Attack data that ships with the answer key.
MITRE ATT&CK ICS attack datasets with per-event ground truth, full pcapng capture, and a benign baseline mix you can dial. Stand-alone for IDS / SOC training, or chained on top of a Virtual SCADA run for full cyber-range scenarios.
- ATT&CK for ICS
- v15
- MITRE techniques
- 67
- Bundle artefacts (7 outer + 9 inner)
- 16
- Mix tunable
- 0–100%
- Replay
- byte-equal
Scenario in. Sealed cyber-range bundle out.
Same evidence pipeline as the synthetic-data side, with one extra step: an attack mix injected on a deterministic schedule against a live SCADA process — and a truth file that names every adversary action by MITRE ID.
Pick the scenario.
Choose a plant template (water, power, manufacturing…), pick the MITRE ATT&CK ICS classes you want injected, and dial the benign-to-attack ratio. Or upload a custom adversary YAML.
Seal the job spec.
Scenario, seed, and adversary schedule are sealed into a signed job spec. Replays are byte-equal — across clusters, across years.
SCADA + injection.
Virtual SCADA produces the legitimate process; the ICS engine injects ATT&CK classes on the sealed schedule. Real protocols, real packets.
Seven cyber-range artefacts wrap one 9-artefact BLAKE3 seal.
pcapng, signals.parquet, truth.ndjson, alarms.json, commands.json, asset_inventory.json, and the inner 9-artefact BLAKE3 evidence bundle (contract, determinism, constraint, utility, privacy, run telemetry, engine manifest, artefact index, release seal) — all hashed and chained into a tamper-evident.tar.zst bundle.
slt evidence verify67 MITRE ATT&CK ICS techniques. Per-event truth.
Every injected event carries its MITRE technique ID, payload hash, target asset, and entry/exit timestamps in the truth file. Your detection engine has nothing to guess. The 20 showcased below are a representative slice of the full 67-technique catalog (the public ATT&CK ICS technique set) spanning every ATT&CK for ICS tactic from Initial Access through Impact.
Command-Line Interface
Adversary-driven command-injection scenarios on industrial control surfaces.
Denial of Service
Realistic resource-exhaustion behaviours targeting control-loop responsiveness.
Adversary-in-the-Middle
Realistic AiTM scenarios between engineering and operator stations.
Manipulation of Control
Direct control-logic manipulation surfaced with before/after register state.
Manipulation of View
Operator-visible value spoofing with ground-truth underlying state.
Modify Parameter
Setpoint, alarm-threshold, and trip-curve modification with labelled diffs.
Modify Alarm Settings
Alarm-limit tampering events tagged with ISA-18.2 band deltas.
Network Sniffing
Passive reconnaissance scenarios with realistic protocol fingerprints.
Program Download
Program-download sequences with vendor-protocol framing.
Unauthorized Command Message
Unsanctioned control writes surfaced with labelled provenance.
Spoof Reporting Message
Historian-reporting spoofing scenarios with labelled deltas to ground truth.
Change Operating Mode
Run / Program / Remote-mode transitions with telemetry capture.
Valid Accounts
Credentialed access scenarios with identity-chain capture in commands.json.
Exploitation of Remote Services
Vendor-protocol exploitation scenarios with reproducible payload signatures.
Standard Application Protocol
Protocol-encapsulation abuse across common industrial transports.
Indicator Removal on Host
Log-tampering and history-wipe scenarios with forensic-detectable residue.
Alarm Suppression
Targeted suppression of process and equipment alarms.
Service Stop
Targeted control-service termination with restart-fingerprint capture.
Internet Accessible Device
Reachability scenarios for incorrectly-exposed devices.
Modify Program
Program-modification scenarios with before/after program signatures.
