Causality: models, reasoning, and inference
Causality: models, reasoning, and inference
Securing SCADA Systems
Security Aspects of SCADA and Corporate Network Interconnection: An Overview
DEPCOS-RELCOMEX '06 Proceedings of the International Conference on Dependability of Computer Systems
Dynamic Characteristics Modeling of a Heat Exchanger Using Neural Network
ICINIS '08 Proceedings of the 2008 First International Conference on Intelligent Networks and Intelligent Systems
Spatiotemporal anomaly detection in gas monitoring sensor networks
EWSN'08 Proceedings of the 5th European conference on Wireless sensor networks
Hi-index | 0.00 |
Recent research on intrusion detection in supervisory data acquisition and control (SCADA) and DCS systems has focused on anomaly detection at protocol level based on the well-defined nature of traffic on such networks. Here, we consider attacks which compromise sensors or actuators (including physical manipulation), where intrusion may not be readily apparent as data and computational states can be controlled to give an appearance of normality, and sensor and control systems have limited accuracy. To counter these, we propose to consider indirect relations between sensor readings to detect such attacks through concurrent observations as determined by control laws and constraints. We use a brewery bulk and fill pasteurizer as a specimen for biochemical processes. We motivate our approach by considering possible attacks and means of detection. Here we rely on the existence of nonlinear relationships which allow us to attach a greater significance to small differences in sensor readings than would otherwise be the case and demonstrate the insufficiency of existing sensor placement and measurement frequency to detect such attacks.