Israel’s new cyber-kinetic lab will boost the resilience of critical infrastructure

In a building under construction at the Advanced Technologies Park in Be’er Sheva, the “cyber capital” of Israel, a new governmental lab is also taking shape: the National Cyber-Kinetic Lab for ICS and OT.

Cyber Lab ICS OT

A joint venture between the Israel Ministry of Energy (MoE) and the Israel National Cyber Directorate (INCD), it will serve as a sandbox for testing computing devices embedded in physical processes and simulating cyber-attacks on scaled-down models of real-life industrial and critical infrastructure control systems.

“The lab should be up and running in a couple of months and we plan to open it to the world in the second part of 2023,” Dadi Gertler, Executive Director of Technology Systems within the Cyber Technology Unit at the INCD, told Help Net Security at Cyber Week in Tel Aviv last month.

A pressing need

Testing the cyber and physical resilience of critical infrastructure systems can’t be safely and effectively performed on real-world production sites. Knowledge gleaned from simulated attacks has limits, and unplanned “testing” as a result of actual attacks should be avoided at all costs.

A cyber-kinetic testing lab is, therefore, just the ticket for cyber authorities, government agencies, government-owned organizations and private sector companies that operate the infrastructure critical to the safety of the country and its citizens.

While not the first of its kind in the world, the National Cyber-Kinetic Lab for ICS and OT is the first one of its kind in Israel and it’s unique in the sense that it will accommodate several scaled-down ICS models: a power production facility, a water purification plant, and a building management system (i.e., a smart building).

While still in the setup phase when we visited the lab, the planned models – located in a glass chamber inside a larger open space – were already distinguishable and impressive. Though, as Gertler pointed out, the multi-domain nature of the lab will allow them to create different kinds of virtual models in the future.

Collaboration is key

In Israel, the INCD is the “cyber regulator” for the 30+ organizations that are defined by law as critical utilities. The group includes organizations in the energy and water sector, the transportation sector, the (central) Bank of Israel, private companies in the heavy chemical industry, and others – and they are often targets of cyber-attacks.

The lab’s initial “clients” will be the institutions operating critical infrastructure in Israel, as well as Israeli startups looking to innovate and create new cybersecurity solutions for systems underpinning critical infrastructure. But next year, the plan is to open it for collaboration with the rest of the private sector and international partners – both companies and countries.

The lab will allow a full spectrum of testing. The kinetic modules cover the full technology stack and allow users to test different equipment against specific scenarios and test different security measures, solutions and configurations. The idea is to get a better understanding of how specific cyber-attacks would affect the operations technologies (OT) used by specific utilities and how to improve their cyber resilience.

“We will be able to provide organizations with recommendations and very specific advice on which setups, configurations, and security controls they can apply to overcome different types of cybersecurity weaknesses and prevent different types of cyber-attacks,” said Gertler.

The lab will also be open to academics, researchers, and standards bodies.

Of course, Gertler says, which parties will have access to the lab and when will have to be managed as best as possible.

“If specific programmable logic controller (PLC) vendors want to test their equipment in our lab, we will let them – though, of course, priority will be given to the vendor of PLCs widely used in Israel,” he added.

Don't miss