The Control Environment Laboratory Resource (CELR) is an environment for government and private industry partners to experience the possible effects of kinetic cyber-physical attacks. CELR allows users to perform security research on industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems.
CELR is a test range that uses multiple platforms capable of hosting simulated risk scenarios against real critical infrastructure (CI) processes. CELR enables the study of complete cyber warfare against our Nation’s CI targets, which society relies on to maintain our way of life. CELR is highly adaptable, simulates numerous corporate network configurations, and provides control system hardware and kinetic outputs of various CI sectors. With the ability to host multiple concurrent simulations, analysts across the Nation can interact with the environment while being both on and offsite through extended range connections.
What’s Unique About Our Environment?
CELR enables hands-on research of sensitive systems. The core capabilities of the range include:
CELR notably differs from traditional Operational Technology (OT) ranges in its focus on ICS technologies and the ability to simulate cyberattacks carried out to the point of physical disruption and destruction. Unlike attack scenarios of traditional ranges, CELR-generated attack scenarios integrate kinetic motion to successfully account for infrastructural interdependencies across unique test scenarios. The capability to accurately respond in real time enables CELR to go beyond static simulation and support teams engaging across the entire cyberattack life cycle—from internet entry points to external demilitarized zone (DMZ), corporate Local Area Network (LAN), and ICS networks, and physical components.
Overview Video Tour of CELR Facility
Electrical Distribution and Transmission
Natural Gas Pipeline
CELR provides a research zone, permitting its users to simulate speculative risk scenarios that would otherwise introduce unacceptable risk to production environments. This laboratory environment provides opportunities for enhancing the way government and industry partners defend ICS networks. Potential users include, but are not limited to:
CISA designed CELR with Critical Infrastructure partners in mind and to serve as many industry groups as possible. The range is a common environment where a variety of partners can research, learn, and share TTPs.
The information videos below offer additional information on the CELR and its use in research and training of cybersecurity professionals on ICS and OT environments. These presentations were provided to the ICS community during previous Industrial Control System Joint Working Group (ICS-JWG) seminars to facilitate information sharing and reduce the risk to the nation’s industrial control systems. Sponsored by the Cybersecurity and Infrastructure Security Agency (CISA), the ICSJWG provides a vehicle for communicating and partnering across all Critical Infrastructure (CI) Sectors between federal agencies and departments, as well as private asset owners/operators of industrial control systems. The goal of the ICSJWG is to continue and enhance the collaborative efforts of the industrial control systems stakeholder community in securing CI by accelerating the design, development, and deployment of secure industrial control systems.
Tutorials and Use Cases
Cybersecurity and Infrastructure Security Agency (CISA) works with partners to defend against today’s threats and collaborating with industry to build more secure and resilient infrastructure for the future. CISA is at the heart of mobilizing a collective defense to understand and manage risk to our critical infrastructure. Our partners in this mission span the public and private sectors. The programs and services we provide are driven by our comprehensive understanding of the risk environment and the corresponding needs identified by our stakeholders. We seek to help organizations better manage risk and increase resilience using all available resources, whether provided by the Federal Government, commercial vendors, or their own capabilities.