- · evidence.bundle.tar.zst47.2 MB
- · manifest.jsonsha a4f2d8
- · contract_K.jsonsha 9c10ab
- ▾ pcapng/
- · scada-2026-04-13.pcapng42.7 MBsha 5e2c1a
- ▾ signals/
- · process.parquet3.4 MBsha 1b8d44
- ▾ events/
- · truth.ndjson11 KBsha 5e2c1a
- · alarms.json2.1 KBsha 82a09f
- · commands.json8.4 KBsha 31cf7e
- · asset_inventory.json0.9 KBsha 70b1d2
- · sbom.spdx.json14 KBsha ee04c1
- · blake3.chain0.3 KBsha a4f2d8
Full wire capture, link-layer accurate.
Per-event ground truth labels for every injected adversary action.
Per-tag time-series during the attack window.
Operator-visible alarms and acknowledgements.
Standards-anchored. Chain-verifiable. Live + sealed.
Every injected event lands with a MITRE ATT&CK for ICS v15 technique ID, a STIX-2.1 shaped attack graph, CWE and CAPEC cross-references, and an ISA-18.2 alarm-engine response from the plant. Attack events stream over SSE in the same window as they land in the sealed bundle — with a Merkle-chained operator journal that makes tampering deterministic to detect.
MITRE ATT&CK for ICS v15
First-class technique IDs, tactic chains, CWE references, and CAPEC cross-links travel with every injected event. Attack graphs are STIX 2.1 shaped; downstream detection stacks consume them natively.
ISA-18.2 alarm engine
Every plant run ships with an ISA-18.2 / IEC 62682 / EEMUA-191 compliant alarm state machine. Thresholds placed via mutual-information optimum or percentile fallback, class-default bands backstop every signal, hash-chained operator journal.
Live attack window + batch
Stream attack events as they fire via Server-Sent Events on the same endpoint as benign telemetry. Batch bundle receives the same attack-window slice with full pcapng segmentation and manifest index.
Hash-chained attack journal
Every injected event is Merkle-chained into the evidence bundle. Re-ordering, insertion, or silent deletion breaks the chain; offline verifier flags any tampering deterministically.
Who runs it.
SOC engineering
Train and regression-test detection rules against labelled attack mixes; bundle integrates into your CI scoring pipeline.
IDS / NDR vendors
Train, evaluate, and publish reproducible benchmarks against MITRE ATT&CK ICS coverage claims.
Critical-infra operators
Tabletop exercises with realistic process state — every event has a ground-truth label so blue-team scoring is mechanical.
Regulator and assessor
Reproducible scenarios you can hand to a third-party assessor without revealing your real plant.
Posture & isolation.
Built so an OT security review can sign off on the first read.
Tenant isolation
Per-tenant Fernet key on artefact prefix; per-tenant evidence chain root.
Tamper-evident bundles
Offline verifier flags any in-place mutation of pcapng, truth log, or parquet.
Audit-ready provenance
SBOM + engine version + scenario hash + run-log shipped with every bundle.
Composable with VPLC
Attack mix can target a customer-owned Virtual PLC for fully air-gapped runs.
Sample bundle on request — under NDA, in your bucket.
Tell us the protocol surface and ATT&CK classes you want covered. We cut a representative bundle, deliver it to a bucket of your choice, and walk your detection engineer through the truth file.
- $ slt evidence verify ./scada-2841.bundle.tar.zst
- → unpacking 14 artefacts ………………… ok
- → checking BLAKE3 chain ………………… ok
- → verifying ed25519 signature ……… ok
- manifest: sha 9c10ab…
- contract_K: sha a4f2d8…
- pcapng: sha 5e2c1a… 42.7 MB
- signals.parquet: sha 1b8d44… 3.4 MB
- truth.ndjson: sha 5e2c1a… 6 events
- blake3.chain: sha a4f2d8… root a4f2…d801
- ✓ chain verified — 9 / 9 artefacts intact
- ✓ signed by acme-soc-prod (cosign · key-id 0x4f1c)
- $ slt evidence summary --truth
- 6 attack events · 3 MITRE classes · 70% benign
- earliest 14:30:06 latest 14:35:42 span 5m36s
- ✓ ready for IDS scoring