An event correlation approach for fault diagnosis in SCADA infrastructures

Authors:
Massimo Ficco;Alessandro Daidone;Luigi Coppolino;Luigi Romano;Andrea Bondavalli
Affiliations:
Seconda Università di Napoli, (SUN), Aversa, Italy;Resiltech srl, Pontedera, Italy;Università di Napoli, "Parthenope", Naples, Italy;Università di Napoli, "Parthenope", Naples, Italy;Università di Firenze, Florence, Italy
Venue:
EWDC '11 Proceedings of the 13th European Workshop on Dependable Computing
Year:
2011

Citing 3
Cited 1

Alarm Reduction and Correlation in Defence of IP Networks

WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Refereed Papers: Real-time Log File Analysis Using the Simple Event Correlator (SEC)

LISA '04 Proceedings of the 18th USENIX conference on System administration
Adaptable Parsing of Real-Time Data Streams

PDP '07 Proceedings of the 15th Euromicro International Conference on Parallel, Distributed and Network-Based Processing

Security event correlation approach for cloud computing

International Journal of High Performance Computing and Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

Supervisory Control and Data Acquisition (SCADA) systems control and monitor industrial and critical infrastructure functions, including gas, water, electricity, and railway. Despite a huge effort from research communities and industries have been made in addressing the dependability of SCADA systems, the diagnosis of SCADA malfunctions is still a challenging issue today. This paper proposes a Simple Event Correlator engine for diagnosis of malfunctions in SCADA systems based on a rule-based event correlation approach. In particular, it is used to detect and filter "relevant" symptoms useful for fault diagnosis in a SCADA infrastructure.