mniedermaier · mniedermaier · Mar 7, 2024 · Mar 8, 2024
diff --git a/software/FUXA/README.md b/software/FUXA/README.md
@@ -7,9 +7,8 @@ FUXA is running on port 1881.
 
 | Name        | Password    | Description                           |
 | ----------- | ----------- | ------------------------------------- |
-| viewer      | viewer      | This user can only view all views     |
-| operator    | operator    | This user can controll the system     |
-| admin       | admin       | The admin can make changes on the HMI |
+| viewer      | viewer      | This user can only view all views     ||
+| admin       | 123456      | The admin can make changes on the HMI |
 
 
 ## Install FUXA (optional without docker)

diff --git a/software/build.sh b/software/build.sh
@@ -9,5 +9,6 @@ docker buildx inspect --bootstrap
 
 docker buildx build --platform linux/arm64 -t localhost:5000/cybics-readi2c:latest --push ./scripts
 docker buildx build --platform linux/arm64 -t localhost:5000/cybics-openplc:latest --push ./OpenPLC
+docker buildx build --platform linux/arm64 -t localhost:5000/cybics-opcua:latest --push ./opcua
 docker buildx build --platform linux/arm64 -t localhost:5000/cybics-fuxa:latest --push ./FUXA
 docker buildx build --platform linux/arm64 -t localhost:5000/cybics-stm32:latest --push ./stm32
diff --git a/software/docker-compose.yaml b/software/docker-compose.yaml
@@ -11,11 +11,25 @@ services:
     volumes:
       - /run/dbus/system_bus_socket:/run/dbus/system_bus_socket
 
+  opcua:
+    image: localhost:5000/cybics-opcua:latest
+    depends_on:
+    - stm32
+    - openplc
+    - readi2c
+    restart: always
+    network_mode: host
+    privileged: true
+    ports:
+      - 4840:4840
+
   openplc:
     image: localhost:5000/cybics-openplc:latest
     restart: always
     privileged: true
     ports:
+      - 44818:44818
+      - 20000:20000
       - 8080:8080
       - 502:502
 

diff --git a/software/installRPI.sh b/software/installRPI.sh
@@ -67,6 +67,21 @@ ssh "$DEVICE_USER"@"$DEVICE_IP" /bin/bash <<EOF
     sudo locale-gen en_US.UTF-8
 EOF
 
+###
+### Increasing swap size
+###
+echo -ne "${GREEN}# Increasing swap file ... \n${ENDCOLOR}"
+ssh "$DEVICE_USER"@"$DEVICE_IP" /bin/bash << EOF
+    set -e
+    if grep 1024 /etc/dphys-swapfile; then
+        exit 0
+    fi
+    sudo dphys-swapfile swapoff
+    sudo sed -i s/CONF_SWAPSIZE=.*/CONF_SWAPSIZE=1024/g /etc/dphys-swapfile
+    sudo dphys-swapfile setup
+    sudo dphys-swapfile swapon
+EOF
+
 ###
 ### Install tools
 ###
@@ -148,6 +163,22 @@ ssh -R 5000:localhost:5000 "$DEVICE_USER"@"$DEVICE_IP" /bin/bash <<EOF
     sudo docker compose up -d
 EOF
 
+###
+### Enable openocd for development
+###
+if [[ $1 == 'dev' ]]
+then
+echo -ne "${RED}# The installation is done in the development mode... \n${ENDCOLOR}"
+echo -ne "${RED}# This enabled openocd and cause issue when scanning the CybICS... \n${ENDCOLOR}"
+else
+echo -ne "${GREEN}# CybICS setup in production mode... \n${ENDCOLOR}"
+ssh -R 5000:localhost:5000 "$DEVICE_USER"@"$DEVICE_IP" /bin/bash <<EOF
+    set -e
+    sudo docker stop cybics-stm32-1
+    sudo docker update --restart=no cybics-stm32-1
+EOF
+fi
+
 ###
 ### all done
 ###

