified or uncertain risks and known or unknown security threats, and make security effective, reliable and trustworthy in the front line of industrial production,” explained Professor Wu.
This competition is designed to include four levels of races: the CTF Race, the Attack-Defense Confrontation Race, the Man-Machine Confrontation Race, and the Peak Challenge. The CTF Race, meaning capture the flag, is a popular form of worldwide cybersecurity competition. Contestants need to find solutions to CTF tasks relevant to industrial control systems within a limited period of time. The target of the AWD Race is the electric power system of a provincial capital city. Contestants will attempt all-round penetration into the system to find its security vulnerabilities and hidden dangers, and therefore make emergency responses accordingly. The Man-Machine Confrontation Race will be carried out simultaneously with the AWD Race, including the black-box test and the white-box test.
According to the arrangement of the competition, when one team penetrates all the mimic devices, the Peak Challenge will start immediately, and relevant teams can launch attacks against the control system of a miniature model of a coal-fired power plant to challenge the mimic defense system.
The fierce battle between top white hat hackers and the mimic defense system of Industrial Internet is still going on. Will the contestants start and enter the Peak Challenge? Is the mimic defense facility really not afraid of any unknown threats? Let's wait and see.