Capture files from 4SICS Geek Lounge

The industrial cyber security conference 4SICS is an annual summit that gather the most important ICS/SCADA cyber security stakeholders across critical industries (i.e. energy, oil & gas, water, transportation and smartgrid etc).

The "Geek Lounge" at 4SICS contains an ICS lab with PLCs, RTUs, servers, industrial network equipment (switches, firewalls, etc). These devices are available for hands-on "testing" by 4SICS attendees.

We at Netresec have worked with the 4SICS crew to capture the network traffic at the ICS lab. The idea is to share the captured PCAP files on the Internet, since network traffic from industrial networks is a really scarce resource!

The official website of 4SICS:

4SICS 2015 PCAP Files

4SICS-GeekLounge-151020.pcap  25MB
4SICS-GeekLounge-151021.pcap 134MB
4SICS-GeekLounge-151022.pcap 200MB

Devices in the ICS Lab

Image Credit: 4SICS
Rack 1 to 5. Image Credit: 4SICS

Rack #1 (from left)

Rack #2

Rack #3

Rack #4

Rack #5 (the one on the right)

Devices not found in a rack

Client Network (where the "hackers" are)

Svenska Kraftnät (Swedish Grid)

SVK network. Photo Credit: Patrick Nixdorf
Network of demo installation for Svenska Kraftnät (Swedish Grid). Photo credit: Patrick Nixdorf