Anomaly detection based on zone partition for security protection of industrial cyber-physical systems

A developing trend of traditional industrial systems is the integration of the cyber and physical domain to improve flexibility and the efficiency of supervision, management and control. But, the deep integration of these Industrial Cyber-Physical Systems (ICPSs), increases the potential for security threats. Attack detection, which forms initial protective barrier, plays an important role in overall security protection. However, most traditional methods focused on cyber information and ignored any limitations that might arise from the characteristics of the physical domain. In this paper, an anomaly detection approach based on zone partition is designed for ICPSs. In detail, initially an automated zone partition method ensuring crucial system states can be observed in more than one zone is designed. Then, methods of building zone function model which do not require any prior knowledge of the physical system are presented before analyzing the anomaly based on zone information. Finally, an experimental rig is constructed to verify the effectiveness of the proposed approach. The results demonstrate that the approach presents a high accuracy solution which also performs effectively in realtime

Anomaly Detection Based on Zone Partition for Security Protection of Industrial Cyber-Physical Systems

© 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.A developing trend of traditional industrial systems is the integration of the cyber and physical domain to improve flexibility and the efficiency of supervision, management and control. But, the deep integration of these Industrial Cyber-Physical Systems (ICPSs), increases the potential for security threats. Attack detection, which forms initial protective barrier, plays an important role in overall security protection. However, most traditional methods focused on cyber information and ignored any limitations that might arise from the characteristics of the physical domain. In this paper, an anomaly detection approach based on zone partition is designed for ICPSs. In detail, initially an automated zone partition method ensuring crucial system states can be observed in more than one zone is designed. Then, methods of building zone function model which do not require any prior knowledge of the physical system are presented before analyzing the anomaly based on zone information. Finally, an experimental rig is constructed to verify the effectiveness of the proposed approach. The results demonstrate that the approach presents a high accuracy solution which also performs effectively in realtime

Exploring Cyber-Physical Systems’ Security Governance in the Oil and Gas Industry

The Fourth Industrial Revolution, which utilizes modern communication-dependent technologies, including cyber-physical systems (CPS), has made exploration and production operations more efficient in the oil and gas industry. CPS in this industry should be secured against operational threats to prevent interruption of critical oil and gas supplies and services. However, these systems are vulnerable to cyberattacks, and many oil and gas companies have not incorporated effective cybersecurity measures into their corporate management strategies. This qualitative, multiple-case study, which was guided by the routine activity theory, explored how cybersecurity governance was applied to develop controls that stopped or mitigated the consequences of cyberattacks against the CPS. Interview-based data were obtained through Zoom meetings with 20 global cybersecurity experts selected from cybersecurity-specialized groups on LinkedIn. These data were then triangulated with global CPS cybersecurity governance standards and methods. The data analysis resulted in nine themes, including CPS vulnerabilities and failure consequences, predominant cybersecurity governance, the efficiency of cybersecurity governance, governance challenges, offenders and motives, cybersecurity enhancement, CPS governance endorsement, cybersecurity performance assessment, and governance mandate. This study’s implications for positive social change include recommendations for applying cybersecurity governance strategies that reduce health and environmental incidents and prevent interruption of critical oil and gas deliveries due to cyberattacks. These results may also help improve the living conditions of the communities surrounding oil and gas fields and similar CPS-based industries worldwide