The Water Distribution (WaDi™) testbed, funded by the SUTD-MIT International Design Centre (IDC) and under the guidance of PUB, Singapore’s national water agency. It was launched on 26 Jul 2016 by Cyber Security Agency’s (CSA) Deputy Chief Executive Mr Teo Chin Hock.

The WaDi testbed is a scaled-down, high-fidelity, industry-compliant emulation of a modern water distribution facility. As a cyber security research facility, the WaDi testbed aids research which addresses the various cyber and physical risks that are associated with water distribution networks, which span vast distances, and are not entirely isolated within secured premises, unlike water treatment plants.

The WaDi testbed also complements the SWaT testbed, serving as a natural extension of the latter, where water is distributed to consumers after treatment. As such, by combining WaDi and SWaT, researchers have the opportunity to study the cascading effects of cyber-attacks from SWaT through to WaDi, and vice-versa. Moreover, WaDi is equipped with capabilities to simulate physical attacks such as water leakage, malicious chemical injections, and water hammers, as part of its physical design and implementation. The combination of the two testbeds offers opportunities for researchers to work on a full spectrum of possible cyber and physical attacks on a water treatment and distribution plant.

wadi-design-and-layout-with-labellingWaDi Overall Layout

WaDi Architecture

The WaDi testbed comprises various electrical, electronic, physical, and mechanical components. It has three-stage process configuration and is operationally capable of water distribution at 10 gallons of water per minute (GPM) or approximately 38 litres of water per minute (l/min).

Physical Process

The WaDi testbed comprises two raw water tanks, two elevated reservoir tanks, six consumer tanks and a return tank. It is equipped with chemical dosing systems, booster pumps and valves, instrumentation, and analysers. In Stage 1, WaDi has two sources of incoming water, the first being water supplied by PUB, and the second being the RO permeate from the SWaT testbed. These sources are channelled as raw water into the two storage tanks. In Stage 2, the water enters the domestic grid, flowing to elevated reservoirs and then distributed to the consumer tanks. The water flows from the elevated reservoirs to the Domestic Grid either by gravity or by the booster pumps. Once a consumer tank is filled, the water is drained into the return tank in Stage 3.

The design and implementation of the WaDi testbed, as with the SWaT testbed, places great emphasis on sustainability. The WaDi testbed recycles and recirculates water within its system by running a closed loop, post-distribution, via the Return Water tank to the Raw Water tanks. Additionally, the WaDi testbed receives the RO permeate from the SWaT testbed as a secondary source of water, when the SWaT-WaDi Cross-Over mode is activated.

Block Diagram of WaDi Physical Process

WaDi Physical Layout

Network Architecture

The WaDi network architecture, i.e., the cyber portion of WaDi, comprises dedicated OT hardware in Allen-Bradley Programmable Logic Controllers (PLCs), Schneider Remote Input/Output (RIO),  Schneider SCADA Pack units, Schneider–iSolv Remote Terminal Units (RTU), Moxa Modbus/ENIP gateways, and a combination of industry IT software and hardware in the Human Machine Interfaces (HMIs), Supervisory Control and Data Acquisition (SCADA) and Historian. In most testbeds, the PLCs, and RIOs operate within the testbed premises, the HMIs, SCADAs, and Historian operate within a Control Room in a remote location.

The SCADA supervises the WaDi processes, through periodical monitoring of the testbed. The SCADA also has the ability to take manual control of the WaDi testbed by overriding the pre-existing PLC programming. The SCADA works in conjunction with the Historian, which serves the important role of recording and storing process data for subsequent analysis. The IT and OT components co-exist on a Network that employs a layered communications network using the Purdue Model for Industrial Control Systems (ICS). The communication on the network is based on the EtherNet/IP (ENIP) and Modbus protocols.

Notable aspects of the testbed include segmented communications networks, both wired and wireless communications, distributed dynamic control, interconnection among the testbeds, and complete access to the control logic within the PLCs and HMIs. The WaDi testbed employs the use of the High-Speed Band Access (HSPA) mobile band for wireless. This accessibility allows researchers to develop and upload their code in the controllers for research and experimentation. It also provides a platform for demonstrating their technologies in a safe, controlled, and realistic environment.

WaDi Network Architecture

See a video walkthrough of WaDi testbed here.