diff --git a/software/opcua/Dockerfile b/software/opcua/Dockerfile
@@ -0,0 +1,12 @@
+FROM python:3
+
+RUN apt-get update && apt-get install -y \
+    network-manager \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /CybICS
+COPY requirements.txt ./
+RUN pip install --no-cache-dir -r requirements.txt
+COPY opcua.py ./
+
+CMD [ "python", "./opcua.py" ]
diff --git a/software/opcua/README.md b/software/opcua/README.md
@@ -0,0 +1 @@
+### 
diff --git a/software/opcua/opcua.py b/software/opcua/opcua.py
@@ -0,0 +1,63 @@
+#!/usr/bin/env python3
+
+import asyncio
+import logging
+
+from asyncua import Server, ua
+from pymodbus.client import ModbusTcpClient
+
+async def main():
+    _logger = logging.getLogger(__name__)
+
+    # Connect to OpenPLC
+    client = ModbusTcpClient(host="127.0.0.1",port=502)  # Create client object
+    client.connect() # connect to device, reconnect automatically
+
+    # setup the cybics opcua our server
+    server = Server()
+    await server.init()
+    server.set_endpoint("opc.tcp://0.0.0.0:4840/freeopcua/server/")
+
+    # set up the namespace
+    uri = "http://opcua.cybics.github.io"
+    idx = await server.register_namespace(uri)
+    server.set_server_name("CybICS")
+
+    # populating the cybics address space
+    # server.nodes, contains links to very common nodes like objects and root
+    myobj = await server.nodes.objects.add_object(idx, "MyObject")
+    gstvar = await myobj.add_variable(idx, "GST", ua.UInt16(0))
+    hptvar = await myobj.add_variable(idx, "HPT", ua.UInt16(0))
+    systemSenvar = await myobj.add_variable(idx, "systemSen", ua.UInt16(0))
+    boSenvar = await myobj.add_variable(idx, "boSen", ua.UInt16(0))
+    stopvar = await myobj.add_variable(idx, "stop", ua.UInt16(0))
+    manualvar = await myobj.add_variable(idx, "manual", ua.UInt16(0))
+    await server.nodes.objects.add_method(
+        ua.NodeId("ServerMethod", idx),
+        ua.QualifiedName("ServerMethod", idx),
+        [ua.VariantType.Int64],
+        [ua.VariantType.Int64],
+    )
+    _logger.info("Starting server!")
+    async with server:
+        while True:
+            # read GST and HPT to the OpenPLC
+            _logger.info("Reading from modbus")
+            gst = client.read_holding_registers(1124)
+            hpt = client.read_holding_registers(1126)
+            systemSen = client.read_holding_registers(2)
+            boSen = client.read_holding_registers(3)
+            stop = client.read_holding_registers(1129)
+            manual = client.read_holding_registers(1131)
+            await gstvar.write_value(ua.UInt16(gst.registers[0]))
+            await hptvar.write_value(ua.UInt16(hpt.registers[0]))
+            await systemSenvar.write_value(ua.UInt16(systemSen.registers[0]))
+            await boSenvar.write_value(ua.UInt16(boSen.registers[0]))
+            await stopvar.write_value(ua.UInt16(stop.registers[0]))
+            await manualvar.write_value(ua.UInt16(manual.registers[0]))
+            await asyncio.sleep(1)
+
+
+if __name__ == "__main__":
+    logging.basicConfig(level=logging.DEBUG)
+    asyncio.run(main(), debug=True)
diff --git a/software/opcua/requirements.txt b/software/opcua/requirements.txt
@@ -0,0 +1,3 @@
+pymodbus
+asyncio
+asyncua
diff --git a/training/scanning/README.md b/training/scanning/README.md
@@ -0,0 +1,23 @@
+# Service scanning
+
+To identify open ports and services within the CybICS testbed you can
+use nmap.
+Execute the following map command
+```sh
+nmap -sV -p- <DEVICE_IP>
+```
+
+The scan will take several minutes.
+Results from the scan:
+```sh
+PORT      STATE SERVICE       VERSION
+22/tcp    open  ssh           OpenSSH 9.2p1 Debian 2+deb12u1 (protocol 2.0)
+502/tcp   open  modbus        Modbus TCP
+1881/tcp  open  http          Node.js Express framework
+4840/tcp  open  opcua-tcp?
+8080/tcp  open  http-proxy    Werkzeug/2.3.7 Python/3.11.2
+20000/tcp open  dnp?
+44818/tcp open  EtherNetIP-2?
+```
+
+The results show open http ports as well as sever industrial protocols.