1,958 research outputs found
A Survey on Industrial Control System Testbeds and Datasets for Security Research
The increasing digitization and interconnection of legacy Industrial Control
Systems (ICSs) open new vulnerability surfaces, exposing such systems to
malicious attackers. Furthermore, since ICSs are often employed in critical
infrastructures (e.g., nuclear plants) and manufacturing companies (e.g.,
chemical industries), attacks can lead to devastating physical damages. In
dealing with this security requirement, the research community focuses on
developing new security mechanisms such as Intrusion Detection Systems (IDSs),
facilitated by leveraging modern machine learning techniques. However, these
algorithms require a testing platform and a considerable amount of data to be
trained and tested accurately. To satisfy this prerequisite, Academia,
Industry, and Government are increasingly proposing testbed (i.e., scaled-down
versions of ICSs or simulations) to test the performances of the IDSs.
Furthermore, to enable researchers to cross-validate security systems (e.g.,
security-by-design concepts or anomaly detectors), several datasets have been
collected from testbeds and shared with the community. In this paper, we
provide a deep and comprehensive overview of ICSs, presenting the architecture
design, the employed devices, and the security protocols implemented. We then
collect, compare, and describe testbeds and datasets in the literature,
highlighting key challenges and design guidelines to keep in mind in the design
phases. Furthermore, we enrich our work by reporting the best performing IDS
algorithms tested on every dataset to create a baseline in state of the art for
this field. Finally, driven by knowledge accumulated during this survey's
development, we report advice and good practices on the development, the
choice, and the utilization of testbeds, datasets, and IDSs
Inferring Power Grid Information with Power Line Communications: Review and Insights
High-frequency signals were widely studied in the last decade to identify
grid and channel conditions in PLNs. PLMs operating on the grid's physical
layer are capable of transmitting such signals to infer information about the
grid. Hence, PLC is a suitable communication technology for SG applications,
especially suited for grid monitoring and surveillance. In this paper, we
provide several contributions: 1) a classification of PLC-based applications;
2) a taxonomy of the related methodologies; 3) a review of the literature in
the area of PLC Grid Information Inference (GII); and, insights that can be
leveraged to further advance the field. We found research contributions
addressing PLMs for three main PLC-GII applications: topology inference,
anomaly detection, and physical layer key generation. In addition, various
PLC-GII measurement, processing, and analysis approaches were found to provide
distinctive features in measurement resolution, computation complexity, and
analysis accuracy. We utilize the outcome of our review to shed light on the
current limitations of the research contributions and suggest future research
directions in this field.Comment: IEEE Communication Surveys and Tutorials Journa
Systematic specification of requirements for assembly process control system in the pharmaceutical industry
Abstract. Pharmaceutical manufacturing is one of the most strictly regulated fields in the world. Manufacturers of pharmaceutical products are juridically obliged to monitor the safety and quality of products. Any defects and manufacturing errors affecting the product are demanded to be traceable due to patient safety. Regulative bodies have set strict demands for data integrity in manufacturing records. The main objective of this thesis is to evaluate whether the proposed supervisory control and data acquisition software can adhere to current prevailing regulatory framework.
The evaluation of the proposed supervisory control and data acquisition software focuses on handling of electronic records and electronic signatures. Features like user management, alarm and event management, reporting, and locally set requirements in the target company are investigated and reflected to the prevailing regulations concerning data integrity.
The results showed that the proposed software is, when properly configured, compliant to prevailing regulations regarding electronic records and electronic signatures. In addition, the proposed software is capable of the requirements set by the target company.Systemaattinen vaatimusmäärittely kokoonpanoprosessin ohjausjärjestelmälle lääketeollisuudessa. Tiivistelmä. Valmistava lääketeollisuus on yksi maailman eniten säädellyin teollisuuden ala. Lääkinnällisten tuotteiden valmistaja on lainmukaisesti vastuussa tuotteidensa laadusta ja valmistuksen valvomisesta. Tuotteiden laatu- ja valmistusvirheiden vaaditaan olevan jäljitettävissä potilasturvallisuuden vuoksi. Sääntelyviranomaiset ovat asettaneet tiukat vaatimukset tuotantokoneiden elektronisille tallenteille. Tämän diplomityön tavoitteena on arvioida noudattaako ehdotettu ohjausjärjestelmä nykyisiä säädöksiä.
Ohjausjärjestelmän arviointi keskittyy eletronisten tallenteiden ja elektronisten allekirjoitusten toteutukseen ohjelmassa. Arvioinnin perustana käytetään sääntelyviranomaisten viimeisimpiä säädöksiä. Arviointi kohdistuu ohjelmiston käyttähallintaan, hälytys- ja tapahtumahallintaan, raportointiin ja paikallisesti asetettuihin vaatimuksiin tiedon eheyden näkökulmasta.
Arviointi osoitti, että oikein konfiguroituna ehdotettu ohjausjärjestelmä noudattaa nykyisiä säännöksiä elektronisten tallenteiden ja elektronisten allekirjoitusten osalta. Ohjelmisto pystyy myös vastaamaan yrityksen paikallisesti asetettuihin vaatimuksiin. Ohjelmistoa voi kuitenkin käyttää vastoin nykyisiä sääntelyviranomaisten laatimia säädöksiä ilman riittävää asiantuntevuutta
Machine Learning for Cyber Physical Systems
This open access proceedings presents new approaches to Machine Learning for Cyber Physical Systems, experiences and visions. It contains selected papers from the fifth international Conference ML4CPS – Machine Learning for Cyber Physical Systems, which was held in Berlin, March 12-13, 2020. Cyber Physical Systems are characterized by their ability to adapt and to learn: They analyze their environment and, based on observations, they learn patterns, correlations and predictive models. Typical applications are condition monitoring, predictive maintenance, image processing and diagnosis. Machine Learning is the key technology for these developments
No Need to Know Physics: Resilience of Process-based Model-free Anomaly Detection for Industrial Control Systems
In recent years, a number of process-based anomaly detection schemes for
Industrial Control Systems were proposed. In this work, we provide the first
systematic analysis of such schemes, and introduce a taxonomy of properties
that are verified by those detection systems. We then present a novel general
framework to generate adversarial spoofing signals that violate physical
properties of the system, and use the framework to analyze four anomaly
detectors published at top security conferences. We find that three of those
detectors are susceptible to a number of adversarial manipulations (e.g.,
spoofing with precomputed patterns), which we call Synthetic Sensor Spoofing
and one is resilient against our attacks. We investigate the root of its
resilience and demonstrate that it comes from the properties that we
introduced. Our attacks reduce the Recall (True Positive Rate) of the attacked
schemes making them not able to correctly detect anomalies. Thus, the
vulnerabilities we discovered in the anomaly detectors show that (despite an
original good detection performance), those detectors are not able to reliably
learn physical properties of the system. Even attacks that prior work was
expected to be resilient against (based on verified properties) were found to
be successful. We argue that our findings demonstrate the need for both more
complete attacks in datasets, and more critical analysis of process-based
anomaly detectors. We plan to release our implementation as open-source,
together with an extension of two public datasets with a set of Synthetic
Sensor Spoofing attacks as generated by our framework
- …