Repository files navigation

GRFICSv3 is a fully containerized OT / ICS cyber-physical security lab that simulates a industrial chemical plant.It brings together realistic process dynamics, industrial protocols, engineering tools, and attacker infrastructure all inside Docker.

Use it to exploreICS / OT security, practiceincident response, or develop and testdefensive and offensive tools in a safe, hands-on environment.

GRFICSv3 is designed for anyone learning or teachingOT and ICS security, including:

• OT / ICS security practitioners and engineers
• Blue teams and incident responders training on industrial environments
• Red teams exploring ICS-specific attack paths
• Educators building hands-on industrial cybersecurity labs
• Researchers developing or testing OT security tools

If you’ve ever wanted a realisticOT security lab without racks of hardware,this is for you.

• End-to-end OT / ICS security lab — PLCs, HMIs, engineering workstations, routers, and attacker tools
• 3D process visualization — watch tank levels and valves respond in real time
• Virtual Walkthroughs — explore the warehouse in first person, observing physical layouts and security lapses
• Built-in attack & defense tools — Kali Linux, MITRE Caldera, and a custom firewall and Suricata IDS interface
• Modular, containerized design — launch everything with a singledocker compose up
• Realistic networking — segmented process and enterprise zones with controllable traffic flow

One of the most powerful aspects of GRFICSv3 as anOT security lab is the ability tovirtually walk the entire plant and warehouse.

This allows learners to understand what a real industrial environment looks like andidentify commonphysical security and cyber hygiene failures, such as:

• Passwords written on sticky notes
• Propped-open security doors
• Unlocked cabinets and control panels
• Poor separation between IT and OT spaces

As vulnerabilities are discovered, theVulnerabilities Found tracker in the top-leftcorner keeps score — making this ideal for self-paced learning and classroom exercises.

• Recommended OS: Linux (native, VM, or WSL2)GRFICS uses Docker and Docker Compose. Linux provides the lightest and most reliable experience, but following Docker's instructions for Windows should work fine too.
• Required packages:
  • For prebuilt images - Docker and Docker Compose
  • For building from source - Docker, Docker Compose, Git, and Git LFS

You can find an example walkthrough installation video here:https://youtu.be/X7YYCLJxMmo?si=qHRXlzfovdr3HsSZ

Otherwise, you can follow the instructions below.

Example install on Debian/Ubuntu:

# Remove packages that conflict with Dockersudo apt remove$(dpkg --get-selections docker.io docker-compose docker-compose-v2 docker-doc podman-docker containerd runc| cut -f1)# Add Docker's official GPG key:sudo apt updatesudo apt install ca-certificates curlsudo install -m 0755 -d /etc/apt/keyringssudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.ascsudo chmod a+r /etc/apt/keyrings/docker.asc# Add the repository to Apt sources:sudo tee /etc/apt/sources.list.d/docker.sources<<EOFTypes: debURIs: https://download.docker.com/linux/ubuntuSuites:$(. /etc/os-release&&echo"${UBUNTU_CODENAME:-$VERSION_CODENAME}")Components: stableSigned-By: /etc/apt/keyrings/docker.ascEOFsudo apt update# Install latest version of Dockersudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin# Install gitsudo apt install -y git git-lfs# (Optional) allow non-root docker usesudo usermod -aG docker$USER

Log out and back in if you added yourself to the Docker group.

You can eitherpull the prebuilt images from Docker Hub (quick and easy)
orbuild everything locally if you want to modify or customize.

The fastest way to get started — no building required!

# Download the latest docker-compose.ymlcurl -O https://raw.githubusercontent.com/Fortiphyd/GRFICSv3/main/docker-compose.yml# Start GRFICS using prebuilt images from Docker Hubdocker compose pulldocker compose up -d

sudo apt install -y git git-lfsgit clone https://github.com/Fortiphyd/GRFICSv3.gitcd GRFICSv3docker compose build

Start the environment:

docker compose up -d

Watch logs (optional):

docker compose logs -f

Then open your browser and visithttp://localhost —you should see the 3D chemical plant simulation come to life.

• To stop all running containers:

  docker compose down

• To stop but keep containers/images:

  docker compose stop

• To restart later:

  docker compose start

Simulation

Kali

Caldera

Engineering Workstation

Router / Firewall

PLC

HMI

If build or startup fails with a message about creating a network interface,editdocker-compose.yml (around lines 140 and 149) to match your actual network interface name (e.g.,eth0,enp0s3, or your WSL adapter).

If you seepermission denied errors running Docker commands, prefix withsudo or ensure your user is added to thedocker group.

Run:

docker compose logs<service-name>

to view detailed logs, ordocker compose ps to check the status of all containers.

To rebuild from scratch:

docker compose down --volumesdocker compose up -d --build

• To rebuild a single service:

  docker compose build<service-name>docker compose up -d<service-name>

• To monitor logs interactively:

  docker compose logs -f

• To check which containers are running:

  docker compose ps

GRFICS was created byFortiphyd Logic to make industrial cybersecurityaccessible, hands-on, and realistic.Version 3 takes everything from earlier GRFICS releases and brings it into a modern, containerized architectureready for use in classrooms, cyber ranges, and research environments.

Learn more athttps://fortiphyd.com

If you enjoy GRFICSv3, you may be interested in our commercial offerings that expand on GRFICS with:

• A growing catalog ofsector-specific simulations — power grid, water, manufacturing, and maritime
• Hosted cyber ranges for teams and classrooms, no installation required

Visithttps://fortiphyd.com to learn more, orfollow us on LinkedIn for updates, new labs, and release announcements.

💛 If you use GRFICSv3 in your research, teaching, or demos and want to help sustain its development, considersponsoring the project. Even small contributions help us keep improving the open version!

Build. Break. Defend. Learn.
GRFICSv3 brings industrial cybersecurity to life, no hardware required.